key might contain private information, so use kfree_sensitive to free it.
In fscache_free_cookie() use kfree_sensitive().
Signed-off-by: Minjie Du <[email protected]>
---
fs/netfs/fscache_cookie.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/netfs/fscache_cookie.c b/fs/netfs/fscache_cookie.c
index bce2492186d0..5c917d87f281 100644
--- a/fs/netfs/fscache_cookie.c
+++ b/fs/netfs/fscache_cookie.c
@@ -74,7 +74,7 @@ static void fscache_free_cookie(struct fscache_cookie *cookie)
if (cookie->aux_len > sizeof(cookie->inline_aux))
kfree(cookie->aux);
if (cookie->key_len > sizeof(cookie->inline_key))
- kfree(cookie->key);
+ kfree_sensitive(cookie->key);
fscache_stat_d(&fscache_n_cookies);
kmem_cache_free(fscache_cookie_jar, cookie);
}
--
2.39.0
Minjie Du <[email protected]> wrote:
> [email protected] (moderated
> list:FILESYSTEMS [NETFS LIBRARY]), [email protected] (open
> list:FILESYSTEMS [NETFS LIBRARY]), [email protected] (open list)
In future, could you edit the comments out of the email addresses, please?
> key might contain private information, so use kfree_sensitive to free it.
> In fscache_free_cookie() use kfree_sensitive().
There's no real point. These are written as filenames (possibly base64-ish
encoded) on disk by cachefiles and represent the information given to the
server to indicate the file (in afs, for example, that's cell name, volume
name, vnode number).
David