* [PATCH] crypto: sun8i-ss - use kfree_sensitive()
@ 2020-08-26 13:24 Denis Efremov
2020-08-26 13:27 ` Corentin Labbe
0 siblings, 1 reply; 2+ messages in thread
From: Denis Efremov @ 2020-08-26 13:24 UTC (permalink / raw)
To: linux-crypto; +Cc: Denis Efremov, Corentin Labbe, Herbert Xu, David S. Miller
Use kfree_sensitive() instead of open-coding it.
Signed-off-by: Denis Efremov <efremov@linux.com>
---
drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
index 7b39b4495571..49d89b31eb6b 100644
--- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
+++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
@@ -369,8 +369,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm)
struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);
if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
crypto_free_skcipher(op->fallback_tfm);
pm_runtime_put_sync(op->ss->dev);
@@ -394,8 +393,7 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
return -EINVAL;
}
if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
@@ -420,8 +418,7 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
}
if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
+ kfree_sensitive(op->key);
}
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
--
2.26.2
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] crypto: sun8i-ss - use kfree_sensitive()
2020-08-26 13:24 [PATCH] crypto: sun8i-ss - use kfree_sensitive() Denis Efremov
@ 2020-08-26 13:27 ` Corentin Labbe
0 siblings, 0 replies; 2+ messages in thread
From: Corentin Labbe @ 2020-08-26 13:27 UTC (permalink / raw)
To: Denis Efremov; +Cc: linux-crypto, Herbert Xu, David S. Miller
On Wed, Aug 26, 2020 at 04:24:51PM +0300, Denis Efremov wrote:
> Use kfree_sensitive() instead of open-coding it.
>
> Signed-off-by: Denis Efremov <efremov@linux.com>
> ---
> drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 9 +++------
> 1 file changed, 3 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> index 7b39b4495571..49d89b31eb6b 100644
> --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c
> @@ -369,8 +369,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm)
> struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm);
>
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> crypto_free_skcipher(op->fallback_tfm);
> pm_runtime_put_sync(op->ss->dev);
> @@ -394,8 +393,7 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *tfm, const u8 *key,
> return -EINVAL;
> }
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> @@ -420,8 +418,7 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> }
>
> if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> + kfree_sensitive(op->key);
> }
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> --
> 2.26.2
>
Hello
Same comment than for your crypto/amlogic patch.
Please remove the "if (op->key)"
Regards
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-08-26 13:27 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-26 13:24 [PATCH] crypto: sun8i-ss - use kfree_sensitive() Denis Efremov
2020-08-26 13:27 ` Corentin Labbe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox