linux/crypto
Daniel Borkmann 79e886599e crypto: algif - add and use sock_kzfree_s() instead of memzero_explicit()
Commit e1bd95bf7c ("crypto: algif - zeroize IV buffer") and
2a6af25bef ("crypto: algif - zeroize message digest buffer")
added memzero_explicit() calls on buffers that are later on
passed back to sock_kfree_s().

This is a discussed follow-up that, instead, extends the sock
API and adds sock_kzfree_s(), which internally uses kzfree()
instead of kfree() for passing the buffers back to slab.

Having sock_kzfree_s() allows to keep the changes more minimal
by just having a drop-in replacement instead of adding
memzero_explicit() calls everywhere before sock_kfree_s().

In kzfree(), the compiler is not allowed to optimize the memset()
away and thus there's no need for memzero_explicit(). Both,
sock_kfree_s() and sock_kzfree_s() are wrappers for
__sock_kfree_s() and call into kfree() resp. kzfree(); here,
__sock_kfree_s() needs to be explicitly inlined as we want the
compiler to optimize the call and condition away and thus it
produces e.g. on x86_64 the _same_ assembler output for
sock_kfree_s() before and after, and thus also allows for
avoiding code duplication.

Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2014-11-25 22:50:39 +08:00
..
asymmetric_keys Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2014-10-12 10:13:55 -04:00
async_tx dmaengine: fix xor sources continuation 2014-08-21 10:20:52 -07:00
842.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
ablk_helper.c crypto: ablk_helper - Replace memcpy with struct assignment 2013-10-07 14:16:57 +08:00
ablkcipher.c crypto: skcipher - Use eseqiv even on UP machines 2013-10-30 09:51:45 +08:00
aead.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
aes_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
af_alg.c crypto: af_alg - properly label AF_ALG socket 2014-07-31 21:54:00 +08:00
ahash.c crypto: hash - initialize entry len for null input in crypto hash sg list walk 2014-08-25 20:27:16 +08:00
algapi.c crypto: fips - only panic on bad/missing crypto mod signatures 2014-07-03 21:38:32 +08:00
algboss.c crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
algif_hash.c crypto: algif - add and use sock_kzfree_s() instead of memzero_explicit() 2014-11-25 22:50:39 +08:00
algif_skcipher.c crypto: algif - add and use sock_kzfree_s() instead of memzero_explicit() 2014-11-25 22:50:39 +08:00
ansi_cprng.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
anubis.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
api.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
arc4.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
authenc.c crypto: authenc - Find proper IV address in ablkcipher callback 2013-11-28 22:16:23 +08:00
authencesn.c crypto: authencesn - Simplify key parsing 2013-10-16 20:56:25 +08:00
blkcipher.c crypto: allow blkcipher walks over AEAD data 2014-03-10 20:17:11 +08:00
blowfish_common.c crypto: blowfish - split generic and common c code 2011-09-22 21:25:25 +10:00
blowfish_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
camellia_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
cast5_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
cast6_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
cast_common.c crypto: make tables used from assembler __visible 2013-08-14 20:42:03 +10:00
cbc.c
ccm.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
chainiv.c arch: Mass conversion of smp_mb__*() 2014-04-18 14:20:48 +02:00
cipher.c crypto: cipher - Fix checkpatch errors 2010-02-16 20:31:37 +08:00
cmac.c crypto: add CMAC support to CryptoAPI 2013-04-25 21:01:47 +08:00
compress.c crypto: compress - Fix checkpatch errors 2010-02-16 20:31:04 +08:00
crc32.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
crc32c_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
crct10dif_common.c crypto: crct10dif - Add fallback for broken initrds 2013-09-12 15:31:34 +10:00
crct10dif_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
cryptd.c crypto: Resolve shadow warnings 2014-08-01 22:35:55 +08:00
crypto_null.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
crypto_user.c crypto: user - Allow get request with empty driver name 2014-11-24 22:41:52 +08:00
crypto_wq.c crypto: crypto_wq - Fix late crypto work queue initialization 2014-03-21 21:54:28 +08:00
ctr.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
cts.c crypto: memzero_explicit - make sure to clear out sensitive data 2014-10-17 11:44:07 -04:00
deflate.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
des_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
drbg.c crypto: drbg - add MODULE_ALIAS for all DRBG types 2014-11-10 22:09:00 +08:00
ecb.c crypto: ecb - Fix checkpatch errors 2010-02-16 20:33:49 +08:00
eseqiv.c crypto: Resolve shadow warnings 2014-08-01 22:35:55 +08:00
fcrypt.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
fips.c
gcm.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
gf128mul.c crypto: gf128mul - fix call to memset() 2011-07-08 17:21:21 +08:00
ghash-generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
hash_info.c crypto: provide single place for hash algo information 2013-10-25 17:14:03 -04:00
hmac.c crypto: LLVMLinux: Remove VLAIS usage from crypto/hmac.c 2014-10-14 10:51:23 +02:00
internal.h crypto: algboss - Hold ref count on larval 2013-06-25 19:15:17 +08:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2014-10-08 06:44:48 -04:00
khazad.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
krng.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
lrw.c crypto: lrw - add interface for parallelized cipher implementions 2011-11-09 11:50:31 +08:00
lz4.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
lz4hc.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
lzo.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
Makefile crypto: sha-mb - multibuffer crypto infrastructure 2014-08-25 20:32:25 +08:00
mcryptd.c crypto: mcryptd - mcryptd_flist can be static 2014-08-26 14:40:39 +08:00
md4.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
md5.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
memneq.c crypto: memneq - fix for archs without efficient unaligned access 2013-12-09 20:09:12 +08:00
michael_mic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
pcbc.c
pcompress.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
pcrypt.c crypto: pcrypt - Fix wrong usage of rcu_dereference() 2013-12-05 21:28:42 +08:00
proc.c crypto: add module.h to those files that are explicitly using it 2011-10-31 19:31:11 -04:00
ripemd.h
rmd128.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd160.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd256.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rmd320.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
rng.c crypto: user - fix info leaks in report API 2013-02-19 20:27:03 +08:00
salsa20_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
scatterwalk.c crypto: scatterwalk - Add support for calculating number of SG elements 2013-08-21 21:27:58 +10:00
seed.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
seqiv.c crypto: Resolve shadow warnings 2014-08-01 22:35:55 +08:00
serpent_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
sha1_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
sha256_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
sha512_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
shash.c crypto: LLVMLinux: aligned-attribute.patch 2014-06-07 11:44:39 -07:00
tcrypt.c crypto: Resolve shadow warnings 2014-08-01 22:35:55 +08:00
tcrypt.h crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite 2013-12-20 20:06:25 +08:00
tea.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
testmgr.c crypto: testmgr - Remove unnecessary KERN_INFO from testmgr.c 2014-10-24 22:49:36 +08:00
testmgr.h crypto: testmgr - add test for lz4 and lz4hc 2014-08-29 21:46:36 +08:00
tgr192.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
twofish_common.c crypto: twofish-x86_64-3way - add lrw support 2011-11-09 11:53:32 +08:00
twofish_generic.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
vmac.c crypto: memzero_explicit - make sure to clear out sensitive data 2014-10-17 11:44:07 -04:00
wp512.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00
xcbc.c crypto: add module.h to those files that are explicitly using it 2011-10-31 19:31:11 -04:00
xor.c add further __init annotations to crypto/xor.c 2012-10-11 13:42:32 +11:00
xts.c crypto: xts: add interface for parallelized cipher implementations 2011-11-09 11:56:06 +08:00
zlib.c crypto: prefix module autoloading with "crypto-" 2014-11-24 22:43:57 +08:00