diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2023-03-28 11:54:24 +0800 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2023-04-06 16:18:53 +0800 |
commit | acc03d8908fdd8f24d5c0510a7c1767e176da4bc (patch) | |
tree | b5b9dbf733ba2431f46e939a9c66666e23498437 /crypto | |
parent | 686cd976b6ddedeeb1a1fb09ba53a891d3cc9a03 (diff) |
crypto: algif_hash - Allocate hash state with kmalloc
Allocating the hash state on the stack limits its size. Change
this to use kmalloc so the limit can be removed for new drivers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/algif_hash.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c index 1d017ec5c63c..63af72e19fa8 100644 --- a/crypto/algif_hash.c +++ b/crypto/algif_hash.c @@ -235,24 +235,31 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags, struct alg_sock *ask = alg_sk(sk); struct hash_ctx *ctx = ask->private; struct ahash_request *req = &ctx->req; - char state[HASH_MAX_STATESIZE]; + struct crypto_ahash *tfm; struct sock *sk2; struct alg_sock *ask2; struct hash_ctx *ctx2; + char *state; bool more; int err; + tfm = crypto_ahash_reqtfm(req); + state = kmalloc(crypto_ahash_statesize(tfm), GFP_KERNEL); + err = -ENOMEM; + if (!state) + goto out; + lock_sock(sk); more = ctx->more; err = more ? crypto_ahash_export(req, state) : 0; release_sock(sk); if (err) - return err; + goto out_free_state; err = af_alg_accept(ask->parent, newsock, kern); if (err) - return err; + goto out_free_state; sk2 = newsock->sk; ask2 = alg_sk(sk2); @@ -260,7 +267,7 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags, ctx2->more = more; if (!more) - return err; + goto out_free_state; err = crypto_ahash_import(&ctx2->req, state); if (err) { @@ -268,6 +275,10 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags, sock_put(sk2); } +out_free_state: + kfree_sensitive(state); + +out: return err; } |