[PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK

[PATCH 0/2] crypto: Remove VLA usage from skcipher · Kees Cook <hidden> · 2018-09-04
[PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-04
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Alexander Stein <hidden> · 2018-09-05
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-05
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-05
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-05
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Gilad Ben-Yossef <gilad@benyossef.com> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Herbert Xu <herbert@gondor.apana.org.au> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Herbert Xu <herbert@gondor.apana.org.au> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Ard Biesheuvel <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Kees Cook <hidden> · 2018-09-06
Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK · Gilad Ben-Yossef <gilad@benyossef.com> · 2018-09-06
[PATCH 1/2] crypto: skcipher: Allow crypto_skcipher_set_reqsize() to fail · Kees Cook <hidden> · 2018-09-04

From: Ard Biesheuvel <hidden>
Date: 2018-09-06 09:29:45
Also in: linux-crypto, lkml

On 6 September 2018 at 10:51, Herbert Xu [off-list ref] wrote:

On Thu, Sep 06, 2018 at 10:11:59AM +0200, Ard Biesheuvel wrote:

quoted

That way, we will almost certainly oops on a NULL pointer dereference
right after, but we at least the stack corruption.

A crash is just as bad as a BUG_ON.

Is this even a real problem? Do we have any users of this construct
that is using it on async algorithms?

Perhaps not, but it is not enforced atm.

In any case, limiting the reqsize is going to break things, so that
needs to occur based on the sync/async nature of the algo. That also
means we'll corrupt the stack if we ever end up using
SKCIPHER_REQUEST_ON_STACK() with an async algo whose reqsize is
greater than the sync reqsize limit, so I do think some additional
sanity check is appropriate.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help