diff mbox series

crypto: algif_hash - Allocate hash state with kmalloc

Message ID ZCJk8JQV+0N3VwPS@gondor.apana.org.au
State Accepted
Commit acc03d8908fdd8f24d5c0510a7c1767e176da4bc
Headers show
Series crypto: algif_hash - Allocate hash state with kmalloc | expand

Commit Message

Herbert Xu March 28, 2023, 3:54 a.m. UTC 
Allocating the hash state on the stack limits its size.  Change
this to use kmalloc so the limit can be removed for new drivers.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Comments

Herbert Xu March 30, 2023, 3:17 a.m. UTC | #1 
On Wed, Mar 29, 2023 at 05:26:29PM +0200, Thomas BOURGOIN wrote:
> Hi herbert,
> 
> I'm testing the serie on STM32MP1.
> I cannot apply the patch on my kernel tree.
> The patch fails to apply for the file crypto/ahash.c
> I tried on tags v6.3-rc1 ans v6.3-p2.
> 
> On which branch can I test your patch ?

Please use the cryptodev tree for all crypto work.

Thanks,
Thomas Bourgoin April 3, 2023, 6:59 a.m. UTC | #2 
> Please use the cryptodev tree for all crypto work.

Thanks for the tip, the serie works on STM32MP1

Tested-by : Thomas Bourgoin <thomas.bourgoin@foss.st.com>

BR
diff mbox series

Patch

diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 1d017ec5c63c..63af72e19fa8 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -235,24 +235,31 @@  static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
 	struct alg_sock *ask = alg_sk(sk);
 	struct hash_ctx *ctx = ask->private;
 	struct ahash_request *req = &ctx->req;
-	char state[HASH_MAX_STATESIZE];
+	struct crypto_ahash *tfm;
 	struct sock *sk2;
 	struct alg_sock *ask2;
 	struct hash_ctx *ctx2;
+	char *state;
 	bool more;
 	int err;
 
+	tfm = crypto_ahash_reqtfm(req);
+	state = kmalloc(crypto_ahash_statesize(tfm), GFP_KERNEL);
+	err = -ENOMEM;
+	if (!state)
+		goto out;
+
 	lock_sock(sk);
 	more = ctx->more;
 	err = more ? crypto_ahash_export(req, state) : 0;
 	release_sock(sk);
 
 	if (err)
-		return err;
+		goto out_free_state;
 
 	err = af_alg_accept(ask->parent, newsock, kern);
 	if (err)
-		return err;
+		goto out_free_state;
 
 	sk2 = newsock->sk;
 	ask2 = alg_sk(sk2);
@@ -260,7 +267,7 @@  static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
 	ctx2->more = more;
 
 	if (!more)
-		return err;
+		goto out_free_state;
 
 	err = crypto_ahash_import(&ctx2->req, state);
 	if (err) {
@@ -268,6 +275,10 @@  static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
 		sock_put(sk2);
 	}
 
+out_free_state:
+	kfree_sensitive(state);
+
+out:
 	return err;
 }