From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.1 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B132C2BB1D for ; Tue, 14 Apr 2020 06:08:38 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id AEB862072D for ; Tue, 14 Apr 2020 06:08:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=c-s.fr header.i=@c-s.fr header.b="swLCNyX7" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AEB862072D Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=c-s.fr Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 218EA8E0003; Tue, 14 Apr 2020 02:08:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1A34C8E0001; Tue, 14 Apr 2020 02:08:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 043328E0003; Tue, 14 Apr 2020 02:08:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0163.hostedemail.com [216.40.44.163]) by kanga.kvack.org (Postfix) with ESMTP id D719F8E0001 for ; Tue, 14 Apr 2020 02:08:36 -0400 (EDT) Received: from smtpin22.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 80629181AEF21 for ; Tue, 14 Apr 2020 06:08:36 +0000 (UTC) X-FDA: 76705431432.22.army36_4b088c3363928 X-HE-Tag: army36_4b088c3363928 X-Filterd-Recvd-Size: 10873 Received: from pegase1.c-s.fr (pegase1.c-s.fr [93.17.236.30]) by imf01.hostedemail.com (Postfix) with ESMTP for ; Tue, 14 Apr 2020 06:08:35 +0000 (UTC) Received: from localhost (mailhub1-int [192.168.12.234]) by localhost (Postfix) with ESMTP id 491Zmc64yLz9txkH; Tue, 14 Apr 2020 08:08:32 +0200 (CEST) Authentication-Results: localhost; dkim=pass reason="1024-bit key; insecure key" header.d=c-s.fr header.i=@c-s.fr header.b=swLCNyX7; dkim-adsp=pass; dkim-atps=neutral X-Virus-Scanned: Debian amavisd-new at c-s.fr Received: from pegase1.c-s.fr ([192.168.12.234]) by localhost (pegase1.c-s.fr [192.168.12.234]) (amavisd-new, port 10024) with ESMTP id 4yni2YpdXT3P; Tue, 14 Apr 2020 08:08:32 +0200 (CEST) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase1.c-s.fr (Postfix) with ESMTP id 491Zmc4L0Rz9txkG; Tue, 14 Apr 2020 08:08:32 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=c-s.fr; s=mail; t=1586844512; bh=AyML/oaUiIiNPJKHTIdsIrbz6fYQpNyy/73cMAJtVGI=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=swLCNyX719PsbdWXJyAjua3tpVkuZHN/PgaRAzIUI6j3FuSDm374UPnlGZYSrGzxT ndt6dm09KOl8ksmzmfqqYKRuIRIOuM5gK03jv/9oM2sodvHG7ZsAdW0K43bNG1m7AR C9uF0GCYNnsgDDdT0CCsxA/cfFfbv77mzxAhptqM= Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id 5B4A48B77D; Tue, 14 Apr 2020 08:08:33 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id IsbJC8uJ2iOV; Tue, 14 Apr 2020 08:08:33 +0200 (CEST) Received: from [192.168.4.90] (unknown [192.168.4.90]) by messagerie.si.c-s.fr (Postfix) with ESMTP id 997728B752; Tue, 14 Apr 2020 08:08:30 +0200 (CEST) Subject: Re: [PATCH v2 2/2] crypto: Remove unnecessary memzero_explicit() To: Waiman Long , Andrew Morton , David Howells , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , Linus Torvalds , Joe Perches , Matthew Wilcox , David Rientjes Cc: linux-mm@kvack.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-crypto@vger.kernel.org, linux-s390@vger.kernel.org, linux-pm@vger.kernel.org, linux-stm32@st-md-mailman.stormreply.com, linux-arm-kernel@lists.infradead.org, linux-amlogic@lists.infradead.org, linux-mediatek@lists.infradead.org, linuxppc-dev@lists.ozlabs.org, virtualization@lists.linux-foundation.org, netdev@vger.kernel.org, intel-wired-lan@lists.osuosl.org, linux-ppp@vger.kernel.org, wireguard@lists.zx2c4.com, linux-wireless@vger.kernel.org, devel@driverdev.osuosl.org, linux-scsi@vger.kernel.org, target-devel@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-cifs@vger.kernel.org, samba-technical@lists.samba.org, linux-fscrypt@vger.kernel.org, ecryptfs@vger.kernel.org, kasan-dev@googlegroups.com, linux-bluetooth@vger.kernel.org, linux-wpan@vger.kernel.org, linux-sctp@vger.kernel.org, linux-nfs@vger.kernel.org, tipc-discussion@lists.sourceforge.net, cocci@systeme.lip6.fr, linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org References: <20200413211550.8307-1-longman@redhat.com> <20200413222846.24240-1-longman@redhat.com> From: Christophe Leroy Message-ID: Date: Tue, 14 Apr 2020 08:08:22 +0200 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <20200413222846.24240-1-longman@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: fr Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Le 14/04/2020 =C3=A0 00:28, Waiman Long a =C3=A9crit=C2=A0: > Since kfree_sensitive() will do an implicit memzero_explicit(), there > is no need to call memzero_explicit() before it. Eliminate those > memzero_explicit() and simplify the call sites. For better correctness, > the setting of keylen is also moved down after the key pointer check. >=20 > Signed-off-by: Waiman Long > --- > .../allwinner/sun8i-ce/sun8i-ce-cipher.c | 19 +++++------------- > .../allwinner/sun8i-ss/sun8i-ss-cipher.c | 20 +++++-------------= - > drivers/crypto/amlogic/amlogic-gxl-cipher.c | 12 +++-------- > drivers/crypto/inside-secure/safexcel_hash.c | 3 +-- > 4 files changed, 14 insertions(+), 40 deletions(-) >=20 > diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c b/driv= ers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c > index aa4e8fdc2b32..8358fac98719 100644 > --- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c > +++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c > @@ -366,10 +366,7 @@ void sun8i_ce_cipher_exit(struct crypto_tfm *tfm) > { > struct sun8i_cipher_tfm_ctx *op =3D crypto_tfm_ctx(tfm); > =20 > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > + kfree_sensitive(op->key); > crypto_free_sync_skcipher(op->fallback_tfm); > pm_runtime_put_sync_suspend(op->ce->dev); > } > @@ -391,14 +388,11 @@ int sun8i_ce_aes_setkey(struct crypto_skcipher *t= fm, const u8 *key, > dev_dbg(ce->dev, "ERROR: Invalid keylen %u\n", keylen); > return -EINVAL; > } > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > - op->keylen =3D keylen; > + kfree_sensitive(op->key); > op->key =3D kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); > if (!op->key) > return -ENOMEM; > + op->keylen =3D keylen; Does it matter at all to ensure op->keylen is not set when of->key is=20 NULL ? I'm not sure. But if it does, then op->keylen should be set to 0 when freeing op->key. > =20 > crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MA= SK); > crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags= & CRYPTO_TFM_REQ_MASK); > @@ -416,14 +410,11 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *= tfm, const u8 *key, > if (err) > return err; > =20 > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > - op->keylen =3D keylen; > + kfree_sensitive(op->key); > op->key =3D kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); > if (!op->key) > return -ENOMEM; > + op->keylen =3D keylen; Same comment as above. > =20 > crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MA= SK); > crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags= & CRYPTO_TFM_REQ_MASK); > diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/driv= ers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c > index 5246ef4f5430..0495fbc27fcc 100644 > --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c > +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c > @@ -249,7 +249,6 @@ static int sun8i_ss_cipher(struct skcipher_request = *areq) > offset =3D areq->cryptlen - ivsize; > if (rctx->op_dir & SS_DECRYPTION) { > memcpy(areq->iv, backup_iv, ivsize); > - memzero_explicit(backup_iv, ivsize); > kfree_sensitive(backup_iv); > } else { > scatterwalk_map_and_copy(areq->iv, areq->dst, offset, > @@ -367,10 +366,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm) > { > struct sun8i_cipher_tfm_ctx *op =3D crypto_tfm_ctx(tfm); > =20 > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > + kfree_sensitive(op->key); > crypto_free_sync_skcipher(op->fallback_tfm); > pm_runtime_put_sync(op->ss->dev); > } > @@ -392,14 +388,11 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *t= fm, const u8 *key, > dev_dbg(ss->dev, "ERROR: Invalid keylen %u\n", keylen); > return -EINVAL; > } > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > - op->keylen =3D keylen; > + kfree_sensitive(op->key); > op->key =3D kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); > if (!op->key) > return -ENOMEM; > + op->keylen =3D keylen; Same comment as above. > =20 > crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MA= SK); > crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags= & CRYPTO_TFM_REQ_MASK); > @@ -418,14 +411,11 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *= tfm, const u8 *key, > return -EINVAL; > } > =20 > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > - op->keylen =3D keylen; > + kfree_sensitive(op->key); > op->key =3D kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); > if (!op->key) > return -ENOMEM; > + op->keylen =3D keylen; Same comment as above. > =20 > crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MA= SK); > crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags= & CRYPTO_TFM_REQ_MASK); > diff --git a/drivers/crypto/amlogic/amlogic-gxl-cipher.c b/drivers/cryp= to/amlogic/amlogic-gxl-cipher.c > index fd1269900d67..6aa9ce7bbbd4 100644 > --- a/drivers/crypto/amlogic/amlogic-gxl-cipher.c > +++ b/drivers/crypto/amlogic/amlogic-gxl-cipher.c > @@ -341,10 +341,7 @@ void meson_cipher_exit(struct crypto_tfm *tfm) > { > struct meson_cipher_tfm_ctx *op =3D crypto_tfm_ctx(tfm); > =20 > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > + kfree_sensitive(op->key); > crypto_free_sync_skcipher(op->fallback_tfm); > } > =20 > @@ -368,14 +365,11 @@ int meson_aes_setkey(struct crypto_skcipher *tfm,= const u8 *key, > dev_dbg(mc->dev, "ERROR: Invalid keylen %u\n", keylen); > return -EINVAL; > } > - if (op->key) { > - memzero_explicit(op->key, op->keylen); > - kfree(op->key); > - } > - op->keylen =3D keylen; > + kfree_sensitive(op->key); > op->key =3D kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); > if (!op->key) > return -ENOMEM; > + op->keylen =3D keylen; Same comment as above. > =20 > return crypto_sync_skcipher_setkey(op->fallback_tfm, key, keylen); > } > diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/cry= pto/inside-secure/safexcel_hash.c > index 43962bc709c6..4a2d162914de 100644 > --- a/drivers/crypto/inside-secure/safexcel_hash.c > +++ b/drivers/crypto/inside-secure/safexcel_hash.c > @@ -1081,8 +1081,7 @@ static int safexcel_hmac_init_pad(struct ahash_re= quest *areq, > } > =20 > /* Avoid leaking */ > - memzero_explicit(keydup, keylen); > - kfree(keydup); > + kfree_sensitive(keydup); > =20 > if (ret) > return ret; >=20 Christophe