Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4724408ybb; Tue, 7 Apr 2020 13:10:21 -0700 (PDT) X-Google-Smtp-Source: APiQypJYDtgnFg3MefdjywiQDxlaG21n3o5h4HWHAqPuF5MaI5ds9QVD6+XU5jGViKZoM9e/r99e X-Received: by 2002:a9d:53cd:: with SMTP id i13mr46791oth.37.1586290221328; Tue, 07 Apr 2020 13:10:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586290221; cv=none; d=google.com; s=arc-20160816; b=y3/2csIPKFUOpTrhMxlm5UeTYhpZZ+BLPA/5NWSES0nW3eBHVGGVW3o+SjTNZhEH1M RyVX8BtDoFIGDAZuzCTaSZcB5LALGe/l80KtwEwYELPHr8hBi83YxQGHZpyr9dauuJ1v c8cxgFyR3F+Aq9WUHnAi3/lky+5UlsOgnmCsW56RWAi1SIZIYBckEJlbJ/mUyprSrOFg EbNhRIpIyccQL4ZOAdqIa59nKoZhOkX74K3b4bT63V2GYiJ9vZXiBXhXpMonQn6ix4+O b/lza5EOhyoS+L0inMLeB9zlkAp8fk1PYxiU+8IRVmxqe1kJ8pM/78DOqnOPkbJczLJc /smg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=3sghJldqMMjWeerVBLUfhc/cQuHU1aQm4qS6KijAW8Q=; b=hXdCzey0fAnSNQJlPAFkCITypYQqemujXImOQRR2FMgNNgqY/hk4xOvAkCF1CUatKn snTXOE3N++/srMhlWnsk9srq8kjjcw35HOncIYv2kVo9bEnSUbPjdpGxPTRS4cUJepy2 8uSeT384b6AePZzUp0rVafp0qTS4flViVRMrgXsah+RGj8rpuhKaN9aKNeLRj0ghqamT YWd9lJP+XSKY7Zgwf6l/OQwE464qYLc6wqK8Ft9zmGmcL66SvIpnTDmfYV/0/WfvQ98z 3KOUu8NZi7sItxnLZCTslT2L5s7sfRMCkU+88qBNagFkWKv8J7RN0YpESrDexlZ8NuMU 4MTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=LIs7mHA3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h10si1591318otm.153.2020.04.07.13.10.07; Tue, 07 Apr 2020 13:10:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=LIs7mHA3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727354AbgDGUJc (ORCPT + 99 others); Tue, 7 Apr 2020 16:09:32 -0400 Received: from mail-lj1-f194.google.com ([209.85.208.194]:41829 "EHLO mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726840AbgDGUJb (ORCPT ); Tue, 7 Apr 2020 16:09:31 -0400 Received: by mail-lj1-f194.google.com with SMTP id n17so5158808lji.8 for ; Tue, 07 Apr 2020 13:09:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3sghJldqMMjWeerVBLUfhc/cQuHU1aQm4qS6KijAW8Q=; b=LIs7mHA3OXPjMsaXtYIk07UvtJnPGY4OLuhw5yUdciWXo/7JrrEmPqgnrwGk7LYTDy rq/7n66O3MT27zCaMgmAZUsQHre2pHLQbaKY/YARTqgYJVheydI5BKhcTlTAQdZtVZZq 45bOqqTdfPd9zcZUW/Ki0gAVMMNSm+WBI9Bqk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3sghJldqMMjWeerVBLUfhc/cQuHU1aQm4qS6KijAW8Q=; b=mbi3pkYkrRrssiHeC2azZZSfuZVLZQDO6AQFEOlfw+BFLTqjyH2UqhRsqxJb5iUlY0 CcefXYk7C8ypPQdCRw6KOS2hTfJTA35SNDcuBfTkeYpcvHB1it5alR/99hhi/ZN8MIHL KpxI0Azdqk9aIvsEeToffxaQBF52JjaL0cZo+bY6h8MkI1mLov8yjWThiokg8JbSm0G/ g7EW4PsfGZHTOVycxm8XBWc4xTo5Q5hKamcV37Dxa0i4GRKtl3UikvZaF+foZEpHJjaK fCXJVCO0gjfV26IT5TQCKIA9QdAt7tHTdT+QxjgtJyyM3bZgwRa+fP3KMoc3VcEiuia8 fgoQ== X-Gm-Message-State: AGi0PuZzwNI9YTkAVP4IZ4tSj2qIpah6ni6ECW/BYglkuNiPUIvAYmlj 5I32O6OjQJXbNPk9e88dLroeWSDqr3c= X-Received: by 2002:a2e:87cc:: with SMTP id v12mr2777717ljj.127.1586290168746; Tue, 07 Apr 2020 13:09:28 -0700 (PDT) Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com. [209.85.208.172]) by smtp.gmail.com with ESMTPSA id u7sm2140400lfi.0.2020.04.07.13.09.27 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 07 Apr 2020 13:09:27 -0700 (PDT) Received: by mail-lj1-f172.google.com with SMTP id 142so627409ljj.7 for ; Tue, 07 Apr 2020 13:09:27 -0700 (PDT) X-Received: by 2002:a2e:8911:: with SMTP id d17mr2856344lji.16.1586290167180; Tue, 07 Apr 2020 13:09:27 -0700 (PDT) MIME-Version: 1.0 References: <20200407200318.11711-1-longman@redhat.com> In-Reply-To: <20200407200318.11711-1-longman@redhat.com> From: Linus Torvalds Date: Tue, 7 Apr 2020 13:09:11 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v3] mm: Add kvfree_sensitive() for freeing sensitive data objects To: Waiman Long Cc: Andrew Morton , David Howells , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , Linux-MM , keyrings@vger.kernel.org, Linux Kernel Mailing List , Joe Perches , Matthew Wilcox , David Rientjes Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 7, 2020 at 1:03 PM Waiman Long wrote: > > For kvmalloc'ed data object that contains sensitive information like > cryptographic key, we need to make sure that the buffer is always > cleared before freeing it. Using memset() alone for buffer clearing may > not provide certainty as the compiler may compile it away. To be sure, > the special memzero_explicit() has to be used. Ack. Since this isn't exactly high-priority, I'm assuming it will go through the usual channels (ie Andrew). Linus