On Mon, May 09, 2022 at 09:50:58AM +0100, Giovanni Cabiddu wrote: > On Fri, May 06, 2022 at 04:38:15PM +0200, Greg KH wrote: > > On Fri, May 06, 2022 at 10:54:07AM +0100, Giovanni Cabiddu wrote: > > > On Fri, May 06, 2022 at 11:22:39AM +0200, Greg KH wrote: > > > > On Fri, May 06, 2022 at 09:23:25AM +0100, Giovanni Cabiddu wrote: > > > > > Use memzero_explicit(), instead of a memset(.., 0, ..) in the > > > > > implementation of the algorithms, for buffers containing sensitive > > > > > information to ensure they are wiped out before free. > > > > > > > > > > Cc: stable@xxxxxxxxxxxxxxx > > > > > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@xxxxxxxxx> > > > > > Reviewed-by: Adam Guerin <adam.guerin@xxxxxxxxx> > > > > > Reviewed-by: Wojciech Ziemba <wojciech.ziemba@xxxxxxxxx> > > > > > --- > > > > > drivers/crypto/qat/qat_common/qat_algs.c | 20 +++++++++---------- > > > > > drivers/crypto/qat/qat_common/qat_asym_algs.c | 20 +++++++++---------- > > > > > 2 files changed, 20 insertions(+), 20 deletions(-) > > > > > > > > > > diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c > > > > > index 873533dc43a7..c42df18e02b2 100644 > > > > > --- a/drivers/crypto/qat/qat_common/qat_algs.c > > > > > +++ b/drivers/crypto/qat/qat_common/qat_algs.c > > > > > @@ -637,12 +637,12 @@ static int qat_alg_aead_newkey(struct crypto_aead *tfm, const u8 *key, > > > > > return 0; > > > > > > > > > > out_free_all: > > > > > - memset(ctx->dec_cd, 0, sizeof(struct qat_alg_cd)); > > > > > + memzero_explicit(ctx->dec_cd, sizeof(struct qat_alg_cd)); > > > > > > > > This is for structure fields, why does memset() not work properly here? > > > > The compiler should always call this, it doesn't know what > > > > dma_free_coherent() does. You are referencing this pointer after the > > > > memset() call so all should be working as intended here. > > > > > > > > Because of this, I don't see why this change is needed. Do you have > > > > reports of compilers not calling memset() for all of this properly? > > > Apologies, I had a wrong assumption. > > > Based on a comment in the memzero_explicit() documentation I assumed it > > > should be always used to zero sensitive data. > > > > > > * memzero_explicit - Fill a region of memory (e.g. sensitive > > > * keying data) with 0s. > > > > Yes, that's what it is for, when the compiler thinks it is "smarter than > > you" for stack variables. > > > > It's great for functions like this: > > int foo(...) > > { > > struct key secret_key; > > > > do something and set secret_key... > > > > /* All done, clean up and return */ > > memset(&secret_key, 0, sizeof(secret_key)); > > return 0; > > } > > > > For that, some compilers now go "hey, they just want to set this to 0 > > and then never touch it again, that is pointless, let's not call > > memset() at all!". > > > > But when you call: > > memset(foo->key, 0, sizeof(key)); > > do_something_with_foo(foo); > > > > the compiler can NOT go and ignore the call to memset() as it does not > > know what do_something_with_foo() does. Or at least it better not. > > > > Try out this with a small example and look at the asm output for proof. > Thanks for the explanation. It is clear now. > > > > > You aren't the first to be confused about this, I see this happening at > > least once a month with a patch to change code like you did. Don't know > > why it keeps coming up, is this a checkpatch() recommentation? > It is not a checkpatch recommendation. > I got that assumption looking at kfree_sensitive() which contains a call > to memzero_explicit(). This was introduced in 2020 by > 8982ae527fbe ("mm/slab: use memzero_explicit() in kzfree()" when the > function was still called kzfree(). > I assume now that the call to memzero_explicit() in kfree_sensitive() is > also redundant, unless I'm missing something. Maybe it is, it's hard to tell without running some build tests on different compilers. Try it and see! thanks, greg k-h