On Fri, Apr 08, 2022 at 11:25:29AM +0800, Herbert Xu wrote: > On Thu, Apr 07, 2022 at 05:28:10PM +0100, Catalin Marinas wrote: > > I can see in many cases that the kmalloc() caller aligns the requested > > size to something like crypto_tfm_ctx_alignment(). So this would > > guarantee a kmalloc() object aligned to CRYPTO_MINALIGN. > > crypto_tfm_ctx_alignment is basically the same as CRYPTO_MINALIGN. > We assume any kmalloced pointers to be aligned to that. > > Specific algorithms may ask for an alignment greater than that > and we will use the knowledge that kmalloc is aligned to > CRYPTO_MINALIGN to derive the extra memory we need to get. > > So if kmalloc no longer returns memory aligned to MINALIGN then > we'll get memory overruns. My point is that if the crypto code kmallocs a size aligned to crypto_tfm_ctx_alignment() (and CRYPTO_MINALIGN), the slab allocator will return memory aligned to CRYPTO_MINALIGN even if ARCH_KMALLOC_MINALIGN is smaller. Would the crypto code, say, do a kmalloc(64) and expect a 128 byte alignment (when CRYPTO_MINALIGN == 128)? Or does it align the size to CRYPTO_MINALIGN and do a kmalloc(128) directly? If it's the latter, I don't think there's a problem. -- Catalin
