There might be a little performance drop but to make sure it stands
by it comments, we really wipe the whole context after usage.
---
crypto/chacha20poly1305.c | 3 ++-
crypto/md5.c | 2 +-
crypto/rmd128.c | 3 ++-
crypto/rmd160.c | 3 ++-
crypto/rmd256.c | 3 ++-
crypto/rmd320.c | 3 ++-
crypto/sha3_generic.c | 3 ++-
7 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/crypto/chacha20poly1305.c b/crypto/chacha20poly1305.c
index 600afa99941f..6e93d998109e 100644
--- a/crypto/chacha20poly1305.c
+++ b/crypto/chacha20poly1305.c
@@ -19,6 +19,7 @@
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/module.h>
+#include <linux/string.h>
#include "internal.h"
@@ -388,7 +389,7 @@ static int poly_genkey(struct aead_request *req)
}
sg_init_table(creq->src, 1);
- memset(rctx->key, 0, sizeof(rctx->key));
+ memzero_explicit(rctx->key, sizeof(rctx->key));
sg_set_buf(creq->src, rctx->key, sizeof(rctx->key));
chacha_iv(creq->iv, req, 0);
diff --git a/crypto/md5.c b/crypto/md5.c
index 94dd78144ba3..00d384e8784c 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -197,7 +197,7 @@ static int md5_final(struct shash_desc *desc, u8 *out)
md5_transform(mctx->hash, mctx->block);
cpu_to_le32_array(mctx->hash, sizeof(mctx->hash) / sizeof(u32));
memcpy(out, mctx->hash, sizeof(mctx->hash));
- memset(mctx, 0, sizeof(*mctx));
+ memzero_explicit(mctx, sizeof(*mctx));
return 0;
}
diff --git a/crypto/rmd128.c b/crypto/rmd128.c
index 5f4472256e27..5e01cd7130c7 100644
--- a/crypto/rmd128.c
+++ b/crypto/rmd128.c
@@ -17,6 +17,7 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
+#include <linux/string.h>
#include <linux/types.h>
#include <asm/byteorder.h>
@@ -290,7 +291,7 @@ static int rmd128_final(struct shash_desc *desc, u8 *out)
dst[i] = cpu_to_le32p(&rctx->state[i]);
/* Wipe context */
- memset(rctx, 0, sizeof(*rctx));
+ memzero_explicit(rctx, sizeof(*rctx));
return 0;
}
diff --git a/crypto/rmd160.c b/crypto/rmd160.c
index 737645344d1c..2381d134443c 100644
--- a/crypto/rmd160.c
+++ b/crypto/rmd160.c
@@ -17,6 +17,7 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
+#include <linux/string.h>
#include <linux/types.h>
#include <asm/byteorder.h>
@@ -334,7 +335,7 @@ static int rmd160_final(struct shash_desc *desc, u8 *out)
dst[i] = cpu_to_le32p(&rctx->state[i]);
/* Wipe context */
- memset(rctx, 0, sizeof(*rctx));
+ memzero_explicit(rctx, sizeof(*rctx));
return 0;
}
diff --git a/crypto/rmd256.c b/crypto/rmd256.c
index 0e9d30676a01..3db0f6653607 100644
--- a/crypto/rmd256.c
+++ b/crypto/rmd256.c
@@ -17,6 +17,7 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
+#include <linux/string.h>
#include <linux/types.h>
#include <asm/byteorder.h>
@@ -309,7 +310,7 @@ static int rmd256_final(struct shash_desc *desc, u8 *out)
dst[i] = cpu_to_le32p(&rctx->state[i]);
/* Wipe context */
- memset(rctx, 0, sizeof(*rctx));
+ memzero_explicit(rctx, sizeof(*rctx));
return 0;
}
diff --git a/crypto/rmd320.c b/crypto/rmd320.c
index 3ae1df5bb48c..e0e1a71d0144 100644
--- a/crypto/rmd320.c
+++ b/crypto/rmd320.c
@@ -17,6 +17,7 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
+#include <linux/string.h>
#include <linux/types.h>
#include <asm/byteorder.h>
@@ -358,7 +359,7 @@ static int rmd320_final(struct shash_desc *desc, u8 *out)
dst[i] = cpu_to_le32p(&rctx->state[i]);
/* Wipe context */
- memset(rctx, 0, sizeof(*rctx));
+ memzero_explicit(rctx, sizeof(*rctx));
return 0;
}
diff --git a/crypto/sha3_generic.c b/crypto/sha3_generic.c
index 7ed98367d4fb..ae30a035d371 100644
--- a/crypto/sha3_generic.c
+++ b/crypto/sha3_generic.c
@@ -17,6 +17,7 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/types.h>
+#include <linux/string.h>
#include <crypto/sha3.h>
#include <asm/unaligned.h>
@@ -237,7 +238,7 @@ int crypto_sha3_final(struct shash_desc *desc, u8 *out)
if (digest_size & 4)
put_unaligned_le32(sctx->st[i], (__le32 *)digest);
- memset(sctx, 0, sizeof(*sctx));
+ memzero_explicit(sctx, sizeof(*sctx));
return 0;
}
EXPORT_SYMBOL(crypto_sha3_final);
