[PATCH 7/8 v2] crypto: replace memset by memzero_explicit
Julia Lawall
Julia.Lawall at lip6.fr
Sun Nov 30 09:03:48 PST 2014
From: Julia Lawall <Julia.Lawall at lip6.fr>
Memset on a local variable may be removed when it is called just before the
variable goes out of scope. Using memzero_explicit defeats this
optimization. A simplified version of the semantic patch that makes this
change is as follows: (http://coccinelle.lip6.fr/)
// <smpl>
@@
identifier x;
type T;
@@
{
... when any
T x[...];
... when any
when exists
- memset
+ memzero_explicit
(x,
-0,
...)
... when != x
when strict
}
// </smpl>
This change was suggested by Daniel Borkmann <dborkman at redhat.com>
Signed-off-by: Julia Lawall <Julia.Lawall at lip6.fr>
---
Daniel Borkmann suggested that these patches could go through Herbert Xu's
cryptodev tree.
I was not able to compile this one.
v2: fixed email address
arch/arm/crypto/sha512_neon_glue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm/crypto/sha512_neon_glue.c b/arch/arm/crypto/sha512_neon_glue.c
index f3452c6..b124dce 100644
--- a/arch/arm/crypto/sha512_neon_glue.c
+++ b/arch/arm/crypto/sha512_neon_glue.c
@@ -241,7 +241,7 @@ static int sha384_neon_final(struct shash_desc *desc, u8 *hash)
sha512_neon_final(desc, D);
memcpy(hash, D, SHA384_DIGEST_SIZE);
- memset(D, 0, SHA512_DIGEST_SIZE);
+ memzero_explicit(D, SHA512_DIGEST_SIZE);
return 0;
}
More information about the linux-arm-kernel
mailing list