crypto: sun8i-ce - use kfree_sensitive to clear and free sensitive data

Jason Wang · herbertx · commit c391714c0497 · 2021-08-12T19:16:57.000+08:00
The kfree_sensitive is a kernel API to clear sensitive information
that should not be leaked to other future users of the same memory
objects and free the memory. Its function is the same as the
combination  of memzero_explicit and kfree. Thus, we can replace the
combination APIs with the single kfree_sensitive API.

Signed-off-by: Jason Wang &lt;wangborong@cdjrlc.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-prng.c
@@ -26,8 +26,7 @@ void sun8i_ce_prng_exit(struct crypto_tfm *tfm)
 {
 	struct sun8i_ce_rng_tfm_ctx *ctx = crypto_tfm_ctx(tfm);
 
-	memzero_explicit(ctx->seed, ctx->slen);
-	kfree(ctx->seed);
+	kfree_sensitive(ctx->seed);
 	ctx->seed = NULL;
 	ctx->slen = 0;
 }
@@ -38,8 +37,7 @@ int sun8i_ce_prng_seed(struct crypto_rng *tfm, const u8 *seed,
 	struct sun8i_ce_rng_tfm_ctx *ctx = crypto_rng_ctx(tfm);
 
 	if (ctx->seed && ctx->slen != slen) {
-		memzero_explicit(ctx->seed, ctx->slen);
-		kfree(ctx->seed);
+		kfree_sensitive(ctx->seed);
 		ctx->slen = 0;
 		ctx->seed = NULL;
 	}
@@ -157,9 +155,8 @@ int sun8i_ce_prng_generate(struct crypto_rng *tfm, const u8 *src,
 		memcpy(dst, d, dlen);
 		memcpy(ctx->seed, d + dlen, ctx->slen);
 	}
-	memzero_explicit(d, todo);
 err_iv:
-	kfree(d);
+	kfree_sensitive(d);
 err_mem:
 	return err;
 }
diff --git a/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c b/drivers/crypto/allwinner/sun8i-ce/sun8i-ce-trng.c
@@ -95,9 +95,8 @@ static int sun8i_ce_trng_read(struct hwrng *rng, void *data, size_t max, bool wa
 		memcpy(data, d, max);
 		err = max;
 	}
-	memzero_explicit(d, todo);
 err_dst:
-	kfree(d);
+	kfree_sensitive(d);
 	return err;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -26,8 +26,7 @@ void sun8i_ce_prng_exit(struct crypto_tfm *tfm)`
`26`	`26`	`{`
`27`	`27`	`struct sun8i_ce_rng_tfm_ctx *ctx = crypto_tfm_ctx(tfm);`
`28`	`28`
`29`		`- memzero_explicit(ctx->seed, ctx->slen);`
`30`		`- kfree(ctx->seed);`
	`29`	`+ kfree_sensitive(ctx->seed);`
`31`	`30`	`ctx->seed = NULL;`
`32`	`31`	`ctx->slen = 0;`
`33`	`32`	`}`
`@@ -38,8 +37,7 @@ int sun8i_ce_prng_seed(struct crypto_rng tfm, const u8 seed,`
`38`	`37`	`struct sun8i_ce_rng_tfm_ctx *ctx = crypto_rng_ctx(tfm);`
`39`	`38`
`40`	`39`	`if (ctx->seed && ctx->slen != slen) {`
`41`		`- memzero_explicit(ctx->seed, ctx->slen);`
`42`		`- kfree(ctx->seed);`
	`40`	`+ kfree_sensitive(ctx->seed);`
`43`	`41`	`ctx->slen = 0;`
`44`	`42`	`ctx->seed = NULL;`
`45`	`43`	`}`
`@@ -157,9 +155,8 @@ int sun8i_ce_prng_generate(struct crypto_rng tfm, const u8 src,`
`157`	`155`	`memcpy(dst, d, dlen);`
`158`	`156`	`memcpy(ctx->seed, d + dlen, ctx->slen);`
`159`	`157`	`}`
`160`		`- memzero_explicit(d, todo);`
`161`	`158`	`err_iv:`
`162`		`- kfree(d);`
	`159`	`+ kfree_sensitive(d);`
`163`	`160`	`err_mem:`
`164`	`161`	`return err;`
`165`	`162`	`}`
Original file line number	Diff line number	Diff line change
`@@ -95,9 +95,8 @@ static int sun8i_ce_trng_read(struct hwrng rng, void data, size_t max, bool wa`
`95`	`95`	`memcpy(data, d, max);`
`96`	`96`	`err = max;`
`97`	`97`	`}`
`98`		`- memzero_explicit(d, todo);`
`99`	`98`	`err_dst:`
`100`		`- kfree(d);`
	`99`	`+ kfree_sensitive(d);`
`101`	`100`	`return err;`
`102`	`101`	`}`
`103`	`102`