On Wed, Apr 25, 2018 at 04:58:52PM +0200, Stefano Brivio wrote: > On Wed, 25 Apr 2018 07:46:39 -0700 > Kees Cook <keesc...@chromium.org> wrote: > > > In the quest to remove all stack VLA usage removed from the kernel[1], > > just use XFRM_MAX_DEPTH as already done for the "class" array. In one > > case, it'll do this loop up to 5, the other caller up to 6. > > > > [1] https://lkml.org/lkml/2018/3/7/621 > > > > Co-developed-by: Andreas Christoforou <andreaschrist...@gmail.com> > > Signed-off-by: Kees Cook <keesc...@chromium.org> > > --- > > v4: > > - actually remove memset(). :) > > v3: > > - adjust Subject and commit log (Steffen) > > - use "= { }" instead of memset() (Stefano) > > v2: > > - use XFRM_MAX_DEPTH for "count" array (Steffen and Mathias). > > --- > > Acked-by: Stefano Brivio <sbri...@redhat.com>
Applied to ipsec-next, thanks everyone!
