On Wed, Jun 20, 2018 at 12:44 PM, Arnd Bergmann <arnd@xxxxxxxx> wrote: > On Wed, Jun 20, 2018 at 9:04 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: >> In the quest to remove all stack VLA usage from the kernel[1], this >> caps the skcipher request size similar to other limits and adds a sanity >> check at registration. >> >> >> +#define SKCIPHER_MAX_REQSIZE (PAGE_SIZE / 8) >> + >> #define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ >> char __##name##_desc[sizeof(struct skcipher_request) + \ >> - crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ >> + SKCIPHER_MAX_REQSIZE] CRYPTO_MINALIGN_ATTR; \ >> struct skcipher_request *name = (void *)__##name##_desc >> > > This is probably a bad idea on kernels with large values of PAGE_SIZE. > Some users on ppc64 and arm64 use 64KB here, but still limit > the per-function stack size to 2KB. We could make all of these PAGE_SIZE-related limits explicitly 512? I think that was the intent originally. -Kees -- Kees Cook Pixel Security