[PATCH 0/2] mm, treewide: Rename kzfree() to kfree_sensitive()

From: Waiman Long
Date: Mon Apr 13 2020 - 17:16:52 EST

Next message: Waiman Long: "[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()"
Previous message: Andrew Lunn: "Re: [PATCH] ARM: do not assemble iwmmxt.S with LLVM toolchain"
Next in thread: Waiman Long: "[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patchset makes a global rename of the kzfree() to kfree_sensitive()
to highlight the fact buffer clearing is only needed if the data objects
contain sensitive information like encrpytion key. The fact that kzfree()
uses memset() to do the clearing isn't totally safe either as compiler
may compile out the clearing in their optimizer. Instead, the new
kfree_sensitive() uses memzero_explicit() which won't get compiled out.

Waiman Long (2):
mm, treewide: Rename kzfree() to kfree_sensitive()
crypto: Remove unnecessary memzero_explicit()

arch/s390/crypto/prng.c | 4 +--
arch/x86/power/hibernate.c | 2 +-
crypto/adiantum.c | 2 +-
crypto/ahash.c | 4 +--
crypto/api.c | 2 +-
crypto/asymmetric_keys/verify_pefile.c | 4 +--
crypto/deflate.c | 2 +-
crypto/drbg.c | 10 +++---
crypto/ecc.c | 8 ++---
crypto/ecdh.c | 2 +-
crypto/gcm.c | 2 +-
crypto/gf128mul.c | 4 +--
crypto/jitterentropy-kcapi.c | 2 +-
crypto/rng.c | 2 +-
crypto/rsa-pkcs1pad.c | 6 ++--
crypto/seqiv.c | 2 +-
crypto/shash.c | 2 +-
crypto/skcipher.c | 2 +-
crypto/testmgr.c | 6 ++--
crypto/zstd.c | 2 +-
.../allwinner/sun8i-ce/sun8i-ce-cipher.c | 17 +++-------
.../allwinner/sun8i-ss/sun8i-ss-cipher.c | 18 +++-------
drivers/crypto/amlogic/amlogic-gxl-cipher.c | 14 +++-----
drivers/crypto/atmel-ecc.c | 2 +-
drivers/crypto/caam/caampkc.c | 28 +++++++--------
drivers/crypto/cavium/cpt/cptvf_main.c | 6 ++--
drivers/crypto/cavium/cpt/cptvf_reqmanager.c | 12 +++----
drivers/crypto/cavium/nitrox/nitrox_lib.c | 4 +--
drivers/crypto/cavium/zip/zip_crypto.c | 6 ++--
drivers/crypto/ccp/ccp-crypto-rsa.c | 6 ++--
drivers/crypto/ccree/cc_aead.c | 4 +--
drivers/crypto/ccree/cc_buffer_mgr.c | 4 +--
drivers/crypto/ccree/cc_cipher.c | 6 ++--
drivers/crypto/ccree/cc_hash.c | 8 ++---
drivers/crypto/ccree/cc_request_mgr.c | 2 +-
drivers/crypto/inside-secure/safexcel_hash.c | 3 +-
drivers/crypto/marvell/cesa/hash.c | 2 +-
.../crypto/marvell/octeontx/otx_cptvf_main.c | 6 ++--
.../marvell/octeontx/otx_cptvf_reqmgr.h | 2 +-
drivers/crypto/mediatek/mtk-aes.c | 2 +-
drivers/crypto/nx/nx.c | 4 +--
drivers/crypto/virtio/virtio_crypto_algs.c | 12 +++----
drivers/crypto/virtio/virtio_crypto_core.c | 2 +-
drivers/md/dm-crypt.c | 34 +++++++++----------
drivers/md/dm-integrity.c | 6 ++--
drivers/misc/ibmvmc.c | 6 ++--
.../hisilicon/hns3/hns3pf/hclge_mbx.c | 2 +-
.../net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 6 ++--
drivers/net/ppp/ppp_mppe.c | 6 ++--
drivers/net/wireguard/noise.c | 4 +--
drivers/net/wireguard/peer.c | 2 +-
drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 +-
.../net/wireless/intel/iwlwifi/pcie/tx-gen2.c | 6 ++--
drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 6 ++--
drivers/net/wireless/intersil/orinoco/wext.c | 4 +--
drivers/s390/crypto/ap_bus.h | 4 +--
drivers/staging/ks7010/ks_hostif.c | 2 +-
drivers/staging/rtl8723bs/core/rtw_security.c | 2 +-
drivers/staging/wlan-ng/p80211netdev.c | 2 +-
drivers/target/iscsi/iscsi_target_auth.c | 2 +-
fs/btrfs/ioctl.c | 2 +-
fs/cifs/cifsencrypt.c | 2 +-
fs/cifs/connect.c | 10 +++---
fs/cifs/dfs_cache.c | 2 +-
fs/cifs/misc.c | 8 ++---
fs/crypto/keyring.c | 6 ++--
fs/crypto/keysetup_v1.c | 4 +--
fs/ecryptfs/keystore.c | 4 +--
fs/ecryptfs/messaging.c | 2 +-
include/crypto/aead.h | 2 +-
include/crypto/akcipher.h | 2 +-
include/crypto/gf128mul.h | 2 +-
include/crypto/hash.h | 2 +-
include/crypto/internal/acompress.h | 2 +-
include/crypto/kpp.h | 2 +-
include/crypto/skcipher.h | 2 +-
include/linux/slab.h | 2 +-
lib/mpi/mpiutil.c | 6 ++--
lib/test_kasan.c | 6 ++--
mm/slab_common.c | 10 +++---
net/atm/mpoa_caches.c | 4 +--
net/bluetooth/ecdh_helper.c | 6 ++--
net/bluetooth/smp.c | 24 ++++++-------
net/core/sock.c | 2 +-
net/ipv4/tcp_fastopen.c | 2 +-
net/mac80211/aead_api.c | 4 +--
net/mac80211/aes_gmac.c | 2 +-
net/mac80211/key.c | 2 +-
net/mac802154/llsec.c | 20 +++++------
net/sctp/auth.c | 2 +-
net/sctp/socket.c | 2 +-
net/sunrpc/auth_gss/gss_krb5_crypto.c | 4 +--
net/sunrpc/auth_gss/gss_krb5_keys.c | 6 ++--
net/sunrpc/auth_gss/gss_krb5_mech.c | 2 +-
net/tipc/crypto.c | 10 +++---
net/wireless/core.c | 2 +-
net/wireless/ibss.c | 4 +--
net/wireless/lib80211_crypt_tkip.c | 2 +-
net/wireless/lib80211_crypt_wep.c | 2 +-
net/wireless/nl80211.c | 24 ++++++-------
net/wireless/sme.c | 6 ++--
net/wireless/util.c | 2 +-
net/wireless/wext-sme.c | 2 +-
scripts/coccinelle/free/devm_free.cocci | 4 +--
scripts/coccinelle/free/ifnullfree.cocci | 4 +--
scripts/coccinelle/free/kfree.cocci | 6 ++--
scripts/coccinelle/free/kfreeaddr.cocci | 2 +-
security/apparmor/domain.c | 4 +--
security/apparmor/include/file.h | 2 +-
security/apparmor/policy.c | 24 ++++++-------
security/apparmor/policy_ns.c | 6 ++--
security/apparmor/policy_unpack.c | 14 ++++----
security/keys/big_key.c | 6 ++--
security/keys/dh.c | 14 ++++----
security/keys/encrypted-keys/encrypted.c | 14 ++++----
security/keys/trusted-keys/trusted_tpm1.c | 34 +++++++++----------
security/keys/user_defined.c | 6 ++--
117 files changed, 332 insertions(+), 358 deletions(-)

--
2.18.1

Next message: Waiman Long: "[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()"
Previous message: Andrew Lunn: "Re: [PATCH] ARM: do not assemble iwmmxt.S with LLVM toolchain"
Next in thread: Waiman Long: "[PATCH 1/2] mm, treewide: Rename kzfree() to kfree_sensitive()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]