From: Daniel Borkmann <dborkman@redhat.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"'Sandy Harris'" <sandyinchina@gmail.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] crypto: AF_ALG - zeroize message digest buffer
Date: Tue, 11 Nov 2014 10:34:18 +0100 [thread overview]
Message-ID: <5461D81A.40801@redhat.com> (raw)
In-Reply-To: <2491424.h8JBGRc3Yx@tachyon.chronox.de>
Hi Stephan,
On 11/11/2014 05:37 AM, Stephan Mueller wrote:
> Zeroize the buffer holding the message digest calculated for the
> consumer before the buffer is released by the hash AF_ALG interface
> handler.
>
> Signed-off-by: Stephan Mueller <smueller@chronox.de>
> ---
> crypto/algif_hash.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
> index 8502462..f75db4c 100644
> --- a/crypto/algif_hash.c
> +++ b/crypto/algif_hash.c
> @@ -258,6 +258,8 @@ static void hash_sock_destruct(struct sock *sk)
> struct alg_sock *ask = alg_sk(sk);
> struct hash_ctx *ctx = ask->private;
>
> + memzero_explicit(ctx->result,
> + crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)));
> sock_kfree_s(sk, ctx->result,
Perhaps something like this (alternatively kzfree() would work, too) ...
static void __sock_kfree_s(struct sock *sk, void *mem, int size,
bool clear_mem)
{
if (WARN_ON_ONCE(!mem))
return;
if (clear_mem)
memzero_explicit(mem, size);
kfree(mem);
atomic_sub(size, &sk->sk_omem_alloc);
}
void sock_kfree_s(struct sock *sk, void *mem, int size)
{
__sock_kfree_s(sk, mem, size, false);
}
EXPORT_SYMBOL(sock_kfree_s);
void sock_kzfree_s(struct sock *sk, void *mem, int size)
{
__sock_kfree_s(sk, mem, size, true);
}
EXPORT_SYMBOL(sock_kzfree_s);
... so you could then just use it as drop-in in various places:
sock_kzfree_s(sk, ctx->result, ...);
> crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)));
> sock_kfree_s(sk, ctx, ctx->len);
>
Thanks,
Daniel
next prev parent reply other threads:[~2014-11-11 9:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-11 4:36 [PATCH 0/2] crypto: zeroization of buffers Stephan Mueller
2014-11-11 4:37 ` [PATCH 1/2] crypto: AF_ALG - zeroize message digest buffer Stephan Mueller
2014-11-11 9:34 ` Daniel Borkmann [this message]
2014-11-11 4:37 ` [PATCH 2/2] crypto: AF_ALG - zeroize IV buffer Stephan Mueller
2014-11-12 14:17 ` [PATCH 0/2] crypto: zeroization of buffers Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5461D81A.40801@redhat.com \
--to=dborkman@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).