From: Greg KH <gregkh@linuxfoundation.org>
To: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Cc: herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org,
qat-linux@intel.com, vdronov@redhat.com, stable@vger.kernel.org,
Adam Guerin <adam.guerin@intel.com>,
Wojciech Ziemba <wojciech.ziemba@intel.com>
Subject: Re: [PATCH 10/12] crypto: qat - use memzero_explicit() for algs
Date: Fri, 6 May 2022 11:22:39 +0200 [thread overview]
Message-ID: <YnTo3zfXSXoEX2+R@kroah.com> (raw)
In-Reply-To: <20220506082327.21605-11-giovanni.cabiddu@intel.com>
On Fri, May 06, 2022 at 09:23:25AM +0100, Giovanni Cabiddu wrote:
> Use memzero_explicit(), instead of a memset(.., 0, ..) in the
> implementation of the algorithms, for buffers containing sensitive
> information to ensure they are wiped out before free.
>
> Cc: stable@vger.kernel.org
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> Reviewed-by: Adam Guerin <adam.guerin@intel.com>
> Reviewed-by: Wojciech Ziemba <wojciech.ziemba@intel.com>
> ---
> drivers/crypto/qat/qat_common/qat_algs.c | 20 +++++++++----------
> drivers/crypto/qat/qat_common/qat_asym_algs.c | 20 +++++++++----------
> 2 files changed, 20 insertions(+), 20 deletions(-)
>
> diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c
> index 873533dc43a7..c42df18e02b2 100644
> --- a/drivers/crypto/qat/qat_common/qat_algs.c
> +++ b/drivers/crypto/qat/qat_common/qat_algs.c
> @@ -637,12 +637,12 @@ static int qat_alg_aead_newkey(struct crypto_aead *tfm, const u8 *key,
> return 0;
>
> out_free_all:
> - memset(ctx->dec_cd, 0, sizeof(struct qat_alg_cd));
> + memzero_explicit(ctx->dec_cd, sizeof(struct qat_alg_cd));
This is for structure fields, why does memset() not work properly here?
The compiler should always call this, it doesn't know what
dma_free_coherent() does. You are referencing this pointer after the
memset() call so all should be working as intended here.
Because of this, I don't see why this change is needed. Do you have
reports of compilers not calling memset() for all of this properly?
thanks,
greg k-h
next prev parent reply other threads:[~2022-05-06 9:22 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-06 8:23 [PATCH 00/12] crypto: qat - re-enable algorithms Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 01/12] crypto: qat - use pre-allocated buffers in datapath Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 02/12] crypto: qat - refactor submission logic Giovanni Cabiddu
2022-05-06 9:24 ` Greg KH
2022-05-06 9:38 ` Giovanni Cabiddu
2022-05-06 9:40 ` Greg KH
2022-05-06 8:23 ` [PATCH 03/12] crypto: qat - add backlog mechanism Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 04/12] crypto: qat - fix memory leak in RSA Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 05/12] crypto: qat - remove dma_free_coherent() for RSA Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 06/12] crypto: qat - remove dma_free_coherent() for DH Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 07/12] crypto: qat - set to zero DH parameters before free Giovanni Cabiddu
2022-05-06 9:23 ` Greg KH
2022-05-06 10:01 ` Giovanni Cabiddu
2022-05-06 14:41 ` Greg KH
2022-05-07 18:52 ` Eric Biggers
2022-05-09 8:58 ` Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 08/12] crypto: qat - add param check for RSA Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 09/12] crypto: qat - add param check for DH Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 10/12] crypto: qat - use memzero_explicit() for algs Giovanni Cabiddu
2022-05-06 9:22 ` Greg KH [this message]
2022-05-06 9:54 ` Giovanni Cabiddu
2022-05-06 14:38 ` Greg KH
2022-05-09 8:50 ` Giovanni Cabiddu
2022-05-09 9:42 ` Greg KH
2022-05-06 8:23 ` [PATCH 11/12] crypto: qat - honor CRYPTO_TFM_REQ_MAY_SLEEP flag Giovanni Cabiddu
2022-05-06 8:23 ` [PATCH 12/12] crypto: qat - re-enable registration of algorithms Giovanni Cabiddu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YnTo3zfXSXoEX2+R@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=adam.guerin@intel.com \
--cc=giovanni.cabiddu@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=qat-linux@intel.com \
--cc=stable@vger.kernel.org \
--cc=vdronov@redhat.com \
--cc=wojciech.ziemba@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.