On Fri, Feb 03, 2023 at 09:04:59AM +0800, Herbert Xu wrote: > On Wed, Feb 01, 2023 at 03:59:44PM +0000, Giovanni Cabiddu wrote: > . > > @@ -435,8 +435,8 @@ static void qat_alg_skcipher_init_com(struct qat_alg_skcipher_ctx *ctx, > > } else if (aes_v2_capable && mode == ICP_QAT_HW_CIPHER_CTR_MODE) { > > ICP_QAT_FW_LA_SLICE_TYPE_SET(header->serv_specif_flags, > > ICP_QAT_FW_LA_USE_UCS_SLICE_TYPE); > > - keylen = round_up(keylen, 16); > > memcpy(cd->ucs_aes.key, key, keylen); > > + keylen = round_up(keylen, 16); > > Now cd->ucs_aes.key contains potentially unitialised data, should > we zero them? The content descriptor structure (cd) is already initialized to zero before the function qat_alg_skcipher_init_com() is called. This is done in (1) qat_alg_skcipher_newkey() implicitly by dma_alloc_coherent(), the first time setkey() is called for a tfm or (2) qat_alg_skcipher_rekey() explicitly, for subsequent calls to sekey(). Regards, -- Giovanni