[PATCH] KEYS: trusted: dcp: Use kfree_sensitive() to fix Coccinelle warnings
Bo Liu
liubo03 at inspur.com
Thu Mar 20 10:35:57 UTC 2025
Replace memzero_explicit() and kfree() with kfree_sensitive() to fix
warnings reported by Coccinelle:
WARNING opportunity for kfree_sensitive/kvfree_sensitive
WARNING opportunity for kfree_sensitive/kvfree_sensitive
Signed-off-by: Bo Liu <liubo03 at inspur.com>
---
security/keys/trusted-keys/trusted_dcp.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/security/keys/trusted-keys/trusted_dcp.c b/security/keys/trusted-keys/trusted_dcp.c
index 7b6eb655df0c..c967837e72ee 100644
--- a/security/keys/trusted-keys/trusted_dcp.c
+++ b/security/keys/trusted-keys/trusted_dcp.c
@@ -233,8 +233,7 @@ static int trusted_dcp_seal(struct trusted_key_payload *p, char *datablob)
ret = 0;
out:
- memzero_explicit(plain_blob_key, AES_KEYSIZE_128);
- kfree(plain_blob_key);
+ kfree_sensitive(plain_blob_key);
return ret;
}
@@ -283,8 +282,7 @@ static int trusted_dcp_unseal(struct trusted_key_payload *p, char *datablob)
ret = 0;
out:
if (plain_blob_key) {
- memzero_explicit(plain_blob_key, AES_KEYSIZE_128);
- kfree(plain_blob_key);
+ kfree_sensitive(plain_blob_key);
}
return ret;
--
2.31.1
More information about the Linux-security-module-archive
mailing list