From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1ED9EC433DF for ; Tue, 16 Jun 2020 20:59:12 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id D3B6D207DD for ; Tue, 16 Jun 2020 20:59:11 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D3B6D207DD Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.intel.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 519896B0003; Tue, 16 Jun 2020 16:59:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4CA266B0005; Tue, 16 Jun 2020 16:59:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3DFC96B000A; Tue, 16 Jun 2020 16:59:11 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0008.hostedemail.com [216.40.44.8]) by kanga.kvack.org (Postfix) with ESMTP id 1B5296B0003 for ; Tue, 16 Jun 2020 16:59:11 -0400 (EDT) Received: from smtpin19.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id C52D48419 for ; Tue, 16 Jun 2020 20:59:10 +0000 (UTC) X-FDA: 76936290060.19.river57_541741f26e02 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin19.hostedemail.com (Postfix) with ESMTP id 97FB41AD1B9 for ; Tue, 16 Jun 2020 20:59:10 +0000 (UTC) X-HE-Tag: river57_541741f26e02 X-Filterd-Recvd-Size: 3356 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by imf36.hostedemail.com (Postfix) with ESMTP for ; Tue, 16 Jun 2020 20:59:09 +0000 (UTC) IronPort-SDR: eF/KgjGuTf1gfHIbBX3B8hxp8i1S7EEO0wnoSMbBAPKfu9ROQJd9pBfT/7cU1syKEFxcDSSuW/ n1LrftYzy6IA== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Jun 2020 13:59:08 -0700 IronPort-SDR: 9MfOwEJVBvCiTYK6L0QZi7C+fwJCdMgawUP2JNLC0hiXJpcPDBoHTvqyPUqv4SsBqYOpKovC81 V6ITuS/NPAew== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,519,1583222400"; d="scan'208";a="277052457" Received: from gosinald-mobl2.ger.corp.intel.com (HELO localhost) ([10.249.36.106]) by orsmga006.jf.intel.com with ESMTP; 16 Jun 2020 13:59:02 -0700 Date: Tue, 16 Jun 2020 23:59:00 +0300 From: Jarkko Sakkinen To: Andrew Morton Cc: dhowells@redhat.com, ebiggers@google.com, jmorris@namei.org, joe@perches.com, linux-mm@kvack.org, longman@redhat.com, mm-commits@vger.kernel.org, rientjes@google.com, serge@hallyn.com, torvalds@linux-foundation.org, urezki@gmail.com, willy@infradead.org Subject: Re: [patch 041/127] mm: add kvfree_sensitive() for freeing sensitive data objects Message-ID: <20200616205900.GG20943@linux.intel.com> References: <20200604164523.e15f3177f4b69dcb4f2534a1@linux-foundation.org> <20200604234821.eW1nawh1U%akpm@linux-foundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200604234821.eW1nawh1U%akpm@linux-foundation.org> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo X-Rspamd-Queue-Id: 97FB41AD1B9 X-Spamd-Result: default: False [0.00 / 100.00] X-Rspamd-Server: rspam03 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Jun 04, 2020 at 04:48:21PM -0700, Andrew Morton wrote: > From: Waiman Long > Subject: mm: add kvfree_sensitive() for freeing sensitive data objects > > For kvmalloc'ed data object that contains sensitive information like > cryptographic keys, we need to make sure that the buffer is always cleared > before freeing it. Using memset() alone for buffer clearing may not > provide certainty as the compiler may compile it away. To be sure, the > special memzero_explicit() has to be used. > > This patch introduces a new kvfree_sensitive() for freeing those sensitive > data objects allocated by kvmalloc(). The relevant places where > kvfree_sensitive() can be used are modified to use it. > > Link: http://lkml.kernel.org/r/20200407200318.11711-1-longman@redhat.com > Fixes: 4f0882491a14 ("KEYS: Avoid false positive ENOMEM error on key read") > Signed-off-by: Waiman Long > Suggested-by: Linus Torvalds > Reviewed-by: Eric Biggers > Acked-by: David Howells > Cc: Jarkko Sakkinen > Cc: James Morris > Cc: "Serge E. Hallyn" > Cc: Joe Perches > Cc: Matthew Wilcox > Cc: David Rientjes > Cc: Uladzislau Rezki > Signed-off-by: Andrew Morton Acked-by: Jarkko Sakkinen /Jarkko