Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3604175ybb; Mon, 6 Apr 2020 11:50:36 -0700 (PDT) X-Google-Smtp-Source: APiQypL69vP2ZBQMEFkgwsSIg+u/zJg1e1bO5XlQekWHOvm6QpVz1URFHGvYRIdO70s74c3eXo7f X-Received: by 2002:aca:c142:: with SMTP id r63mr654584oif.25.1586199035927; Mon, 06 Apr 2020 11:50:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586199035; cv=none; d=google.com; s=arc-20160816; b=CzK0+FtTDpCa85DPSCdGNSXUlg3tbqk1A0cKgUjV4JS7Ij6rqUtWUPfXN38J3LciaO FlisCQZUgP4A3mvPNFKx//T/1vphC/gdFhKK91tkB4gBIPf0UQchHylNpeFWhgIOuxqy xIsmv0MRbTMID/xPFXLNytp/N+/nWDZTsQ8t//fi+5294Uti5ewe/y//XLfzF+kqBvWq Ma85o5ULumOyARHGLAKplN7IRFz2IsrhuoIE0laEdTKH/nCfUisNDYIxEVqYRifl+BoB F3rKLmHQx4w7k0b9ApkYLu1cfOMpfwKd/Gp2FE68pgjNZX6a7/wkqvfHZEuFhGsVEZ9V Rcfw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=NyG7IsJVqoW9VRS5DGRdYH/CNVzwakSdEaOr8viB0Hg=; b=ZidoSw7PXRwM3DxcVjan03taNBQ5v1kZZLUuWp/31NMdPXdfCYJJ2DL1gD7Vo2vdlw Jm8+bJJ/6B3BuC+jR43qnjU933jOyqc3zRV03EArz6bugT70rbn4cO/RcSSL9voa/M/F qCnWi8z0P5FRu6mLEVN4I6Fff9EO4RStL4EFDgX/fw+xwp44qBv7+YSUzuXmFYKkAnjF IR+Dnc4A7billejSnXoiuYoTOEwCGo1OrSRCWJyNfcKmi980zQXSWtmpPD5iwqB4jhh8 kv0VK95I9HmBMSRGtAcfRla3lmBEnVuRLjc2Zph/EjrAolJHihtuBPBMgbBeFRnBRYGo Plzg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r205si7623691oig.174.2020.04.06.11.50.24; Mon, 06 Apr 2020 11:50:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726332AbgDFSs1 (ORCPT + 99 others); Mon, 6 Apr 2020 14:48:27 -0400 Received: from smtprelay0183.hostedemail.com ([216.40.44.183]:35024 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725887AbgDFSs1 (ORCPT ); Mon, 6 Apr 2020 14:48:27 -0400 Received: from filter.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60]) by smtprelay03.hostedemail.com (Postfix) with ESMTP id 88B618378BB8; Mon, 6 Apr 2020 18:48:26 +0000 (UTC) X-Session-Marker: 6A6F6540706572636865732E636F6D X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,joe@perches.com,,RULES_HIT:41:355:379:599:800:960:965:966:973:982:988:989:1260:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1541:1593:1594:1711:1730:1747:1777:1792:2196:2199:2393:2553:2559:2562:2736:2828:3138:3139:3140:3141:3142:3353:3622:3865:3866:3867:3868:3870:3871:3874:4321:4385:4390:4395:5007:7875:7903:8603:8700:10004:10400:10848:11232:11658:11914:12043:12050:12296:12297:12679:12740:12760:12895:13069:13161:13229:13311:13357:13439:14181:14659:14721:21080:21451:21627:21740:30012:30054:30060:30070:30090:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:1,LUA_SUMMARY:none X-HE-Tag: view80_83acc3aa07734 X-Filterd-Recvd-Size: 2764 Received: from XPS-9350.home (unknown [47.151.136.130]) (Authenticated sender: joe@perches.com) by omf10.hostedemail.com (Postfix) with ESMTPA; Mon, 6 Apr 2020 18:48:24 +0000 (UTC) Message-ID: Subject: Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects From: Joe Perches To: Linus Torvalds , Waiman Long Cc: David Howells , Andrew Morton , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , Linux-MM , keyrings@vger.kernel.org, Linux Kernel Mailing List Date: Mon, 06 Apr 2020 11:46:26 -0700 In-Reply-To: References: <20200406023700.1367-1-longman@redhat.com> <319765.1586188840@warthog.procyon.org.uk> <19cbf3b1-2c3f-dd0f-a5c6-69ca3f77dd68@redhat.com> Content-Type: text/plain; charset="ISO-8859-1" User-Agent: Evolution 3.34.1-2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2020-04-06 at 11:06 -0700, Linus Torvalds wrote: > On Mon, Apr 6, 2020 at 10:59 AM Waiman Long wrote: > > I have actually been thinking about that. I saw a couple of cases in the > > crypto code where a memzero_explicit() is followed by kfree(). Those can > > be replaced by kfree_sensitive. > > Ack. > > Doing that (and renaming kvzfree) should be a fairly straightforward > coccinelle patch. Not really as comment and prototype and existing cocci scripts that contain kzfree are difficult to change. A sed is straightforward and works well. $ git grep -w --name-only kzfree | \ xargs sed -i 's/\bkzfree\b/kfree_sensitive/' For today's next that's: $ git diff --shortstat 116 files changed, 322 insertions(+), 322 deletions(-) After this change: The kernel-doc comment in slab_common.c should be edited from zeroed to something else. * kfree_sensitive - like kfree but zero memory * @p: object to free memory of * * The memory of the object @p points to is zeroed before freed. * If @p is %NULL, kfree_sensitive() does nothing. * * Note: this function zeroes the whole allocated buffer which can be a good * deal bigger than the requested buffer size passed to kmalloc(). So be * careful when using this function in performance sensitive code. */