[PATCH 1/1] crypto: arm64/aes-neonbs - Move key expansion off the stack
Eric Biggers
ebiggers at kernel.org
Thu Mar 5 21:54:48 PST 2026
On Fri, Mar 06, 2026 at 01:46:33PM +0800, Cheng-Yang Chou wrote:
> Hi Eric,
>
> On Thu, Mar 05, 2026 at 11:38:47AM -0800, Eric Biggers wrote:
> > Instead of memzero_explicit() followed by kfree(), just use
> > kfree_sensitive().
> >
> > Also, single patches should not have a cover letter. Just send a single
> > patch email with all the details in the patch itself.
> >
> > As for the actual change, I guess it's okay for now. Ideally we'd
> > refactor the aes-bs key preparation to not need temporary space.
>
> Thanks for the feedback.
> I'll send a v2 to address your comments.
>
> The arm implementation also allocates struct crypto_aes_ctx on the
> stack in aesbs_setkey(). Should I include a fix for it as well?
> Note that I can only test on arm64.
>
> Also, I'd be happy to help with the refactoring if you can point me
> in the right direction.
arm doesn't store the kernel-mode NEON context on the stack, so a
similar change shouldn't be needed there. This issue showed up only
because arm64 started doing that, which made the stack memory used by
aesbs_setkey() exceed ~1000 bytes due to the crypto_aes_ctx and the
kernel-mode NEON context each using about 500.
- Eric
More information about the linux-arm-kernel
mailing list