[v2] crypto: sun8i-ce: use kfree_sensitive() instead of

Message ID	1614676145-93512-1-git-send-email-yang.lee@linux.alibaba.com
State	New
Headers	show Return-Path: <linux-crypto-owner@kernel.org> From: Yang Li <yang.lee@linux.alibaba.com> To: clabbe.montjoie@gmail.com Cc: herbert@gondor.apana.org.au, davem@davemloft.net, mripard@kernel.org, wens@csie.org, jernej.skrabec@siol.net, linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Yang Li <yang.lee@linux.alibaba.com> Subject: [PATCH v2] crypto: sun8i-ce: use kfree_sensitive() instead of Date: Tue, 2 Mar 2021 17:09:05 +0800 Message-Id: <1614676145-93512-1-git-send-email-yang.lee@linux.alibaba.com> Precedence: bulk
Series	[v2] crypto: sun8i-ce: use kfree_sensitive() instead of \| expand [v2] crypto: sun8i-ce: use kfree_sensitive() instead of

Message ID

1614676145-93512-1-git-send-email-yang.lee@linux.alibaba.com

State

New

Headers

From: Yang Li <yang.lee@linux.alibaba.com>
To: clabbe.montjoie@gmail.com
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
	mripard@kernel.org, wens@csie.org, jernej.skrabec@siol.net,
	linux-crypto@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org, Yang Li <yang.lee@linux.alibaba.com>
Subject: [PATCH v2] crypto: sun8i-ce: use kfree_sensitive() instead of 
Date: Tue,  2 Mar 2021 17:09:05 +0800
Message-Id: <1614676145-93512-1-git-send-email-yang.lee@linux.alibaba.com>
Precedence: bulk

Series

[v2] crypto: sun8i-ce: use kfree_sensitive() instead of | expand

Commit Message

Yang Li March 2, 2021, 9:09 a.m. UTC

Use kfree_sensitive() instead of using kfree() to  make the intention 
of the API more explicit.

fixed the following coccicheck:
./drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c:30:16-17: WARNING
opportunity for kfree_sensitive/kvfree_sensitive (memset at line 29)
./drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c:42:16-17: WARNING
opportunity for kfree_sensitive/kvfree_sensitive (memset at line 41)
./drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c:161:8-9: WARNING
opportunity for kfree_sensitive/kvfree_sensitive (memset at line 109)

Reported-by: Abaci Robot <abaci@linux.alibaba.com>
Signed-off-by: Yang Li <yang.lee@linux.alibaba.com>
--

Changes in v2
-Change the appropriate title

 drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Herbert Xu March 2, 2021, 9:39 a.m. UTC | #1

On Tue, Mar 02, 2021 at 05:09:05PM +0800, Yang Li wrote:
> Use kfree_sensitive() instead of using kfree() to  make the intention 

> of the API more explicit.


Why did you keep the memzeros?

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
index cfde9ee..8259d52 100644
--- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
+++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
@@ -27,7 +27,7 @@  void sun8i_ce_prng_exit(struct crypto_tfm *tfm)
 	struct sun8i_ce_rng_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
 
 	memzero_explicit(ctx->seed, ctx->slen);
-	kfree(ctx->seed);
+	kfree_sensitive(ctx->seed);
 	ctx->seed = NULL;
 	ctx->slen = 0;
 }
@@ -39,7 +39,7 @@  int sun8i_ce_prng_seed(struct crypto_rng *tfm, const u8 *seed,
 
 	if (ctx->seed && ctx->slen != slen) {
 		memzero_explicit(ctx->seed, ctx->slen);
-		kfree(ctx->seed);
+		kfree_sensitive(ctx->seed);
 		ctx->slen = 0;
 		ctx->seed = NULL;
 	}
@@ -158,7 +158,7 @@  int sun8i_ce_prng_generate(struct crypto_rng *tfm, const u8 *src,
 	}
 	memzero_explicit(d, todo);
 err_iv:
-	kfree(d);
+	kfree_sensitive(d);
 err_mem:
 	return err;
 }

[v2] crypto: sun8i-ce: use kfree_sensitive() instead of

Commit Message

Comments

Patch