* [PATCH 0/3] crypto: replace memset by memzero_explicit
@ 2021-03-26 1:20 Kai Ye
2021-03-26 1:20 ` [PATCH 1/3] crypto: atmel - use memzero_explicit() for clearing data Kai Ye
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Kai Ye @ 2021-03-26 1:20 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-kernel, wangzhou1, yekai13
use memzero_explicit instead of memset to clear sensitive data,
such as buffer or key.
Kai Ye (3):
crypto: atmel - use memzero_explicit() for clearing data
crypto: qce - use memzero_explicit() for clearing data
crypto: stm32 - use memzero_explicit() for clearing data
drivers/crypto/atmel-sha.c | 2 +-
drivers/crypto/qce/sha.c | 1 +
drivers/crypto/stm32/stm32-cryp.c | 2 +-
3 files changed, 3 insertions(+), 2 deletions(-)
--
2.8.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/3] crypto: atmel - use memzero_explicit() for clearing data
2021-03-26 1:20 [PATCH 0/3] crypto: replace memset by memzero_explicit Kai Ye
@ 2021-03-26 1:20 ` Kai Ye
2021-03-26 1:20 ` [PATCH 2/3] crypto: qce " Kai Ye
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Kai Ye @ 2021-03-26 1:20 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-kernel, wangzhou1, yekai13
use memzero_explicit instead of memset to clear sensitive data, such as key.
Signed-off-by: Kai Ye <yekai13@huawei.com>
---
drivers/crypto/atmel-sha.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/atmel-sha.c b/drivers/crypto/atmel-sha.c
index 352d80c..4a08b2a 100644
--- a/drivers/crypto/atmel-sha.c
+++ b/drivers/crypto/atmel-sha.c
@@ -1622,7 +1622,7 @@ static inline void atmel_sha_hmac_key_init(struct atmel_sha_hmac_key *hkey)
static inline void atmel_sha_hmac_key_release(struct atmel_sha_hmac_key *hkey)
{
kfree(hkey->keydup);
- memset(hkey, 0, sizeof(*hkey));
+ memzero_explicit(hkey, sizeof(*hkey));
}
static inline int atmel_sha_hmac_key_set(struct atmel_sha_hmac_key *hkey,
--
2.8.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/3] crypto: qce - use memzero_explicit() for clearing data
2021-03-26 1:20 [PATCH 0/3] crypto: replace memset by memzero_explicit Kai Ye
2021-03-26 1:20 ` [PATCH 1/3] crypto: atmel - use memzero_explicit() for clearing data Kai Ye
@ 2021-03-26 1:20 ` Kai Ye
2021-03-26 1:20 ` [PATCH 3/3] crypto: stm32 " Kai Ye
2021-04-02 7:06 ` [PATCH 0/3] crypto: replace memset by memzero_explicit Herbert Xu
3 siblings, 0 replies; 5+ messages in thread
From: Kai Ye @ 2021-03-26 1:20 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-kernel, wangzhou1, yekai13
use memzero_explicit instead of memset to clear sensitive data.
Signed-off-by: Kai Ye <yekai13@huawei.com>
---
drivers/crypto/qce/sha.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/crypto/qce/sha.c b/drivers/crypto/qce/sha.c
index 61c418c..cb9b3da 100644
--- a/drivers/crypto/qce/sha.c
+++ b/drivers/crypto/qce/sha.c
@@ -415,6 +415,7 @@ static int qce_ahash_hmac_setkey(struct crypto_ahash *tfm, const u8 *key,
ret = crypto_wait_req(crypto_ahash_digest(req), &wait);
+ memzero_explicit(buf, keylen + QCE_MAX_ALIGN_SIZE);
kfree(buf);
err_free_req:
ahash_request_free(req);
--
2.8.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/3] crypto: stm32 - use memzero_explicit() for clearing data
2021-03-26 1:20 [PATCH 0/3] crypto: replace memset by memzero_explicit Kai Ye
2021-03-26 1:20 ` [PATCH 1/3] crypto: atmel - use memzero_explicit() for clearing data Kai Ye
2021-03-26 1:20 ` [PATCH 2/3] crypto: qce " Kai Ye
@ 2021-03-26 1:20 ` Kai Ye
2021-04-02 7:06 ` [PATCH 0/3] crypto: replace memset by memzero_explicit Herbert Xu
3 siblings, 0 replies; 5+ messages in thread
From: Kai Ye @ 2021-03-26 1:20 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-kernel, wangzhou1, yekai13
use memzero_explicit instead of memset to clear sensitive data
Signed-off-by: Kai Ye <yekai13@huawei.com>
---
drivers/crypto/stm32/stm32-cryp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/stm32/stm32-cryp.c b/drivers/crypto/stm32/stm32-cryp.c
index 2a479317..c4297e80 100644
--- a/drivers/crypto/stm32/stm32-cryp.c
+++ b/drivers/crypto/stm32/stm32-cryp.c
@@ -675,7 +675,7 @@ static void stm32_cryp_finish_req(struct stm32_cryp *cryp, int err)
crypto_finalize_skcipher_request(cryp->engine, cryp->req,
err);
- memset(cryp->ctx->key, 0, cryp->ctx->keylen);
+ memzero_explicit(cryp->ctx->key, cryp->ctx->keylen);
}
static int stm32_cryp_cpu_start(struct stm32_cryp *cryp)
--
2.8.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 0/3] crypto: replace memset by memzero_explicit
2021-03-26 1:20 [PATCH 0/3] crypto: replace memset by memzero_explicit Kai Ye
` (2 preceding siblings ...)
2021-03-26 1:20 ` [PATCH 3/3] crypto: stm32 " Kai Ye
@ 2021-04-02 7:06 ` Herbert Xu
3 siblings, 0 replies; 5+ messages in thread
From: Herbert Xu @ 2021-04-02 7:06 UTC (permalink / raw)
To: Kai Ye; +Cc: linux-crypto, linux-kernel, wangzhou1
On Fri, Mar 26, 2021 at 09:20:45AM +0800, Kai Ye wrote:
> use memzero_explicit instead of memset to clear sensitive data,
> such as buffer or key.
Does this fix a real issue? If not then it's just unnecessary
churn.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-04-02 7:06 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-26 1:20 [PATCH 0/3] crypto: replace memset by memzero_explicit Kai Ye
2021-03-26 1:20 ` [PATCH 1/3] crypto: atmel - use memzero_explicit() for clearing data Kai Ye
2021-03-26 1:20 ` [PATCH 2/3] crypto: qce " Kai Ye
2021-03-26 1:20 ` [PATCH 3/3] crypto: stm32 " Kai Ye
2021-04-02 7:06 ` [PATCH 0/3] crypto: replace memset by memzero_explicit Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.