From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 503A629B8DD; Sat, 22 Nov 2025 19:42:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840565; cv=none; b=XG+mE1Nj9TdC+AYZU2SmlbAqcgHjnUrm9YEAKKZNfpiIzBX+RhHK8sU3fD+hrTjj/1m1LfFl3e/2q/JsVsEWoi5VNHcmd6OJwJaf+yAMdqwD7vX4GPuUybj+/Qcygu8IO5QQyngSyflhOpmQc1zIN81sAV8e4uAsdGIVW+OrDHw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840565; c=relaxed/simple; bh=j83Je7jbHX6b3mi+GQbOOK1HmWQTp2TsTLV/ZZ/fn/o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XoCYcYdZXBnbAF+gy+lnzR+SOuzkbqBmI6+Pjk0wz6RjDsYdRtgZUrcKtrvIY12HgppQzatKNYxZmJvb8B9PVn3TR2Ds8t7BXGHZ+G1nLh8jgL8ug0oeugL5WjWjkOcsWuriqJ99m6D493r0vzaCzzjZ1E6tTTlpxwEzyeyaD70= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=G4W3yqBt; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="G4W3yqBt" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 10905C19421; Sat, 22 Nov 2025 19:42:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840564; bh=j83Je7jbHX6b3mi+GQbOOK1HmWQTp2TsTLV/ZZ/fn/o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=G4W3yqBtn7Z5PLcVMbiEmjrfCMq96oUq2hsggAGhOUMfuDvjZQ6FG8zJ7gxrClTac pcfhyLgy0MOkLTrjVWrN2zmh12B/DRMu/BCGqrI1J4u1rVfGZRAOtHBSEi6+4CkSFP U29Pp3awnqdmg+4nyOYmXUVl94nCv4RmL6wuUIIf5Hv352zN4XOVYgUSSp2h+E8Nl5 f44FkNQS94ivvrVr6UVKrkIvDD9TZtw9x6JebhiWzBaaMWh0d0gy7bPe/meojh7e8Y 4q1Pd0NYMHNEZLWv9VSAaLQ+oBH+sJ0kv4UUBFlLtBcZ2FBdq803fEHrvoWFi2QgAb 7/e0hb4DVkk3A== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 1/6] lib/crypto: chacha: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:01 -0800 Message-ID: <20251122194206.31822-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the chacha library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/chacha.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/crypto/chacha.h b/include/crypto/chacha.h index 38e26dff27b0..1cc301a48469 100644 --- a/include/crypto/chacha.h +++ b/include/crypto/chacha.h @@ -36,22 +36,22 @@ struct chacha_state { u32 x[CHACHA_STATE_WORDS]; }; =20 void chacha_block_generic(struct chacha_state *state, - u8 out[CHACHA_BLOCK_SIZE], int nrounds); + u8 out[at_least CHACHA_BLOCK_SIZE], int nrounds); static inline void chacha20_block(struct chacha_state *state, - u8 out[CHACHA_BLOCK_SIZE]) + u8 out[at_least CHACHA_BLOCK_SIZE]) { chacha_block_generic(state, out, 20); } =20 void hchacha_block_generic(const struct chacha_state *state, - u32 out[HCHACHA_OUT_WORDS], int nrounds); + u32 out[at_least HCHACHA_OUT_WORDS], int nrounds); =20 void hchacha_block(const struct chacha_state *state, - u32 out[HCHACHA_OUT_WORDS], int nrounds); + u32 out[at_least HCHACHA_OUT_WORDS], int nrounds); =20 enum chacha_constants { /* expand 32-byte k */ CHACHA_CONSTANT_EXPA =3D 0x61707865U, CHACHA_CONSTANT_ND_3 =3D 0x3320646eU, CHACHA_CONSTANT_2_BY =3D 0x79622d32U, @@ -65,12 +65,12 @@ static inline void chacha_init_consts(struct chacha_sta= te *state) state->x[2] =3D CHACHA_CONSTANT_2_BY; state->x[3] =3D CHACHA_CONSTANT_TE_K; } =20 static inline void chacha_init(struct chacha_state *state, - const u32 key[CHACHA_KEY_WORDS], - const u8 iv[CHACHA_IV_SIZE]) + const u32 key[at_least CHACHA_KEY_WORDS], + const u8 iv[at_least CHACHA_IV_SIZE]) { chacha_init_consts(state); state->x[4] =3D key[0]; state->x[5] =3D key[1]; state->x[6] =3D key[2]; --=20 2.51.2 From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A9CE2C158E; Sat, 22 Nov 2025 19:42:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840566; cv=none; b=Q3JOz2FEsbn8NYLba3y1mswNNRbKzBlauLI6WSh2Yjo2TYlVM7FeXQkmEhfCF0soo7XXsJzN8Ww7T7rkyspXDXuSB5vfXElEsQoH37YGFnDAe3/kG2diQU4a3c1LppGJKFgo8Fdhw+2pk6kpMR2ppVZbpo/zFLV0ulYjg7/4UqE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840566; c=relaxed/simple; bh=xpoNH4kgspUwPe1f6Y50HDV93L8GACvKyr/04iKSWdQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=R+h/N1fdW6FEDsbApBrWm5Bq32YduCj8Wh8xuOHOFH7L3ltvIOaT/wrCTAwA6juW4GJNGDK3M6Qs1nXMR8pORNsOJiX/WSROzets20ypJn9pOWucoqCALJN4w9wIcoKNMOHPVTlKyCaSJ1yranmRIxqPe4ALc+lIbhcSw2PNpWM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=WpGZnv+F; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="WpGZnv+F" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 049E6C19425; Sat, 22 Nov 2025 19:42:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840565; bh=xpoNH4kgspUwPe1f6Y50HDV93L8GACvKyr/04iKSWdQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WpGZnv+F+k2ve49gIwlvlJyas8dB989YMRzs+ISBFMte5p86OC95Mo5KD4rp3ugtb 3SynOG7/VBP0tYPOoQRf1BxzB3zHn5fMEuhFIzFUfnl4EjczRvQbDHFz2jdaMULZt1 Oft1MphBTtyZrCQvPIAaoSEh27i7GZylJfROU0ANzpZDrvbVT7YEwdQ0+mtZ4DEDut 9oecUyKF2l4PJFEi/yYOFZ7/pfGNyhHOTvbqe7GMzNM6z0+hAHwmQJu+UUinNMxVtX VZPILtSJojMWkOD1Dzl/iB4KSNt1PcXxeHLJ5sM+7WC2kSCe8qN3n/6oaOw+hIkfD1 6VruZDBdADDeQ== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 2/6] lib/crypto: curve25519: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:02 -0800 Message-ID: <20251122194206.31822-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the curve25519 library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/curve25519.h | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/include/crypto/curve25519.h b/include/crypto/curve25519.h index db63a5577c00..2362b48f8741 100644 --- a/include/crypto/curve25519.h +++ b/include/crypto/curve25519.h @@ -11,28 +11,32 @@ =20 enum curve25519_lengths { CURVE25519_KEY_SIZE =3D 32 }; =20 -void curve25519_generic(u8 out[CURVE25519_KEY_SIZE], - const u8 scalar[CURVE25519_KEY_SIZE], - const u8 point[CURVE25519_KEY_SIZE]); +void curve25519_generic(u8 out[at_least CURVE25519_KEY_SIZE], + const u8 scalar[at_least CURVE25519_KEY_SIZE], + const u8 point[at_least CURVE25519_KEY_SIZE]); =20 -bool __must_check curve25519(u8 mypublic[CURVE25519_KEY_SIZE], - const u8 secret[CURVE25519_KEY_SIZE], - const u8 basepoint[CURVE25519_KEY_SIZE]); +bool __must_check +curve25519(u8 mypublic[at_least CURVE25519_KEY_SIZE], + const u8 secret[at_least CURVE25519_KEY_SIZE], + const u8 basepoint[at_least CURVE25519_KEY_SIZE]); =20 -bool __must_check curve25519_generate_public(u8 pub[CURVE25519_KEY_SIZE], - const u8 secret[CURVE25519_KEY_SIZE]); +bool __must_check +curve25519_generate_public(u8 pub[at_least CURVE25519_KEY_SIZE], + const u8 secret[at_least CURVE25519_KEY_SIZE]); =20 -static inline void curve25519_clamp_secret(u8 secret[CURVE25519_KEY_SIZE]) +static inline void +curve25519_clamp_secret(u8 secret[at_least CURVE25519_KEY_SIZE]) { secret[0] &=3D 248; secret[31] =3D (secret[31] & 127) | 64; } =20 -static inline void curve25519_generate_secret(u8 secret[CURVE25519_KEY_SIZ= E]) +static inline void +curve25519_generate_secret(u8 secret[at_least CURVE25519_KEY_SIZE]) { get_random_bytes_wait(secret, CURVE25519_KEY_SIZE); curve25519_clamp_secret(secret); } =20 --=20 2.51.2 From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB90D2C21FB; Sat, 22 Nov 2025 19:42:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840566; cv=none; b=b3TeKtpywP1TWdpHwG9xoxVqtePgOeOxKz07roqoI6h0gYDmvC3lmhicFyE/dY42iC5hEBhy6QOVPIs8FL53Sf3iyaQxcn3YOoNh8vK3XlxN6KHiO1emECUN91MnsATdPb+7tNimG7DpcKZFDNBe0xlbsLDxdNL+03cCZZjD6Zg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840566; c=relaxed/simple; bh=Vpv+tZscN2l9bt6vPiXuRUfDMu1WW0qW9PfdekwXokc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=reYuZdgfFWGomJh7tIzcPuzprfJyHGr9WMu8I6jj5Y0EkJZkXUBsWTAocnIpLB03idYRvNPpdUUTUXFQzqJPVH0PBupjyYsfb/sma5kmyRtMIOOLQ7B6KVsj0xRyu3bvSqS00ibqI3hvhnSUCv7h4RkwQOZwVT1Obaa/eGTAOps= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MM74jTXR; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MM74jTXR" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CC97EC4CEF5; Sat, 22 Nov 2025 19:42:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840566; bh=Vpv+tZscN2l9bt6vPiXuRUfDMu1WW0qW9PfdekwXokc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MM74jTXRmc4CXrYu51xd7NPgkvyY2uCtaB98PufyxKjIO9AMqpvmO/MNWzn36v3Vp o8G4ahMH0RWzUaT7sndAv5Iqm0WRoZ/wpl/j6D1/sIzcJc7aAQRyctmnHDm5kRW4vH fTVMK0wt7gHskk0vVZF3pB5lkWsF6v/gd1Seb6EIT4HwOlaQE0E8MIuQDvj5yg2JJj 12tDWXma/1Bo5UdLR2oO4rR+/EwXCuDTyafFP14gmMVGYtTtx16Wv2XTT1eJIdXpre J/pET1qo/JIx6FzHLLtWPa/S9oqcmafx5WXg+i7akBoxPBZVJxtHwJlgH7m7sLQUAz 8mEg+HY3+Ti1g== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 3/6] lib/crypto: md5: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:03 -0800 Message-ID: <20251122194206.31822-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the md5 library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/md5.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/crypto/md5.h b/include/crypto/md5.h index c9aa5c3abc53..c47aedfe67ec 100644 --- a/include/crypto/md5.h +++ b/include/crypto/md5.h @@ -74,21 +74,21 @@ void md5_update(struct md5_ctx *ctx, const u8 *data, si= ze_t len); * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void md5_final(struct md5_ctx *ctx, u8 out[MD5_DIGEST_SIZE]); +void md5_final(struct md5_ctx *ctx, u8 out[at_least MD5_DIGEST_SIZE]); =20 /** * md5() - Compute MD5 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting MD5 message digest * * Context: Any context. */ -void md5(const u8 *data, size_t len, u8 out[MD5_DIGEST_SIZE]); +void md5(const u8 *data, size_t len, u8 out[at_least MD5_DIGEST_SIZE]); =20 /** * struct hmac_md5_key - Prepared key for HMAC-MD5 * @istate: private * @ostate: private @@ -171,11 +171,11 @@ static inline void hmac_md5_update(struct hmac_md5_ct= x *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_md5_final(struct hmac_md5_ctx *ctx, u8 out[MD5_DIGEST_SIZE]); +void hmac_md5_final(struct hmac_md5_ctx *ctx, u8 out[at_least MD5_DIGEST_S= IZE]); =20 /** * hmac_md5() - Compute HMAC-MD5 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -185,11 +185,12 @@ void hmac_md5_final(struct hmac_md5_ctx *ctx, u8 out[= MD5_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_md5_usingrawkey(= ). * * Context: Any context. */ void hmac_md5(const struct hmac_md5_key *key, - const u8 *data, size_t data_len, u8 out[MD5_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least MD5_DIGEST_SIZE]); =20 /** * hmac_md5_usingrawkey() - Compute HMAC-MD5 in one shot, using a raw key * @raw_key: the raw HMAC-MD5 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -202,8 +203,8 @@ void hmac_md5(const struct hmac_md5_key *key, * * Context: Any context. */ void hmac_md5_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[MD5_DIGEST_SIZE]); + u8 out[at_least MD5_DIGEST_SIZE]); =20 #endif /* _CRYPTO_MD5_H */ --=20 2.51.2 From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3C8622D4816; Sat, 22 Nov 2025 19:42:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840569; cv=none; b=BIuWdehfYGns5SZU8BxBPwzVPZELrLg8i3mXwvVKmkvzH7WPSKRfx/SNcB6TJVqmR6vJvG1nwDDIvcWnO0DxcpUNhX8Smc4rPUvVH2tueUptA8creqnu2h3cr+I10YJjBV5nH0REm5F27RWST76BPq9puV8G+T3VoM5tIMbHHew= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840569; c=relaxed/simple; bh=0IOUqs8lMMDtwM/i/7ezFpGR18sjAzjwbBN/o8ZuLWc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XvzUIk5fbBdoEgmwJZLfMfKhpb1FAdNe77ORXTyt4y2DZ31Uo0Zojml+TJwVSwbD0gyeyoCCUGcc5nqJYwSfPmaRVbN63Mk3Zs0R+pXlbSapj7taCXTrbXmscFCSHTIl/8xHKk6KY3m2oeQC2gXYdgxYqY41aOSpEUJmmFCOZ1I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=l2rI8DQR; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="l2rI8DQR" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 803D6C19425; Sat, 22 Nov 2025 19:42:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840567; bh=0IOUqs8lMMDtwM/i/7ezFpGR18sjAzjwbBN/o8ZuLWc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=l2rI8DQRNoSuhrE5yb3zxnsKN8J96NlO9OU5eD5pOnrsg69KUwya1Aw8ahm4dx31h TlMB3Wu0IHh7FCZQ6fEzDCuRImnuqrYSSTc4FK3HNYJuYIsZFIyE966NPs6ErfV02K SmKV3eUH+KlbPae5+T9wZelfEtEamJigg+ZZoJ2wikH63ynk9TnMzGgsyQtdyAEqkd FbDNZk8RcP+5hwJPovVC8Ud1XTQeNzFCYWW/A9IN0V7up3ISIStGO+SP6xELbdPy2m OrXXDJ+LTiLwf+XdpSM1rwCXKGrmQKAQvtr70IwdV0RUpZjxjbQmXN/00XVAwmdxFt tsxHe/v8AG+AA== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 4/6] lib/crypto: poly1305: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:04 -0800 Message-ID: <20251122194206.31822-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the poly1305 library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/poly1305.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto/poly1305.h b/include/crypto/poly1305.h index d4daeec8da19..190beb427c6d 100644 --- a/include/crypto/poly1305.h +++ b/include/crypto/poly1305.h @@ -57,11 +57,11 @@ struct poly1305_desc_ctx { u32 s[4]; struct poly1305_block_state state; }; =20 void poly1305_init(struct poly1305_desc_ctx *desc, - const u8 key[POLY1305_KEY_SIZE]); + const u8 key[at_least POLY1305_KEY_SIZE]); void poly1305_update(struct poly1305_desc_ctx *desc, const u8 *src, unsigned int nbytes); void poly1305_final(struct poly1305_desc_ctx *desc, u8 *digest); =20 #endif --=20 2.51.2 From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3C8F12D4B6D; Sat, 22 Nov 2025 19:42:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840569; cv=none; b=Qg8WGNnu7INrIo0/Cw9WJFnOzK6QvahEWSDlUixfc2stjtfnQ3lxDaeu7rJUK4Fm9/fwx/jYcOaJc/1OyCehWyTLrIVBcoGC1Z3FIVy6J0nqNSDBP9PzQeYiHJfEM16LEhKrWX4kTulTsy7x8i/TsTl4ywMlenHuIMRQRfnmuw4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840569; c=relaxed/simple; bh=zgj3M8vJge94HO4DBRv9OVOwZeOA9IcTQkcwta1ZQfg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bO2DfSTHQHCVJcd51y9M6XfaxSLaLNLQ+mr8gMm7cagihnCGp14SjhTfRihY+TSasMvMOiFC0M/Xa4xyAXOKK+EnfQ90WW3Q37jjmN7RG1l52XK5PsohiGxyPDDaGUYJDzesXY6Fdv3+MZtwUN3G6H3N7IPfit7UN7PnQaJspuU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=CkOkwksV; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="CkOkwksV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3C2EEC4CEF5; Sat, 22 Nov 2025 19:42:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840567; bh=zgj3M8vJge94HO4DBRv9OVOwZeOA9IcTQkcwta1ZQfg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CkOkwksV0WikU1KrNtA+odNX2Rhg3f3V+zQ8Mc0ASic/PgJuD8PPG7I76DogTD9Mj G9JJF2DEZcsSGAdYHSD2hN5SKuIdbUEk7YYDFVnb1vLkvSvWPq2HNP7hzQzMUuhFB3 ZtMxrKfan9FBdyh1qmxU2DtN9ogQybz4J5O4bTQA0wf+L8C7g5fFzgomwqz9j6J/lx ijczKh2AaIimEnZ36A8Ya1mCAHkLUS7UYaWpaelBSytmlW3H8m4cVJ666OSCLdoHVX Dgp4WlFS6hdL+aKuJpkkErG1NY/HNpfVrDFhcV956apF1wtyLjalwTv2fp6MDnxcfJ 2Xv8Ys1x8pDGw== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 5/6] lib/crypto: sha1: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:05 -0800 Message-ID: <20251122194206.31822-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the sha1 library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/sha1.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/include/crypto/sha1.h b/include/crypto/sha1.h index 162a529ec841..27f08b972931 100644 --- a/include/crypto/sha1.h +++ b/include/crypto/sha1.h @@ -82,21 +82,21 @@ void sha1_update(struct sha1_ctx *ctx, const u8 *data, = size_t len); * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void sha1_final(struct sha1_ctx *ctx, u8 out[SHA1_DIGEST_SIZE]); +void sha1_final(struct sha1_ctx *ctx, u8 out[at_least SHA1_DIGEST_SIZE]); =20 /** * sha1() - Compute SHA-1 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting SHA-1 message digest * * Context: Any context. */ -void sha1(const u8 *data, size_t len, u8 out[SHA1_DIGEST_SIZE]); +void sha1(const u8 *data, size_t len, u8 out[at_least SHA1_DIGEST_SIZE]); =20 /** * struct hmac_sha1_key - Prepared key for HMAC-SHA1 * @istate: private * @ostate: private @@ -179,11 +179,12 @@ static inline void hmac_sha1_update(struct hmac_sha1_= ctx *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_sha1_final(struct hmac_sha1_ctx *ctx, u8 out[SHA1_DIGEST_SIZE]); +void hmac_sha1_final(struct hmac_sha1_ctx *ctx, + u8 out[at_least SHA1_DIGEST_SIZE]); =20 /** * hmac_sha1() - Compute HMAC-SHA1 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -193,11 +194,12 @@ void hmac_sha1_final(struct hmac_sha1_ctx *ctx, u8 ou= t[SHA1_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_sha1_usingrawkey= (). * * Context: Any context. */ void hmac_sha1(const struct hmac_sha1_key *key, - const u8 *data, size_t data_len, u8 out[SHA1_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least SHA1_DIGEST_SIZE]); =20 /** * hmac_sha1_usingrawkey() - Compute HMAC-SHA1 in one shot, using a raw key * @raw_key: the raw HMAC-SHA1 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -210,8 +212,8 @@ void hmac_sha1(const struct hmac_sha1_key *key, * * Context: Any context. */ void hmac_sha1_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[SHA1_DIGEST_SIZE]); + u8 out[at_least SHA1_DIGEST_SIZE]); =20 #endif /* _CRYPTO_SHA1_H */ --=20 2.51.2 From nobody Tue Dec 2 01:04:50 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D3952517AA; Sat, 22 Nov 2025 19:42:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840568; cv=none; b=XLSWfz/x1gneME6ZGAJbspjO2RpTWskMaIdPdXHdJi0VfJnZc6UaLy2oEBEYz/eqqD/SUbgNiIvo78ZHAxIOnIHZNZ2ZC5MDY6trQr7mvIC67FzgUqQdl96B3SDK7LpUKUahCMGja7C5n8E72s2XQq08gJai0a9V3ZflMesLH3k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763840568; c=relaxed/simple; bh=A0WyYi2lZQmont5/W5lXFNTEABW9r6Yh7AxifpLgpHY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qZ1p5w2FX4tp/2AllGxZA7rU5SC51yz2ddBcXsQZyk+iCDWOcIFG5JnX6sGH3dt76so+7GcbjVQrNwryoBLx0ff5ZRacKqCnloxq18/JSXA+YFqvUJ1zRo/COLCb4gtaQ2J+2pyNAMJ93z8RGfurddCHScwMnLVkNGCFEtIXWPU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=SX/V+Btg; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="SX/V+Btg" Received: by smtp.kernel.org (Postfix) with ESMTPSA id F2B40C16AAE; Sat, 22 Nov 2025 19:42:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763840568; bh=A0WyYi2lZQmont5/W5lXFNTEABW9r6Yh7AxifpLgpHY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SX/V+Btg4q5K3hk+7wzT/8Q/z1zB6Jogpb9MUOWA2wKxPM9Rm/awRD+ZYhZtsDj7X Alt/MNeSncN4czeJmQhdWxGhqvULVJliFOHF0xC9zH5PfiYnSkU+ErTfmtna6ikQ9T MUCgDdSIzzZ+UQ6KJiwKydvf3Bfe3d1pBo01FISUOb8mcDkYKAjr38cvpcIRXFjBJ/ vxKezOVeQrDqAth5vgi6TIeLP/G5JC71or/QG1rZFjCGQ3BGtGW6n/Ut52xSEkmFrr vAn2AhghCEbMDhmYa4VsjYui8m9uUiejRsB3qoJ2/2rJd3qPKVK4mVxYqfsNARH24M 2wIniPmpbQ0Wg== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , "Jason A . Donenfeld" , Herbert Xu , linux-hardening@vger.kernel.org, Kees Cook , Eric Biggers Subject: [PATCH 6/6] lib/crypto: sha2: Add at_least decoration to fixed-size array params Date: Sat, 22 Nov 2025 11:42:06 -0800 Message-ID: <20251122194206.31822-7-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org> References: <20251122194206.31822-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add the at_least (i.e. 'static') decoration to the fixed-size array parameters of the sha2 library functions. This causes clang to warn when a too-small array of known size is passed. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel Acked-by: Jason A. Donenfeld --- include/crypto/sha2.h | 53 +++++++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 22 deletions(-) diff --git a/include/crypto/sha2.h b/include/crypto/sha2.h index e5dafb935cc8..7bb8fe169daf 100644 --- a/include/crypto/sha2.h +++ b/include/crypto/sha2.h @@ -188,21 +188,21 @@ static inline void sha224_update(struct sha224_ctx *c= tx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void sha224_final(struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]); +void sha224_final(struct sha224_ctx *ctx, u8 out[at_least SHA224_DIGEST_SI= ZE]); =20 /** * sha224() - Compute SHA-224 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting SHA-224 message digest * * Context: Any context. */ -void sha224(const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE]); +void sha224(const u8 *data, size_t len, u8 out[at_least SHA224_DIGEST_SIZE= ]); =20 /** * struct hmac_sha224_key - Prepared key for HMAC-SHA224 * @key: private */ @@ -285,11 +285,12 @@ static inline void hmac_sha224_update(struct hmac_sha= 224_ctx *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_sha224_final(struct hmac_sha224_ctx *ctx, u8 out[SHA224_DIGEST_S= IZE]); +void hmac_sha224_final(struct hmac_sha224_ctx *ctx, + u8 out[at_least SHA224_DIGEST_SIZE]); =20 /** * hmac_sha224() - Compute HMAC-SHA224 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -299,11 +300,12 @@ void hmac_sha224_final(struct hmac_sha224_ctx *ctx, u= 8 out[SHA224_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_sha224_usingrawk= ey(). * * Context: Any context. */ void hmac_sha224(const struct hmac_sha224_key *key, - const u8 *data, size_t data_len, u8 out[SHA224_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least SHA224_DIGEST_SIZE]); =20 /** * hmac_sha224_usingrawkey() - Compute HMAC-SHA224 in one shot, using a ra= w key * @raw_key: the raw HMAC-SHA224 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -316,11 +318,11 @@ void hmac_sha224(const struct hmac_sha224_key *key, * * Context: Any context. */ void hmac_sha224_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[SHA224_DIGEST_SIZE]); + u8 out[at_least SHA224_DIGEST_SIZE]); =20 /** * struct sha256_ctx - Context for hashing a message with SHA-256 * @ctx: private */ @@ -361,21 +363,21 @@ static inline void sha256_update(struct sha256_ctx *c= tx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void sha256_final(struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]); +void sha256_final(struct sha256_ctx *ctx, u8 out[at_least SHA256_DIGEST_SI= ZE]); =20 /** * sha256() - Compute SHA-256 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting SHA-256 message digest * * Context: Any context. */ -void sha256(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE]); +void sha256(const u8 *data, size_t len, u8 out[at_least SHA256_DIGEST_SIZE= ]); =20 /** * sha256_finup_2x() - Compute two SHA-256 digests from a common initial * context. On some CPUs, this is faster than sequentially * computing each digest. @@ -388,12 +390,13 @@ void sha256(const u8 *data, size_t len, u8 out[SHA256= _DIGEST_SIZE]); * @out2: (output) the second SHA-256 message digest * * Context: Any context. */ void sha256_finup_2x(const struct sha256_ctx *ctx, const u8 *data1, - const u8 *data2, size_t len, u8 out1[SHA256_DIGEST_SIZE], - u8 out2[SHA256_DIGEST_SIZE]); + const u8 *data2, size_t len, + u8 out1[at_least SHA256_DIGEST_SIZE], + u8 out2[at_least SHA256_DIGEST_SIZE]); =20 /** * sha256_finup_2x_is_optimized() - Check if sha256_finup_2x() is using a = real * interleaved implementation, as opposed to a * sequential fallback @@ -486,11 +489,12 @@ static inline void hmac_sha256_update(struct hmac_sha= 256_ctx *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_sha256_final(struct hmac_sha256_ctx *ctx, u8 out[SHA256_DIGEST_S= IZE]); +void hmac_sha256_final(struct hmac_sha256_ctx *ctx, + u8 out[at_least SHA256_DIGEST_SIZE]); =20 /** * hmac_sha256() - Compute HMAC-SHA256 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -500,11 +504,12 @@ void hmac_sha256_final(struct hmac_sha256_ctx *ctx, u= 8 out[SHA256_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_sha256_usingrawk= ey(). * * Context: Any context. */ void hmac_sha256(const struct hmac_sha256_key *key, - const u8 *data, size_t data_len, u8 out[SHA256_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least SHA256_DIGEST_SIZE]); =20 /** * hmac_sha256_usingrawkey() - Compute HMAC-SHA256 in one shot, using a ra= w key * @raw_key: the raw HMAC-SHA256 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -517,11 +522,11 @@ void hmac_sha256(const struct hmac_sha256_key *key, * * Context: Any context. */ void hmac_sha256_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[SHA256_DIGEST_SIZE]); + u8 out[at_least SHA256_DIGEST_SIZE]); =20 /* State for the SHA-512 (and SHA-384) compression function */ struct sha512_block_state { u64 h[8]; }; @@ -596,21 +601,21 @@ static inline void sha384_update(struct sha384_ctx *c= tx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]); +void sha384_final(struct sha384_ctx *ctx, u8 out[at_least SHA384_DIGEST_SI= ZE]); =20 /** * sha384() - Compute SHA-384 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting SHA-384 message digest * * Context: Any context. */ -void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE]); +void sha384(const u8 *data, size_t len, u8 out[at_least SHA384_DIGEST_SIZE= ]); =20 /** * struct hmac_sha384_key - Prepared key for HMAC-SHA384 * @key: private */ @@ -693,11 +698,12 @@ static inline void hmac_sha384_update(struct hmac_sha= 384_ctx *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_S= IZE]); +void hmac_sha384_final(struct hmac_sha384_ctx *ctx, + u8 out[at_least SHA384_DIGEST_SIZE]); =20 /** * hmac_sha384() - Compute HMAC-SHA384 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -707,11 +713,12 @@ void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u= 8 out[SHA384_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_sha384_usingrawk= ey(). * * Context: Any context. */ void hmac_sha384(const struct hmac_sha384_key *key, - const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least SHA384_DIGEST_SIZE]); =20 /** * hmac_sha384_usingrawkey() - Compute HMAC-SHA384 in one shot, using a ra= w key * @raw_key: the raw HMAC-SHA384 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -724,11 +731,11 @@ void hmac_sha384(const struct hmac_sha384_key *key, * * Context: Any context. */ void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[SHA384_DIGEST_SIZE]); + u8 out[at_least SHA384_DIGEST_SIZE]); =20 /** * struct sha512_ctx - Context for hashing a message with SHA-512 * @ctx: private */ @@ -769,21 +776,21 @@ static inline void sha512_update(struct sha512_ctx *c= tx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]); +void sha512_final(struct sha512_ctx *ctx, u8 out[at_least SHA512_DIGEST_SI= ZE]); =20 /** * sha512() - Compute SHA-512 message digest in one shot * @data: the message data * @len: the data length in bytes * @out: (output) the resulting SHA-512 message digest * * Context: Any context. */ -void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE]); +void sha512(const u8 *data, size_t len, u8 out[at_least SHA512_DIGEST_SIZE= ]); =20 /** * struct hmac_sha512_key - Prepared key for HMAC-SHA512 * @key: private */ @@ -866,11 +873,12 @@ static inline void hmac_sha512_update(struct hmac_sha= 512_ctx *ctx, * * After finishing, this zeroizes @ctx. So the caller does not need to do= it. * * Context: Any context. */ -void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_S= IZE]); +void hmac_sha512_final(struct hmac_sha512_ctx *ctx, + u8 out[at_least SHA512_DIGEST_SIZE]); =20 /** * hmac_sha512() - Compute HMAC-SHA512 in one shot, using a prepared key * @key: the prepared HMAC key * @data: the message data @@ -880,11 +888,12 @@ void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u= 8 out[SHA512_DIGEST_SIZE]); * If you're using the key only once, consider using hmac_sha512_usingrawk= ey(). * * Context: Any context. */ void hmac_sha512(const struct hmac_sha512_key *key, - const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]); + const u8 *data, size_t data_len, + u8 out[at_least SHA512_DIGEST_SIZE]); =20 /** * hmac_sha512_usingrawkey() - Compute HMAC-SHA512 in one shot, using a ra= w key * @raw_key: the raw HMAC-SHA512 key * @raw_key_len: the key length in bytes. All key lengths are supported. @@ -897,8 +906,8 @@ void hmac_sha512(const struct hmac_sha512_key *key, * * Context: Any context. */ void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, - u8 out[SHA512_DIGEST_SIZE]); + u8 out[at_least SHA512_DIGEST_SIZE]); =20 #endif /* _CRYPTO_SHA2_H */ --=20 2.51.2