Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp919325pxu;
        Fri, 23 Oct 2020 17:23:10 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwo/P40oCLka89d7vzU/mFPNs7DIm/hTXQR/0884VTDx1hTI5zCOrufyIwkl22xho38x8KY
X-Received: by 2002:a17:906:8157:: with SMTP id z23mr4386386ejw.274.1603498990210;
        Fri, 23 Oct 2020 17:23:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1603498990; cv=none;
        d=google.com; s=arc-20160816;
        b=hTa+9aeKVNbbHVgNRZJwhxfpXBB01coyM28MzR+izlS0KLE/isqgsA4sHKBxUKXbEQ
         C9lWqGAapDAHvgpmV9eLCtw+n0otYvDBqNh/L7RAmcViHh90ItzwJ+NoFnCIK9OnTQHy
         0UfvWZ3le3oc8a5e576KH6IAPgXkFoOFVAsAoM3qEQMOsIk4aeMXjLOjlaTFSM8a1Buz
         31FempVFHyDCbxSL9iEyVR6unSwYfTDIGKMQMWHBBYzZ4SzzE3u0IMP/EBkJ/fL8RHtI
         gQdNn/wY/RUCvNxml+/kz2UBl9SiVQ4KFLXFS4fMRYM58J2hlpHzXYc0OWoNyKjA8IZH
         buhQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=cxWV0ozHdpwR8Klskv7o4IIlehFaDwbmiR227U9nqAw=;
        b=eJPG6tL1q8KouARqhHXl5spr3pL29RHxiIFEsQA0B8pKlJRSWomSWUXBa6cDuI+7vh
         7shLRGYQ2NKy09BLfVtDR4Ta8LRh806jWrWxuGqpnT155BcXcRFp7XHU7QnLE/41qIG8
         slMTyt84CbEvDyv2yBEjP6N09OAmzJD7nNGHz2tEiH5jOmjRpiFRxfCXbiBTUKLAhQp7
         KEGCDCBoHQ27K0+2rDioRDqKDtkCmrjpSR4xn6R3v4T7kM5tbo93MqhY3CtggoZoevb/
         V1dHaisoxougk0r9zJChvvcu0imQD1wNVHU92Spec/1y3bmj2HCMkBdk/+3m20im5Zcc
         06Jw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id ob21si2009378ejb.276.2020.10.23.17.22.33;
        Fri, 23 Oct 2020 17:23:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751639AbgJWUpt (ORCPT <rfc822;christopherhkane@gmail.com>
        + 99 others); Fri, 23 Oct 2020 16:45:49 -0400
Received: from helcar.hmeau.com ([216.24.177.18]:41342 "EHLO fornost.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751068AbgJWUpt (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 23 Oct 2020 16:45:49 -0400
Received: from gwarestrin.arnor.me.apana.org.au ([192.168.0.7])
        by fornost.hmeau.com with smtp (Exim 4.92 #5 (Debian))
        id 1kW3wO-0005cy-JB; Sat, 24 Oct 2020 07:45:37 +1100
Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Sat, 24 Oct 2020 07:45:36 +1100
Date:   Sat, 24 Oct 2020 07:45:36 +1100
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Eric Biggers <ebiggers@kernel.org>
Cc:     Arvind Sankar <nivedita@alum.mit.edu>,
        "David S. Miller" <davem@davemloft.net>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        David Laight <David.Laight@aculab.com>,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 1/6] crypto: Use memzero_explicit() for clearing state
Message-ID: <20201023204536.GB27708@gondor.apana.org.au>
References: <20201020203957.3512851-1-nivedita@alum.mit.edu>
 <20201020203957.3512851-2-nivedita@alum.mit.edu>
 <20201022043633.GD857@sol.localdomain>
 <20201023153927.GA217686@rani.riverdale.lan>
 <20201023155604.GA3908702@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20201023155604.GA3908702@gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Fri, Oct 23, 2020 at 08:56:04AM -0700, Eric Biggers wrote:
>
> When clearing memory because "it may be sensitive" rather than "it's needed for
> the code to behave correctly", I think it's best to use memzero_explicit() to
> make the intent clear, even if it seems that memset() is sufficient.  Also keep
> in mind that support for compiling the kernel with LTO (link-time optimization)
> is being worked on (and some people already do it), which results in more code
> being optimized out.

The rule up until now has been that we only use memzero_explicit for
stack variables.  At this point please don't convert anything else
as it will cause too much churn.

If LTO did arrive we should do a global conversion.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt