rubix-coder/linuxPublic

forked fromtorvalds/linux

NotificationsYou must be signed in to change notification settings
Fork0
Star2

Commit453431a

Waiman-Long

authored and

torvalds

committed

mm, treewide: rename kzfree() to kfree_sensitive()

As said by Linus: A symmetric naming is only helpful if it implies symmetries in use. Otherwise it's actively misleading. In "kzalloc()", the z is meaningful and an important part of what the caller wants. In "kzfree()", the z is actively detrimental, because maybe in the future we really _might_ want to use that "memfill(0xdeadbeef)" or something. The "zero" part of the interface isn't even _relevant_.The main reason that kzfree() exists is to clear sensitive informationthat should not be leaked to other future users of the same memoryobjects.Rename kzfree() to kfree_sensitive() to follow the example of the recentlyadded kvfree_sensitive() and make the intention of the API more explicit.In addition, memzero_explicit() is used to clear the memory to make surethat it won't get optimized away by the compiler.The renaming is done by using the command sequence: git grep -w --name-only kzfree |\ xargs sed -i 's/kzfree/kfree_sensitive/'followed by some editing of the kfree_sensitive() kerneldoc and addinga kzfree backward compatibility macro in slab.h.[akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h][akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more]Suggested-by: Joe Perches <joe@perches.com>Signed-off-by: Waiman Long <longman@redhat.com>Signed-off-by: Andrew Morton <akpm@linux-foundation.org>Acked-by: David Howells <dhowells@redhat.com>Acked-by: Michal Hocko <mhocko@suse.com>Acked-by: Johannes Weiner <hannes@cmpxchg.org>Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>Cc: James Morris <jmorris@namei.org>Cc: "Serge E. Hallyn" <serge@hallyn.com>Cc: Joe Perches <joe@perches.com>Cc: Matthew Wilcox <willy@infradead.org>Cc: David Rientjes <rientjes@google.com>Cc: Dan Carpenter <dan.carpenter@oracle.com>Cc: "Jason A . Donenfeld" <Jason@zx2c4.com>Link:http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.comSigned-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 parent57c720d commit453431aCopy full SHA for 453431a

File tree

114 files changed

+323

-320

lines changed

arch
- s390/crypto
  - prng.c
- x86/power
  - hibernate.c
crypto
- adiantum.c
- ahash.c
- api.c
- asymmetric_keys
  - verify_pefile.c
- deflate.c
- drbg.c
- ecc.c
- ecdh.c
- gcm.c
- gf128mul.c
- jitterentropy-kcapi.c
- rng.c
- rsa-pkcs1pad.c
- seqiv.c
- shash.c
- skcipher.c
- testmgr.c
- zstd.c
drivers
- crypto
  - allwinner
    - sun8i-ce
      - sun8i-ce-cipher.c
    - sun8i-ss
      - sun8i-ss-cipher.c
  - amlogic
    - amlogic-gxl-cipher.c
  - atmel-ecc.c
  - caam
    - caampkc.c
  - cavium
    - cpt
      - cptvf_main.c
      - cptvf_reqmanager.c
    - nitrox
      - nitrox_lib.c
    - zip
      - zip_crypto.c
  - ccp
    - ccp-crypto-rsa.c
  - ccree
  - marvell
    - cesa
      - hash.c
    - octeontx
      - otx_cptvf_main.c
      - otx_cptvf_reqmgr.h
  - nx
    - nx.c
  - virtio
    - virtio_crypto_algs.c
    - virtio_crypto_core.c
- md
  - dm-crypt.c
  - dm-integrity.c
- misc
  - ibmvmc.c
- net
  - ethernet
    - hisilicon/hns3/hns3pf
      - hclge_mbx.c
    - intel/ixgbe
      - ixgbe_ipsec.c
  - ppp
    - ppp_mppe.c
  - wireguard
    - noise.c
    - peer.c
  - wireless
    - intel/iwlwifi/pcie
    - intersil/orinoco
      - wext.c
- s390/crypto
  - ap_bus.h
- staging
  - ks7010
    - ks_hostif.c
  - rtl8723bs/core
    - rtw_security.c
  - wlan-ng
    - p80211netdev.c
- target/iscsi
  - iscsi_target_auth.c
fs
- cifs
- crypto
- ecryptfs
  - keystore.c
  - messaging.c
include
- crypto
  - aead.h
  - akcipher.h
  - gf128mul.h
  - hash.h
  - internal
    - acompress.h
  - kpp.h
  - skcipher.h
- linux
  - slab.h
lib
- mpi
  - mpiutil.c
- test_kasan.c
mm
- slab_common.c
net
- atm
  - mpoa_caches.c
- bluetooth
  - ecdh_helper.c
  - smp.c
- core
  - sock.c
- ipv4
  - tcp_fastopen.c
- mac80211
- mac802154
  - llsec.c
- sctp
  - auth.c
- sunrpc/auth_gss
- tipc
  - crypto.c
- wireless
scripts/coccinelle/free
security
- apparmor
  - domain.c
  - include
    - file.h
  - policy.c
  - policy_ns.c
  - policy_unpack.c
- keys
  - big_key.c
  - dh.c
  - encrypted-keys
    - encrypted.c
  - trusted-keys
    - trusted_tpm1.c
  - user_defined.c

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

114 files changed

+323

-320

lines changed

`‎arch/s390/crypto/prng.c‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -249,7 +249,7 @@ static void prng_tdes_deinstantiate(void)`
`249`	`249`	`{`
`250`	`250`	`pr_debug("The prng module stopped "`
`251`	`251`	`"after running in triple DES mode\n");`
`252`		`-kzfree(prng_data);`
	`252`	`+kfree_sensitive(prng_data);`
`253`	`253`	`}`
`254`	`254`
`255`	`255`
`@@ -442,7 +442,7 @@ static int __init prng_sha512_instantiate(void)`
`442`	`442`	`staticvoidprng_sha512_deinstantiate(void)`
`443`	`443`	`{`
`444`	`444`	`pr_debug("The prng module stopped after running in SHA-512 mode\n");`
`445`		`-kzfree(prng_data);`
	`445`	`+kfree_sensitive(prng_data);`
`446`	`446`	`}`
`447`	`447`
`448`	`448`

`‎arch/x86/power/hibernate.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ static int get_e820_md5(struct e820_table table, void buf)`
`98`	`98`	`if (crypto_shash_digest(desc, (u8*)table,size,buf))`
`99`	`99`	`ret=-EINVAL;`
`100`	`100`
`101`		`-kzfree(desc);`
	`101`	`+kfree_sensitive(desc);`
`102`	`102`
`103`	`103`	`free_tfm:`
`104`	`104`	`crypto_free_shash(tfm);`

`‎crypto/adiantum.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -177,7 +177,7 @@ static int adiantum_setkey(struct crypto_skcipher tfm, const u8 key,`
`177`	`177`	`keyp+=NHPOLY1305_KEY_SIZE;`
`178`	`178`	`WARN_ON(keyp!=&data->derived_keys[ARRAY_SIZE(data->derived_keys)]);`
`179`	`179`	`out:`
`180`		`-kzfree(data);`
	`180`	`+kfree_sensitive(data);`
`181`	`181`	`returnerr;`
`182`	`182`	`}`
`183`	`183`

`‎crypto/ahash.c‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -183,7 +183,7 @@ static int ahash_setkey_unaligned(struct crypto_ahash tfm, const u8 key,`
`183`	`183`	`alignbuffer= (u8*)ALIGN((unsigned long)buffer,alignmask+1);`
`184`	`184`	`memcpy(alignbuffer,key,keylen);`
`185`	`185`	`ret=tfm->setkey(tfm,alignbuffer,keylen);`
`186`		`-kzfree(buffer);`
	`186`	`+kfree_sensitive(buffer);`
`187`	`187`	`returnret;`
`188`	`188`	`}`
`189`	`189`
`@@ -302,7 +302,7 @@ static void ahash_restore_req(struct ahash_request *req, int err)`
`302`	`302`	`req->priv=NULL;`
`303`	`303`
`304`	`304`	`/* Free the req->priv.priv from the ADJUSTED request. */`
`305`		`-kzfree(priv);`
	`305`	`+kfree_sensitive(priv);`
`306`	`306`	`}`
`307`	`307`
`308`	`308`	`staticvoidahash_notify_einprogress(structahash_request*req)`

`‎crypto/api.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -571,7 +571,7 @@ void crypto_destroy_tfm(void mem, struct crypto_tfm tfm)`
`571`	`571`	`alg->cra_exit(tfm);`
`572`	`572`	`crypto_exit_ops(tfm);`
`573`	`573`	`crypto_mod_put(alg);`
`574`		`-kzfree(mem);`
	`574`	`+kfree_sensitive(mem);`
`575`	`575`	`}`
`576`	`576`	`EXPORT_SYMBOL_GPL(crypto_destroy_tfm);`
`577`	`577`

`‎crypto/asymmetric_keys/verify_pefile.c‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -376,7 +376,7 @@ static int pefile_digest_pe(const void *pebuf, unsigned int pelen,`
`376`	`376`	`}`
`377`	`377`
`378`	`378`	`error:`
`379`		`-kzfree(desc);`
	`379`	`+kfree_sensitive(desc);`
`380`	`380`	`error_no_desc:`
`381`	`381`	`crypto_free_shash(tfm);`
`382`	`382`	`kleave(" = %d",ret);`
`@@ -447,6 +447,6 @@ int verify_pefile_signature(const void *pebuf, unsigned pelen,`
`447`	`447`	`ret=pefile_digest_pe(pebuf,pelen,&ctx);`
`448`	`448`
`449`	`449`	`error:`
`450`		`-kzfree(ctx.digest);`
	`450`	`+kfree_sensitive(ctx.digest);`
`451`	`451`	`returnret;`
`452`	`452`	`}`

`‎crypto/deflate.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -163,7 +163,7 @@ static void __deflate_exit(void *ctx)`
`163`	`163`	`staticvoiddeflate_free_ctx(structcrypto_scomptfm,voidctx)`
`164`	`164`	`{`
`165`	`165`	`__deflate_exit(ctx);`
`166`		`-kzfree(ctx);`
	`166`	`+kfree_sensitive(ctx);`
`167`	`167`	`}`
`168`	`168`
`169`	`169`	`staticvoiddeflate_exit(structcrypto_tfm*tfm)`

`‎crypto/drbg.c‎`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1218,19 +1218,19 @@ static inline void drbg_dealloc_state(struct drbg_state *drbg)`
`1218`	`1218`	`{`
`1219`	`1219`	`if (!drbg)`
`1220`	`1220`	`return;`
`1221`		`-kzfree(drbg->Vbuf);`
	`1221`	`+kfree_sensitive(drbg->Vbuf);`
`1222`	`1222`	`drbg->Vbuf=NULL;`
`1223`	`1223`	`drbg->V=NULL;`
`1224`		`-kzfree(drbg->Cbuf);`
	`1224`	`+kfree_sensitive(drbg->Cbuf);`
`1225`	`1225`	`drbg->Cbuf=NULL;`
`1226`	`1226`	`drbg->C=NULL;`
`1227`		`-kzfree(drbg->scratchpadbuf);`
	`1227`	`+kfree_sensitive(drbg->scratchpadbuf);`
`1228`	`1228`	`drbg->scratchpadbuf=NULL;`
`1229`	`1229`	`drbg->reseed_ctr=0;`
`1230`	`1230`	`drbg->d_ops=NULL;`
`1231`	`1231`	`drbg->core=NULL;`
`1232`	`1232`	`if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) {`
`1233`		`-kzfree(drbg->prev);`
	`1233`	`+kfree_sensitive(drbg->prev);`
`1234`	`1234`	`drbg->prev=NULL;`
`1235`	`1235`	`drbg->fips_primed= false;`
`1236`	`1236`	`}`
`@@ -1701,7 +1701,7 @@ static int drbg_fini_hash_kernel(struct drbg_state *drbg)`
`1701`	`1701`	`structsdescsdesc= (structsdesc)drbg->priv_data;`
`1702`	`1702`	`if (sdesc) {`
`1703`	`1703`	`crypto_free_shash(sdesc->shash.tfm);`
`1704`		`-kzfree(sdesc);`
	`1704`	`+kfree_sensitive(sdesc);`
`1705`	`1705`	`}`
`1706`	`1706`	`drbg->priv_data=NULL;`
`1707`	`1707`	`return0;`

`‎crypto/ecc.c‎`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ static u64 *ecc_alloc_digits_space(unsigned int ndigits)`
`67`	`67`
`68`	`68`	`staticvoidecc_free_digits_space(u64*space)`
`69`	`69`	`{`
`70`		`-kzfree(space);`
	`70`	`+kfree_sensitive(space);`
`71`	`71`	`}`
`72`	`72`
`73`	`73`	`staticstructecc_point*ecc_alloc_point(unsignedintndigits)`
`@@ -101,9 +101,9 @@ static void ecc_free_point(struct ecc_point *p)`
`101`	`101`	`if (!p)`
`102`	`102`	`return;`
`103`	`103`
`104`		`-kzfree(p->x);`
`105`		`-kzfree(p->y);`
`106`		`-kzfree(p);`
	`104`	`+kfree_sensitive(p->x);`
	`105`	`+kfree_sensitive(p->y);`
	`106`	`+kfree_sensitive(p);`
`107`	`107`	`}`
`108`	`108`
`109`	`109`	`staticvoidvli_clear(u64*vli,unsignedintndigits)`

`‎crypto/ecdh.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ static int ecdh_compute_value(struct kpp_request *req)`
`124`	`124`
`125`	`125`	`/* fall through */`
`126`	`126`	`free_all:`
`127`		`-kzfree(shared_secret);`
	`127`	`+kfree_sensitive(shared_secret);`
`128`	`128`	`free_pubkey:`
`129`	`129`	`kfree(public_key);`
`130`	`130`	`returnret;`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit453431a

File tree

114 files changed

Some content is hidden

114 files changed

`‎arch/s390/crypto/prng.c‎`

`‎arch/x86/power/hibernate.c‎`

`‎crypto/adiantum.c‎`

`‎crypto/ahash.c‎`

`‎crypto/api.c‎`

`‎crypto/asymmetric_keys/verify_pefile.c‎`

`‎crypto/deflate.c‎`

`‎crypto/drbg.c‎`

`‎crypto/ecc.c‎`

`‎crypto/ecdh.c‎`

0 commit comments