From patchwork Mon Jun 17 11:20:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 166996 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2765922ilk; Mon, 17 Jun 2019 04:59:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqz+B4WEP+FdgqIAMTRf4ccGPC/uVhWWtIK16kcMm8J8gOGIzkg9JcNP+G6Kmq6rCJ6sPhpA X-Received: by 2002:a17:90a:b387:: with SMTP id e7mr26597093pjr.113.1560772760625; Mon, 17 Jun 2019 04:59:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560772760; cv=none; d=google.com; s=arc-20160816; b=f8j8gHM1GvdMGzqqvW+8DcPJ4gM9Y62OmtHvmTTyIh+jjmHOkIA7JVmsIPS1VD0UYg tg94fVbrqf1719dEcDD5VdPj7hwGENAOsulhdri/BZIC5v6rE5jS24rp/nEHSnSBHX2P LhjdB3rNhz9LaLOBGhQMou0COU15y5iQ0LeGJg9ZzyEwFChVDuc3/Tdi5U3KgJyUrmd6 nr3XXKOku+sxisYg9jFnNrWTSMCU+NBmnTvmrIDtSJ7qRn0o1/dLlWc07xTNV1Wa0u/B TTPzyzz9BPqWgD9IWRgweh2thu6p/AMAjZ166lQYVWgEsx9hZmFARRj1ZO5o1NewNB4w RvZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=/fgfu4k8+rLoCbFeDe99LpsGGU9xoMIP5NyhF2oOJCI=; b=I5xaxdskfFGGUrCN6gwaA+tmpQ0Fw7H0Db310BGOKlPlMjaP5TMq4kf1DaTxRd2dBJ jb6cT4Jp+LLwK7CTP+GEqy8vUzzL/j6GxQl7e0g6VPPhKcTj9JPLvZL7sa7hraX7Bmzn epApAKdFMU87yMOnFxn7d529zEsXo/PuahrhDjZ9Pp6iD8W9ZQ8+40N86N/I6Jb0+3p+ K0ZHWxWJkUMBJ0bwmhD5UIsLaP6DtZaOCLCyip5yq1ANpVwXVJaf2NoXQeOgf7z1rOKK BK/VQGukJXA6U2Fx47P9QtwGzqqZc5CABkaKAudWbrzy8cr+VxjAXDz+AHmu7Yhj+HjG HOmg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 31si10791796pgo.151.2019.06.17.04.59.20; Mon, 17 Jun 2019 04:59:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726969AbfFQL7S (ORCPT + 26 others); Mon, 17 Jun 2019 07:59:18 -0400 Received: from mout.kundenserver.de ([212.227.17.10]:33899 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725763AbfFQL7S (ORCPT ); Mon, 17 Jun 2019 07:59:18 -0400 Received: from threadripper.lan ([149.172.19.189]) by mrelayeu.kundenserver.de (mreue109 [212.227.15.145]) with ESMTPA (Nemesis) id 1N1Oft-1idn5x173T-012p0I; Mon, 17 Jun 2019 13:58:46 +0200 From: Arnd Bergmann To: Mimi Zohar , Dmitry Kasatkin , James Morris , "Serge E. Hallyn" Cc: Arnd Bergmann , Jarkko Sakkinen , Stefan Berger , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] ima: dynamically allocate shash_desc Date: Mon, 17 Jun 2019 13:20:37 +0200 Message-Id: <20190617115838.2397872-1-arnd@arndb.de> X-Mailer: git-send-email 2.20.0 MIME-Version: 1.0 X-Provags-ID: V03:K1:Aok4LcHbJEGe4AaznFIfACC7Rx178p41ovN43L+MyVducbpJUmo Ks3nYiQFYUumaQQDtFktb7FASBDgNt0aWrEmebIaB2QKuW7eKXp/C3mpmUcUcD6KVf3YWcB cHciwJcVESXqtHG5EZm3ls+ZpDxsTRQTdcm0F/UvIc6M6Ypeq63DAIUrs/oUOxrkLyMFvCw XFmMdwOf5uOdyLU9P5gpA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1; V03:K0:jHvm8xVNDAg=:2tQYUYi5EHZK8Jj9NnbR8R Eo7gZUfrH0IV231kubqyOXrM2KIdTUI7lkeT64oWq+/f71gkLCOBA3NzPI6XwDwGl8OwX+/5w yVDiKGLnOGCxf+S0vbTYzsRNBq76ZlUCUzWuIjpHVVGjeN5SAyE6MywStp8xA1h/cRWcK3cSx Bwgbt7JUQDgtp4jOKoxHjqlrVcLSbpbu8rpnkIYtSBmEobq2yDokeJyj1QugUmAg+hNXmMcM4 pVvePhrtr24jnquz/odgNTRAHaD5VQY3uTcDpF6QdL9zrmy6UCL8SCxFf5EeaJeTzSiiW+uPk bCVCbyUWrELjuHEt22u1i1oJ2sBS1ldJ9xecgj7l+X+Sj5Jouj+A+Zbi5xcgrU/ngnLRiabOU 5TLlpJZgM7xeHyJcibAzzh034agXYUkyVbw0mEZZW8Tjq5nL6IkBWYphrpAfGzFQ946pBaF1p nPVIq+92AGgeXZ3Cv0v7IQ2bLUq3YUj5fsawacZO1BG8fAaSf+EgYJsPg6RYip3gbP5uDLPyF Gi7rVAPX3uwg04Pe4uBMsw41abY2iVQBULvYBbFi9ohYBnVty966idrZjgx+Pyg3inltOFtVj M/fpwbgM2WhO2KGKKzFiiOs+uajZha0drkVdDo1ZbPf2NM+4BAb+90WhFspBAfibbneJlHCMx kakkUzVCB2p/ES21GFZU+Q2++wdThYh8RzHe6rYlRywsa2B879EEe/j1On0RzPHJxZa/QOEFJ 3HYbjkqetrngw4zwpfpkit5NhMMqT6RJEFSXnA== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 32-bit ARM, we get a warning about excessive stack usage when building with clang. security/integrity/ima/ima_crypto.c:504:5: error: stack frame size of 1152 bytes in function 'ima_calc_field_array_hash' [-Werror,-Wframe-larger-than=] Using kmalloc to get the descriptor reduces this to 320 bytes. Signed-off-by: Arnd Bergmann --- security/integrity/ima/ima_crypto.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) -- 2.20.0 diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index d4c7b8e1b083..8a66bab4c435 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -461,16 +461,21 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, struct ima_digest_data *hash, struct crypto_shash *tfm) { - SHASH_DESC_ON_STACK(shash, tfm); + struct shash_desc *shash; int rc, i; + shash = kmalloc(sizeof(struct shash_desc) + crypto_shash_descsize(tfm), + GFP_KERNEL); + if (!shash) + return -ENOMEM; + shash->tfm = tfm; hash->length = crypto_shash_digestsize(tfm); rc = crypto_shash_init(shash); if (rc != 0) - return rc; + goto out; for (i = 0; i < num_fields; i++) { u8 buffer[IMA_EVENT_NAME_LEN_MAX + 1] = { 0 }; @@ -497,7 +502,8 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, if (!rc) rc = crypto_shash_final(shash, hash->digest); - +out: + kfree(shash); return rc; }