| Message ID | 20230717095932.18677-1-machel@vivo.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | daa751444fd9d4184270b1479d8af49aaf1a1ee6 |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net,v1] net: ipv4: Use kfree_sensitive instead of kfree | expand |
On 17/07/2023 12:59, Wang Ming wrote: > key might contain private part of the key, so better use > kfree_sensitive to free it. > > Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP") > Signed-off-by: Wang Ming <machel@vivo.com> > --- > net/ipv4/esp4.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c > index ba06ed42e428..2be2d4922557 100644 > --- a/net/ipv4/esp4.c > +++ b/net/ipv4/esp4.c > @@ -1132,7 +1132,7 @@ static int esp_init_authenc(struct xfrm_state *x, > err = crypto_aead_setkey(aead, key, keylen); > > free_key: > - kfree(key); > + kfree_sensitive(key); > > error: > return err; LGTM. Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
From: Wang Ming <machel@vivo.com> Date: Mon, 17 Jul 2023 17:59:19 +0800 > key might contain private part of the key, so better use > kfree_sensitive to free it. > > Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP") > Signed-off-by: Wang Ming <machel@vivo.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com> > --- > net/ipv4/esp4.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c > index ba06ed42e428..2be2d4922557 100644 > --- a/net/ipv4/esp4.c > +++ b/net/ipv4/esp4.c > @@ -1132,7 +1132,7 @@ static int esp_init_authenc(struct xfrm_state *x, > err = crypto_aead_setkey(aead, key, keylen); > > free_key: > - kfree(key); > + kfree_sensitive(key); > > error: > return err; > -- > 2.25.1
Hello: This patch was applied to netdev/net.git (main) by David S. Miller <davem@davemloft.net>: On Mon, 17 Jul 2023 17:59:19 +0800 you wrote: > key might contain private part of the key, so better use > kfree_sensitive to free it. > > Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP") > Signed-off-by: Wang Ming <machel@vivo.com> > --- > net/ipv4/esp4.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Here is the summary with links: - [net,v1] net: ipv4: Use kfree_sensitive instead of kfree https://git.kernel.org/netdev/net/c/daa751444fd9 You are awesome, thank you!
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index ba06ed42e428..2be2d4922557 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -1132,7 +1132,7 @@ static int esp_init_authenc(struct xfrm_state *x, err = crypto_aead_setkey(aead, key, keylen); free_key: - kfree(key); + kfree_sensitive(key); error: return err;
key might contain private part of the key, so better use kfree_sensitive to free it. Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP") Signed-off-by: Wang Ming <machel@vivo.com> --- net/ipv4/esp4.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)