Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2123336imu;
        Wed, 28 Nov 2018 23:02:09 -0800 (PST)
X-Google-Smtp-Source: AFSGD/UqBflJkhY8szMxM8zZVSzMEbuZg/qx6i9QULu/rTxKu1w6T+05koebSZZppiivOUX2p9iO
X-Received: by 2002:a62:2044:: with SMTP id g65mr299648pfg.127.1543474928937;
        Wed, 28 Nov 2018 23:02:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543474928; cv=none;
        d=google.com; s=arc-20160816;
        b=pxj3MvPbBuaXh8orIh3qIudYCZedEpD9xZm1tY9uvFii223HGBz/n75ZlFa3aGH7UJ
         RZ1vy8fQnegCLXQ038C6pratm+B1ADowhkdFisxF0P5Fm6/Zbec0Tp4OE6aIyQ7/KjTP
         WTK0MUBye6eI1AFyllFN/TH0QQgN+NpptHWdxsGRZH3D7n9pJk2Fmbd99PKdRXK9PmcN
         6a39l3lPrH5Ih2JcKT+JhqvT3ztnahVrKxyFrC8Kw0kG+rkHiwLclxTRarCeUNO7K/UQ
         95UwM5NiEjrKXjoyEvzt5K3TfnZq8/WS0WRD9ZHyjxmtcYEuywLarMyfKOcxUjjMYlvc
         E/RQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=5HM0aL8n+oQrEdDnPyjU9BKZi6/yD9UyY+k/TLgqyg8=;
        b=HS89ttKKLuscXq0x4zvwXAH15HL7YP4Yr8dMEvbb1UafjEOJyNoxQxBtCuZSHl576V
         1pUnqYfBW9XIGDQVTmVGBzi8NyzxT5d3NWz5dUkcPuSBfg9+hyL9Mmb93kEVT954ibae
         OSJ/pUWZZH7QIlZe9wHV1VyIf+b/11iWc6ypBaWpJKXHnu0dB9rAMbu93GYYUdgOHEkq
         eY0YGqqzXrnbyJOpxjJW44uIwyUg907retkFVM2XfpnLKp0iiF0nesFabXWQ6687krEP
         Wxt1UXjtPrGvNBvehNTpX1RleSmnPeH6dSrc8ytCn6ZcNBCG7kqYiQ4QFZGZS4iRE83k
         wtHw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b="Z+KU4g/7";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 66si1197414plc.125.2018.11.28.23.01.53;
        Wed, 28 Nov 2018 23:02:08 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b="Z+KU4g/7";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727763AbeK2SEY (ORCPT <rfc822;xuyizhaos@gmail.com> + 99 others);
        Thu, 29 Nov 2018 13:04:24 -0500
Received: from mail-oi1-f195.google.com ([209.85.167.195]:35812 "EHLO
        mail-oi1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727521AbeK2SEX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 29 Nov 2018 13:04:23 -0500
Received: by mail-oi1-f195.google.com with SMTP id v6so772626oif.2;
        Wed, 28 Nov 2018 23:00:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=5HM0aL8n+oQrEdDnPyjU9BKZi6/yD9UyY+k/TLgqyg8=;
        b=Z+KU4g/7sC+S1AVEcAGSb9RTA4e+3cWRtN+s9+MFq7TA5stMNeVCyQgfJBva2FHJ/N
         T7Ao50asKDAe0FxSnDhbdiYFqRJ7ivJi9Ib4YMx9eR0a6Q8R10aMNpBvkgXkM1QES/Qb
         MZA6HruIMUQu8o73DhxmZtNramf1d0vMrRWZ/hhzB/yuTBAtYMEaW63d9v7FexOT5srj
         3SIzB6jigjBmh7NRuKcmItwP3O5VYMduYQCShJczn7gLkAEUNNxFynn4QtMX5cEPF3KM
         au0Iv0h/M4kb5fpeDbgxlqlo7MEPgfWSd2/aF8OvfXX26qa9mmYPOKrbsPqefKwjRq87
         fYgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=5HM0aL8n+oQrEdDnPyjU9BKZi6/yD9UyY+k/TLgqyg8=;
        b=aL5uSg+kARPO9DrN6CXezLX57aJqtVmEQKvgDbmOthBit27y6c3P0lmyST1E800VYh
         wG1T7Vh0c/80K3YR9L+E9UFuZ851XjfwqvMuJTuT7mI9uhMUcQOqXlTG/x7QyixwiP6x
         vL4zUXO94Lwi6wExc/jt50Py5URq1CbUbhErPUTef68v/o53+ef7Wc9IaoUxikgsJ0O7
         mGnzYyVBNIgMsGF3Bw9fyVsT9Gba9jHCVtMPzJvUFdJDmmyBTVjNDEIo/lvAjo9LC206
         8MptW0YU31LL97776MBjQ10miUPnnXOLpvsRFphVFr9NMOBao2t0bzZKwQqlsdfLOVpn
         onpw==
X-Gm-Message-State: AA+aEWbk/X86GSMfQQZKHPXFlUmtQfxaNi7hY9JYHff4qMA2SepgaJby
        Jf2OUTGQDH1lgPO6JINvrbP9IV6VXGFi/ySqbPmEtraNeiU=
X-Received: by 2002:aca:4709:: with SMTP id u9mr189277oia.212.1543474802140;
 Wed, 28 Nov 2018 23:00:02 -0800 (PST)
MIME-Version: 1.0
References: <CA+XhMqz7ZaGVNpkrRM-t4h2f9UZVQPjLVB5Txco4bKGRm8k=mA@mail.gmail.com>
 <20181129064913.wbudlexjzszpa7dq@gondor.apana.org.au>
In-Reply-To: <20181129064913.wbudlexjzszpa7dq@gondor.apana.org.au>
From:   David CARLIER <devnexen@gmail.com>
Date:   Thu, 29 Nov 2018 06:59:50 +0000
Message-ID: <CA+XhMqzw9pqFw30QD=XpFTAqu+t1v5q24ODR+zynZQJJrS9xZw@mail.gmail.com>
Subject: Re: [PATCH] crypto: use memzero_explicit instead of memset to clear contexts.
To:     Herbert Xu <herbert@gondor.apana.org.au>
Cc:     linux-kernel@vger.kernel.org,
        "David S. Miller" <davem@davemloft.net>,
        linux-crypto@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Meant regardless how the kernel is compiled (ie optimisation level),
the contexts are guaranteed to be wiped because of the memory fences
used.

Kind regards.
On Thu, 29 Nov 2018 at 06:49, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> On Wed, Nov 28, 2018 at 07:36:50PM +0000, David CARLIER wrote:
> > There might be a little performance drop but to make sure it stands
> > by it comments, we really wipe the whole context after usage.
> > ---
> >  crypto/chacha20poly1305.c | 3 ++-
> >  crypto/md5.c              | 2 +-
> >  crypto/rmd128.c           | 3 ++-
> >  crypto/rmd160.c           | 3 ++-
> >  crypto/rmd256.c           | 3 ++-
> >  crypto/rmd320.c           | 3 ++-
> >  crypto/sha3_generic.c     | 3 ++-
> >  7 files changed, 13 insertions(+), 7 deletions(-)
> >
> > diff --git a/crypto/chacha20poly1305.c b/crypto/chacha20poly1305.c
> > index 600afa99941f..6e93d998109e 100644
> > --- a/crypto/chacha20poly1305.c
> > +++ b/crypto/chacha20poly1305.c
> > @@ -19,6 +19,7 @@
> >  #include <linux/init.h>
> >  #include <linux/kernel.h>
> >  #include <linux/module.h>
> > +#include <linux/string.h>
> >
> >  #include "internal.h"
> >
> > @@ -388,7 +389,7 @@ static int poly_genkey(struct aead_request *req)
> >         }
> >
> >         sg_init_table(creq->src, 1);
> > -       memset(rctx->key, 0, sizeof(rctx->key));
> > +       memzero_explicit(rctx->key, sizeof(rctx->key));
>
> Please explain the purpose of this patch.  As it stands this
> makes no sense.
>
> Thanks,
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt