From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78A00C2BA80 for ; Tue, 7 Apr 2020 20:09:33 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3319C2074B for ; Tue, 7 Apr 2020 20:09:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux-foundation.org header.i=@linux-foundation.org header.b="LIs7mHA3" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3319C2074B Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id C39E98E0012; Tue, 7 Apr 2020 16:09:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C11318E0001; Tue, 7 Apr 2020 16:09:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id ADA188E0012; Tue, 7 Apr 2020 16:09:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0220.hostedemail.com [216.40.44.220]) by kanga.kvack.org (Postfix) with ESMTP id 94BBF8E0001 for ; Tue, 7 Apr 2020 16:09:32 -0400 (EDT) Received: from smtpin15.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 4A1E5180AD801 for ; Tue, 7 Apr 2020 20:09:32 +0000 (UTC) X-FDA: 76682148984.15.vein69_19032cc577459 X-HE-Tag: vein69_19032cc577459 X-Filterd-Recvd-Size: 4017 Received: from mail-lj1-f195.google.com (mail-lj1-f195.google.com [209.85.208.195]) by imf08.hostedemail.com (Postfix) with ESMTP for ; Tue, 7 Apr 2020 20:09:31 +0000 (UTC) Received: by mail-lj1-f195.google.com with SMTP id b1so5206794ljp.3 for ; Tue, 07 Apr 2020 13:09:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3sghJldqMMjWeerVBLUfhc/cQuHU1aQm4qS6KijAW8Q=; b=LIs7mHA3OXPjMsaXtYIk07UvtJnPGY4OLuhw5yUdciWXo/7JrrEmPqgnrwGk7LYTDy rq/7n66O3MT27zCaMgmAZUsQHre2pHLQbaKY/YARTqgYJVheydI5BKhcTlTAQdZtVZZq 45bOqqTdfPd9zcZUW/Ki0gAVMMNSm+WBI9Bqk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3sghJldqMMjWeerVBLUfhc/cQuHU1aQm4qS6KijAW8Q=; b=n9sWEYaDkqW93eQQi8q99ZNcOwtVVc+OVjQrVBEpvSsYdcuQtV7CNmiV0XxYTSqNkM lH5ygzZTH47cIBqUd/0tVii5H1+yNFQCNp5liW5XP6MMimb+kZZoq8yrjwon+EodTiop mxu+BOoqpnU8ewdk/y1pugDQwXtKBaZSzFnnj2t4n5Hm9M/8Z7ISEJ+DtWQWpRjLCLEl nK/S06CuBaKmi20bjyUtmBB4pCX6Vv/Bm/737WZT3UA+HNVTNxrTa6z3WhopLLS7z2Qp ESxlo1j6HOYAa+Q9M76pAjaG/KHOK132vdToScbzt6EwujUNOQyRI7re5LBtGUMaAdl8 4fXw== X-Gm-Message-State: AGi0PuYW+b8pN5zSOUsSVB9OTdL3D1L+HpYciwlj6v2ZIIuqnN6Do17N vwEGEiZ5u/tUM3B1xsdMoYqav6BB62c= X-Google-Smtp-Source: APiQypJPZp7q33LQEwrb4Vnu1YjFpiIEhuqWetIIL5nxBSOe6NtRStphlOECp/toG2DAzy5Qz23ztQ== X-Received: by 2002:a05:651c:113:: with SMTP id a19mr2726146ljb.167.1586290169018; Tue, 07 Apr 2020 13:09:29 -0700 (PDT) Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com. [209.85.208.169]) by smtp.gmail.com with ESMTPSA id z7sm31871ljc.17.2020.04.07.13.09.27 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 07 Apr 2020 13:09:27 -0700 (PDT) Received: by mail-lj1-f169.google.com with SMTP id t17so5134665ljc.12 for ; Tue, 07 Apr 2020 13:09:27 -0700 (PDT) X-Received: by 2002:a2e:8911:: with SMTP id d17mr2856344lji.16.1586290167180; Tue, 07 Apr 2020 13:09:27 -0700 (PDT) MIME-Version: 1.0 References: <20200407200318.11711-1-longman@redhat.com> In-Reply-To: <20200407200318.11711-1-longman@redhat.com> From: Linus Torvalds Date: Tue, 7 Apr 2020 13:09:11 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v3] mm: Add kvfree_sensitive() for freeing sensitive data objects To: Waiman Long Cc: Andrew Morton , David Howells , Jarkko Sakkinen , James Morris , "Serge E. Hallyn" , Linux-MM , keyrings@vger.kernel.org, Linux Kernel Mailing List , Joe Perches , Matthew Wilcox , David Rientjes Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Apr 7, 2020 at 1:03 PM Waiman Long wrote: > > For kvmalloc'ed data object that contains sensitive information like > cryptographic key, we need to make sure that the buffer is always > cleared before freeing it. Using memset() alone for buffer clearing may > not provide certainty as the compiler may compile it away. To be sure, > the special memzero_explicit() has to be used. Ack. Since this isn't exactly high-priority, I'm assuming it will go through the usual channels (ie Andrew). Linus