Re: vmalloced stacks and scatterwalk_map_and_copy()

From: Eric Biggers
Date: Fri Nov 04 2016 - 13:05:45 EST

On Thu, Nov 03, 2016 at 08:57:49PM -0700, Andy Lutomirski wrote:
> The crypto request objects can live on the stack just fine. It's the
> request buffers that need to live elsewhere (or the alternative
> interfaces can be used, or the crypto core code can start using
> something other than scatterlists).

There are cases where a crypto operation is done on a buffer embedded in a
request object. The example I'm aware of is in the GCM implementation
(crypto/gcm.c). Basically it needs to encrypt 16 zero bytes prepended with the
actual data, so it fills a buffer in the request object
(crypto_gcm_req_priv_ctx.auth_tag) with zeroes and builds a new scatterlist
which covers both this buffer and the original data scatterlist.

Granted, GCM provides the aead interface not the skcipher interface, and
currently there is no AEAD_REQUEST_ON_STACK() macro like there is a
SKCIPHER_REQUEST_ON_STACK() macro. So maybe no one is creating aead requests on
the stack right now. But it's something to watch out for.