LinuxLists.cc - [PATCH] crypto: sun8i-ss

2020-08-26 13:28:56

Subject: [PATCH] crypto: sun8i-ss - use kfree_sensitive()

Use kfree_sensitive() instead of open-coding it.

Signed-off-by: Denis Efremov <[email protected]>
---
drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
index 7b39b4495571..49d89b31eb6b 100644
--- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
@@ -369,8 +369,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm)
struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);

if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
crypto_free_skcipher(op->fallback_tfm);
pm_runtime_put_sync(op->ss->dev);
@@ -394,8 +393,7 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
return -EINVAL;
}
if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
@@ -420,8 +418,7 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
}

if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
--
2.26.2

2020-08-26 13:30:04

by Corentin Labbe

[permalink] [raw]

Subject: Re: [PATCH] crypto: sun8i-ss - use kfree_sensitive()

On Wed, Aug 26, 2020 at 04:24:51PM +0300, Denis Efremov wrote:
> Use kfree_sensitive() instead of open-coding it.
>
> Signed-off-by: Denis Efremov <[email protected]>
> ---
> drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 9 +++------
> 1 file changed, 3 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> index 7b39b4495571..49d89b31eb6b 100644
> --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> @@ -369,8 +369,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm)
> struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);
>
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> crypto_free_skcipher(op->fallback_tfm);
> pm_runtime_put_sync(op->ss->dev);
> @@ -394,8 +393,7 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
> return -EINVAL;
> }
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> @@ -420,8 +418,7 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> }
>
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> --
> 2.26.2
>

Hello

Same comment than for your crypto/amlogic patch.
Please remove the "if (op->key)"

Regards