This is a note to let you know that I've just added the patch titled mm/slab: use memzero_explicit() in kzfree() to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: mm-slab-use-memzero_explicit-in-kzfree.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 8982ae527fbef170ef298650c15d55a9ccd33973 Mon Sep 17 00:00:00 2001 From: Waiman Long <longman@xxxxxxxxxx> Date: Thu, 25 Jun 2020 20:29:52 -0700 Subject: mm/slab: use memzero_explicit() in kzfree() From: Waiman Long <longman@xxxxxxxxxx> commit 8982ae527fbef170ef298650c15d55a9ccd33973 upstream. The kzfree() function is normally used to clear some sensitive information, like encryption keys, in the buffer before freeing it back to the pool. Memset() is currently used for buffer clearing. However unlikely, there is still a non-zero probability that the compiler may choose to optimize away the memory clearing especially if LTO is being used in the future. To make sure that this optimization will never happen, memzero_explicit(), which is introduced in v3.18, is now used in kzfree() to future-proof it. Link: http://lkml.kernel.org/r/20200616154311.12314-2-longman@xxxxxxxxxx Fixes: 3ef0e5ba4673 ("slab: introduce kzfree()") Signed-off-by: Waiman Long <longman@xxxxxxxxxx> Acked-by: Michal Hocko <mhocko@xxxxxxxx> Cc: David Howells <dhowells@xxxxxxxxxx> Cc: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> Cc: James Morris <jmorris@xxxxxxxxx> Cc: "Serge E. Hallyn" <serge@xxxxxxxxxx> Cc: Joe Perches <joe@xxxxxxxxxxx> Cc: Matthew Wilcox <willy@xxxxxxxxxxxxx> Cc: David Rientjes <rientjes@xxxxxxxxxx> Cc: Johannes Weiner <hannes@xxxxxxxxxxx> Cc: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Cc: "Jason A . Donenfeld" <Jason@xxxxxxxxx> Cc: <stable@xxxxxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- mm/slab_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1540,7 +1540,7 @@ void kzfree(const void *p) if (unlikely(ZERO_OR_NULL_PTR(mem))) return; ks = ksize(mem); - memset(mem, 0, ks); + memzero_explicit(mem, ks); kfree(mem); } EXPORT_SYMBOL(kzfree); Patches currently in stable-queue which might be from longman@xxxxxxxxxx are queue-4.19/mm-slab-use-memzero_explicit-in-kzfree.patch