[PATCH] x86/sev: Use kfree_sensitive() when freeing a SNP message descriptor

Next message: Vadim Fedorenko: "Re: [PATCH v2] wireguard: allowedips: Use kfree_rcu() instead of call_rcu()"
Previous message: Vadim Fedorenko: "Re: [PATCH net-next 3/3] dpll: zl3073x: Implement device mode setting support"
Next in thread: Tom Lendacky: "Re: [PATCH] x86/sev: Use kfree_sensitive() when freeing a SNP message descriptor"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Borislav Petkov

Date: Mon Jan 12 2026 - 06:42:11 EST

On Sat, Dec 20, 2025 at 03:25:46PM +0100, Julia Lawall wrote:
> cocci warnings: (new ones prefixed by >>)
> >> arch/x86/coco/sev/core.c:2838:12-13: WARNING opportunity for kfree_sensitive/kvfree_sensitive (memset at line 2837)

From: "Borislav Petkov (AMD)" <bp@xxxxxxxxx>
Date: Mon, 12 Jan 2026 12:37:49 +0100

Use the proper helper instead of an open-coded variant.

Reported-by: kernel test robot <lkp@xxxxxxxxx>
Reported-by: Julia Lawall <julia.lawall@xxxxxxxx>
Closes: https://lore.kernel.org/r/202512202235.WHPQkLZu-lkp@xxxxxxxxx
Signed-off-by: Borislav Petkov (AMD) <bp@xxxxxxxxx>
---
arch/x86/coco/sev/core.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
index 379e0c09c7f3..38dad3f5f491 100644
--- a/arch/x86/coco/sev/core.c
+++ b/arch/x86/coco/sev/core.c
@@ -1632,8 +1632,7 @@ void snp_msg_free(struct snp_msg_desc *mdesc)
free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg));
iounmap((__force void __iomem *)mdesc->secrets);

- memset(mdesc, 0, sizeof(*mdesc));
- kfree(mdesc);
+ kfree_sensitive(mdesc);
}
EXPORT_SYMBOL_GPL(snp_msg_free);

--
2.51.0

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette