| Message ID | 20250523133057.4025075-1-zilin@seu.edu.cn |
|---|---|
| State | New |
| Headers | show |
| Series | crypto: hisilicon: use kfree_sensitive() for pool cleanup | expand |
On Fri, May 23, 2025 at 01:30:57PM +0000, Zilin Guan wrote: > The error path of hisi_acc_create_sgl_pool() already calls > kfree_sensitive() to wipe sensitive data before freeing the pool. > However, hisi_acc_free_sgl_pool() currently uses plain kfree(), which > may leave secrets behind in memory and undo the protection applied > during creation. > > This patch replaces kfree() with kfree_sensitive() in > hisi_acc_free_sgl_pool(), ensuring that all SGL pool deallocations > securely clear their contents. > > Signed-off-by: Zilin Guan <zilin@seu.edu.cn> > --- > drivers/crypto/hisilicon/sgl.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c > index c974f95cd126..6a88a2056708 100644 > --- a/drivers/crypto/hisilicon/sgl.c > +++ b/drivers/crypto/hisilicon/sgl.c > @@ -151,7 +151,7 @@ void hisi_acc_free_sgl_pool(struct device *dev, struct hisi_acc_sgl_pool *pool) > dma_free_coherent(dev, block[i].size, block[i].sgl, > block[i].sgl_dma); > > - kfree(pool); > + kfree_sensitive(pool); > } > EXPORT_SYMBOL_GPL(hisi_acc_free_sgl_pool); What's in the pool? If it's just pointers then that is not sensitive information. You should only use kfree_sensitive if plaintext or private keys are present. Cheers,
diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c index c974f95cd126..6a88a2056708 100644 --- a/drivers/crypto/hisilicon/sgl.c +++ b/drivers/crypto/hisilicon/sgl.c @@ -151,7 +151,7 @@ void hisi_acc_free_sgl_pool(struct device *dev, struct hisi_acc_sgl_pool *pool) dma_free_coherent(dev, block[i].size, block[i].sgl, block[i].sgl_dma); - kfree(pool); + kfree_sensitive(pool); } EXPORT_SYMBOL_GPL(hisi_acc_free_sgl_pool);
The error path of hisi_acc_create_sgl_pool() already calls kfree_sensitive() to wipe sensitive data before freeing the pool. However, hisi_acc_free_sgl_pool() currently uses plain kfree(), which may leave secrets behind in memory and undo the protection applied during creation. This patch replaces kfree() with kfree_sensitive() in hisi_acc_free_sgl_pool(), ensuring that all SGL pool deallocations securely clear their contents. Signed-off-by: Zilin Guan <zilin@seu.edu.cn> --- drivers/crypto/hisilicon/sgl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)