Re: [PATCH] crypto: algif_hash - Allocate hash state with kmalloc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 28, 2023 at 5:58 AM Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> Allocating the hash state on the stack limits its size.  Change
> this to use kmalloc so the limit can be removed for new drivers.
>
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
>
> diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
> index 1d017ec5c63c..63af72e19fa8 100644
> --- a/crypto/algif_hash.c
> +++ b/crypto/algif_hash.c
> @@ -235,24 +235,31 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
>         struct alg_sock *ask = alg_sk(sk);
>         struct hash_ctx *ctx = ask->private;
>         struct ahash_request *req = &ctx->req;
> -       char state[HASH_MAX_STATESIZE];
> +       struct crypto_ahash *tfm;
>         struct sock *sk2;
>         struct alg_sock *ask2;
>         struct hash_ctx *ctx2;
> +       char *state;
>         bool more;
>         int err;
>
> +       tfm = crypto_ahash_reqtfm(req);
> +       state = kmalloc(crypto_ahash_statesize(tfm), GFP_KERNEL);

Shouldn't sock_kmalloc() be used instead?

> +       err = -ENOMEM;
> +       if (!state)
> +               goto out;
> +
>         lock_sock(sk);
>         more = ctx->more;
>         err = more ? crypto_ahash_export(req, state) : 0;
>         release_sock(sk);
>
>         if (err)
> -               return err;
> +               goto out_free_state;
>
>         err = af_alg_accept(ask->parent, newsock, kern);
>         if (err)
> -               return err;
> +               goto out_free_state;
>
>         sk2 = newsock->sk;
>         ask2 = alg_sk(sk2);
> @@ -260,7 +267,7 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
>         ctx2->more = more;
>
>         if (!more)
> -               return err;
> +               goto out_free_state;
>
>         err = crypto_ahash_import(&ctx2->req, state);
>         if (err) {
> @@ -268,6 +275,10 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
>                 sock_put(sk2);
>         }
>
> +out_free_state:
> +       kfree_sensitive(state);
> +
> +out:
>         return err;
>  }
>
> --
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux