From: Daniel Borkmann <dborkman@redhat.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"'Sandy Harris'" <sandyinchina@gmail.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] crypto: AF_ALG - zeroize message digest buffer
Date: Tue, 11 Nov 2014 10:34:18 +0100 [thread overview]
Message-ID: <5461D81A.40801@redhat.com> (raw)
In-Reply-To: <2491424.h8JBGRc3Yx@tachyon.chronox.de>
Hi Stephan,
On 11/11/2014 05:37 AM, Stephan Mueller wrote:
> Zeroize the buffer holding the message digest calculated for the
> consumer before the buffer is released by the hash AF_ALG interface
> handler.
>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
> crypto/algif_hash.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
> index 8502462..f75db4c 100644
> --- a/crypto/algif_hash.c
> +++ b/crypto/algif_hash.c
> @@ -258,6 +258,8 @@ static void hash_sock_destruct(struct sock *sk)
> struct alg_sock *ask = alg_sk(sk);
> struct hash_ctx *ctx = ask->private;
>
> + memzero_explicit(ctx->result,
> + crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)));
> sock_kfree_s(sk, ctx->result,
Perhaps something like this (alternatively kzfree() would work, too) ...
static void __sock_kfree_s(struct sock *sk, void *mem, int size,
bool clear_mem)
{
if (WARN_ON_ONCE(!mem))
return;
if (clear_mem)
memzero_explicit(mem, size);
kfree(mem);
atomic_sub(size, &sk->sk_omem_alloc);
}
void sock_kfree_s(struct sock *sk, void *mem, int size)
{
__sock_kfree_s(sk, mem, size, false);
}
EXPORT_SYMBOL(sock_kfree_s);
void sock_kzfree_s(struct sock *sk, void *mem, int size)
{
__sock_kfree_s(sk, mem, size, true);
}
EXPORT_SYMBOL(sock_kzfree_s);
... so you could then just use it as drop-in in various places:
sock_kzfree_s(sk, ctx->result, ...);
> crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)));
> sock_kfree_s(sk, ctx, ctx->len);
>
Thanks,
Daniel
next prev parent reply other threads:[~2014-11-11 9:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-11 4:36 [PATCH 0/2] crypto: zeroization of buffers Stephan Mueller
2014-11-11 4:37 ` [PATCH 1/2] crypto: AF_ALG - zeroize message digest buffer Stephan Mueller
2014-11-11 9:34 ` Daniel Borkmann [this message]
2014-11-11 4:37 ` [PATCH 2/2] crypto: AF_ALG - zeroize IV buffer Stephan Mueller
2014-11-12 14:17 ` [PATCH 0/2] crypto: zeroization of buffers Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5461D81A.40801@redhat.com \
--to=dborkman@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.