From: Kees Cook <keescook@chromium.org>
To: Eric Biggers <ebiggers@google.com>
Cc: David Howells <dhowells@redhat.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Arnd Bergmann <arnd@arndb.de>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
"David S. Miller" <davem@davemloft.net>,
Network Development <netdev@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] rxrpc: Reuse SKCIPHER_REQUEST_ON_STACK buffer
Date: Wed, 18 Jul 2018 21:31:46 -0700 [thread overview]
Message-ID: <CAGXu5jKR73W14CV_XP1b=Q_JUVt5SgnAp-4aQbwRiVEqaJukCg@mail.gmail.com> (raw)
In-Reply-To: <20180716174223.GE77258@google.com>
On Mon, Jul 16, 2018 at 10:42 AM, Eric Biggers <ebiggers@google.com> wrote:
> On Sun, Jul 15, 2018 at 08:49:47PM -0700, Kees Cook wrote:
>> The use of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings
>> (when less than 2048) once the VLA is no longer hidden from the check:
>>
>> net/rxrpc/rxkad.c:398:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>> net/rxrpc/rxkad.c:242:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>>
>> This passes the initial SKCIPHER_REQUEST_ON_STACK allocation to the leaf
>> functions for reuse. Two requests allocated on the stack are not needed
>> when only one is used at a time.
>>
>> Signed-off-by: Kees Cook <keescook@chromium.org>
>> ---
>> net/rxrpc/rxkad.c | 25 +++++++++++++------------
>> 1 file changed, 13 insertions(+), 12 deletions(-)
>> [...]
> How about doing the 'skcipher_request_set_tfm(req, call->conn->cipher)' and
> 'skcipher_request_zero(req);' just once, in the top-level function
> rxkad_verify_packet(), instead of before/after every time the request is used?
Hm. While that does sound reasonable, I like having it be
operationally unchanged. And changing this makes the caller function a
bit more weird. Right now it's doing direct returns, and we'd need to
cover error paths, etc. Having the "zero" _right_ after the
encrypt/decrypt seems more robust to me.
-Kees
--
Kees Cook
Pixel Security
prev parent reply other threads:[~2018-07-19 4:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-16 3:49 [PATCH] rxrpc: Reuse SKCIPHER_REQUEST_ON_STACK buffer Kees Cook
2018-07-16 10:17 ` Arnd Bergmann
2018-07-19 4:29 ` Kees Cook
2018-07-16 17:42 ` Eric Biggers
2018-07-19 4:31 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGXu5jKR73W14CV_XP1b=Q_JUVt5SgnAp-4aQbwRiVEqaJukCg@mail.gmail.com' \
--to=keescook@chromium.org \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=ebiggers@google.com \
--cc=gustavo@embeddedor.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).