Re: [PATCH v4 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c

2014-09-23 Thread Dmitry Kasatkin 
On 23/09/14 07:42, beh...@converseincode.com wrote:
 From: Behan Webster beh...@converseincode.com

 Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
 compliant equivalent. This patch allocates the appropriate amount of memory
 using a char array using the SHASH_DESC_ON_STACK macro.

 The new code can be compiled with both gcc and clang.

 Signed-off-by: Behan Webster beh...@converseincode.com
 Reviewed-by: Mark Charlebois charl...@gmail.com
 Reviewed-by: Jan-Simon Möller dl...@gmx.de
 Acked-by: Herbert Xu herb...@gondor.apana.org.au
 Cc: t...@linutronix.de

Looks good. Thanks.

Acked-by: Dmitry Kasatkin d.kasat...@samsung.com


 ---
  security/integrity/ima/ima_crypto.c | 47 
 +++--
  1 file changed, 19 insertions(+), 28 deletions(-)

 diff --git a/security/integrity/ima/ima_crypto.c 
 b/security/integrity/ima/ima_crypto.c
 index 0bd7328..e35f5d9 100644
 --- a/security/integrity/ima/ima_crypto.c
 +++ b/security/integrity/ima/ima_crypto.c
 @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file,
   loff_t i_size, offset = 0;
   char *rbuf;
   int rc, read = 0;
 - struct {
 - struct shash_desc shash;
 - char ctx[crypto_shash_descsize(tfm)];
 - } desc;
 + SHASH_DESC_ON_STACK(shash, tfm);
  
 - desc.shash.tfm = tfm;
 - desc.shash.flags = 0;
 + shash-tfm = tfm;
 + shash-flags = 0;
  
   hash-length = crypto_shash_digestsize(tfm);
  
 - rc = crypto_shash_init(desc.shash);
 + rc = crypto_shash_init(shash);
   if (rc != 0)
   return rc;
  
 @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
   break;
   offset += rbuf_len;
  
 - rc = crypto_shash_update(desc.shash, rbuf, rbuf_len);
 + rc = crypto_shash_update(shash, rbuf, rbuf_len);
   if (rc)
   break;
   }
 @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
   kfree(rbuf);
  out:
   if (!rc)
 - rc = crypto_shash_final(desc.shash, hash-digest);
 + rc = crypto_shash_final(shash, hash-digest);
   return rc;
  }
  
 @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct 
 ima_field_data *field_data,
struct ima_digest_data *hash,
struct crypto_shash *tfm)
  {
 - struct {
 - struct shash_desc shash;
 - char ctx[crypto_shash_descsize(tfm)];
 - } desc;
 + SHASH_DESC_ON_STACK(shash, tfm);
   int rc, i;
  
 - desc.shash.tfm = tfm;
 - desc.shash.flags = 0;
 + shash-tfm = tfm;
 + shash-flags = 0;
  
   hash-length = crypto_shash_digestsize(tfm);
  
 - rc = crypto_shash_init(desc.shash);
 + rc = crypto_shash_init(shash);
   if (rc != 0)
   return rc;
  
 @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct 
 ima_field_data *field_data,
   u32 datalen = field_data[i].len;
  
   if (strcmp(td-name, IMA_TEMPLATE_IMA_NAME) != 0) {
 - rc = crypto_shash_update(desc.shash,
 + rc = crypto_shash_update(shash,
   (const u8 *) field_data[i].len,
   sizeof(field_data[i].len));
   if (rc)
 @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct 
 ima_field_data *field_data,
   data_to_hash = buffer;
   datalen = IMA_EVENT_NAME_LEN_MAX + 1;
   }
 - rc = crypto_shash_update(desc.shash, data_to_hash, datalen);
 + rc = crypto_shash_update(shash, data_to_hash, datalen);
   if (rc)
   break;
   }
  
   if (!rc)
 - rc = crypto_shash_final(desc.shash, hash-digest);
 + rc = crypto_shash_final(shash, hash-digest);
  
   return rc;
  }
 @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char 
 *digest,
  {
   u8 pcr_i[TPM_DIGEST_SIZE];
   int rc, i;
 - struct {
 - struct shash_desc shash;
 - char ctx[crypto_shash_descsize(tfm)];
 - } desc;
 + SHASH_DESC_ON_STACK(shash, tfm);
  
 - desc.shash.tfm = tfm;
 - desc.shash.flags = 0;
 + shash-tfm = tfm;
 + shash-flags = 0;
  
 - rc = crypto_shash_init(desc.shash);
 + rc = crypto_shash_init(shash);
   if (rc != 0)
   return rc;
  
 @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char 
 *digest,
   for (i = TPM_PCR0; i  TPM_PCR8; i++) {
   ima_pcrread(i, pcr_i);
   /* now accumulate with current aggregate */
 - rc = crypto_shash_update(desc.shash, pcr_i, TPM_DIGEST_SIZE);
 + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE

Re: [PATCH v3 01/12] crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code

2014-09-17 Thread Dmitry Kasatkin 
On 17/09/14 12:22, Herbert Xu wrote:
 On Mon, Sep 15, 2014 at 12:30:23AM -0700, beh...@converseincode.com wrote:
 From: Behan Webster beh...@converseincode.com

 Add a macro which replaces the use of a Variable Length Array In Struct 
 (VLAIS)
 with a C99 compliant equivalent. This macro instead allocates the appropriate
 amount of memory using an char array.

 The new code can be compiled with both gcc and clang.

 struct shash_desc contains a flexible array member member ctx declared with
 CRYPTO_MINALIGN_ATTR, so sizeof(struct shash_desc) aligns the beginning
 of the array declared after struct shash_desc with long long.

 No trailing padding is required because it is not a struct type that can
 be used in an array.

 The CRYPTO_MINALIGN_ATTR is required so that desc is aligned with long long
 as would be the case for a struct containing a member with
 CRYPTO_MINALIGN_ATTR.

 Signed-off-by: Behan Webster beh...@converseincode.com
 Acked-by: Herbert Xu herb...@gondor.apana.org.au

 Thanks,

Just in case.
I would still follow advice from Michał Mirosław to use shash##__desc[]

- Dmitry


--
To unsubscribe from this list: send the line unsubscribe linux-btrfs in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html