Use zfree() instead of explicit_bzero() and free().
ClosedPublic
Actions

Authored by jhb on Jun 25 2020, 12:00 AM.

Details

Reviewers

cem
delphij
jmg

Group Reviewers

csprng
O3: Kernel Random Numbers Generator

Commits

rS362624: Use zfree() instead of explicit_bzero() and free().

Summary

In addition to reducing lines of code, this also ensures that the full
allocation is always zeroed avoiding possible bugs with incorrect
lengths passed to explicit_bzero().

Suggested by: cem

Test Plan

cryptocheck -a all -z for cryptosoft, aesni, and ccr
IPsec over both IPv4 (AES-CBC + SHA1 and AES-GCM) and IPv6 (AES-GCM)
KTLS via ktls_ocf
geli onetime using AES-XTS

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Jun 25 2020, 12:00 AM

Herald added subscribers: melifaro, ae. · View Herald TranscriptJun 25 2020, 12:00 AM

jhb requested review of this revision.Jun 25 2020, 12:00 AM

Harbormaster completed remote builds in B31938: Diff 73605.Jun 25 2020, 12:00 AM

LGTM to me, other than the one question. Approved by: csprng(cem) for the random(4) change.

sys/opencrypto/cryptosoft.c
1437–1438 ↗	(On Diff #73605)	This changes the logic. Are these pointers definitely initialized to NULL if `axf == NULL`?

This revision is now accepted and ready to land.Jun 25 2020, 12:17 AM

jhb added inline comments.Jun 25 2020, 12:47 AM

sys/opencrypto/cryptosoft.c
1437–1438 ↗	(On Diff #73605)	Yes, the session is implicitly zeroed on creation similar to device softcs and is only set to non-NULL values if we have an auth transform in the session. I think the new version is more concise and a bit more fail-safe. The old version used `axf->ctxszize` for the length to zero, so had to be conditional on the check.