Displaying 8 results from an estimated 8 matches for "sun8i_ce_des3_setkey".
Did you mean:
sun8i_ce_aes_setkey
2020 Apr 13
1
[PATCH 2/2] crypto: Remove unnecessary memzero_explicit()
...len);
> - kfree(op->key);
> - }
> + kfree_sensitive(op->key);
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> if (!op->key)
It might be a defect to set op->keylen before the kmemdup succeeds.
> @@ -416,10 +410,7 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> if (err)
> return err;
>
> - if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> - }
> + free_sensitive(op->key, op->keylen);
Why not kfree_sensitive(op->key) ?
2020 Apr 13
1
[PATCH 2/2] crypto: Remove unnecessary memzero_explicit()
...len);
> - kfree(op->key);
> - }
> + kfree_sensitive(op->key);
> op->keylen = keylen;
> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
> if (!op->key)
It might be a defect to set op->keylen before the kmemdup succeeds.
> @@ -416,10 +410,7 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> if (err)
> return err;
>
> - if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> - }
> + free_sensitive(op->key, op->keylen);
Why not kfree_sensitive(op->key) ?
2020 Apr 13
0
[PATCH 2/2] crypto: Remove unnecessary memzero_explicit()
...gt;> op->keylen = keylen;
>> op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
>> if (!op->key)
> It might be a defect to set op->keylen before the kmemdup succeeds.
It could be. I can move it down after the op->key check.
>> @@ -416,10 +410,7 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
>> if (err)
>> return err;
>>
>> - if (op->key) {
>> - memzero_explicit(op->key, op->keylen);
>> - kfree(op->key);
>> - }
>> + free_sensitive(op->key, op->keylen);
> Why not kfr...
2020 Apr 13
0
[PATCH 2/2] crypto: Remove unnecessary memzero_explicit()
...n %u\n", keylen);
return -EINVAL;
}
- if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
- }
+ kfree_sensitive(op->key);
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
if (!op->key)
@@ -416,10 +410,7 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
if (err)
return err;
- if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
- }
+ free_sensitive(op->key, op->keylen);
op->keylen = keylen;
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
i...
2020 Apr 13
0
[PATCH v2 2/2] crypto: Remove unnecessary memzero_explicit()
..., GFP_KERNEL | GFP_DMA);
if (!op->key)
return -ENOMEM;
+ op->keylen = keylen;
crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MASK);
crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags & CRYPTO_TFM_REQ_MASK);
@@ -416,14 +410,11 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
if (err)
return err;
- if (op->key) {
- memzero_explicit(op->key, op->keylen);
- kfree(op->key);
- }
- op->keylen = keylen;
+ kfree_sensitive(op->key);
op->key = kmemdup(key, keylen, GFP_KERNEL | GFP_DMA);
if (!op->key...
2020 Apr 14
3
[PATCH v2 2/2] crypto: Remove unnecessary memzero_explicit()
..., then op->keylen should be set to 0 when freeing op->key.
>
> crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MASK);
> crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags & CRYPTO_TFM_REQ_MASK);
> @@ -416,14 +410,11 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> if (err)
> return err;
>
> - if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> - }
> - op->keylen = keylen;
> + kfree_sensitive(op->key);
> op->key = kmemdup...
2020 Apr 14
3
[PATCH v2 2/2] crypto: Remove unnecessary memzero_explicit()
..., then op->keylen should be set to 0 when freeing op->key.
>
> crypto_sync_skcipher_clear_flags(op->fallback_tfm, CRYPTO_TFM_REQ_MASK);
> crypto_sync_skcipher_set_flags(op->fallback_tfm, tfm->base.crt_flags & CRYPTO_TFM_REQ_MASK);
> @@ -416,14 +410,11 @@ int sun8i_ce_des3_setkey(struct crypto_skcipher *tfm, const u8 *key,
> if (err)
> return err;
>
> - if (op->key) {
> - memzero_explicit(op->key, op->keylen);
> - kfree(op->key);
> - }
> - op->keylen = keylen;
> + kfree_sensitive(op->key);
> op->key = kmemdup...
2020 Apr 13
10
[PATCH 0/2] mm, treewide: Rename kzfree() to kfree_sensitive()
This patchset makes a global rename of the kzfree() to kfree_sensitive()
to highlight the fact buffer clearing is only needed if the data objects
contain sensitive information like encrpytion key. The fact that kzfree()
uses memset() to do the clearing isn't totally safe either as compiler
may compile out the clearing in their optimizer. Instead, the new
kfree_sensitive() uses