Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1174310ybt; Sun, 14 Jun 2020 13:06:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwqARq7SRUL9FOsi/33Tri8ZvX0Kj0/pVfs9SxzEeB8ZCO6g2dEypAJS8hCibGO2ac+rgkb X-Received: by 2002:a05:6402:1606:: with SMTP id f6mr20478076edv.286.1592165193965; Sun, 14 Jun 2020 13:06:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592165193; cv=none; d=google.com; s=arc-20160816; b=QPfogJt2Nm+ZYXKgu+pA7PHJk6PIsla6lzSlKQQuyv2a2MI69XU6qIdkGc+PysrTpM WvxoinLYuwHBN+zM0Svc3iplT188rsVkfr3iCPNxaLUQGwzPTWD6c/quJl6grgYJpz4G DBf/U0KLtttQWqRbctOjHgTFrKs3CIhap+vswuPKqVj5OLTJYXXFC7rGLnKXUS8wDgkX Semyxgovp2FiGzP2icdnvS2CUcYUxQAizAOKnLw1kV6Hs3ONCvqebRXwyGu9wyfkinjl FfcGLddxp+bsHGEsLk+Hhh9lWqWY9ax/J9krez4zvMaqr6kPC3LAwtYXn3rkEr+IGJeX OUgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=RfDckVupv6efVEQayIsd3G++QiwTXUN9fQKMyXvejT8=; b=KIjcCLqQeASv2WDrol+mZsxdWk7mn9zgpXj9gfcW1FsnI3XikkUtvHi+ZEXX6DUyCs ERFX9eT4JaBdjd3IOGyZtH0iUcWeoH0k+TC+dZG0fTEnP/ivAE68eHDw5CAtKCHsZXAf vIgachV29p2Y4TQAjMt5bChPAM+4XCcTz0I7EC03jBr+X8aD7dRDisPd2EwfpYfufgaa iF+fdHplMqZ7el2BREk6Nebf05eJ+pF8d0uDg8Kx7bJhS4zc9jPcIFZ28s8xBbnr+wpt 0p+xDyxFq1g1lYyGr3GdnsBTeZ14NXs+PfIZhAsLQZBD0ugzvF5fwISrsFzrRmNR+lv2 wF3Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h21si7617855edv.274.2020.06.14.13.06.12; Sun, 14 Jun 2020 13:06:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727937AbgFNUCB (ORCPT + 99 others); Sun, 14 Jun 2020 16:02:01 -0400 Received: from smtprelay0188.hostedemail.com ([216.40.44.188]:39492 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726844AbgFNUB4 (ORCPT ); Sun, 14 Jun 2020 16:01:56 -0400 Received: from filter.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60]) by smtprelay02.hostedemail.com (Postfix) with ESMTP id ABA7C15C6; Sun, 14 Jun 2020 20:01:54 +0000 (UTC) X-Session-Marker: 6A6F6540706572636865732E636F6D X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,joe@perches.com,,RULES_HIT:41:355:379:599:965:966:988:989:1260:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1540:1593:1594:1711:1730:1747:1777:1792:2194:2196:2199:2200:2393:2559:2562:2828:3138:3139:3140:3141:3142:3352:3622:3866:3867:3870:3871:3872:4321:4385:4390:4395:4605:5007:7903:8568:10004:10400:10848:11026:11232:11658:11914:12043:12296:12297:12438:12740:12760:12895:13069:13311:13357:13439:14659:14721:21080:21627:30054:30070:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:2,LUA_SUMMARY:none X-HE-Tag: light02_2e08cc026df0 X-Filterd-Recvd-Size: 1857 Received: from XPS-9350.home (unknown [47.151.136.130]) (Authenticated sender: joe@perches.com) by omf07.hostedemail.com (Postfix) with ESMTPA; Sun, 14 Jun 2020 20:01:53 +0000 (UTC) Message-ID: <803557cc672ef0bcd9565c7d5d78e7053388f5d7.camel@perches.com> Subject: Re: [PATCH] coccinelle: api: add kzfree script From: Joe Perches To: efremov@linux.com, Julia Lawall , Dan Carpenter Cc: cocci@systeme.lip6.fr, linux-kernel@vger.kernel.org Date: Sun, 14 Jun 2020 13:01:51 -0700 In-Reply-To: <345c783b-a8cf-9dd1-29c6-d32b9b29053f@linux.com> References: <20200604140805.111613-1-efremov@linux.com> <345c783b-a8cf-9dd1-29c6-d32b9b29053f@linux.com> Content-Type: text/plain; charset="ISO-8859-1" User-Agent: Evolution 3.36.2-0ubuntu1 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 2020-06-14 at 22:42 +0300, Denis Efremov wrote: > On 6/4/20 7:27 PM, Joe Perches wrote: > > On Thu, 2020-06-04 at 17:08 +0300, Denis Efremov wrote: > > > Check for memset() with 0 followed by kfree(). > > > > Perhaps those uses should be memzero_explicit or kvfree_sensitive. > > > Is it safe to suggest to use kzfree instead of memzero_explicit && kfree? > Or it would be better to use kvfree_sensitive in this case. > kzfree uses memset(0) with no barrier_data. > > For example: > diff -u -p a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c [] > @@ -1081,8 +1081,7 @@ static int safexcel_hmac_init_pad(struct > } > > /* Avoid leaking */ > - memzero_explicit(keydup, keylen); > - kfree(keydup); > + kzfree(keydup); It would be better to use kvfree_sensitive()