Re: on stack dynamic allocations

[Jussi Kivilinna]

Quoting David Daney :


On 08/16/2012 02:20 PM, Kasatkin, Dmitry wrote:

Hello,

Some places in the code uses variable-size allocation on stack..
For example from hmac_setkey():

struct {
struct shash_desc shash;
char ctx[crypto_shash_descsize(hash)];
} desc;


sparse complains

CHECK   crypto/hmac.c
crypto/hmac.c:57:47: error: bad constant expression

I like it instead of kmalloc..

But what is position of kernel community about it?


If you know that the range of crypto_shash_descsize(hash) is  
bounded, just use the upper bound.


If the range of crypto_shash_descsize(hash) is unbounded, then the  
stack will overflow and ... BOOM!




Quick look shows that largest crypto_shash_descsize() would be with  
hmac+s390/sha512, 16 + 332 = 348. Crypto-api also prevents registering  
shash with descsize larger than (PAGE_SIZE / 8).


-Jussi

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: on stack dynamic allocations

[David Daney]

On 08/16/2012 02:20 PM, Kasatkin, Dmitry wrote:

Hello,

Some places in the code uses variable-size allocation on stack..
For example from hmac_setkey():

struct {
struct shash_desc shash;
char ctx[crypto_shash_descsize(hash)];
} desc;


sparse complains

CHECK   crypto/hmac.c
crypto/hmac.c:57:47: error: bad constant expression

I like it instead of kmalloc..

But what is position of kernel community about it?


If you know that the range of crypto_shash_descsize(hash) is bounded, 
just use the upper bound.


If the range of crypto_shash_descsize(hash) is unbounded, then the stack 
will overflow and ... BOOM!


David Daney



--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html