From patchwork Thu Aug 27 06:43:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Denis Efremov (Oracle)" X-Patchwork-Id: 11740027 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 67FD9109B for ; Thu, 27 Aug 2020 06:44:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 599A922B47 for ; Thu, 27 Aug 2020 06:44:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727881AbgH0Goz (ORCPT ); Thu, 27 Aug 2020 02:44:55 -0400 Received: from mail-lj1-f195.google.com ([209.85.208.195]:46838 "EHLO mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726266AbgH0Goy (ORCPT ); Thu, 27 Aug 2020 02:44:54 -0400 Received: by mail-lj1-f195.google.com with SMTP id h19so5137136ljg.13; Wed, 26 Aug 2020 23:44:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=f/nPRgHC0iGFykXQ1veAuL/EAakIUq9/Zg/UORe3DVo=; b=KplhNYR/Q7PpC8q3Dd+2RjcTfCDWnusVGHzwlYkOjxB3pJv2RAKyrOjIhaXq5PIARC 6+Ock68WsYxgNgaD/crEy+mwc/72EU+f8Opnhei7Th0qlxehZhHzH+aql+NpWZqmsWrw M3yBLqm70qBRd7YsLEl9aXMMTziNj6EB6m5Fwy+1sEED88In8tKBtgaRHhWjZLLACRHI l5w1kLuQb0eoarwGhSbMV0cyzLkEZbVWQjRfPdt3BYYt3X/6C/rCr1IcMMoFEzQEI+Zu 4svy+qVzg+s/tAsAe0ZwLZA/c8cjTkZHcjBaipWF6qp5Td86OJrcjtvKYmWHJ1ik0RUg 4aQw== X-Gm-Message-State: AOAM533bkU0r1FpnmhiCiWN2Py8MJX+0Tznq9PJ0uIdQYcPAXaMzEgn7 Iy7oqNqnyP/GhivLMe6o34MQdxpUFxE= X-Google-Smtp-Source: ABdhPJz+PdSPsiaJMGDnJnGpAH3k5yyMkhsoQ8EYD5eusfK2iGv6+RkA691Am5KjrG43htjux6RP7Q== X-Received: by 2002:a2e:558:: with SMTP id 85mr1670859ljf.293.1598510692176; Wed, 26 Aug 2020 23:44:52 -0700 (PDT) Received: from localhost.localdomain ([213.87.147.111]) by smtp.googlemail.com with ESMTPSA id j17sm282159lfr.32.2020.08.26.23.44.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Aug 2020 23:44:51 -0700 (PDT) From: Denis Efremov To: linux-crypto@vger.kernel.org Cc: Denis Efremov , Corentin Labbe , Herbert Xu , linux-kernel@vger.kernel.org Subject: [PATCH v2 1/4] crypto: inside-secure - use kfree_sensitive() Date: Thu, 27 Aug 2020 09:43:59 +0300 Message-Id: <20200827064402.7130-2-efremov@linux.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200827064402.7130-1-efremov@linux.com> References: <20200827064402.7130-1-efremov@linux.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Use kfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Acked-by: Antoine Tenart Tested-by: Pascal van Leeuwen --- drivers/crypto/inside-secure/safexcel_hash.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/crypto/inside-secure/safexcel_hash.c b/drivers/crypto/inside-secure/safexcel_hash.c index 16a467969d8e..5ffdc1cd5847 100644 --- a/drivers/crypto/inside-secure/safexcel_hash.c +++ b/drivers/crypto/inside-secure/safexcel_hash.c @@ -1082,8 +1082,7 @@ static int safexcel_hmac_init_pad(struct ahash_request *areq, } /* Avoid leaking */ - memzero_explicit(keydup, keylen); - kfree(keydup); + kfree_sensitive(keydup); if (ret) return ret; From patchwork Thu Aug 27 06:44:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Denis Efremov (Oracle)" X-Patchwork-Id: 11740031 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0D7F3722 for ; Thu, 27 Aug 2020 06:45:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id F2D7922B47 for ; Thu, 27 Aug 2020 06:45:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727905AbgH0Go5 (ORCPT ); Thu, 27 Aug 2020 02:44:57 -0400 Received: from mail-lf1-f67.google.com ([209.85.167.67]:46841 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbgH0Go5 (ORCPT ); Thu, 27 Aug 2020 02:44:57 -0400 Received: by mail-lf1-f67.google.com with SMTP id v12so2310372lfo.13; Wed, 26 Aug 2020 23:44:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=U2daWJJtrQ8PsrKDLxSLxHGhIi/TLSRYqSh0K45MS9k=; b=oHdvoJ/0/lFY8SMxEx/C9+T3TRFxUbeGHnr67+znByt0vYWOs0vZwpRkqyPmIcGomL DyjhJK5KUBQy/pfTxxehqc1YV6m3/OpcV6ansI/xRJo9l0OmOan6CsbBjUcPVqvso26R jyom61QMTyYhaArPrjNAa6RAwipTmbZtvcy8QI2J58XPU6j2IeouaoJzNoinoHO1u2Ap p4c0t3vSKTLtYXJfz2VqBTNdtOLjEMNl6bCtA3wnvetP6wx0JyZy36VqNcCG0eNJ7Q4g Rw0EHzOAR9ZVgbTHWEoCbZmzSCVrJUhZ5k5nxvKWmOZfcl8ZYxUX7HOwRBNiUcxw4l85 /y7A== X-Gm-Message-State: AOAM533t2RtDOf9i8yFW/Q7Mjtse61f+gacDmm9r6kx0LBnf4uTV6GMB 7G4E7MkXNG0KQ3fbnz62Coim7mrbPnM= X-Google-Smtp-Source: ABdhPJwbHFp7pHbWeaClnVmQcu9AS9yOPisalduB8kWsJrwOs0ES0P1+RaTzpqBw/lJlTh/RgwkRrA== X-Received: by 2002:a19:3fc9:: with SMTP id m192mr1178911lfa.36.1598510694400; Wed, 26 Aug 2020 23:44:54 -0700 (PDT) Received: from localhost.localdomain ([213.87.147.111]) by smtp.googlemail.com with ESMTPSA id j17sm282159lfr.32.2020.08.26.23.44.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Aug 2020 23:44:53 -0700 (PDT) From: Denis Efremov To: linux-crypto@vger.kernel.org Cc: Denis Efremov , Corentin Labbe , Herbert Xu , linux-kernel@vger.kernel.org Subject: [PATCH v2 2/4] crypto: amlogic - use kfree_sensitive() Date: Thu, 27 Aug 2020 09:44:00 +0300 Message-Id: <20200827064402.7130-3-efremov@linux.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200827064402.7130-1-efremov@linux.com> References: <20200827064402.7130-1-efremov@linux.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Use kfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Tested-by: Corentin Labbe Acked-by: Corentin Labbe --- drivers/crypto/amlogic/amlogic-gxl-cipher.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/amlogic/amlogic-gxl-cipher.c b/drivers/crypto/amlogic/amlogic-gxl-cipher.c index d93210726697..ee5998af2fe8 100644 --- a/drivers/crypto/amlogic/amlogic-gxl-cipher.c +++ b/drivers/crypto/amlogic/amlogic-gxl-cipher.c @@ -340,10 +340,7 @@ void meson_cipher_exit(struct crypto_tfm *tfm) { struct meson_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm); - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); crypto_free_skcipher(op->fallback_tfm); } @@ -367,10 +364,7 @@ int meson_aes_setkey(struct crypto_skcipher *tfm, const u8 *key, dev_dbg(mc->dev, "ERROR: Invalid keylen %u\n", keylen); return -EINVAL; } - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); op->keylen = keylen; op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); if (!op->key) From patchwork Thu Aug 27 06:44:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Denis Efremov (Oracle)" X-Patchwork-Id: 11740029 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2591513B6 for ; Thu, 27 Aug 2020 06:45:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 15F9222B47 for ; Thu, 27 Aug 2020 06:45:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727921AbgH0GpA (ORCPT ); Thu, 27 Aug 2020 02:45:00 -0400 Received: from mail-lj1-f193.google.com ([209.85.208.193]:39546 "EHLO mail-lj1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727913AbgH0Go7 (ORCPT ); Thu, 27 Aug 2020 02:44:59 -0400 Received: by mail-lj1-f193.google.com with SMTP id v9so5155814ljk.6; Wed, 26 Aug 2020 23:44:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RUri7ENtOA6E3nbBwyRZL4Lb7nWu+4vuwV8JISffe0c=; b=HqdjxUu29zCe9COxFjizuY1p2XJU205RQP5tCuo3B2B1rKg/uqbAIaEq2F6p8+DMCY H1q7xWOn8d1xwQ0p48Ze5S3tcMASIyX+oocRLsjs9f0hUhF7xUwRlPYOc8msUJjFZujP jwD4M+4OFCjYHNDEn4vir2gT8BAARGcckjDy1Z1CrGwoANmsPHEYIUJJ/one6wAEJAIj bCXcLFXIFqlq/Fw+I7cPtw+1KiiQtwdwTlDzWMW5qk/MEw4JOMIrdlLMmwVvs514ONGb W6tMyTJkDpYfD+Wg1+75H3DLjlit1kgB7rYAuOsSmko3I0o72qOegYz2rdIIaFDHeLRF dPRQ== X-Gm-Message-State: AOAM531tSjDLaiQaPIFat0TlfvfwJdiagb4bwms+aAKLfVJUCxhA1LuT MGm4T1h3uEqTfRg3coipVW+B+cpTvTk= X-Google-Smtp-Source: ABdhPJzetXiGDcGzoWj3Qw8pHSa891wJyQwdGm5qLgZohqV21khoqBOLbCMT1OVX+LXzgFKYmEJQ7g== X-Received: by 2002:a2e:960a:: with SMTP id v10mr9136863ljh.416.1598510696659; Wed, 26 Aug 2020 23:44:56 -0700 (PDT) Received: from localhost.localdomain ([213.87.147.111]) by smtp.googlemail.com with ESMTPSA id j17sm282159lfr.32.2020.08.26.23.44.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Aug 2020 23:44:56 -0700 (PDT) From: Denis Efremov To: linux-crypto@vger.kernel.org Cc: Denis Efremov , Corentin Labbe , Herbert Xu , linux-kernel@vger.kernel.org Subject: [PATCH v2 3/4] crypto: sun8i-ce - use kfree_sensitive() Date: Thu, 27 Aug 2020 09:44:01 +0300 Message-Id: <20200827064402.7130-4-efremov@linux.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200827064402.7130-1-efremov@linux.com> References: <20200827064402.7130-1-efremov@linux.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Use kfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Acked-by: Corentin Labbe Tested-by: Corentin Labbe --- .../crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c index b4d5fea27d20..f996dc3d7dcc 100644 --- a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c +++ b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c @@ -366,10 +366,7 @@ void sun8i_ce_cipher_exit(struct crypto_tfm *tfm) { struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm); - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); crypto_free_skcipher(op->fallback_tfm); pm_runtime_put_sync_suspend(op->ce->dev); } @@ -391,10 +388,7 @@ int sun8i_ce_aes_setkey(struct crypto_skcipher *tfm, const u8 *key, dev_dbg(ce->dev, "ERROR: Invalid keylen %u\n", keylen); return -EINVAL; } - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); op->keylen = keylen; op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); if (!op->key) @@ -416,10 +410,7 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, if (err) return err; - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); op->keylen = keylen; op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); if (!op->key) From patchwork Thu Aug 27 06:44:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Denis Efremov (Oracle)" X-Patchwork-Id: 11740033 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 40C6C722 for ; Thu, 27 Aug 2020 06:45:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 32A8A22B47 for ; Thu, 27 Aug 2020 06:45:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727903AbgH0GpI (ORCPT ); Thu, 27 Aug 2020 02:45:08 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:40307 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbgH0GpC (ORCPT ); Thu, 27 Aug 2020 02:45:02 -0400 Received: by mail-lj1-f196.google.com with SMTP id 185so5150702ljj.7; Wed, 26 Aug 2020 23:45:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Z1FtQqybTk7XeGKn+tbU1SxGG4A7Kn9b4E+VmVIA+4E=; b=QM0hma1AoivbeZTjGzIW4YhCx8nVHOSaSI1MOjB7VelmqZ53MhHZZ98537VNZYWkua YfqvI8NwNNGrZlJk1MKCTBsQvmGQJJHqpPI9TuwVaVgYdrOojZU2huKe23m9128My5UT nDr2LLnRloAAKHkLMusX/2R0hFkNaP7GDLjioIonO4auMgnuUTu5ma3uWkNJgtPItDog VmmiqAI08mITBXkX+Hdf5pz0cMGiXLURBeOC8MDIWfu8NvEtOMEt4IeA3tIo13H66BfF 27grsA+hwqY65vFbkzpCiaGzHwG5sUKFUC9F4F1KVOKhDLDTchxygDmYatRPFE+GemOY NNOQ== X-Gm-Message-State: AOAM532Zo41RZYhRTHGmNgPRDXbpGCswj67wr+2vCsdFlo6h5vMzuGHS 8HbCHemuvSrC2WmnbQFhKhVbNaLFPjU= X-Google-Smtp-Source: ABdhPJy/YgtnYLAzwc+zepGvHr3uKojbRx+/ttpKqGkFdWBQ+Mih5iRHExuBfwddNNTBXj4VSYR47g== X-Received: by 2002:a2e:9284:: with SMTP id d4mr8696417ljh.64.1598510699078; Wed, 26 Aug 2020 23:44:59 -0700 (PDT) Received: from localhost.localdomain ([213.87.147.111]) by smtp.googlemail.com with ESMTPSA id j17sm282159lfr.32.2020.08.26.23.44.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Aug 2020 23:44:58 -0700 (PDT) From: Denis Efremov To: linux-crypto@vger.kernel.org Cc: Denis Efremov , Corentin Labbe , Herbert Xu , linux-kernel@vger.kernel.org Subject: [PATCH v2 4/4] crypto: sun8i-ss - use kfree_sensitive() Date: Thu, 27 Aug 2020 09:44:02 +0300 Message-Id: <20200827064402.7130-5-efremov@linux.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200827064402.7130-1-efremov@linux.com> References: <20200827064402.7130-1-efremov@linux.com> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Use kfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Acked-by: Corentin Labbe Tested-by: Corentin Labbe --- .../crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c index 7b39b4495571..deb8b39a86db 100644 --- a/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c +++ b/drivers/crypto/allwinner/sun8i-ss/sun8i-ss-cipher.c @@ -368,10 +368,7 @@ void sun8i_ss_cipher_exit(struct crypto_tfm *tfm) { struct sun8i_cipher_tfm_ctx *op = crypto_tfm_ctx(tfm); - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); crypto_free_skcipher(op->fallback_tfm); pm_runtime_put_sync(op->ss->dev); } @@ -393,10 +390,7 @@ int sun8i_ss_aes_setkey(struct crypto_skcipher *tfm, const u8 *key, dev_dbg(ss->dev, "ERROR: Invalid keylen %u\n", keylen); return -EINVAL; } - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); op->keylen = keylen; op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); if (!op->key) @@ -419,10 +413,7 @@ int sun8i_ss_des3_setkey(struct crypto_skcipher *tfm, const u8 *key, return -EINVAL; } - if (op->key) { - memzero_explicit(op->key, op->keylen); - kfree(op->key); - } + kfree_sensitive(op->key); op->keylen = keylen; op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA); if (!op->key)