crypto: hash - Remove VLA usage

In the quest to remove all stack VLA usage from the kernel[1], this
removes the VLAs in SHASH_DESC_ON_STACK (via crypto_shash_descsize())
by using the maximum allowable size (which is now more clearly captured
in a macro), along with a few other cases. Similar limits are turned into
macros as well.

A review of existing sizes shows that SHA512_DIGEST_SIZE (64) is the
largest digest size and that sizeof(struct sha3_state) (360) is the
largest descriptor size. The corresponding maximums are reduced.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

1 files changed, 5 insertions, 1 deletions

diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index 76e432cab75d..21587011ab0f 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -151,9 +151,13 @@ struct shash_desc {
         void *__ctx[] CRYPTO_MINALIGN_ATTR;
 };
 
+#define HASH_MAX_DIGESTSIZE      64
+#define HASH_MAX_DESCSIZE       360
+#define HASH_MAX_STATESIZE      512
+
 #define SHASH_DESC_ON_STACK(shash, ctx)                           \
         char __##shash##_desc[sizeof(struct shash_desc) +         \
-                crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \
+                HASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \
         struct shash_desc *shash = (struct shash_desc *)__##shash##_desc
 
 /**