Eric Lee / smarc-fsl-linux-kernel

08 Aug, 2020

1 commit

  • 453431a54   mm, treewide: rename kzfree() to kfree_sensitive() ... Browse Code »

    As said by Linus:

    A symmetric naming is only helpful if it implies symmetries in use.
    Otherwise it's actively misleading.

    In "kzalloc()", the z is meaningful and an important part of what the
    caller wants.

    In "kzfree()", the z is actively detrimental, because maybe in the
    future we really _might_ want to use that "memfill(0xdeadbeef)" or
    something. The "zero" part of the interface isn't even _relevant_.

    The main reason that kzfree() exists is to clear sensitive information
    that should not be leaked to other future users of the same memory
    objects.

    Rename kzfree() to kfree_sensitive() to follow the example of the recently
    added kvfree_sensitive() and make the intention of the API more explicit.
    In addition, memzero_explicit() is used to clear the memory to make sure
    that it won't get optimized away by the compiler.

    The renaming is done by using the command sequence:

    git grep -w --name-only kzfree |\
    xargs sed -i 's/kzfree/kfree_sensitive/'

    followed by some editing of the kfree_sensitive() kerneldoc and adding
    a kzfree backward compatibility macro in slab.h.

    [akpm@linux-foundation.org: fs/crypto/inline_crypt.c needs linux/slab.h]
    [akpm@linux-foundation.org: fix fs/crypto/inline_crypt.c some more]

    Suggested-by: Joe Perches
    Signed-off-by: Waiman Long
    Signed-off-by: Andrew Morton
    Acked-by: David Howells
    Acked-by: Michal Hocko
    Acked-by: Johannes Weiner
    Cc: Jarkko Sakkinen
    Cc: James Morris
    Cc: "Serge E. Hallyn"
    Cc: Joe Perches
    Cc: Matthew Wilcox
    Cc: David Rientjes
    Cc: Dan Carpenter
    Cc: "Jason A . Donenfeld"
    Link: http://lkml.kernel.org/r/20200616154311.12314-3-longman@redhat.com
    Signed-off-by: Linus Torvalds

    Waiman Long
     

31 May, 2019

1 commit

  • 2874c5fd2   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 ... Browse Code »

    Based on 1 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license as published by
    the free software foundation either version 2 of the license or at
    your option any later version

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-or-later

    has been chosen to replace the boilerplate/reference in 3029 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Allison Randal
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

18 Apr, 2019

1 commit

  • c4741b230   crypto: run initcalls for generic implementations earlier ... Browse Code »

    Use subsys_initcall for registration of all templates and generic
    algorithm implementations, rather than module_init. Then change
    cryptomgr to use arch_initcall, to place it before the subsys_initcalls.

    This is needed so that when both a generic and optimized implementation
    of an algorithm are built into the kernel (not loadable modules), the
    generic implementation is registered before the optimized one.
    Otherwise, the self-tests for the optimized implementation are unable to
    allocate the generic implementation for the new comparison fuzz tests.

    Note that on arm, a side effect of this change is that self-tests for
    generic implementations may run before the unaligned access handler has
    been installed. So, unaligned accesses will crash the kernel. This is
    arguably a good thing as it makes it easier to detect that type of bug.

    Signed-off-by: Eric Biggers
    Signed-off-by: Herbert Xu

    Eric Biggers
     

21 Apr, 2018

1 commit

  • d5c3b1789   crypto: ecc - Actually remove stack VLA usage ... Browse Code »

    On the quest to remove all VLAs from the kernel[1], this avoids VLAs
    by just using the maximum allocation size (4 bytes) for stack arrays.
    All the VLAs in ecc were either 3 or 4 bytes (or a multiple), so just
    make it 4 bytes all the time. Initialization routines are adjusted to
    check that ndigits does not end up larger than the arrays.

    This includes a removal of the earlier attempt at this fix from
    commit a963834b4742 ("crypto/ecc: Remove stack VLA usage")

    [1] https://lkml.org/lkml/2018/3/7/621

    Signed-off-by: Kees Cook
    Signed-off-by: Herbert Xu

    Kees Cook
     

09 Mar, 2018

1 commit

06 Nov, 2017

1 commit

  • f560acc3b   crypto: ecdh - remove empty exit() ... Browse Code »

    Pointer members of an object with static storage duration, if not
    explicitly initialized, will be initialized to a NULL pointer. The crypto
    API checks if this pointer is not NULL before using it, we are safe to
    remove the function.

    Signed-off-by: Tudor Ambarus
    Signed-off-by: Herbert Xu

    Tudor-Dan Ambarus
     

03 Aug, 2017

1 commit

  • 952035bae   crypto: ecdh - fix concurrency on shared secret and pubkey ... Browse Code »

    ecdh_ctx contained static allocated data for the shared secret
    and public key.

    The shared secret and the public key were doomed to concurrency
    issues because they could be shared by multiple crypto requests.

    The concurrency is fixed by replacing per-tfm shared secret and
    public key with per-request dynamically allocated shared secret
    and public key.

    Signed-off-by: Tudor Ambarus
    Signed-off-by: Herbert Xu

    Tudor-Dan Ambarus
     

10 Jun, 2017

6 commits

09 Mar, 2017

1 commit

24 Jun, 2016

1 commit

23 Jun, 2016

1 commit