On Mon, Jun 25, 2018 at 03:56:09PM -0700, Eric Biggers wrote: > > > diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h > > index a0b0ad9d585e..d96ae5f52125 100644 > > --- a/include/crypto/internal/hash.h > > +++ b/include/crypto/internal/hash.h > > @@ -142,6 +142,7 @@ static inline struct ahash_alg *__crypto_ahash_alg(struct crypto_alg *alg) > > static inline void crypto_ahash_set_reqsize(struct crypto_ahash *tfm, > > unsigned int reqsize) > > { > > + BUG_ON(reqsize > AHASH_MAX_REQSIZE); > > tfm->reqsize = reqsize; > > } > > This isn't accounting for the cases where a hash algorithm is "wrapped" with > another one, which increases the request size. For example, "sha512_mb" ends up > with a request size of I think this patch is on the wrong track. The stack requests are only ever meant to be used for synchronous algorithms (IOW shash algorithms) and were a quick-and-dirty fix for legacy users. So either check SHASH_MAX_REQSIZE or just convert the users to kmalloc or even better make them real async users. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt