From nobody Sat Feb 7 07:25:39 2026 Received: from exchange.fintech.ru (exchange.fintech.ru [195.54.195.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 41DD91B219F; Thu, 28 Nov 2024 14:24:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.54.195.159 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803848; cv=none; b=X2p8/xDA4hllP6SexJrCG2kzbDx7kxKZKXq7Khxz2qX7UXkbv4z1DUrxM6iS0CBb3AIe9Q7tOnZ1Uy7T1z/aworzNh3lx7SebJOye55G+quCwt7hv0zp8kgma4Sr8K6rzsZEOYBli/G57HMgPdwDORH0mUMJ4A0HxMh2B81WjCA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803848; c=relaxed/simple; bh=cgcaN3o6WqlI2tjdDtPMS4LSyKTBy0Hk1efFqZX3g3k=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=WmD3H1LpeshwDBbu64RDlgg4G7FtcNQoIWlAGcFZpPlSFT+9vsNd5AB7Py/HeidOJDeQ/RFkTfKZxwvj5FggThul7m4vqowh0NjISeFzVI34Qt0FApDHp7yCNMsvUyQE1N9MnTgye27X799KnIe8XxjuAnuy1+ksgOex5jzuVFQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru; spf=pass smtp.mailfrom=fintech.ru; arc=none smtp.client-ip=195.54.195.159 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=fintech.ru Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru (195.54.195.169) with Microsoft SMTP Server (TLS) id 14.3.498.0; Thu, 28 Nov 2024 17:22:52 +0300 Received: from localhost (10.0.253.138) by Ex16-01.fintech.ru (10.0.10.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 28 Nov 2024 17:22:52 +0300 From: Nikita Zhandarovich To: Greg Kroah-Hartman , Sasha Levin , CC: Nikita Zhandarovich , Harald Freudenberger , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , "Holger Dengler" , Alexander Gordeev , , , Subject: [PATCH 5.10/5.15 1/3] s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Date: Thu, 28 Nov 2024 06:22:43 -0800 Message-ID: <20241128142245.18136-2-n.zhandarovich@fintech.ru> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241128142245.18136-1-n.zhandarovich@fintech.ru> References: <20241128142245.18136-1-n.zhandarovich@fintech.ru> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: Ex16-02.fintech.ru (10.0.10.19) To Ex16-01.fintech.ru (10.0.10.18) Content-Type: text/plain; charset="utf-8" From: Jules Irenge commit 22e6824622e8a8889df0f8fc4ed5aea0e702a694 upstream. Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770) Signed-off-by: Jules Irenge Reviewed-by: Holger Dengler Link: https://lore.kernel.org/r/ZjqZkNi_JUJu73Rg@octinomon.home Signed-off-by: Heiko Carstens Signed-off-by: Alexander Gordeev [Nikita: small changes were made during cherry-picking due to different debug macro use and similar discrepancies between branches] Signed-off-by: Nikita Zhandarovich --- P.S. As no Fixes: tag was present, I decided against adding it myself and leaving commit body intact. drivers/s390/crypto/pkey_api.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c index 362c97d9bd5b..a41a0e2cbc10 100644 --- a/drivers/s390/crypto/pkey_api.c +++ b/drivers/s390/crypto/pkey_api.c @@ -1271,8 +1271,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, return PTR_ERR(kkey); rc =3D pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey); DEBUG_DBG("%s pkey_keyblob2pkey()=3D%d\n", __func__, rc); - memzero_explicit(kkey, ktp.keylen); - kfree(kkey); + kfree_sensitive(kkey); if (rc) break; if (copy_to_user(utp, &ktp, sizeof(ktp))) @@ -1405,8 +1404,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, kkey, ktp.keylen, &ktp.protkey); DEBUG_DBG("%s pkey_keyblob2pkey2()=3D%d\n", __func__, rc); kfree(apqns); - memzero_explicit(kkey, ktp.keylen); - kfree(kkey); + kfree_sensitive(kkey); if (rc) break; if (copy_to_user(utp, &ktp, sizeof(ktp))) @@ -1532,8 +1530,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, protkey, &protkeylen); DEBUG_DBG("%s pkey_keyblob2pkey3()=3D%d\n", __func__, rc); kfree(apqns); - memzero_explicit(kkey, ktp.keylen); - kfree(kkey); + kfree_sensitive(kkey); if (rc) { kfree(protkey); break; --=20 2.25.1 From nobody Sat Feb 7 07:25:39 2026 Received: from exchange.fintech.ru (exchange.fintech.ru [195.54.195.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 238681B0F38; Thu, 28 Nov 2024 14:24:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.54.195.159 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803846; cv=none; b=ceFVIbTmhaFOjrJ8ngv6TSyimassWpLq7Iv1A7oDWMsMY1fn/BMeOhSOsqSeNPth2jGTcSPQtDzfBL1ebPNX/KB934Ix1CEgwF0IXRYY23w4CuTrA5rJm+JB2n2gAJ6M20tDMR0KDf6FraNGT7NqukyEK62ZI7LLFYp4k2c5Zm8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803846; c=relaxed/simple; bh=iKOzv/SYPRSzm4/p02/l1iD0b4IFLrfS63AW4i5ixv0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Zw5w73e47iC8rwapWkk5CSIbT5KujR6zsd0rktf/HUk/6mJOzDg/GNTx/1uD8JGp1idCp/52eEhxvZ05YJM3w7PRVQnEvrXwHgtivsjYh0JKzZnR8GEvlRMJAtrvacASaWFijpMaN1aqi+mCvk/iFN7QgNmEI3GmSqek8LerkJc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru; spf=pass smtp.mailfrom=fintech.ru; arc=none smtp.client-ip=195.54.195.159 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=fintech.ru Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru (195.54.195.169) with Microsoft SMTP Server (TLS) id 14.3.498.0; Thu, 28 Nov 2024 17:22:56 +0300 Received: from localhost (10.0.253.138) by Ex16-01.fintech.ru (10.0.10.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 28 Nov 2024 17:22:56 +0300 From: Nikita Zhandarovich To: Greg Kroah-Hartman , Sasha Levin , CC: Nikita Zhandarovich , Harald Freudenberger , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , "Holger Dengler" , Alexander Gordeev , , , Subject: [PATCH 5.10/5.15 2/3] s390/pkey: Wipe copies of clear-key structures on failure Date: Thu, 28 Nov 2024 06:22:44 -0800 Message-ID: <20241128142245.18136-3-n.zhandarovich@fintech.ru> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241128142245.18136-1-n.zhandarovich@fintech.ru> References: <20241128142245.18136-1-n.zhandarovich@fintech.ru> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: Ex16-02.fintech.ru (10.0.10.19) To Ex16-01.fintech.ru (10.0.10.18) Content-Type: text/plain; charset="utf-8" From: Holger Dengler commit d65d76a44ffe74c73298ada25b0f578680576073 upstream. Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. Reviewed-by: Harald Freudenberger Reviewed-by: Ingo Franzki Acked-by: Heiko Carstens Signed-off-by: Holger Dengler Signed-off-by: Alexander Gordeev [Nikita: small changes were made during cherry-picking due to different debug macro use and similar discrepancies between branches] Signed-off-by: Nikita Zhandarovich --- P.S. As no Fixes: tag was present, I decided against adding it myself and leaving commit body intact. drivers/s390/crypto/pkey_api.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c index a41a0e2cbc10..778eddb911fd 100644 --- a/drivers/s390/crypto/pkey_api.c +++ b/drivers/s390/crypto/pkey_api.c @@ -1152,9 +1152,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, rc =3D cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype, kcs.clrkey.clrkey, kcs.seckey.seckey); DEBUG_DBG("%s cca_clr2seckey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(ucs, &kcs, sizeof(kcs))) + if (!rc && copy_to_user(ucs, &kcs, sizeof(kcs))) rc =3D -EFAULT; memzero_explicit(&kcs, sizeof(kcs)); break; @@ -1184,9 +1182,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, rc =3D pkey_clr2protkey(kcp.keytype, &kcp.clrkey, &kcp.protkey); DEBUG_DBG("%s pkey_clr2protkey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(ucp, &kcp, sizeof(kcp))) + if (!rc && copy_to_user(ucp, &kcp, sizeof(kcp))) rc =3D -EFAULT; memzero_explicit(&kcp, sizeof(kcp)); break; @@ -1330,11 +1326,13 @@ static long pkey_unlocked_ioctl(struct file *filp, = unsigned int cmd, if (copy_from_user(&kcs, ucs, sizeof(kcs))) return -EFAULT; apqns =3D _copy_apqns_from_user(kcs.apqns, kcs.apqn_entries); - if (IS_ERR(apqns)) + if (IS_ERR(apqns)) { + memzero_explicit(&kcs, sizeof(kcs)); return PTR_ERR(apqns); kkey =3D kmalloc(klen, GFP_KERNEL); if (!kkey) { kfree(apqns); + memzero_explicit(&kcs, sizeof(kcs)); return -ENOMEM; } rc =3D pkey_clr2seckey2(apqns, kcs.apqn_entries, @@ -1344,15 +1342,18 @@ static long pkey_unlocked_ioctl(struct file *filp, = unsigned int cmd, kfree(apqns); if (rc) { kfree(kkey); + memzero_explicit(&kcs, sizeof(kcs)); break; } if (kcs.key) { if (kcs.keylen < klen) { kfree(kkey); + memzero_explicit(&kcs, sizeof(kcs)); return -EINVAL; } if (copy_to_user(kcs.key, kkey, klen)) { kfree(kkey); + memzero_explicit(&kcs, sizeof(kcs)); return -EFAULT; } } --=20 2.25.1 From nobody Sat Feb 7 07:25:39 2026 Received: from exchange.fintech.ru (exchange.fintech.ru [195.54.195.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D5F25192D77; Thu, 28 Nov 2024 14:23:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.54.195.159 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803787; cv=none; b=R/ES0m46wguO0V2rsv+TdCu6po4Yl/Qwg0/5lxuR7EJZpiAlD6h9FgITSdSkQWINCY4gqAjmGAa8wMQeYTsexgcMgnNBASxTqvXwSQkg0ZeUNAaqeeIiu+lR8ZCLy64UeH5AQH8LIjlH6zcru6ep3czDMaFaIrO353imK7BxApA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732803787; c=relaxed/simple; bh=JZap4FTHf9uMQk2MsiLMwwKj8M9JWuLR9yAeWtL0nOE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=dJoKqF9YG3FV0gj7I2Mc6E9BGAwgpHxqFrKCsX4Vk79jqKoXJuYTllKngFX3QMQEpxOnm+CLgvtMfm1ofzxfNNxmLm66XAaBaos+4cCeyIaQ4dObutBJe0gnXU1Nek0tPyGTtUIYONtb6QkqV/SnZfdlueHH03690iERiSlgfIk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru; spf=pass smtp.mailfrom=fintech.ru; arc=none smtp.client-ip=195.54.195.159 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=fintech.ru Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=fintech.ru Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru (195.54.195.169) with Microsoft SMTP Server (TLS) id 14.3.498.0; Thu, 28 Nov 2024 17:23:00 +0300 Received: from localhost (10.0.253.138) by Ex16-01.fintech.ru (10.0.10.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 28 Nov 2024 17:22:59 +0300 From: Nikita Zhandarovich To: Greg Kroah-Hartman , Sasha Levin , CC: Nikita Zhandarovich , Harald Freudenberger , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , "Holger Dengler" , Alexander Gordeev , , , Subject: [PATCH 5.10/5.15 3/3] s390/pkey: Wipe copies of protected- and secure-keys Date: Thu, 28 Nov 2024 06:22:45 -0800 Message-ID: <20241128142245.18136-4-n.zhandarovich@fintech.ru> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241128142245.18136-1-n.zhandarovich@fintech.ru> References: <20241128142245.18136-1-n.zhandarovich@fintech.ru> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: Ex16-02.fintech.ru (10.0.10.19) To Ex16-01.fintech.ru (10.0.10.18) Content-Type: text/plain; charset="utf-8" From: Holger Dengler commit f2ebdadd85af4f4d0cae1e5d009c70eccc78c207 upstream. Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error. Reviewed-by: Harald Freudenberger Reviewed-by: Ingo Franzki Acked-by: Heiko Carstens Signed-off-by: Holger Dengler Signed-off-by: Alexander Gordeev [Nikita: small changes were made during cherry-picking due to different debug macro use and similar discrepancies between branches] Signed-off-by: Nikita Zhandarovich --- P.S. As no Fixes: tag was present, I decided against adding it myself and leaving commit body intact. drivers/s390/crypto/pkey_api.c | 80 ++++++++++++++++------------------ 1 file changed, 37 insertions(+), 43 deletions(-) diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c index 778eddb911fd..754e645c2c71 100644 --- a/drivers/s390/crypto/pkey_api.c +++ b/drivers/s390/crypto/pkey_api.c @@ -1137,10 +1137,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, rc =3D cca_genseckey(kgs.cardnr, kgs.domain, kgs.keytype, kgs.seckey.seckey); DEBUG_DBG("%s cca_genseckey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(ugs, &kgs, sizeof(kgs))) - return -EFAULT; + if (!rc && copy_to_user(ugs, &kgs, sizeof(kgs))) + rc =3D -EFAULT; + memzero_explicit(&kgs, sizeof(kgs)); break; } case PKEY_CLR2SECK: { @@ -1167,10 +1166,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, ksp.seckey.seckey, ksp.protkey.protkey, &ksp.protkey.len, &ksp.protkey.type); DEBUG_DBG("%s cca_sec2protkey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(usp, &ksp, sizeof(ksp))) - return -EFAULT; + if (!rc && copy_to_user(usp, &ksp, sizeof(ksp))) + rc =3D -EFAULT; + memzero_explicit(&ksp, sizeof(ksp)); break; } case PKEY_CLR2PROTK: { @@ -1210,10 +1208,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, return -EFAULT; rc =3D pkey_skey2pkey(ksp.seckey.seckey, &ksp.protkey); DEBUG_DBG("%s pkey_skey2pkey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(usp, &ksp, sizeof(ksp))) - return -EFAULT; + if (!rc && copy_to_user(usp, &ksp, sizeof(ksp))) + rc =3D -EFAULT; + memzero_explicit(&ksp, sizeof(ksp)); break; } case PKEY_VERIFYKEY: { @@ -1225,10 +1222,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, rc =3D pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain, &kvk.keysize, &kvk.attributes); DEBUG_DBG("%s pkey_verifykey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(uvk, &kvk, sizeof(kvk))) - return -EFAULT; + if (!rc && copy_to_user(uvk, &kvk, sizeof(kvk))) + rc =3D -EFAULT; + memzero_explicit(&kvk, sizeof(kvk)); break; } case PKEY_GENPROTK: { @@ -1239,10 +1235,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, return -EFAULT; rc =3D pkey_genprotkey(kgp.keytype, &kgp.protkey); DEBUG_DBG("%s pkey_genprotkey()=3D%d\n", __func__, rc); - if (rc) - break; - if (copy_to_user(ugp, &kgp, sizeof(kgp))) - return -EFAULT; + if (!rc && copy_to_user(ugp, &kgp, sizeof(kgp))) + rc =3D -EFAULT; + memzero_explicit(&kgp, sizeof(kgp)); break; } case PKEY_VERIFYPROTK: { @@ -1253,6 +1248,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, return -EFAULT; rc =3D pkey_verifyprotkey(&kvp.protkey); DEBUG_DBG("%s pkey_verifyprotkey()=3D%d\n", __func__, rc); + memzero_explicit(&kvp, sizeof(kvp)); break; } case PKEY_KBLOB2PROTK: { @@ -1268,10 +1264,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, rc =3D pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey); DEBUG_DBG("%s pkey_keyblob2pkey()=3D%d\n", __func__, rc); kfree_sensitive(kkey); - if (rc) - break; - if (copy_to_user(utp, &ktp, sizeof(ktp))) - return -EFAULT; + if (!rc && copy_to_user(utp, &ktp, sizeof(ktp))) + rc =3D -EFAULT; + memzero_explicit(&ktp, sizeof(ktp)); break; } case PKEY_GENSECK2: { @@ -1297,23 +1292,23 @@ static long pkey_unlocked_ioctl(struct file *filp, = unsigned int cmd, DEBUG_DBG("%s pkey_genseckey2()=3D%d\n", __func__, rc); kfree(apqns); if (rc) { - kfree(kkey); + kfree_sensitive(kkey); break; } if (kgs.key) { if (kgs.keylen < klen) { - kfree(kkey); + kfree_sensitive(kkey); return -EINVAL; } if (copy_to_user(kgs.key, kkey, klen)) { - kfree(kkey); + kfree_sensitive(kkey); return -EFAULT; } } kgs.keylen =3D klen; if (copy_to_user(ugs, &kgs, sizeof(kgs))) rc =3D -EFAULT; - kfree(kkey); + kfree_sensitive(kkey); break; } case PKEY_CLR2SECK2: { @@ -1341,18 +1336,18 @@ static long pkey_unlocked_ioctl(struct file *filp, = unsigned int cmd, DEBUG_DBG("%s pkey_clr2seckey2()=3D%d\n", __func__, rc); kfree(apqns); if (rc) { - kfree(kkey); + kfree_sensitive(kkey); memzero_explicit(&kcs, sizeof(kcs)); break; } if (kcs.key) { if (kcs.keylen < klen) { - kfree(kkey); + kfree_sensitive(kkey); memzero_explicit(&kcs, sizeof(kcs)); return -EINVAL; } if (copy_to_user(kcs.key, kkey, klen)) { - kfree(kkey); + kfree_sensitive(kkey); memzero_explicit(&kcs, sizeof(kcs)); return -EFAULT; } @@ -1361,7 +1356,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, if (copy_to_user(ucs, &kcs, sizeof(kcs))) rc =3D -EFAULT; memzero_explicit(&kcs, sizeof(kcs)); - kfree(kkey); + kfree_sensitive(kkey); break; } case PKEY_VERIFYKEY2: { @@ -1378,7 +1373,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, &kvk.cardnr, &kvk.domain, &kvk.type, &kvk.size, &kvk.flags); DEBUG_DBG("%s pkey_verifykey2()=3D%d\n", __func__, rc); - kfree(kkey); + kfree_sensitive(kkey); if (rc) break; if (copy_to_user(uvk, &kvk, sizeof(kvk))) @@ -1406,10 +1401,9 @@ static long pkey_unlocked_ioctl(struct file *filp, u= nsigned int cmd, DEBUG_DBG("%s pkey_keyblob2pkey2()=3D%d\n", __func__, rc); kfree(apqns); kfree_sensitive(kkey); - if (rc) - break; - if (copy_to_user(utp, &ktp, sizeof(ktp))) - return -EFAULT; + if (!rc && copy_to_user(utp, &ktp, sizeof(ktp))) + rc =3D -EFAULT; + memzero_explicit(&ktp, sizeof(ktp)); break; } case PKEY_APQNS4K: { @@ -1437,7 +1431,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, rc =3D pkey_apqns4key(kkey, kak.keylen, kak.flags, apqns, &nr_apqns); DEBUG_DBG("%s pkey_apqns4key()=3D%d\n", __func__, rc); - kfree(kkey); + kfree_sensitive(kkey); if (rc && rc !=3D -ENOSPC) { kfree(apqns); break; @@ -1523,7 +1517,7 @@ static long pkey_unlocked_ioctl(struct file *filp, un= signed int cmd, protkey =3D kmalloc(protkeylen, GFP_KERNEL); if (!protkey) { kfree(apqns); - kfree(kkey); + kfree_sensitive(kkey); return -ENOMEM; } rc =3D pkey_keyblob2pkey3(apqns, ktp.apqn_entries, kkey, @@ -1533,20 +1527,20 @@ static long pkey_unlocked_ioctl(struct file *filp, = unsigned int cmd, kfree(apqns); kfree_sensitive(kkey); if (rc) { - kfree(protkey); + kfree_sensitive(protkey); break; } if (ktp.pkey && ktp.pkeylen) { if (protkeylen > ktp.pkeylen) { - kfree(protkey); + kfree_sensitive(protkey); return -EINVAL; } if (copy_to_user(ktp.pkey, protkey, protkeylen)) { - kfree(protkey); + kfree_sensitive(protkey); return -EFAULT; } } - kfree(protkey); + kfree_sensitive(protkey); ktp.pkeylen =3D protkeylen; if (copy_to_user(utp, &ktp, sizeof(ktp))) return -EFAULT; --=20 2.25.1