On Thu, Jun 04, 2020 at 04:48:21PM -0700, Andrew Morton wrote: > From: Waiman Long <longman@xxxxxxxxxx> > Subject: mm: add kvfree_sensitive() for freeing sensitive data objects > > For kvmalloc'ed data object that contains sensitive information like > cryptographic keys, we need to make sure that the buffer is always cleared > before freeing it. Using memset() alone for buffer clearing may not > provide certainty as the compiler may compile it away. To be sure, the > special memzero_explicit() has to be used. > > This patch introduces a new kvfree_sensitive() for freeing those sensitive > data objects allocated by kvmalloc(). The relevant places where > kvfree_sensitive() can be used are modified to use it. > > Link: http://lkml.kernel.org/r/20200407200318.11711-1-longman@xxxxxxxxxx > Fixes: 4f0882491a14 ("KEYS: Avoid false positive ENOMEM error on key read") > Signed-off-by: Waiman Long <longman@xxxxxxxxxx> > Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> > Reviewed-by: Eric Biggers <ebiggers@xxxxxxxxxx> > Acked-by: David Howells <dhowells@xxxxxxxxxx> > Cc: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > Cc: James Morris <jmorris@xxxxxxxxx> > Cc: "Serge E. Hallyn" <serge@xxxxxxxxxx> > Cc: Joe Perches <joe@xxxxxxxxxxx> > Cc: Matthew Wilcox <willy@xxxxxxxxxxxxx> > Cc: David Rientjes <rientjes@xxxxxxxxxx> > Cc: Uladzislau Rezki <urezki@xxxxxxxxx> > Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Acked-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> /Jarkko
