Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 10:17:29PM -0700, Kees Cook wrote: > > Then why does the instrumented tcrypt output show the huge size? Is > tcrypt doing something incorrectly? tcrypt doesn't even use AHASH_REQUEST_ON_STACK so I don't understand your point. > What is the correct value to use for

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 8:44 PM, Herbert Xu wrote: > On Thu, Jul 12, 2018 at 08:33:24PM -0700, Kees Cook wrote: >> On Thu, Jul 12, 2018 at 5:40 PM, Herbert Xu >> wrote: >> > On Thu, Jul 12, 2018 at 06:02:26PM +0200, Arnd Bergmann wrote: >> >> >> >> Looking through some of the drivers, I found

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 08:33:24PM -0700, Kees Cook wrote: > On Thu, Jul 12, 2018 at 5:40 PM, Herbert Xu > wrote: > > On Thu, Jul 12, 2018 at 06:02:26PM +0200, Arnd Bergmann wrote: > >> > >> Looking through some of the drivers, I found this interesting one: > > > > As I said before these patches

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 5:40 PM, Herbert Xu wrote: > On Thu, Jul 12, 2018 at 06:02:26PM +0200, Arnd Bergmann wrote: >> >> Looking through some of the drivers, I found this interesting one: > > As I said before these patches are fundamentally broken. Users > of AHASH_REQUEST_ON_STACK can only use

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 06:02:26PM +0200, Arnd Bergmann wrote: > > Looking through some of the drivers, I found this interesting one: As I said before these patches are fundamentally broken. Users of AHASH_REQUEST_ON_STACK can only use sync algorithm providers and therefore drivers are

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

Arnd Bergmann wrote: > From what I can tell, neither of the two are called in atomic context, so > you should be able to use a GFP_KERNEL allocation. You need to be careful doing that since the allocation might happen in the AFS writeback path. I use GFP_NOIO or GFP_NOFS in rxkad.c and

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 10:17 PM, Kees Cook wrote: > On Thu, Jul 12, 2018 at 9:02 AM, Arnd Bergmann wrote: >> On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: >>> Several uses of AHASH_REQUEST_ON_STACK() will trigger FRAME_WARN warnings >>> (when less than 2048) once the VLA is no longer

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

Hi David, On Thu, Jul 12, 2018 at 2:28 PM, David Howells wrote: > Can I get a cc on the original patch? I'll add you to CC for future revisions. Here was the start of this thread: https://lkml.kernel.org/r/20180711203619.1020-14-keesc...@chromium.org -Kees -- Kees Cook Pixel Security --

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

Can I get a cc on the original patch? David -- dm-devel mailing list dm-devel@redhat.com https://www.redhat.com/mailman/listinfo/dm-devel

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 10:30 PM, Kees Cook wrote: > On Thu, Jul 12, 2018 at 1:23 PM, Kees Cook wrote: >> On Thu, Jul 12, 2018 at 8:11 AM, Arnd Bergmann wrote: >>> On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 1:23 PM, Kees Cook wrote: > On Thu, Jul 12, 2018 at 8:11 AM, Arnd Bergmann wrote: >> On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: >>> Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings >>> (when less than 2048) once the VLA is no longer hidden

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 8:11 AM, Arnd Bergmann wrote: > On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: >> Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings >> (when less than 2048) once the VLA is no longer hidden from the check: >> >> net/rxrpc/rxkad.c:398:1: warning:

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Thu, Jul 12, 2018 at 9:02 AM, Arnd Bergmann wrote: > On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: >> Several uses of AHASH_REQUEST_ON_STACK() will trigger FRAME_WARN warnings >> (when less than 2048) once the VLA is no longer hidden from the check: >> >>

Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK

On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: > Several uses of AHASH_REQUEST_ON_STACK() will trigger FRAME_WARN warnings > (when less than 2048) once the VLA is no longer hidden from the check: > > drivers/block/drbd/drbd_worker.c:325:1: warning: the frame size of 1112 bytes > is larger

Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK

On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook wrote: > Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings > (when less than 2048) once the VLA is no longer hidden from the check: > > net/rxrpc/rxkad.c:398:1: warning: the frame size of 1152 bytes is larger than > 1024 bytes

[dm-devel] [PATCH REPOST] dm rq: replace BUG_ON(!irqs_disabled) with lockdep's lock annotation

In commit 052189a2ec95 ("dm: remove superfluous irq disablement in dm_request_fn") the spin_lock_irq() was replaced with spin_lock() + a check for disabled interrupts. Later the locking part was removed in commit 2eb6e1e3aa87 ("dm: submit stacked requests in irq enabled context") but the BUG_ON()