Commit a1c3073a authored Aug 07, 2024 by Jules Irenge Committed by Zhang Changzhong Aug 07, 2024

s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings

mainline inclusion
from mainline-v6.10-rc1
commit 22e6824622e8a8889df0f8fc4ed5aea0e702a694
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAGSJP
CVE: CVE-2024-42158

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=22e6824622e8a8889df0f8fc4ed5aea0e702a694



--------------------------------

Replace memzero_explicit() and kfree() with kfree_sensitive() to fix
warnings reported by Coccinelle:

WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506)
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643)
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)

Signed-off-by: Jules Irenge <jbi.octave@gmail.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Link: https://lore.kernel.org/r/ZjqZkNi_JUJu73Rg@octinomon.home


Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
Conflicts:
	drivers/s390/crypto/pkey_api.c
[commit f370f45c ("s390/pkey: do not use struct pkey_protkey") and
6d749b4e0208 ("s390/pkey: introduce dynamic debugging for pkey") are not
merged]
Signed-off-by: Zhang Changzhong <zhangchangzhong@huawei.com>

parent ba646506

drivers/s390/crypto/pkey_api.c

+3 −6

Original line number	Diff line number	Diff line
		@@ -1267,8 +1267,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
		return PTR_ERR(kkey);
		rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
		DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
		memzero_explicit(kkey, ktp.keylen);
		kfree(kkey);
		kfree_sensitive(kkey);
		if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
		rc = -EFAULT;
		memzero_explicit(&ktp, sizeof(ktp));
		@@ -1400,8 +1399,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
		kkey, ktp.keylen, &ktp.protkey);
		DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
		kfree(apqns);
		memzero_explicit(kkey, ktp.keylen);
		kfree(kkey);
		kfree_sensitive(kkey);
		if (!rc && copy_to_user(utp, &ktp, sizeof(ktp)))
		rc = -EFAULT;
		memzero_explicit(&ktp, sizeof(ktp));
		@@ -1526,8 +1524,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
		protkey, &protkeylen);
		DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
		kfree(apqns);
		memzero_explicit(kkey, ktp.keylen);
		kfree(kkey);
		kfree_sensitive(kkey);
		if (rc) {
		kfree_sensitive(protkey);
		break;