projects / platform / kernel / linux-starfive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0888d04)
crypto: sun8i-ce - use kfree_sensitive to clear and free sensitive data
authorJason Wang <wangborong@cdjrlc.com>
Tue, 3 Aug 2021 12:55:25 +0000 (20:55 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 12 Aug 2021 11:16:57 +0000 (19:16 +0800)
The kfree_sensitive is a kernel API to clear sensitive information
that should not be leaked to other future users of the same memory
objects and free the memory. Its function is the same as the
combination  of memzero_explicit and kfree. Thus, we can replace the
combination APIs with the single kfree_sensitive API.

Signed-off-by: Jason Wang <wangborong@cdjrlc.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c patch | blob | history
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c patch | blob | history

diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
index cd1baee..b3a9bbf 100644 (file)
--- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
+++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
@@ -26,8 +26,7 @@ void sun8i_ce_prng_exit(struct crypto_tfm *tfm)
 {
        struct sun8i_ce_rng_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
 
-       memzero_explicit(ctx->seed, ctx->slen);
-       kfree(ctx->seed);
+       kfree_sensitive(ctx->seed);
        ctx->seed = NULL;
        ctx->slen = 0;
 }
@@ -38,8 +37,7 @@ int sun8i_ce_prng_seed(struct crypto_rng *tfm, const u8 *seed,
        struct sun8i_ce_rng_tfm_ctx *ctx = crypto_rng_ctx(tfm);
 
        if (ctx->seed && ctx->slen != slen) {
-               memzero_explicit(ctx->seed, ctx->slen);
-               kfree(ctx->seed);
+               kfree_sensitive(ctx->seed);
                ctx->slen = 0;
                ctx->seed = NULL;
        }
@@ -157,9 +155,8 @@ err_dst:
                memcpy(dst, d, dlen);
                memcpy(ctx->seed, d + dlen, ctx->slen);
        }
-       memzero_explicit(d, todo);
 err_iv:
-       kfree(d);
+       kfree_sensitive(d);
 err_mem:
        return err;
 }
diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c
index 5b7af44..19cd2e5 100644 (file)
--- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c
+++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c
@@ -95,9 +95,8 @@ err_pm:
                memcpy(data, d, max);
                err = max;
        }
-       memzero_explicit(d, todo);
 err_dst:
-       kfree(d);
+       kfree_sensitive(d);
        return err;
 }
 
Domain: System / Kernel;