main - device_mapper: zero only secure buffers

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Zdenek Kabelac <zkabelac@sourceware.org>
To: lvm-devel@redhat.com
Subject: main - device_mapper: zero only secure buffers
Date: Tue,  2 Mar 2021 21:58:37 +0000 (GMT)	[thread overview]
Message-ID: <20210302215837.1D29F3834402@sourceware.org> (raw)

Gitweb:        https://sourceware.org/git/?p=lvm2.git;a=commitdiff;h=73bea16c92cf6702a05634d80218297cb953ff36
Commit:        73bea16c92cf6702a05634d80218297cb953ff36
Parent:        00531186fc4ebc3cfeb934c5cb30b54d2f34d30d
Author:        Zdenek Kabelac <zkabelac@redhat.com>
AuthorDate:    Sat Feb 27 17:08:26 2021 +0100
Committer:     Zdenek Kabelac <zkabelac@redhat.com>
CommitterDate: Tue Mar 2 22:56:32 2021 +0100

device_mapper: zero only secure buffers

Securely erase before free() only dm_tasks marked as secure_data.
TODO: think about also using this for libdm/.
---
 device_mapper/ioctl/libdm-iface.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/device_mapper/ioctl/libdm-iface.c b/device_mapper/ioctl/libdm-iface.c
index 1140798e6..116fa3dc1 100644
--- a/device_mapper/ioctl/libdm-iface.c
+++ b/device_mapper/ioctl/libdm-iface.c
@@ -493,7 +493,10 @@ static void _dm_task_free_targets(struct dm_task *dmt)
 
 	for (t = dmt->head; t; t = n) {
 		n = t->next;
-		_dm_zfree_string(t->params);
+		if (dmt->secure_data)
+			_dm_zfree_string(t->params);
+		else
+			free(t->params);
 		free(t->type);
 		free(t);
 	}
@@ -504,7 +507,10 @@ static void _dm_task_free_targets(struct dm_task *dmt)
 void dm_task_destroy(struct dm_task *dmt)
 {
 	_dm_task_free_targets(dmt);
-	_dm_zfree_dmi(dmt->dmi.v4);
+	if (dmt->secure_data)
+		_dm_zfree_dmi(dmt->dmi.v4);
+	else
+		free(dmt->dmi.v4);
 	free(dmt->dev_name);
 	free(dmt->mangled_dev_name);
 	free(dmt->newname);

                 reply	other threads:[~2021-03-02 21:58 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1140798e dfblob:116fa3dc )
 OR (
bs:"main - device_mapper: zero only secure buffers" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210302215837.1D29F3834402@sourceware.org \
    --to=zkabelac@sourceware.org \
    --cc=lvm-devel@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.