From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A5C4C2BA1B for ; Mon, 6 Apr 2020 17:12:02 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id C5E82249CE for ; Mon, 6 Apr 2020 17:12:01 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="cCyfHsvS" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C5E82249CE Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 5AD7F8E004F; Mon, 6 Apr 2020 13:12:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 55C0C8E000D; Mon, 6 Apr 2020 13:12:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 44C068E004F; Mon, 6 Apr 2020 13:12:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0070.hostedemail.com [216.40.44.70]) by kanga.kvack.org (Postfix) with ESMTP id 27FDE8E000D for ; Mon, 6 Apr 2020 13:12:01 -0400 (EDT) Received: from smtpin25.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id DD86A813E for ; Mon, 6 Apr 2020 17:12:00 +0000 (UTC) X-FDA: 76678072800.25.birds11_1154eb44d1e1d X-HE-Tag: birds11_1154eb44d1e1d X-Filterd-Recvd-Size: 4928 Received: from mail-lj1-f194.google.com (mail-lj1-f194.google.com [209.85.208.194]) by imf18.hostedemail.com (Postfix) with ESMTP for ; Mon, 6 Apr 2020 17:11:58 +0000 (UTC) Received: by mail-lj1-f194.google.com with SMTP id t17so455765ljc.12 for ; Mon, 06 Apr 2020 10:11:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JIHqbWEotAan/sewwDfvuRd/CvbCudC1wXEoK4uYwQI=; b=cCyfHsvSJIbBmPiEgqdHYbrCRkeZCLL0r8+OYWYvaP6ePmiCcvWmHGdWpIvR9wS7yH Qjaf2hfg8nqF8dZM3j9qgEUyAGV1loDukhbMsue6luVn6M6E5QsAdDS6GXk0FyXFT8ke MbrqoJpcYh6U+txeraXaFeVX/Z8k1Vrbk1lPA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JIHqbWEotAan/sewwDfvuRd/CvbCudC1wXEoK4uYwQI=; b=SoxwZvbhjFX4fYY9woHUb+d+7rnEEsxOitUEiwc2UIt4BFxD20AIZPoGBMAuj1vsj2 IrdxWfrhYShqQ/JN3ZK+TD49gZPSe4KbQyzOoLoBR4MPh3Y/0q7hVwFaqbPPBeMuY53A jM5uWQih9x+vdxjUo5DH/bpvOT6cnb8pFiom2wf2r2YFVBlyEwMfNUNrBoT+e6arXFn5 G5ovH4QHAan9KCzT/B2IXqPn6yPzrufXNbJRB2pWvNWPV4byKrFxAHM2BoHCotnzLDya efll6CfZVO+o/2o2pdxy7LNwCkD11v0IkoIL942LZ9Xk8WkSnhmYuyvG4BsQ6CvyHI1D pAow== X-Gm-Message-State: AGi0PuYIzB+mZ4AKJOaqTePH2kxcUiWooE5hE6vJpweWyyGC0j4eqMbs L/+pFIz9vOeM+g4FN6zf2u4CCBlzNQE= X-Google-Smtp-Source: APiQypIZRDmB5K588mE/9t0MuemEXtHVRYhWcXGt5OCUbX/TqFD+TyFOSHwJvelviFC7Reg0jKo6+w== X-Received: by 2002:a2e:9bc6:: with SMTP id w6mr149663ljj.105.1586193116113; Mon, 06 Apr 2020 10:11:56 -0700 (PDT) Received: from mail-lj1-f180.google.com (mail-lj1-f180.google.com. [209.85.208.180]) by smtp.gmail.com with ESMTPSA id o21sm10304060ljg.71.2020.04.06.10.11.54 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 06 Apr 2020 10:11:55 -0700 (PDT) Received: by mail-lj1-f180.google.com with SMTP id q19so476459ljp.9 for ; Mon, 06 Apr 2020 10:11:54 -0700 (PDT) X-Received: by 2002:a2e:a58e:: with SMTP id m14mr166510ljp.204.1586193114144; Mon, 06 Apr 2020 10:11:54 -0700 (PDT) MIME-Version: 1.0 References: <20200406023700.1367-1-longman@redhat.com> <319765.1586188840@warthog.procyon.org.uk> In-Reply-To: From: Linus Torvalds Date: Mon, 6 Apr 2020 10:11:38 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects To: Joe Perches Cc: David Howells , Waiman Long , Andrew Morton , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , Linux-MM , keyrings@vger.kernel.org, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Apr 6, 2020 at 9:44 AM Joe Perches wrote: > > Dubious assertion. Both end up with zeroed memory. You don't understand the function. You ignored the part where the zeroed memory isn't even the _point_. Yes, for kzalloc() it is. There the zero is inherent and important. People very much depend on it, and it's the whole point of that function. The 'z' is not silent. But for kzfree() it really really isn't. There the zeroing is never going to be seen by anybody wjho does the right thing, and is not important at all - it's purely a "let's make sure old contents don't leak". The "zero" part is completely immaterial, it could just as well have been a "memset(0xaa)" instead. And you didn't seem to understand that kzfree() shouldn't use memset() in the first place, so it's not even using the same operation. You really don't seem to get the whole "kzfree() has absolutely _nothing_ to do with kzalloc() apart from a dubious implementation details". Should you name all global variables with a 'z' in their name somewhere? They start out zeroed too - so pretty much according to your logic, they are exactly the same as 'kzalloc()'. Linus