lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <3cbec995-e04e-7d32-265a-9a639ec2ac73@linux.ibm.com>
Date:   Thu, 6 Sep 2018 11:52:49 +0200
From:   Harald Freudenberger <freude@...ux.ibm.com>
To:     Martin Schwidefsky <schwidefsky@...ibm.com>
Cc:     linux-kernel <linux-kernel@...r.kernel.org>,
        Heiko Carstens <heiko.carstens@...ibm.com>
Subject: Re: [GIT PULL] s390 patches for the 4.19 merge window #2

On 05.09.2018 02:16, Kees Cook wrote:
> On Fri, Aug 24, 2018 at 12:42 AM, Martin Schwidefsky
> <schwidefsky@...ibm.com> wrote:
>> Harald Freudenberger (5):
>>       s390/zcrypt: hex string mask improvements for apmask and aqmask.
> This (and an earlier 2017 commit) adds VLAs, which are being
> removed[1] from the kernel:
>
> drivers/s390/crypto/ap_bus.c:980:3: warning: ISO C90 forbids variable
> length array ‘clrm’ [-Wvla]
> drivers/s390/crypto/ap_bus.c:981:3: warning: ISO C90 forbids variable
> length array ‘setm’ [-Wvla]
> drivers/s390/crypto/ap_bus.c:995:3: warning: ISO C90 forbids variable
> length array ‘setm’ [-Wvla]
>
> static int process_mask_arg(const char *str,
>                             unsigned long *bitmap, int bits,
>                             struct mutex *lock)
> ...
>                 DECLARE_BITMAP(clrm, bits);
>                 DECLARE_BITMAP(setm, bits);
>
> Can someone please adjust this to make these fixed size again?
>
> Thanks!
>
> -Kees
>
> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
>
Here is a simple solution which just hard codes the upper limit to 256 bits.
As all callers are only internal to the ap bus code and do obey to this limit
this shouldn't be a real limitation.

However, a version which really allocates will follow and then I'll discuss
with Martin, which version to post upstream.

========================================

From: Harald Freudenberger <freude@...ux.ibm.com>
Date: Thu, 6 Sep 2018 11:29:36 +0200
Subject: [PATCH] s390/zcrypt: remove VLA use in ap bus code

The internal function to parse sysfs arguments uses VLAs -
dynamic bitmap arrays on the stack where the size is determined
by a invocation argument.

Reworked the code to have fixed sizes and check, if the caller
comply to this limit. However, one code path uses two of these
bitmap arrays and thus has a stack footprint of 64 bytes.

Signed-off-by: Harald Freudenberger <freude@...ux.ibm.com>
---
 drivers/s390/crypto/ap_bus.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/s390/crypto/ap_bus.c b/drivers/s390/crypto/ap_bus.c
index ec891bc7d10a..20f2fa2276c8 100644
--- a/drivers/s390/crypto/ap_bus.c
+++ b/drivers/s390/crypto/ap_bus.c
@@ -972,13 +972,13 @@ static int process_mask_arg(const char *str,
 {
     int i;
 
-    /* bits needs to be a multiple of 8 */
-    if (bits & 0x07)
+    /* bits needs to be a multiple of 8 and <= 256 */
+    if (bits & 0x07 || bits > 256)
         return -EINVAL;
 
     if (*str == '+' || *str == '-') {
-        DECLARE_BITMAP(clrm, bits);
-        DECLARE_BITMAP(setm, bits);
+        DECLARE_BITMAP(clrm, 256);
+        DECLARE_BITMAP(setm, 256);
 
         i = str2clrsetmasks(str, clrm, setm, bits);
         if (i)
@@ -992,7 +992,7 @@ static int process_mask_arg(const char *str,
                 set_bit_inv(i, bitmap);
         }
     } else {
-        DECLARE_BITMAP(setm, bits);
+        DECLARE_BITMAP(setm, 256);
 
         i = hex2bitmap(str, setm, bits);
         if (i)
-- 
2.17.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ