Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp3208973rwl; Fri, 6 Jan 2023 17:58:38 -0800 (PST) X-Google-Smtp-Source: AMrXdXtvE/yewQx/BFptQXNhFl2UdXaoeyQPYeKCS8YJ4tjZP7n/81E3xanZ2NSTXcHn+Yopz7a2 X-Received: by 2002:a17:906:7f99:b0:84d:2f2a:b158 with SMTP id f25-20020a1709067f9900b0084d2f2ab158mr837235ejr.11.1673056718611; Fri, 06 Jan 2023 17:58:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673056718; cv=none; d=google.com; s=arc-20160816; b=SpedPJW0uxumYaDutiIt2r2qO37eR7Ie7UlxYcwX3LdYVJgwTu1hZjORZcwvLpdyRJ ehA0GNfa8+wpWFYCNu6M9ii4Tx5mEaDjwOJNBZ1qBYBK8yovg8RgkIy78vcId0ih/g7h sdHAOUvg33wLyi24hi1TVikBq+17ZpuCo+NR1tQxm4nyVYRrEo7AhpwI1kVOU0z3MER8 lQVAKNwuC0npT/h9fRTi3VrDIhjNLQ+HCpj4JFjUk+0fyPrLxdabzoanu9OlX9XDRYgS P4aY47b5dBmN2uObWXV8Qok9eKgRoONbdRTSh+ShZ5yWYu/b6jzetbApfj9Hgy9PbaXJ HumA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:cc:references:to :subject; bh=b3mEJkM7IZ8ESGnArHUaMPjK8qzl/Ql+xbhEXCT3/QI=; b=s2pq86phcaEr7TAc8L7Kd4Xe69DtzggQIKzHoCYhlOsf6Ocq5x6lDcldjb6gTV3AcU Chg6qmare1LIysFmW+b+sHdj0CPLYJX6DhukJzPCaBZiWou8G1NGKbwM04sqJtmjPt7C kSC8Cx5mGZrv4DYbJsSRK70+6a9EuYs65+X9QWI/0SP8X04pKbJ2WgOGQ6Qq1rbW/2fU NPixi/Epggf3RvkTc+YN+bNrYPHDx/76cut594J7U3QdsdhxsBN92xCfPTeo5nnAMnSr DoKwtKNfI2PDCi82svRyTkUYNR4ZQG7z1fNacICTqdOxJPGPwYh+TorcBsJHFL8vmsQg 4FRg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id xh7-20020a170906da8700b0077fc66b581esi2877973ejb.688.2023.01.06.17.58.14; Fri, 06 Jan 2023 17:58:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236504AbjAGBz3 (ORCPT + 99 others); Fri, 6 Jan 2023 20:55:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47566 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236224AbjAGBzX (ORCPT ); Fri, 6 Jan 2023 20:55:23 -0500 Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E826F87932; Fri, 6 Jan 2023 17:55:21 -0800 (PST) Received: from kwepemm600009.china.huawei.com (unknown [172.30.72.53]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4Npjsz4cX9zRqsF; Sat, 7 Jan 2023 09:53:43 +0800 (CST) Received: from [10.67.101.184] (10.67.101.184) by kwepemm600009.china.huawei.com (7.193.23.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sat, 7 Jan 2023 09:55:18 +0800 Subject: Re: [PATCH] crypto: hisilicon: Wipe entire pool on error To: Kees Cook References: <20230106041945.never.831-kees@kernel.org> CC: Nathan Chancellor , Zhou Wang , Herbert Xu , "David S. Miller" , , Nick Desaulniers , Tom Rix , , , From: Weili Qian Message-ID: <7c9e9870-2456-01af-177f-1af62a0055e3@huawei.com> Date: Sat, 7 Jan 2023 09:55:04 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <20230106041945.never.831-kees@kernel.org> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.67.101.184] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemm600009.china.huawei.com (7.193.23.164) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 2023/1/6 12:19, Kees Cook wrote: > To work around a Clang __builtin_object_size bug that shows up under > CONFIG_FORTIFY_SOURCE and UBSAN_BOUNDS, move the per-loop-iteration > mem_block wipe into a single wipe of the entire pool structure after > the loop. > > Reported-by: Nathan Chancellor > Link: https://github.com/ClangBuiltLinux/linux/issues/1780 > Cc: Weili Qian > Cc: Zhou Wang > Cc: Herbert Xu > Cc: "David S. Miller" > Cc: linux-crypto@vger.kernel.org > Signed-off-by: Kees Cook > --- > drivers/crypto/hisilicon/sgl.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c > index 2b6f2281cfd6..0974b0041405 100644 > --- a/drivers/crypto/hisilicon/sgl.c > +++ b/drivers/crypto/hisilicon/sgl.c > @@ -124,9 +124,8 @@ struct hisi_acc_sgl_pool *hisi_acc_create_sgl_pool(struct device *dev, > for (j = 0; j < i; j++) { > dma_free_coherent(dev, block_size, block[j].sgl, > block[j].sgl_dma); > - memset(block + j, 0, sizeof(*block)); > } > - kfree(pool); > + kfree_sensitive(pool); > return ERR_PTR(-ENOMEM); > } > EXPORT_SYMBOL_GPL(hisi_acc_create_sgl_pool); > Thanks for your patch. There is no sensitive data in the pool, so memset zero can be deleted directly. Thanks, Weili