Re: [kbuild-all] security/integrity/ima/ima_crypto.c:575:12: warning: stack frame size of 1152 bytes in function 'ima_calc_field_array_hash_tfm'

From: Rong Chen
Date: Thu Jun 18 2020 - 23:11:51 EST

Hi Herbert,

Could you take a look at this warning? Roberto mentioned you in previous report:
https://lore.kernel.org/linux-integrity/9dbec9465bda4f8995a42593eb0db010@xxxxxxxxxx/

Best Regards,
Rong Chen

On 6/17/20 9:35 PM, kernel test robot wrote:
Hi Roberto,

FYI, the error/warning still remains.

tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 69119673bd50b176ded34032fadd41530fb5af21
commit: 1ea973df6e2166d1a576cabe5d08925d3261ff9d ima: Calculate and extend PCR with digests in ima_template_entry
date: 8 weeks ago
config: mips-randconfig-r014-20200617 (attached as .config)
compiler: clang version 11.0.0 (https://github.com/llvm/llvm-project 487ca07fcc75d52755c9fe2ee05bcb3b6eeeec44)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install mips cross compiling tool for clang build
# apt-get install binutils-mips-linux-gnu
git checkout 1ea973df6e2166d1a576cabe5d08925d3261ff9d
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=mips

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>

All warnings (new ones prefixed by >>, old ones prefixed by <<):

security/integrity/ima/ima_crypto.c:575:12: warning: stack frame size of 1152 bytes in function 'ima_calc_field_array_hash_tfm' [-Wframe-larger-than=]
static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
^
1 warning generated.

vim +/ima_calc_field_array_hash_tfm +575 security/integrity/ima/ima_crypto.c

3bcced39ea7d1b Dmitry Kasatkin 2014-02-26 571
3323eec921efd8 Mimi Zohar 2009-02-04 572 /*
a71dc65d30a472 Roberto Sassu 2013-06-07 573 * Calculate the hash of template data
3323eec921efd8 Mimi Zohar 2009-02-04 574 */
a71dc65d30a472 Roberto Sassu 2013-06-07 @575 static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
7ca79645a1f883 Roberto Sassu 2020-03-25 576 struct ima_template_entry *entry,
6d94809af6b083 Roberto Sassu 2020-03-25 577 int tfm_idx)
3323eec921efd8 Mimi Zohar 2009-02-04 578 {
6d94809af6b083 Roberto Sassu 2020-03-25 579 SHASH_DESC_ON_STACK(shash, ima_algo_array[tfm_idx].tfm);
7ca79645a1f883 Roberto Sassu 2020-03-25 580 struct ima_template_desc *td = entry->template_desc;
7ca79645a1f883 Roberto Sassu 2020-03-25 581 int num_fields = entry->template_desc->num_fields;
a71dc65d30a472 Roberto Sassu 2013-06-07 582 int rc, i;
3323eec921efd8 Mimi Zohar 2009-02-04 583
6d94809af6b083 Roberto Sassu 2020-03-25 584 shash->tfm = ima_algo_array[tfm_idx].tfm;
3323eec921efd8 Mimi Zohar 2009-02-04 585
357aabed626fe3 Behan Webster 2014-04-04 586 rc = crypto_shash_init(shash);
a71dc65d30a472 Roberto Sassu 2013-06-07 587 if (rc != 0)
a71dc65d30a472 Roberto Sassu 2013-06-07 588 return rc;
a71dc65d30a472 Roberto Sassu 2013-06-07 589
a71dc65d30a472 Roberto Sassu 2013-06-07 590 for (i = 0; i < num_fields; i++) {
e3b64c268b485f Roberto Sassu 2014-02-03 591 u8 buffer[IMA_EVENT_NAME_LEN_MAX + 1] = { 0 };
e3b64c268b485f Roberto Sassu 2014-02-03 592 u8 *data_to_hash = field_data[i].data;
e3b64c268b485f Roberto Sassu 2014-02-03 593 u32 datalen = field_data[i].len;
98e1d55d033eed Andreas Steffen 2016-12-19 594 u32 datalen_to_hash =
98e1d55d033eed Andreas Steffen 2016-12-19 595 !ima_canonical_fmt ? datalen : cpu_to_le32(datalen);
e3b64c268b485f Roberto Sassu 2014-02-03 596
b6f8f16f41d928 Roberto Sassu 2013-11-08 597 if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
357aabed626fe3 Behan Webster 2014-04-04 598 rc = crypto_shash_update(shash,
98e1d55d033eed Andreas Steffen 2016-12-19 599 (const u8 *) &datalen_to_hash,
98e1d55d033eed Andreas Steffen 2016-12-19 600 sizeof(datalen_to_hash));
b6f8f16f41d928 Roberto Sassu 2013-11-08 601 if (rc)
b6f8f16f41d928 Roberto Sassu 2013-11-08 602 break;
e3b64c268b485f Roberto Sassu 2014-02-03 603 } else if (strcmp(td->fields[i]->field_id, "n") == 0) {
e3b64c268b485f Roberto Sassu 2014-02-03 604 memcpy(buffer, data_to_hash, datalen);
e3b64c268b485f Roberto Sassu 2014-02-03 605 data_to_hash = buffer;
e3b64c268b485f Roberto Sassu 2014-02-03 606 datalen = IMA_EVENT_NAME_LEN_MAX + 1;
b6f8f16f41d928 Roberto Sassu 2013-11-08 607 }
357aabed626fe3 Behan Webster 2014-04-04 608 rc = crypto_shash_update(shash, data_to_hash, datalen);
a71dc65d30a472 Roberto Sassu 2013-06-07 609 if (rc)
a71dc65d30a472 Roberto Sassu 2013-06-07 610 break;
a71dc65d30a472 Roberto Sassu 2013-06-07 611 }
a71dc65d30a472 Roberto Sassu 2013-06-07 612
a71dc65d30a472 Roberto Sassu 2013-06-07 613 if (!rc)
6d94809af6b083 Roberto Sassu 2020-03-25 614 rc = crypto_shash_final(shash, entry->digests[tfm_idx].digest);
a71dc65d30a472 Roberto Sassu 2013-06-07 615
a71dc65d30a472 Roberto Sassu 2013-06-07 616 return rc;
3323eec921efd8 Mimi Zohar 2009-02-04 617 }
3323eec921efd8 Mimi Zohar 2009-02-04 618

:::::: The code at line 575 was first introduced by commit
:::::: a71dc65d30a472409f05d247f4eab91b14acf2f5 ima: switch to new template management mechanism

:::::: TO: Roberto Sassu <roberto.sassu@xxxxxxxxx>
:::::: CC: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

_______________________________________________
kbuild-all mailing list -- kbuild-all@xxxxxxxxxxxx
To unsubscribe send an email to kbuild-all-leave@xxxxxxxxxxxx

Attachment: .config.gz
Description: application/gzip