On Sun, Jul 15, 2018 at 6:28 AM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> After my ahash to shash conversions, only ccm is left as an ahash
> user, since it actually uses sg. But with the hard-coded value reduced
> to 376, this doesn't trip the frame warnings any more. :)
>
> I'll send an updated series soon.
Maybe we should get rid of that one as well then and remove
AHASH_REQUEST_ON_STACK()?
I see that Ard (now on Cc) added this usage only recently. Looking
at the code some more, I also find that the descsize is probably
much smaller than 376 for all possible cases of "cbcmac(*)",
either alg->cra_blocksize plus a few bytes or sizeof(mac_desc_ctx)
(i.e. 20) for arch/arm64/crypto/aes-glue.c.
Walking the sglist here means open-coding a shash_ahash_update()
implementation in crypto_ccm_auth(), that that doesn't seem to
add much complexity over what it already has to do to chain
the sglist today.
Arnd
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
