This is a note to let you know that I've just added the patch titled
s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
to the 6.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
s390-pkey-use-kfree_sensitive-to-fix-coccinelle-warn.patch
and it can be found in the queue-6.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit f09d319ccefead053cb21910f700be7f5698fe7f
Author: Jules Irenge <jbi.octave@xxxxxxxxx>
Date: Tue May 7 22:13:52 2024 +0100
s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
[ Upstream commit 22e6824622e8a8889df0f8fc4ed5aea0e702a694 ]
Replace memzero_explicit() and kfree() with kfree_sensitive() to fix
warnings reported by Coccinelle:
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506)
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643)
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)
Signed-off-by: Jules Irenge <jbi.octave@xxxxxxxxx>
Reviewed-by: Holger Dengler <dengler@xxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/ZjqZkNi_JUJu73Rg@xxxxxxxxxxxxxx
Signed-off-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
Signed-off-by: Alexander Gordeev <agordeev@xxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index dccf664a3d957..933894065623e 100644
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -1503,8 +1503,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey,
&ktp.protkey.len, &ktp.protkey.type);
pr_debug("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
- memzero_explicit(kkey, ktp.keylen);
- kfree(kkey);
+ kfree_sensitive(kkey);
if (rc)
break;
if (copy_to_user(utp, &ktp, sizeof(ktp)))
@@ -1640,8 +1639,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
&ktp.protkey.type);
pr_debug("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
kfree(apqns);
- memzero_explicit(kkey, ktp.keylen);
- kfree(kkey);
+ kfree_sensitive(kkey);
if (rc)
break;
if (copy_to_user(utp, &ktp, sizeof(ktp)))
@@ -1767,8 +1765,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
protkey, &protkeylen, &ktp.pkeytype);
pr_debug("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
kfree(apqns);
- memzero_explicit(kkey, ktp.keylen);
- kfree(kkey);
+ kfree_sensitive(kkey);
if (rc) {
kfree(protkey);
break;
