Home Home > GIT Browse > stable
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-08-16 22:01:45 +0200
committerJiri Slaby <jslaby@suse.cz>2019-08-16 22:25:10 +0200
commit09276a1a3478ad6e097633781bb00de1404b26d1 (patch)
tree2486b2b7efdade805290468c5bf17f30e7799f82
parent617db9dd7719b9fec11f33cb8eea3fa5d35996a9 (diff)
drbd: dynamically allocate shash descriptor (bnc#1012628).
-rw-r--r--patches.kernel.org/5.2.9-101-drbd-dynamically-allocate-shash-descriptor.patch72
-rw-r--r--series.conf1
2 files changed, 73 insertions, 0 deletions
diff --git a/patches.kernel.org/5.2.9-101-drbd-dynamically-allocate-shash-descriptor.patch b/patches.kernel.org/5.2.9-101-drbd-dynamically-allocate-shash-descriptor.patch
new file mode 100644
index 0000000000..74ca3ddace
--- /dev/null
+++ b/patches.kernel.org/5.2.9-101-drbd-dynamically-allocate-shash-descriptor.patch
@@ -0,0 +1,72 @@
+From: Arnd Bergmann <arnd@arndb.de>
+Date: Mon, 22 Jul 2019 14:26:34 +0200
+Subject: [PATCH] drbd: dynamically allocate shash descriptor
+References: bnc#1012628
+Patch-mainline: 5.2.9
+Git-commit: 77ce56e2bfaa64127ae5e23ef136c0168b818777
+
+[ Upstream commit 77ce56e2bfaa64127ae5e23ef136c0168b818777 ]
+
+Building with clang and KASAN, we get a warning about an overly large
+stack frame on 32-bit architectures:
+
+drivers/block/drbd/drbd_receiver.c:921:31: error: stack frame size of 1280 bytes in function 'conn_connect'
+ [-Werror,-Wframe-larger-than=]
+
+We already allocate other data dynamically in this function, so
+just do the same for the shash descriptor, which makes up most of
+this memory.
+
+Link: https://lore.kernel.org/lkml/20190617132440.2721536-1-arnd@arndb.de/
+Reviewed-by: Kees Cook <keescook@chromium.org>
+Reviewed-by: Roland Kammerer <roland.kammerer@linbit.com>
+Signed-off-by: Arnd Bergmann <arnd@arndb.de>
+Signed-off-by: Jens Axboe <axboe@kernel.dk>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ drivers/block/drbd/drbd_receiver.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
+index 90ebfcae0ce6..2b3103c30857 100644
+--- a/drivers/block/drbd/drbd_receiver.c
++++ b/drivers/block/drbd/drbd_receiver.c
+@@ -5417,7 +5417,7 @@ static int drbd_do_auth(struct drbd_connection *connection)
+ unsigned int key_len;
+ char secret[SHARED_SECRET_MAX]; /* 64 byte */
+ unsigned int resp_size;
+- SHASH_DESC_ON_STACK(desc, connection->cram_hmac_tfm);
++ struct shash_desc *desc;
+ struct packet_info pi;
+ struct net_conf *nc;
+ int err, rv;
+@@ -5430,6 +5430,13 @@ static int drbd_do_auth(struct drbd_connection *connection)
+ memcpy(secret, nc->shared_secret, key_len);
+ rcu_read_unlock();
+
++ desc = kmalloc(sizeof(struct shash_desc) +
++ crypto_shash_descsize(connection->cram_hmac_tfm),
++ GFP_KERNEL);
++ if (!desc) {
++ rv = -1;
++ goto fail;
++ }
+ desc->tfm = connection->cram_hmac_tfm;
+
+ rv = crypto_shash_setkey(connection->cram_hmac_tfm, (u8 *)secret, key_len);
+@@ -5571,7 +5578,10 @@ static int drbd_do_auth(struct drbd_connection *connection)
+ kfree(peers_ch);
+ kfree(response);
+ kfree(right_response);
+- shash_desc_zero(desc);
++ if (desc) {
++ shash_desc_zero(desc);
++ kfree(desc);
++ }
+
+ return rv;
+ }
+--
+2.22.0
+
diff --git a/series.conf b/series.conf
index 4328077a50..4e4e4f8024 100644
--- a/series.conf
+++ b/series.conf
@@ -1121,6 +1121,7 @@
patches.kernel.org/5.2.9-098-perf-stat-Fix-segfault-for-event-group-in-repea.patch
patches.kernel.org/5.2.9-099-perf-session-Fix-loading-of-compressed-data-spl.patch
patches.kernel.org/5.2.9-100-perf-probe-Avoid-calling-freeing-routine-multip.patch
+ patches.kernel.org/5.2.9-101-drbd-dynamically-allocate-shash-descriptor.patch
########################################################
# Build fixes that apply to the vanilla kernel too.