Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects

From: Linus Torvalds
Date: Mon Apr 06 2020 - 14:06:26 EST

Next message: Krishna Chaitanya: "Re: [PATCH] mac80211: fix race in ieee80211_register_hw()"
Previous message: Arvind Sankar: "[PATCH 2/2] efi/x86: Always relocate the kernel for EFI handover entry"
In reply to: Waiman Long: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Next in thread: Joe Perches: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 6, 2020 at 10:59 AM Waiman Long <longman@xxxxxxxxxx> wrote:
>
> I have actually been thinking about that. I saw a couple of cases in the
> crypto code where a memzero_explicit() is followed by kfree(). Those can
> be replaced by kfree_sensitive.

Ack.

Doing that (and renaming kvzfree) should be a fairly straightforward
coccinelle patch.

Somebody (maybe you) asked whether we could just use
kvfree_sensitive() for everything, We probably could. The extra test
is cheap - much cheaper than the memzero_explicit().

That said, _there_ I think that consistency with regular kfree/kvfree
naming means that we might as well keep separate names, and keep the
kmalloc->kfree_sensitive and kvmalloc->kvfree_sensitive pairing. Even
if technically we could do with just the one function that works for
both cases.

Linus

Next message: Krishna Chaitanya: "Re: [PATCH] mac80211: fix race in ieee80211_register_hw()"
Previous message: Arvind Sankar: "[PATCH 2/2] efi/x86: Always relocate the kernel for EFI handover entry"
In reply to: Waiman Long: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Next in thread: Joe Perches: "Re: [PATCH] mm: Add kvfree_sensitive() for freeing sensitive data objects"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]