From patchwork Wed Nov 26 18:40:57 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nickolaus Woodruff X-Patchwork-Id: 5387381 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 3E8E59F2F5 for ; Wed, 26 Nov 2014 18:41:03 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 5C25C2016C for ; Wed, 26 Nov 2014 18:41:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 7090820121 for ; Wed, 26 Nov 2014 18:41:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752077AbaKZSlA (ORCPT ); Wed, 26 Nov 2014 13:41:00 -0500 Received: from mail-qa0-f42.google.com ([209.85.216.42]:58395 "EHLO mail-qa0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750828AbaKZSlA (ORCPT ); Wed, 26 Nov 2014 13:41:00 -0500 Received: by mail-qa0-f42.google.com with SMTP id j7so2347195qaq.29 for ; Wed, 26 Nov 2014 10:40:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:mime-version:content-type :content-disposition:user-agent; bh=3j2GM0eRH8wJqKWaVrqkiBiou4Fn5hiQmwVb9Bs/TGk=; b=rj5MaHG6oVKZMJ3ip0PL5WqQ16pHsvixWX6piNFJEG1p8n+q0tQCDHSPPemnFX2Xs7 7/B5U7PGnM+77QXPEYfbIEUu+6jk3shkIxe9W9tUzKGukdzLeTSR161mwhH1jgYqG03Y YpOsepGoQKqWns2JHLIAuvLWDd2CkwitbuIRI6t+D62vawGlBh7+S2U5/UquhZNPlGfN RE/50FFFHD3T7PSNfnrKpvN5JBpaL4ORtuIeSy2qsehdZMkJxZoxtHem2534zETiYLXC B9twXeDXh68eFq6vUPkGCbYojqBahxqeSJE7bR+tKs9P0SZW9WFgIv/R7bk3njLj52sM tSpQ== X-Received: by 10.140.20.175 with SMTP id 44mr46322205qgj.22.1417027259304; Wed, 26 Nov 2014 10:40:59 -0800 (PST) Received: from localhost (c-68-81-145-94.hsd1.pa.comcast.net. [68.81.145.94]) by mx.google.com with ESMTPSA id p67sm4553776qga.26.2014.11.26.10.40.58 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 26 Nov 2014 10:40:58 -0800 (PST) Date: Wed, 26 Nov 2014 13:40:57 -0500 From: Nickolaus Woodruff To: herbert@gondor.apana.org.au, davem@davemloft.net Cc: linux-crypto@vger.kernel.org Subject: [PATCH v2] crypto: drbg: use memzero_explicit() for clearing sensitive data Message-ID: <20141126184057.GA8235@nick-ThinkPad-T430s> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Compiler dead store optimization can sometimes remove final calls to memset() used to clear sensitive data at the end of a function. Replace trailing memset() calls with memzero_explicit() to preclude unwanted removal. Signed-off-by: Nickolaus Woodruff --- Changes in v2: - Move the linux/string.h inclusion to drbg.c crypto/drbg.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/crypto/drbg.c b/crypto/drbg.c index 54cfd48..5d89023 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -98,6 +98,7 @@ */ #include +#include /*************************************************************** * Backend cipher definitions available to DRBG @@ -522,9 +523,9 @@ static int drbg_ctr_df(struct drbg_state *drbg, ret = 0; out: - memset(iv, 0, drbg_blocklen(drbg)); - memset(temp, 0, drbg_statelen(drbg)); - memset(pad, 0, drbg_blocklen(drbg)); + memzero_explicit(iv, drbg_blocklen(drbg)); + memzero_explicit(temp, drbg_statelen(drbg)); + memzero_explicit(pad, drbg_blocklen(drbg)); return ret; } @@ -599,9 +600,9 @@ static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed, ret = 0; out: - memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); + memzero_explicit(temp, drbg_statelen(drbg) + drbg_blocklen(drbg)); if (2 != reseed) - memset(df_data, 0, drbg_statelen(drbg)); + memzero_explicit(df_data, drbg_statelen(drbg)); return ret; } @@ -660,7 +661,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg, len = ret; out: - memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); + memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); return len; } @@ -848,7 +849,7 @@ static int drbg_hash_df(struct drbg_state *drbg, } out: - memset(tmp, 0, drbg_blocklen(drbg)); + memzero_explicit(tmp, drbg_blocklen(drbg)); return ret; } @@ -892,7 +893,7 @@ static int drbg_hash_update(struct drbg_state *drbg, struct list_head *seed, ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2); out: - memset(drbg->scratchpad, 0, drbg_statelen(drbg)); + memzero_explicit(drbg->scratchpad, drbg_statelen(drbg)); return ret; } @@ -927,7 +928,7 @@ static int drbg_hash_process_addtl(struct drbg_state *drbg, drbg->scratchpad, drbg_blocklen(drbg)); out: - memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); + memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); return ret; } @@ -975,7 +976,7 @@ static int drbg_hash_hashgen(struct drbg_state *drbg, } out: - memset(drbg->scratchpad, 0, + memzero_explicit(drbg->scratchpad, (drbg_statelen(drbg) + drbg_blocklen(drbg))); return len; } @@ -1024,7 +1025,7 @@ static int drbg_hash_generate(struct drbg_state *drbg, drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8); out: - memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); + memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); return len; }