Commit e87f203c authored by Kees Cook's avatar Kees Cook Committed by Herbert Xu

crypto: omap-aes - Remove VLA usage of skcipher

In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.comSigned-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent f805f59d
...@@ -522,9 +522,9 @@ static int omap_aes_crypt(struct ablkcipher_request *req, unsigned long mode) ...@@ -522,9 +522,9 @@ static int omap_aes_crypt(struct ablkcipher_request *req, unsigned long mode)
!!(mode & FLAGS_CBC)); !!(mode & FLAGS_CBC));
if (req->nbytes < aes_fallback_sz) { if (req->nbytes < aes_fallback_sz) {
SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);
skcipher_request_set_tfm(subreq, ctx->fallback); skcipher_request_set_sync_tfm(subreq, ctx->fallback);
skcipher_request_set_callback(subreq, req->base.flags, NULL, skcipher_request_set_callback(subreq, req->base.flags, NULL,
NULL); NULL);
skcipher_request_set_crypt(subreq, req->src, req->dst, skcipher_request_set_crypt(subreq, req->src, req->dst,
...@@ -564,11 +564,11 @@ static int omap_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key, ...@@ -564,11 +564,11 @@ static int omap_aes_setkey(struct crypto_ablkcipher *tfm, const u8 *key,
memcpy(ctx->key, key, keylen); memcpy(ctx->key, key, keylen);
ctx->keylen = keylen; ctx->keylen = keylen;
crypto_skcipher_clear_flags(ctx->fallback, CRYPTO_TFM_REQ_MASK); crypto_sync_skcipher_clear_flags(ctx->fallback, CRYPTO_TFM_REQ_MASK);
crypto_skcipher_set_flags(ctx->fallback, tfm->base.crt_flags & crypto_sync_skcipher_set_flags(ctx->fallback, tfm->base.crt_flags &
CRYPTO_TFM_REQ_MASK); CRYPTO_TFM_REQ_MASK);
ret = crypto_skcipher_setkey(ctx->fallback, key, keylen); ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen);
if (!ret) if (!ret)
return 0; return 0;
...@@ -613,11 +613,10 @@ static int omap_aes_crypt_req(struct crypto_engine *engine, ...@@ -613,11 +613,10 @@ static int omap_aes_crypt_req(struct crypto_engine *engine,
static int omap_aes_cra_init(struct crypto_tfm *tfm) static int omap_aes_cra_init(struct crypto_tfm *tfm)
{ {
const char *name = crypto_tfm_alg_name(tfm); const char *name = crypto_tfm_alg_name(tfm);
const u32 flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK;
struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm); struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm);
struct crypto_skcipher *blk; struct crypto_sync_skcipher *blk;
blk = crypto_alloc_skcipher(name, 0, flags); blk = crypto_alloc_sync_skcipher(name, 0, CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(blk)) if (IS_ERR(blk))
return PTR_ERR(blk); return PTR_ERR(blk);
...@@ -667,7 +666,7 @@ static void omap_aes_cra_exit(struct crypto_tfm *tfm) ...@@ -667,7 +666,7 @@ static void omap_aes_cra_exit(struct crypto_tfm *tfm)
struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm); struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm);
if (ctx->fallback) if (ctx->fallback)
crypto_free_skcipher(ctx->fallback); crypto_free_sync_skcipher(ctx->fallback);
ctx->fallback = NULL; ctx->fallback = NULL;
} }
......
...@@ -101,7 +101,7 @@ struct omap_aes_ctx { ...@@ -101,7 +101,7 @@ struct omap_aes_ctx {
int keylen; int keylen;
u32 key[AES_KEYSIZE_256 / sizeof(u32)]; u32 key[AES_KEYSIZE_256 / sizeof(u32)];
u8 nonce[4]; u8 nonce[4];
struct crypto_skcipher *fallback; struct crypto_sync_skcipher *fallback;
struct crypto_skcipher *ctr; struct crypto_skcipher *ctr;
}; };
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment