Re: [PATCH v1] net/tcp: use kfree_sensitive() instend of kfree() in tcp_md5_twsk_free_rcu()
From: Eric Dumazet
Date: Mon Nov 06 2023 - 22:40:29 EST
On Tue, Nov 7, 2023 at 3:35 AM Minjie Du <duminjie@xxxxxxxx> wrote:
>
> key might contain private information, so better use
> kfree_sensitive to free it.
> In tcp_md5_twsk_free_rcu() use kfree_sensitive().
>
> Signed-off-by: Minjie Du <duminjie@xxxxxxxx>
> ---
> net/ipv4/tcp_minisocks.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
> index a9807eeb311c..a7be78096783 100644
> --- a/net/ipv4/tcp_minisocks.c
> +++ b/net/ipv4/tcp_minisocks.c
> @@ -368,7 +368,7 @@ static void tcp_md5_twsk_free_rcu(struct rcu_head *head)
> struct tcp_md5sig_key *key;
>
> key = container_of(head, struct tcp_md5sig_key, rcu);
> - kfree(key);
> + kfree_sensitive(key);
> static_branch_slow_dec_deferred(&tcp_md5_needed);
> tcp_md5_release_sigpool();
> }
> --
> 2.39.0
>
1) net-next is currently closed.
2) such patch could send a wrong signal (false sense of security with MD5)
3) You forgot tcp_time_wait_init(), tcp_md5_do_del(), tcp_md5_key_copy(),
tcp_md5_do_add(), tcp_clear_md5_list().
More work is needed I am afraid, please wait until next week when
6-7-rc1 is tagged and net-next opens again.