Page MenuHomeFreeBSD

Use zfree() instead of explicit_bzero() and free().

Authored by jhb on Jun 25 2020, 12:00 AM.



In addition to reducing lines of code, this also ensures that the full
allocation is always zeroed avoiding possible bugs with incorrect
lengths passed to explicit_bzero().

Suggested by: cem

Test Plan
  • cryptocheck -a all -z for cryptosoft, aesni, and ccr
  • IPsec over both IPv4 (AES-CBC + SHA1 and AES-GCM) and IPv6 (AES-GCM)
  • KTLS via ktls_ocf
  • geli onetime using AES-XTS

Diff Detail

rS FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb requested review of this revision.Jun 25 2020, 12:00 AM
cem added a reviewer: csprng.

LGTM to me, other than the one question. Approved by: csprng(cem) for the random(4) change.

1437–1438 ↗(On Diff #73605)

This changes the logic. Are these pointers definitely initialized to NULL if axf == NULL?

This revision is now accepted and ready to land.Jun 25 2020, 12:17 AM
1437–1438 ↗(On Diff #73605)

Yes, the session is implicitly zeroed on creation similar to device softcs and is only set to non-NULL values if we have an auth transform in the session. I think the new version is more concise and a bit more fail-safe. The old version used axf->ctxszize for the length to zero, so had to be conditional on the check.

This revision was automatically updated to reflect the committed changes.