Re: [PATCH 2/2] dh key: get rid of stack array allocation

Tue, 13 Mar 2018 10:39:18 -0700 

Quoting Tycho Andersen (ty...@tycho.ws):
> Similarly to the previous patch, we would like to get rid of stack
> allocated arrays: https://lkml.org/lkml/2018/3/7/621
> 
> In this case, we can also use a malloc style approach to free the temporary
> buffer, being careful to also use kzfree to free them (indeed, at least one
> of these has a memzero_explicit, but it seems like maybe they both
> should?).
> 
> Signed-off-by: Tycho Andersen <ty...@tycho.ws>
> CC: David Howells <dhowe...@redhat.com>
> CC: James Morris <jmor...@namei.org>
> CC: "Serge E. Hallyn" <se...@hallyn.com>

Acked-by: Serge Hallyn <se...@hallyn.com>

for both, thanks.

> ---
>  security/keys/dh.c | 27 +++++++++++++++++++++------
>  1 file changed, 21 insertions(+), 6 deletions(-)
> 
> diff --git a/security/keys/dh.c b/security/keys/dh.c
> index d1ea9f325f94..f02261b24759 100644
> --- a/security/keys/dh.c
> +++ b/security/keys/dh.c
> @@ -162,19 +162,27 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 
> *src, unsigned int slen,
>                       goto err;
>  
>               if (zlen && h) {
> -                     u8 tmpbuffer[h];
> +                     u8 *tmpbuffer;
>                       size_t chunk = min_t(size_t, zlen, h);
> -                     memset(tmpbuffer, 0, chunk);
> +
> +                     err = -ENOMEM;
> +                     tmpbuffer = kzalloc(chunk, GFP_KERNEL);
> +                     if (!tmpbuffer)
> +                             goto err;
>  
>                       do {
>                               err = crypto_shash_update(desc, tmpbuffer,
>                                                         chunk);
> -                             if (err)
> +                             if (err) {
> +                                     kzfree(tmpbuffer);
>                                       goto err;
> +                             }
>  
>                               zlen -= chunk;
>                               chunk = min_t(size_t, zlen, h);
>                       } while (zlen);
> +
> +                     kzfree(tmpbuffer);
>               }
>  
>               if (src && slen) {
> @@ -184,13 +192,20 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 
> *src, unsigned int slen,
>               }
>  
>               if (dlen < h) {
> -                     u8 tmpbuffer[h];
> +                     u8 *tmpbuffer;
> +
> +                     err = -ENOMEM;
> +                     tmpbuffer = kzalloc(h, GFP_KERNEL);
> +                     if (!tmpbuffer)
> +                             goto err;
>  
>                       err = crypto_shash_final(desc, tmpbuffer);
> -                     if (err)
> +                     if (err) {
> +                             kzfree(tmpbuffer);
>                               goto err;
> +                     }
>                       memcpy(dst, tmpbuffer, dlen);
> -                     memzero_explicit(tmpbuffer, h);
> +                     kzfree(tmpbuffer);
>                       return 0;
>               } else {
>                       err = crypto_shash_final(desc, dst);
> -- 
> 2.15.1

Reply via email to