Re: [PATCH v4 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
On 23/09/14 07:42, beh...@converseincode.com wrote: > From: Behan Webster > > Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 > compliant equivalent. This patch allocates the appropriate amount of memory > using a char array using the SHASH_DESC_ON_STACK macro. > > The new code can be compiled with both gcc and clang. > > Signed-off-by: Behan Webster > Reviewed-by: Mark Charlebois > Reviewed-by: Jan-Simon Möller > Acked-by: Herbert Xu > Cc: t...@linutronix.de Looks good. Thanks. Acked-by: Dmitry Kasatkin > --- > security/integrity/ima/ima_crypto.c | 47 > +++-- > 1 file changed, 19 insertions(+), 28 deletions(-) > > diff --git a/security/integrity/ima/ima_crypto.c > b/security/integrity/ima/ima_crypto.c > index 0bd7328..e35f5d9 100644 > --- a/security/integrity/ima/ima_crypto.c > +++ b/security/integrity/ima/ima_crypto.c > @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file, > loff_t i_size, offset = 0; > char *rbuf; > int rc, read = 0; > - struct { > - struct shash_desc shash; > - char ctx[crypto_shash_descsize(tfm)]; > - } desc; > + SHASH_DESC_ON_STACK(shash, tfm); > > - desc.shash.tfm = tfm; > - desc.shash.flags = 0; > + shash->tfm = tfm; > + shash->flags = 0; > > hash->length = crypto_shash_digestsize(tfm); > > - rc = crypto_shash_init(); > + rc = crypto_shash_init(shash); > if (rc != 0) > return rc; > > @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file, > break; > offset += rbuf_len; > > - rc = crypto_shash_update(, rbuf, rbuf_len); > + rc = crypto_shash_update(shash, rbuf, rbuf_len); > if (rc) > break; > } > @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file, > kfree(rbuf); > out: > if (!rc) > - rc = crypto_shash_final(, hash->digest); > + rc = crypto_shash_final(shash, hash->digest); > return rc; > } > > @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct > ima_field_data *field_data, >struct ima_digest_data *hash, >struct crypto_shash *tfm) > { > - struct { > - struct shash_desc shash; > - char ctx[crypto_shash_descsize(tfm)]; > - } desc; > + SHASH_DESC_ON_STACK(shash, tfm); > int rc, i; > > - desc.shash.tfm = tfm; > - desc.shash.flags = 0; > + shash->tfm = tfm; > + shash->flags = 0; > > hash->length = crypto_shash_digestsize(tfm); > > - rc = crypto_shash_init(); > + rc = crypto_shash_init(shash); > if (rc != 0) > return rc; > > @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct > ima_field_data *field_data, > u32 datalen = field_data[i].len; > > if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) { > - rc = crypto_shash_update(, > + rc = crypto_shash_update(shash, > (const u8 *) _data[i].len, > sizeof(field_data[i].len)); > if (rc) > @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct > ima_field_data *field_data, > data_to_hash = buffer; > datalen = IMA_EVENT_NAME_LEN_MAX + 1; > } > - rc = crypto_shash_update(, data_to_hash, datalen); > + rc = crypto_shash_update(shash, data_to_hash, datalen); > if (rc) > break; > } > > if (!rc) > - rc = crypto_shash_final(, hash->digest); > + rc = crypto_shash_final(shash, hash->digest); > > return rc; > } > @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char > *digest, > { > u8 pcr_i[TPM_DIGEST_SIZE]; > int rc, i; > - struct { > - struct shash_desc shash; > - char ctx[crypto_shash_descsize(tfm)]; > - } desc; > + SHASH_DESC_ON_STACK(shash, tfm); > > - desc.shash.tfm = tfm; > - desc.shash.flags = 0; > + shash->tfm = tfm; > + shash->flags = 0; > > - rc = crypto_shash_init(); > + rc = crypto_shash_init(shash); > if (rc != 0) > return rc; > > @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char > *digest, > for (i = TPM_PCR0; i < TPM_PCR8; i++) { > ima_pcrread(i, pcr_i); > /* now accumulate with current aggregate */ > - rc = crypto_shash_update(, pcr_i, TPM_DIGEST_SIZE); > + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE); > } > if (!rc) > - crypto_shash_final(, digest); > +
Re: [PATCH v4 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
On 23/09/14 07:42, beh...@converseincode.com wrote: From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de Acked-by: Herbert Xu herb...@gondor.apana.org.au Cc: t...@linutronix.de Looks good. Thanks. Acked-by: Dmitry Kasatkin d.kasat...@samsung.com --- security/integrity/ima/ima_crypto.c | 47 +++-- 1 file changed, 19 insertions(+), 28 deletions(-) diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 0bd7328..e35f5d9 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file, loff_t i_size, offset = 0; char *rbuf; int rc, read = 0; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file, break; offset += rbuf_len; - rc = crypto_shash_update(desc.shash, rbuf, rbuf_len); + rc = crypto_shash_update(shash, rbuf, rbuf_len); if (rc) break; } @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file, kfree(rbuf); out: if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, struct ima_digest_data *hash, struct crypto_shash *tfm) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); int rc, i; - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, u32 datalen = field_data[i].len; if (strcmp(td-name, IMA_TEMPLATE_IMA_NAME) != 0) { - rc = crypto_shash_update(desc.shash, + rc = crypto_shash_update(shash, (const u8 *) field_data[i].len, sizeof(field_data[i].len)); if (rc) @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, data_to_hash = buffer; datalen = IMA_EVENT_NAME_LEN_MAX + 1; } - rc = crypto_shash_update(desc.shash, data_to_hash, datalen); + rc = crypto_shash_update(shash, data_to_hash, datalen); if (rc) break; } if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, { u8 pcr_i[TPM_DIGEST_SIZE]; int rc, i; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, for (i = TPM_PCR0; i TPM_PCR8; i++) { ima_pcrread(i, pcr_i); /* now accumulate with current aggregate */ - rc = crypto_shash_update(desc.shash, pcr_i, TPM_DIGEST_SIZE); + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE); }
[PATCH v4 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
From: Behan Webster Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster Reviewed-by: Mark Charlebois Reviewed-by: Jan-Simon Möller Acked-by: Herbert Xu Cc: t...@linutronix.de --- security/integrity/ima/ima_crypto.c | 47 +++-- 1 file changed, 19 insertions(+), 28 deletions(-) diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 0bd7328..e35f5d9 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file, loff_t i_size, offset = 0; char *rbuf; int rc, read = 0; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash->tfm = tfm; + shash->flags = 0; hash->length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file, break; offset += rbuf_len; - rc = crypto_shash_update(, rbuf, rbuf_len); + rc = crypto_shash_update(shash, rbuf, rbuf_len); if (rc) break; } @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file, kfree(rbuf); out: if (!rc) - rc = crypto_shash_final(, hash->digest); + rc = crypto_shash_final(shash, hash->digest); return rc; } @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, struct ima_digest_data *hash, struct crypto_shash *tfm) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); int rc, i; - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash->tfm = tfm; + shash->flags = 0; hash->length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, u32 datalen = field_data[i].len; if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) { - rc = crypto_shash_update(, + rc = crypto_shash_update(shash, (const u8 *) _data[i].len, sizeof(field_data[i].len)); if (rc) @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, data_to_hash = buffer; datalen = IMA_EVENT_NAME_LEN_MAX + 1; } - rc = crypto_shash_update(, data_to_hash, datalen); + rc = crypto_shash_update(shash, data_to_hash, datalen); if (rc) break; } if (!rc) - rc = crypto_shash_final(, hash->digest); + rc = crypto_shash_final(shash, hash->digest); return rc; } @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, { u8 pcr_i[TPM_DIGEST_SIZE]; int rc, i; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash->tfm = tfm; + shash->flags = 0; - rc = crypto_shash_init(); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, for (i = TPM_PCR0; i < TPM_PCR8; i++) { ima_pcrread(i, pcr_i); /* now accumulate with current aggregate */ - rc = crypto_shash_update(, pcr_i, TPM_DIGEST_SIZE); + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE); } if (!rc) - crypto_shash_final(, digest); + crypto_shash_final(shash, digest); return rc; } -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org
[PATCH v4 11/12] security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
From: Behan Webster beh...@converseincode.com Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster beh...@converseincode.com Reviewed-by: Mark Charlebois charl...@gmail.com Reviewed-by: Jan-Simon Möller dl...@gmx.de Acked-by: Herbert Xu herb...@gondor.apana.org.au Cc: t...@linutronix.de --- security/integrity/ima/ima_crypto.c | 47 +++-- 1 file changed, 19 insertions(+), 28 deletions(-) diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 0bd7328..e35f5d9 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file, loff_t i_size, offset = 0; char *rbuf; int rc, read = 0; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file, break; offset += rbuf_len; - rc = crypto_shash_update(desc.shash, rbuf, rbuf_len); + rc = crypto_shash_update(shash, rbuf, rbuf_len); if (rc) break; } @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file, kfree(rbuf); out: if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, struct ima_digest_data *hash, struct crypto_shash *tfm) { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); int rc, i; - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; hash-length = crypto_shash_digestsize(tfm); - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, u32 datalen = field_data[i].len; if (strcmp(td-name, IMA_TEMPLATE_IMA_NAME) != 0) { - rc = crypto_shash_update(desc.shash, + rc = crypto_shash_update(shash, (const u8 *) field_data[i].len, sizeof(field_data[i].len)); if (rc) @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, data_to_hash = buffer; datalen = IMA_EVENT_NAME_LEN_MAX + 1; } - rc = crypto_shash_update(desc.shash, data_to_hash, datalen); + rc = crypto_shash_update(shash, data_to_hash, datalen); if (rc) break; } if (!rc) - rc = crypto_shash_final(desc.shash, hash-digest); + rc = crypto_shash_final(shash, hash-digest); return rc; } @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, { u8 pcr_i[TPM_DIGEST_SIZE]; int rc, i; - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } desc; + SHASH_DESC_ON_STACK(shash, tfm); - desc.shash.tfm = tfm; - desc.shash.flags = 0; + shash-tfm = tfm; + shash-flags = 0; - rc = crypto_shash_init(desc.shash); + rc = crypto_shash_init(shash); if (rc != 0) return rc; @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, for (i = TPM_PCR0; i TPM_PCR8; i++) { ima_pcrread(i, pcr_i); /* now accumulate with current aggregate */ - rc = crypto_shash_update(desc.shash, pcr_i, TPM_DIGEST_SIZE); + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE); } if (!rc) - crypto_shash_final(desc.shash, digest); +