Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp5031061iob; Mon, 9 May 2022 07:16:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzRMul6WNkV5NMjiFuJw1ZaAVHYAUrvsKfnklnkTLPDsVlmMn+ZOTrPlKrhW43wqxtBauAH X-Received: by 2002:a17:902:e94e:b0:15b:22a7:f593 with SMTP id b14-20020a170902e94e00b0015b22a7f593mr16649108pll.148.1652105768679; Mon, 09 May 2022 07:16:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652105768; cv=none; d=google.com; s=arc-20160816; b=j0k7h70ObuyewkI4TfgVX45faZ+WJmYtvHeJBrKR3KKPdwnLDoY0uCHuxWK02mKCxG J7tM+5+WZ8kK49F23h1Rf944XcytFjqPGjBItUGDyp/CadmPo32kGBvYii7G425Qy7C7 8Y0vuYmIoyTPk/LKaEO313L1FxSdM4YWmqp0souJsMeZ+UbGv2QMgjVAHPHpi8DBYxqz xCQ0z+HVHZe0tv/TfebJKoC7X8GerxJCoZxp0N+SXMpSdq84hC26RHwBv+WzGTztU1lr M/Mad+4PnNJPGKe3mjHDuktP5YlL2TkBmXwP0v4ik/tV1NwKXV44gXYN/9VriCx21ZYq BBeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :dkim-signature; bh=y50qT79R2MHZ3HO5JvrJyoh51anmfGJfb+fpKvY3VSU=; b=cmycV2VxnwLRvV6FaDcMte3nStEHt7mmKZTj8exIYWlLWr2/rwLDEaV0mdT3feYMX3 b/3+b5sUIp8WrMx2J7GOPOKl30gscOuUIRqF4Ku3LXuUyr1PkFtRqaYNpvZWeNTKUZn0 FUdWESn44xQEFH42oHgsWKUVH6SwJjx5mUq8PUsXGStrzDA+TOCXe5+Bnd4py9dy2QMK NR57ML0HHg2EnuI/3Vkk8CkOWcIfyDPJjDPyubp4rTkZFl9nmRDXcd4kC0CEvbbbTSNt jCnAzuAYvUfGYrjXX6oPKmnB6QLgDi0QpM8uGAcNBPZfizb+4x//L1tI1dbXSmUrGgqR aabA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kroah.com header.s=fm1 header.b=jf84YbCm; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=jAWo7u3m; spf=softfail (google.com: domain of transitioning linux-crypto-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id f3-20020a170902e98300b001582ce97029si10588498plb.122.2022.05.09.07.15.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 May 2022 07:16:08 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-crypto-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@kroah.com header.s=fm1 header.b=jf84YbCm; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=jAWo7u3m; spf=softfail (google.com: domain of transitioning linux-crypto-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 338E82A73D; Mon, 9 May 2022 07:10:38 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236751AbiEIOO3 (ORCPT + 99 others); Mon, 9 May 2022 10:14:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236750AbiEIOO2 (ORCPT ); Mon, 9 May 2022 10:14:28 -0400 Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB9CB2B1DCC; Mon, 9 May 2022 07:10:33 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id CBD5D3200921; Mon, 9 May 2022 10:10:31 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Mon, 09 May 2022 10:10:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kroah.com; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1652105431; x=1652191831; bh=y50qT79R2M HZ3HO5JvrJyoh51anmfGJfb+fpKvY3VSU=; b=jf84YbCmS37YqHoT/vJ86QtHM+ zFpGoDvS/p91zInwfD6mKhtuWUWk/tZO6TJEkA/0LT1kUEyjhE9BQCVbSYUaotlT o/KcIM6tCjN+nhN2EJUZt0Ybc9o+kgs/LaVXyVjUr/w8McElYWwCllIVMahN4bM/ G+k2BSqf5EkKWbzTG5awC50eMoiD1h6Vg96t1+vTcC3ldwAewEoNm0Wii/DA4ujO f/fHcAYnSvpJ4gGXC7LRxvkggkoo5CWlXuR1kymMcxjaGQOjZc8xBlyRHuzgi4AT 2CNWox3VVzXpTrtxayU96RfdH218pHsjvqNuujqTxBjc3iziKMt4XUobIjmg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1652105431; x= 1652191831; bh=y50qT79R2MHZ3HO5JvrJyoh51anmfGJfb+fpKvY3VSU=; b=j AWo7u3mxztZ+nM1HijDOuYLUONacVXSfY3gcaHv1IRt3g85UdFL2WVlIFOokS9GI 7V6zlyF5HNb6JFgrJu49SYHiWgchNHfJfFzwaH+qBpLuX39yD5ZqxxyatZEvzHiG tS2PMi7uVldzPdpCMA4gJ4sq6+gInmMzg2ZeNPKAAFEcuJvva/2c97q+yU+NpDVZ 5rY0Niif+wiq2w4mdfziybbSdL4sNwwD/9NLr975M/+Q6KFMO57A9GN5v9ligkKK HznXWuSx5JYxvI2VchTmgaH1OTblL0krWdrPlGEHZmqKUXc9iw4Ne/arN2Ga498Q mJ8GBXYWAhYC3tlUY5V/A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeelgdejvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvvefukfhfgggtuggjsehttdertddttddvnecuhfhrohhmpefirhgvghcu mffjuceoghhrvghgsehkrhhorghhrdgtohhmqeenucggtffrrghtthgvrhhnpeehgedvve dvleejuefgtdduudfhkeeltdeihfevjeekjeeuhfdtueefhffgheekteenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehgrhgvgheskhhrohgrhh drtghomh X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 9 May 2022 10:10:30 -0400 (EDT) Date: Mon, 9 May 2022 16:09:55 +0200 From: Greg KH To: Giovanni Cabiddu Cc: herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, qat-linux@intel.com, stable@vger.kernel.org, Adam Guerin , Wojciech Ziemba Subject: Re: [PATCH] crypto: qat - set to zero DH parameters before free Message-ID: References: <20220509131927.55387-1-giovanni.cabiddu@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220509131927.55387-1-giovanni.cabiddu@intel.com> X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, May 09, 2022 at 02:19:27PM +0100, Giovanni Cabiddu wrote: > Set to zero the context buffers containing the DH key before they are > freed. > This is a defense in depth measure that avoids keys to be recovered from > memory in case the system is compromised between the free of the buffer > and when that area of memory (containing keys) gets overwritten. > > Cc: stable@vger.kernel.org > Fixes: c9839143ebbf ("crypto: qat - Add DH support") > Signed-off-by: Giovanni Cabiddu > Reviewed-by: Adam Guerin > Reviewed-by: Wojciech Ziemba > --- > drivers/crypto/qat/qat_common/qat_asym_algs.c | 3 +++ > 1 file changed, 3 insertions(+) Why isn't this part of the other series for this "driver"? thanks, greg k-h