Page MenuHomeFreeBSD

Use zfree() instead of explicit_bzero() and free().
ClosedPublic

Authored by jhb on Jun 25 2020, 12:00 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Jul 7, 5:19 PM
Unknown Object (File)
Mon, Jul 6, 12:25 AM
Unknown Object (File)
Sat, Jul 4, 12:05 PM
Unknown Object (File)
Sat, Jul 4, 6:38 AM
Unknown Object (File)
Sat, Jul 4, 6:35 AM
Unknown Object (File)
Sat, Jul 4, 2:47 AM
Unknown Object (File)
Sat, Jul 4, 2:44 AM
Unknown Object (File)
Fri, Jul 3, 2:54 AM
Subscribers

Details

Summary

In addition to reducing lines of code, this also ensures that the full
allocation is always zeroed avoiding possible bugs with incorrect
lengths passed to explicit_bzero().

Suggested by: cem

Test Plan
  • cryptocheck -a all -z for cryptosoft, aesni, and ccr
  • IPsec over both IPv4 (AES-CBC + SHA1 and AES-GCM) and IPv6 (AES-GCM)
  • KTLS via ktls_ocf
  • geli onetime using AES-XTS

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jhb requested review of this revision.Jun 25 2020, 12:00 AM
cem added a reviewer: csprng.

LGTM to me, other than the one question. Approved by: csprng(cem) for the random(4) change.

sys/opencrypto/cryptosoft.c
1437–1438 ↗(On Diff #73605)

This changes the logic. Are these pointers definitely initialized to NULL if axf == NULL?

This revision is now accepted and ready to land.Jun 25 2020, 12:17 AM
sys/opencrypto/cryptosoft.c
1437–1438 ↗(On Diff #73605)

Yes, the session is implicitly zeroed on creation similar to device softcs and is only set to non-NULL values if we have an auth transform in the session. I think the new version is more concise and a bit more fail-safe. The old version used axf->ctxszize for the length to zero, so had to be conditional on the check.

This revision was automatically updated to reflect the committed changes.