[GIT PULL] keys: Fix key->sem vs mmap_sem issue when reading key
David Howells
dhowells at redhat.com
Sun Apr 5 09:03:50 UTC 2020
Waiman Long <longman at redhat.com> wrote:
> > And yes, kzfree() isn't a good name either, and had that same
> > memset(), but at least it doesn't do the dual-underscore mistake.
> >
> > Including some kzfree()/crypto people explicitly - I hope we can get
> > away from this incorrect and actively wrong pattern of thinking that
> > "sensitive data should be memset(), and then we should add a random
> > 'z' in the name somewhere to 'document' that".
> >
> > Linus
> >
> Thanks for the suggestion, I will post a patch to rename the function to
> kvzfree_explicit() and use memzero_explicit() for clearing memory.
Should this be moved into core code, rather than being squirrelled away in
security/keys/?
David
More information about the Linux-security-module-archive
mailing list