| Message ID | 20230717092657.9776-1-duminjie@vivo.com |
|---|---|
| State | New |
| Headers | show |
| Series | [v1] scsi: iscsi: use kfree_sensitive() in iscsi_session_free() | expand |
On 7/17/23 02:26, Minjie Du wrote: > session might contain private part of the password, so better use > kfree_sensitive() to free it. > In iscsi_session_free() use kfree_sensitive() to free session->password. > > Signed-off-by: Minjie Du <duminjie@vivo.com> > --- > drivers/scsi/libiscsi.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c > index 0fda8905e..2f273229c 100644 > --- a/drivers/scsi/libiscsi.c > +++ b/drivers/scsi/libiscsi.c > @@ -3132,7 +3132,7 @@ void iscsi_session_free(struct iscsi_cls_session *cls_session) > struct module *owner = cls_session->transport->owner; > > iscsi_pool_free(&session->cmdpool); > - kfree(session->password); > + kfree_sensitive(session->password); > kfree(session->password_in); > kfree(session->username); > kfree(session->username_in); Reviewed-by: Lee Duncan <lduncan@suse.com>
On 7/18/23 19:28, 杜敏杰 wrote: > Hi Mike! > > Thank you for your reply! > Do I need to submit a new patch to kfree_sensitive for 'password_in' and 'usernames'? > Just submit a V2 version of your original patch, making the changes that Mike suggested. You can continue to include my Reviewed-by tag. > > regards, > Minjie > > -----邮件原件----- > 发件人: Mike Christie <michael.christie@oracle.com> > 发送时间: 2023年7月18日 2:26 > 收件人: 杜敏杰 <duminjie@vivo.com>; Lee Duncan <lduncan@suse.com>; Chris Leech <cleech@redhat.com>; James E.J. Bottomley <jejb@linux.ibm.com>; Martin K. Petersen <martin.petersen@oracle.com>; open list:ISCSI <open-iscsi@googlegroups.com>; open list:ISCSI <linux-scsi@vger.kernel.org>; open list <linux-kernel@vger.kernel.org> > 抄送: opensource.kernel <opensource.kernel@vivo.com> > 主题: Re: [PATCH v1] scsi: iscsi: use kfree_sensitive() in iscsi_session_free() > > On 7/17/23 4:26 AM, Minjie Du wrote: >> session might contain private part of the password, so better use >> kfree_sensitive() to free it. >> In iscsi_session_free() use kfree_sensitive() to free session->password. >> >> Signed-off-by: Minjie Du <duminjie@vivo.com> >> --- >> drivers/scsi/libiscsi.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c index >> 0fda8905e..2f273229c 100644 >> --- a/drivers/scsi/libiscsi.c >> +++ b/drivers/scsi/libiscsi.c >> @@ -3132,7 +3132,7 @@ void iscsi_session_free(struct iscsi_cls_session *cls_session) >> struct module *owner = cls_session->transport->owner; >> >> iscsi_pool_free(&session->cmdpool); >> - kfree(session->password); >> + kfree_sensitive(session->password); >> kfree(session->password_in); > > You then also want kfree_sensitive for password_in. > > I would also use it for the usernames then too. > >> kfree(session->username); >> kfree(session->username_in); >
diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c index 0fda8905e..2f273229c 100644 --- a/drivers/scsi/libiscsi.c +++ b/drivers/scsi/libiscsi.c @@ -3132,7 +3132,7 @@ void iscsi_session_free(struct iscsi_cls_session *cls_session) struct module *owner = cls_session->transport->owner; iscsi_pool_free(&session->cmdpool); - kfree(session->password); + kfree_sensitive(session->password); kfree(session->password_in); kfree(session->username); kfree(session->username_in);
session might contain private part of the password, so better use kfree_sensitive() to free it. In iscsi_session_free() use kfree_sensitive() to free session->password. Signed-off-by: Minjie Du <duminjie@vivo.com> --- drivers/scsi/libiscsi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)