Page MenuHomeFreeBSD

Use zfree() instead of explicit_bzero() and free().
ClosedPublic

Authored by jhb on Thu, Jun 25, 12:00 AM.

Details

Summary

In addition to reducing lines of code, this also ensures that the full
allocation is always zeroed avoiding possible bugs with incorrect
lengths passed to explicit_bzero().

Suggested by: cem

Test Plan
  • cryptocheck -a all -z for cryptosoft, aesni, and ccr
  • IPsec over both IPv4 (AES-CBC + SHA1 and AES-GCM) and IPv6 (AES-GCM)
  • KTLS via ktls_ocf
  • geli onetime using AES-XTS

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb created this revision.Thu, Jun 25, 12:00 AM
jhb requested review of this revision.Thu, Jun 25, 12:00 AM
cem accepted this revision.Thu, Jun 25, 12:17 AM
cem added a reviewer: csprng.

LGTM to me, other than the one question. Approved by: csprng(cem) for the random(4) change.

sys/opencrypto/cryptosoft.c
1437–1438 ↗(On Diff #73605)

This changes the logic. Are these pointers definitely initialized to NULL if axf == NULL?

This revision is now accepted and ready to land.Thu, Jun 25, 12:17 AM
jhb added inline comments.Thu, Jun 25, 12:47 AM
sys/opencrypto/cryptosoft.c
1437–1438 ↗(On Diff #73605)

Yes, the session is implicitly zeroed on creation similar to device softcs and is only set to non-NULL values if we have an auth transform in the session. I think the new version is more concise and a bit more fail-safe. The old version used axf->ctxszize for the length to zero, so had to be conditional on the check.

delphij accepted this revision.Thu, Jun 25, 3:58 AM

LGTM.

This revision was automatically updated to reflect the committed changes.