tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull key subsystem fixes from James Morris:
"Here are a bunch of fixes for Linux keyrings, including:

- Fix up the refcount handling now that key structs use the
refcount_t type and the refcount_t ops don't allow a 0->1
transition.

- Fix a potential NULL deref after error in x509_cert_parse().

- Don't put data for the crypto algorithms to use on the stack.

- Fix the handling of a null payload being passed to add_key().

- Fix incorrect cleanup an uninitialised key_preparsed_payload in
key_update().

- Explicit sanitisation of potentially secure data before freeing.

- Fixes for the Diffie-Helman code"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (23 commits)
KEYS: fix refcount_inc() on zero
KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API
crypto : asymmetric_keys : verify_pefile:zero memory content before freeing
KEYS: DH: add __user annotations to keyctl_kdf_params
KEYS: DH: ensure the KDF counter is properly aligned
KEYS: DH: don't feed uninitialized "otherinfo" into KDF
KEYS: DH: forbid using digest_null as the KDF hash
KEYS: sanitize key structs before freeing
KEYS: trusted: sanitize all key material
KEYS: encrypted: sanitize all key material
KEYS: user_defined: sanitize key payloads
KEYS: sanitize add_key() and keyctl() key payloads
KEYS: fix freeing uninitialized memory in key_update()
KEYS: fix dereferencing NULL payload with nonzero length
KEYS: encrypted: use constant-time HMAC comparison
KEYS: encrypted: fix race causing incorrect HMAC calculations
KEYS: encrypted: fix buffer overread in valid_master_desc()
KEYS: encrypted: avoid encrypting/decrypting stack buffers
KEYS: put keyring if install_session_keyring_to_cred() fails
KEYS: Delete an error message for a failed memory allocation in get_derived_key()
...

Linus Torvalds 32627645 6d53cefb

+337 -337
-4
arch/arm64/Kconfig
··· 1084 1084 def_bool y 1085 1085 depends on COMPAT && SYSVIPC 1086 1086 1087 - config KEYS_COMPAT 1088 - def_bool y 1089 - depends on COMPAT && KEYS 1090 - 1091 1087 endmenu 1092 1088 1093 1089 menu "Power management options"
-5
arch/powerpc/Kconfig
··· 1199 1199 1200 1200 source "security/Kconfig" 1201 1201 1202 - config KEYS_COMPAT 1203 - bool 1204 - depends on COMPAT && KEYS 1205 - default y 1206 - 1207 1202 source "crypto/Kconfig" 1208 1203 1209 1204 config PPC_LIB_RHEAP
-3
arch/s390/Kconfig
··· 363 363 config SYSVIPC_COMPAT 364 364 def_bool y if COMPAT && SYSVIPC 365 365 366 - config KEYS_COMPAT 367 - def_bool y if COMPAT && KEYS 368 - 369 366 config SMP 370 367 def_bool y 371 368 prompt "Symmetric multi-processing support"
-3
arch/sparc/Kconfig
··· 577 577 depends on COMPAT && SYSVIPC 578 578 default y 579 579 580 - config KEYS_COMPAT 581 - def_bool y if COMPAT && KEYS 582 - 583 580 endmenu 584 581 585 582 source "net/Kconfig"
-4
arch/x86/Kconfig
··· 2776 2776 config SYSVIPC_COMPAT 2777 2777 def_bool y 2778 2778 depends on SYSVIPC 2779 - 2780 - config KEYS_COMPAT 2781 - def_bool y 2782 - depends on KEYS 2783 2779 endif 2784 2780 2785 2781 endmenu
+2 -2
crypto/asymmetric_keys/verify_pefile.c
··· 381 381 } 382 382 383 383 error: 384 - kfree(desc); 384 + kzfree(desc); 385 385 error_no_desc: 386 386 crypto_free_shash(tfm); 387 387 kleave(" = %d", ret); ··· 450 450 ret = pefile_digest_pe(pebuf, pelen, &ctx); 451 451 452 452 error: 453 - kfree(ctx.digest); 453 + kzfree(ctx.digest); 454 454 return ret; 455 455 }
+1
crypto/asymmetric_keys/x509_cert_parser.c
··· 102 102 } 103 103 } 104 104 105 + ret = -ENOMEM; 105 106 cert->pub->key = kmemdup(ctx->key, ctx->key_size, GFP_KERNEL); 106 107 if (!cert->pub->key) 107 108 goto error_decode;
-1
include/linux/key.h
··· 173 173 #ifdef KEY_DEBUGGING 174 174 unsigned magic; 175 175 #define KEY_DEBUG_MAGIC 0x18273645u 176 - #define KEY_DEBUG_MAGIC_X 0xf8e9dacbu 177 176 #endif 178 177 179 178 unsigned long flags; /* status flags (change with bitops) */
+2 -2
include/uapi/linux/keyctl.h
··· 70 70 }; 71 71 72 72 struct keyctl_kdf_params { 73 - char *hashname; 74 - char *otherinfo; 73 + char __user *hashname; 74 + char __user *otherinfo; 75 75 __u32 otherinfolen; 76 76 __u32 __spare[8]; 77 77 };
+5 -1
security/keys/Kconfig
··· 20 20 21 21 If you are unsure as to whether this is required, answer N. 22 22 23 + config KEYS_COMPAT 24 + def_bool y 25 + depends on COMPAT && KEYS 26 + 23 27 config PERSISTENT_KEYRINGS 24 28 bool "Enable register of persistent per-UID keyrings" 25 29 depends on KEYS ··· 93 89 config KEY_DH_OPERATIONS 94 90 bool "Diffie-Hellman operations on retained keys" 95 91 depends on KEYS 96 - select MPILIB 97 92 select CRYPTO 98 93 select CRYPTO_HASH 94 + select CRYPTO_DH 99 95 help 100 96 This option provides support for calculating Diffie-Hellman 101 97 public keys and shared secrets using values stored as keys
+190 -122
security/keys/dh.c
··· 8 8 * 2 of the License, or (at your option) any later version. 9 9 */ 10 10 11 - #include <linux/mpi.h> 12 11 #include <linux/slab.h> 13 12 #include <linux/uaccess.h> 13 + #include <linux/scatterlist.h> 14 14 #include <linux/crypto.h> 15 15 #include <crypto/hash.h> 16 + #include <crypto/kpp.h> 17 + #include <crypto/dh.h> 16 18 #include <keys/user-type.h> 17 19 #include "internal.h" 18 20 19 - /* 20 - * Public key or shared secret generation function [RFC2631 sec 2.1.1] 21 - * 22 - * ya = g^xa mod p; 23 - * or 24 - * ZZ = yb^xa mod p; 25 - * 26 - * where xa is the local private key, ya is the local public key, g is 27 - * the generator, p is the prime, yb is the remote public key, and ZZ 28 - * is the shared secret. 29 - * 30 - * Both are the same calculation, so g or yb are the "base" and ya or 31 - * ZZ are the "result". 32 - */ 33 - static int do_dh(MPI result, MPI base, MPI xa, MPI p) 34 - { 35 - return mpi_powm(result, base, xa, p); 36 - } 37 - 38 - static ssize_t mpi_from_key(key_serial_t keyid, size_t maxlen, MPI *mpi) 21 + static ssize_t dh_data_from_key(key_serial_t keyid, void **data) 39 22 { 40 23 struct key *key; 41 24 key_ref_t key_ref; ··· 39 56 status = key_validate(key); 40 57 if (status == 0) { 41 58 const struct user_key_payload *payload; 59 + uint8_t *duplicate; 42 60 43 61 payload = user_key_payload_locked(key); 44 62 45 - if (maxlen == 0) { 46 - *mpi = NULL; 63 + duplicate = kmemdup(payload->data, payload->datalen, 64 + GFP_KERNEL); 65 + if (duplicate) { 66 + *data = duplicate; 47 67 ret = payload->datalen; 48 - } else if (payload->datalen <= maxlen) { 49 - *mpi = mpi_read_raw_data(payload->data, 50 - payload->datalen); 51 - if (*mpi) 52 - ret = payload->datalen; 53 68 } else { 54 - ret = -EINVAL; 69 + ret = -ENOMEM; 55 70 } 56 71 } 57 72 up_read(&key->sem); ··· 58 77 key_put(key); 59 78 error: 60 79 return ret; 80 + } 81 + 82 + static void dh_free_data(struct dh *dh) 83 + { 84 + kzfree(dh->key); 85 + kzfree(dh->p); 86 + kzfree(dh->g); 87 + } 88 + 89 + struct dh_completion { 90 + struct completion completion; 91 + int err; 92 + }; 93 + 94 + static void dh_crypto_done(struct crypto_async_request *req, int err) 95 + { 96 + struct dh_completion *compl = req->data; 97 + 98 + if (err == -EINPROGRESS) 99 + return; 100 + 101 + compl->err = err; 102 + complete(&compl->completion); 61 103 } 62 104 63 105 struct kdf_sdesc { ··· 93 89 struct crypto_shash *tfm; 94 90 struct kdf_sdesc *sdesc; 95 91 int size; 92 + int err; 96 93 97 94 /* allocate synchronous hash */ 98 95 tfm = crypto_alloc_shash(hashname, 0, 0); ··· 102 97 return PTR_ERR(tfm); 103 98 } 104 99 100 + err = -EINVAL; 101 + if (crypto_shash_digestsize(tfm) == 0) 102 + goto out_free_tfm; 103 + 104 + err = -ENOMEM; 105 105 size = sizeof(struct shash_desc) + crypto_shash_descsize(tfm); 106 106 sdesc = kmalloc(size, GFP_KERNEL); 107 107 if (!sdesc) 108 - return -ENOMEM; 108 + goto out_free_tfm; 109 109 sdesc->shash.tfm = tfm; 110 110 sdesc->shash.flags = 0x0; 111 111 112 112 *sdesc_ret = sdesc; 113 113 114 114 return 0; 115 + 116 + out_free_tfm: 117 + crypto_free_shash(tfm); 118 + return err; 115 119 } 116 120 117 121 static void kdf_dealloc(struct kdf_sdesc *sdesc) ··· 134 120 kzfree(sdesc); 135 121 } 136 122 137 - /* convert 32 bit integer into its string representation */ 138 - static inline void crypto_kw_cpu_to_be32(u32 val, u8 *buf) 139 - { 140 - __be32 *a = (__be32 *)buf; 141 - 142 - *a = cpu_to_be32(val); 143 - } 144 - 145 123 /* 146 124 * Implementation of the KDF in counter mode according to SP800-108 section 5.1 147 125 * as well as SP800-56A section 5.8.1 (Single-step KDF). ··· 144 138 * 5.8.1.2). 145 139 */ 146 140 static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen, 147 - u8 *dst, unsigned int dlen) 141 + u8 *dst, unsigned int dlen, unsigned int zlen) 148 142 { 149 143 struct shash_desc *desc = &sdesc->shash; 150 144 unsigned int h = crypto_shash_digestsize(desc->tfm); 151 145 int err = 0; 152 146 u8 *dst_orig = dst; 153 - u32 i = 1; 154 - u8 iteration[sizeof(u32)]; 147 + __be32 counter = cpu_to_be32(1); 155 148 156 149 while (dlen) { 157 150 err = crypto_shash_init(desc); 158 151 if (err) 159 152 goto err; 160 153 161 - crypto_kw_cpu_to_be32(i, iteration); 162 - err = crypto_shash_update(desc, iteration, sizeof(u32)); 154 + err = crypto_shash_update(desc, (u8 *)&counter, sizeof(__be32)); 163 155 if (err) 164 156 goto err; 157 + 158 + if (zlen && h) { 159 + u8 tmpbuffer[h]; 160 + size_t chunk = min_t(size_t, zlen, h); 161 + memset(tmpbuffer, 0, chunk); 162 + 163 + do { 164 + err = crypto_shash_update(desc, tmpbuffer, 165 + chunk); 166 + if (err) 167 + goto err; 168 + 169 + zlen -= chunk; 170 + chunk = min_t(size_t, zlen, h); 171 + } while (zlen); 172 + } 165 173 166 174 if (src && slen) { 167 175 err = crypto_shash_update(desc, src, slen); ··· 199 179 200 180 dlen -= h; 201 181 dst += h; 202 - i++; 182 + counter = cpu_to_be32(be32_to_cpu(counter) + 1); 203 183 } 204 184 } 205 185 ··· 212 192 213 193 static int keyctl_dh_compute_kdf(struct kdf_sdesc *sdesc, 214 194 char __user *buffer, size_t buflen, 215 - uint8_t *kbuf, size_t kbuflen) 195 + uint8_t *kbuf, size_t kbuflen, size_t lzero) 216 196 { 217 197 uint8_t *outbuf = NULL; 218 198 int ret; ··· 223 203 goto err; 224 204 } 225 205 226 - ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, buflen); 206 + ret = kdf_ctr(sdesc, kbuf, kbuflen, outbuf, buflen, lzero); 227 207 if (ret) 228 208 goto err; 229 209 ··· 241 221 struct keyctl_kdf_params *kdfcopy) 242 222 { 243 223 long ret; 244 - MPI base, private, prime, result; 245 - unsigned nbytes; 224 + ssize_t dlen; 225 + int secretlen; 226 + int outlen; 246 227 struct keyctl_dh_params pcopy; 247 - uint8_t *kbuf; 248 - ssize_t keylen; 249 - size_t resultlen; 228 + struct dh dh_inputs; 229 + struct scatterlist outsg; 230 + struct dh_completion compl; 231 + struct crypto_kpp *tfm; 232 + struct kpp_request *req; 233 + uint8_t *secret; 234 + uint8_t *outbuf; 250 235 struct kdf_sdesc *sdesc = NULL; 251 236 252 237 if (!params || (!buffer && buflen)) { 253 238 ret = -EINVAL; 254 - goto out; 239 + goto out1; 255 240 } 256 241 if (copy_from_user(&pcopy, params, sizeof(pcopy)) != 0) { 257 242 ret = -EFAULT; 258 - goto out; 243 + goto out1; 259 244 } 260 245 261 246 if (kdfcopy) { ··· 269 244 if (buflen > KEYCTL_KDF_MAX_OUTPUT_LEN || 270 245 kdfcopy->otherinfolen > KEYCTL_KDF_MAX_OI_LEN) { 271 246 ret = -EMSGSIZE; 272 - goto out; 247 + goto out1; 273 248 } 274 249 275 250 /* get KDF name string */ 276 251 hashname = strndup_user(kdfcopy->hashname, CRYPTO_MAX_ALG_NAME); 277 252 if (IS_ERR(hashname)) { 278 253 ret = PTR_ERR(hashname); 279 - goto out; 254 + goto out1; 280 255 } 281 256 282 257 /* allocate KDF from the kernel crypto API */ 283 258 ret = kdf_alloc(&sdesc, hashname); 284 259 kfree(hashname); 285 260 if (ret) 286 - goto out; 261 + goto out1; 287 262 } 288 263 289 - /* 290 - * If the caller requests postprocessing with a KDF, allow an 291 - * arbitrary output buffer size since the KDF ensures proper truncation. 292 - */ 293 - keylen = mpi_from_key(pcopy.prime, kdfcopy ? SIZE_MAX : buflen, &prime); 294 - if (keylen < 0 || !prime) { 295 - /* buflen == 0 may be used to query the required buffer size, 296 - * which is the prime key length. 297 - */ 298 - ret = keylen; 299 - goto out; 264 + memset(&dh_inputs, 0, sizeof(dh_inputs)); 265 + 266 + dlen = dh_data_from_key(pcopy.prime, &dh_inputs.p); 267 + if (dlen < 0) { 268 + ret = dlen; 269 + goto out1; 300 270 } 271 + dh_inputs.p_size = dlen; 301 272 302 - /* The result is never longer than the prime */ 303 - resultlen = keylen; 304 - 305 - keylen = mpi_from_key(pcopy.base, SIZE_MAX, &base); 306 - if (keylen < 0 || !base) { 307 - ret = keylen; 308 - goto error1; 273 + dlen = dh_data_from_key(pcopy.base, &dh_inputs.g); 274 + if (dlen < 0) { 275 + ret = dlen; 276 + goto out2; 309 277 } 278 + dh_inputs.g_size = dlen; 310 279 311 - keylen = mpi_from_key(pcopy.private, SIZE_MAX, &private); 312 - if (keylen < 0 || !private) { 313 - ret = keylen; 314 - goto error2; 280 + dlen = dh_data_from_key(pcopy.private, &dh_inputs.key); 281 + if (dlen < 0) { 282 + ret = dlen; 283 + goto out2; 315 284 } 285 + dh_inputs.key_size = dlen; 316 286 317 - result = mpi_alloc(0); 318 - if (!result) { 287 + secretlen = crypto_dh_key_len(&dh_inputs); 288 + secret = kmalloc(secretlen, GFP_KERNEL); 289 + if (!secret) { 319 290 ret = -ENOMEM; 320 - goto error3; 291 + goto out2; 321 292 } 322 - 323 - /* allocate space for DH shared secret and SP800-56A otherinfo */ 324 - kbuf = kmalloc(kdfcopy ? (resultlen + kdfcopy->otherinfolen) : resultlen, 325 - GFP_KERNEL); 326 - if (!kbuf) { 327 - ret = -ENOMEM; 328 - goto error4; 329 - } 330 - 331 - /* 332 - * Concatenate SP800-56A otherinfo past DH shared secret -- the 333 - * input to the KDF is (DH shared secret || otherinfo) 334 - */ 335 - if (kdfcopy && kdfcopy->otherinfo && 336 - copy_from_user(kbuf + resultlen, kdfcopy->otherinfo, 337 - kdfcopy->otherinfolen) != 0) { 338 - ret = -EFAULT; 339 - goto error5; 340 - } 341 - 342 - ret = do_dh(result, base, private, prime); 293 + ret = crypto_dh_encode_key(secret, secretlen, &dh_inputs); 343 294 if (ret) 344 - goto error5; 295 + goto out3; 345 296 346 - ret = mpi_read_buffer(result, kbuf, resultlen, &nbytes, NULL); 347 - if (ret != 0) 348 - goto error5; 297 + tfm = crypto_alloc_kpp("dh", CRYPTO_ALG_TYPE_KPP, 0); 298 + if (IS_ERR(tfm)) { 299 + ret = PTR_ERR(tfm); 300 + goto out3; 301 + } 302 + 303 + ret = crypto_kpp_set_secret(tfm, secret, secretlen); 304 + if (ret) 305 + goto out4; 306 + 307 + outlen = crypto_kpp_maxsize(tfm); 308 + 309 + if (!kdfcopy) { 310 + /* 311 + * When not using a KDF, buflen 0 is used to read the 312 + * required buffer length 313 + */ 314 + if (buflen == 0) { 315 + ret = outlen; 316 + goto out4; 317 + } else if (outlen > buflen) { 318 + ret = -EOVERFLOW; 319 + goto out4; 320 + } 321 + } 322 + 323 + outbuf = kzalloc(kdfcopy ? (outlen + kdfcopy->otherinfolen) : outlen, 324 + GFP_KERNEL); 325 + if (!outbuf) { 326 + ret = -ENOMEM; 327 + goto out4; 328 + } 329 + 330 + sg_init_one(&outsg, outbuf, outlen); 331 + 332 + req = kpp_request_alloc(tfm, GFP_KERNEL); 333 + if (!req) { 334 + ret = -ENOMEM; 335 + goto out5; 336 + } 337 + 338 + kpp_request_set_input(req, NULL, 0); 339 + kpp_request_set_output(req, &outsg, outlen); 340 + init_completion(&compl.completion); 341 + kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | 342 + CRYPTO_TFM_REQ_MAY_SLEEP, 343 + dh_crypto_done, &compl); 344 + 345 + /* 346 + * For DH, generate_public_key and generate_shared_secret are 347 + * the same calculation 348 + */ 349 + ret = crypto_kpp_generate_public_key(req); 350 + if (ret == -EINPROGRESS) { 351 + wait_for_completion(&compl.completion); 352 + ret = compl.err; 353 + if (ret) 354 + goto out6; 355 + } 349 356 350 357 if (kdfcopy) { 351 - ret = keyctl_dh_compute_kdf(sdesc, buffer, buflen, kbuf, 352 - resultlen + kdfcopy->otherinfolen); 353 - } else { 354 - ret = nbytes; 355 - if (copy_to_user(buffer, kbuf, nbytes) != 0) 358 + /* 359 + * Concatenate SP800-56A otherinfo past DH shared secret -- the 360 + * input to the KDF is (DH shared secret || otherinfo) 361 + */ 362 + if (copy_from_user(outbuf + req->dst_len, kdfcopy->otherinfo, 363 + kdfcopy->otherinfolen) != 0) { 356 364 ret = -EFAULT; 365 + goto out6; 366 + } 367 + 368 + ret = keyctl_dh_compute_kdf(sdesc, buffer, buflen, outbuf, 369 + req->dst_len + kdfcopy->otherinfolen, 370 + outlen - req->dst_len); 371 + } else if (copy_to_user(buffer, outbuf, req->dst_len) == 0) { 372 + ret = req->dst_len; 373 + } else { 374 + ret = -EFAULT; 357 375 } 358 376 359 - error5: 360 - kzfree(kbuf); 361 - error4: 362 - mpi_free(result); 363 - error3: 364 - mpi_free(private); 365 - error2: 366 - mpi_free(base); 367 - error1: 368 - mpi_free(prime); 369 - out: 377 + out6: 378 + kpp_request_free(req); 379 + out5: 380 + kzfree(outbuf); 381 + out4: 382 + crypto_free_kpp(tfm); 383 + out3: 384 + kzfree(secret); 385 + out2: 386 + dh_free_data(&dh_inputs); 387 + out1: 370 388 kdf_dealloc(sdesc); 371 389 return ret; 372 390 }
+75 -131
security/keys/encrypted-keys/encrypted.c
··· 30 30 #include <linux/scatterlist.h> 31 31 #include <linux/ctype.h> 32 32 #include <crypto/aes.h> 33 + #include <crypto/algapi.h> 33 34 #include <crypto/hash.h> 34 35 #include <crypto/sha.h> 35 36 #include <crypto/skcipher.h> ··· 55 54 #define MAX_DATA_SIZE 4096 56 55 #define MIN_DATA_SIZE 20 57 56 58 - struct sdesc { 59 - struct shash_desc shash; 60 - char ctx[]; 61 - }; 62 - 63 - static struct crypto_shash *hashalg; 64 - static struct crypto_shash *hmacalg; 57 + static struct crypto_shash *hash_tfm; 65 58 66 59 enum { 67 60 Opt_err = -1, Opt_new, Opt_load, Opt_update ··· 136 141 */ 137 142 static int valid_master_desc(const char *new_desc, const char *orig_desc) 138 143 { 139 - if (!memcmp(new_desc, KEY_TRUSTED_PREFIX, KEY_TRUSTED_PREFIX_LEN)) { 140 - if (strlen(new_desc) == KEY_TRUSTED_PREFIX_LEN) 141 - goto out; 142 - if (orig_desc) 143 - if (memcmp(new_desc, orig_desc, KEY_TRUSTED_PREFIX_LEN)) 144 - goto out; 145 - } else if (!memcmp(new_desc, KEY_USER_PREFIX, KEY_USER_PREFIX_LEN)) { 146 - if (strlen(new_desc) == KEY_USER_PREFIX_LEN) 147 - goto out; 148 - if (orig_desc) 149 - if (memcmp(new_desc, orig_desc, KEY_USER_PREFIX_LEN)) 150 - goto out; 151 - } else 152 - goto out; 144 + int prefix_len; 145 + 146 + if (!strncmp(new_desc, KEY_TRUSTED_PREFIX, KEY_TRUSTED_PREFIX_LEN)) 147 + prefix_len = KEY_TRUSTED_PREFIX_LEN; 148 + else if (!strncmp(new_desc, KEY_USER_PREFIX, KEY_USER_PREFIX_LEN)) 149 + prefix_len = KEY_USER_PREFIX_LEN; 150 + else 151 + return -EINVAL; 152 + 153 + if (!new_desc[prefix_len]) 154 + return -EINVAL; 155 + 156 + if (orig_desc && strncmp(new_desc, orig_desc, prefix_len)) 157 + return -EINVAL; 158 + 153 159 return 0; 154 - out: 155 - return -EINVAL; 156 160 } 157 161 158 162 /* ··· 315 321 return ukey; 316 322 } 317 323 318 - static struct sdesc *alloc_sdesc(struct crypto_shash *alg) 324 + static int calc_hash(struct crypto_shash *tfm, u8 *digest, 325 + const u8 *buf, unsigned int buflen) 319 326 { 320 - struct sdesc *sdesc; 321 - int size; 327 + SHASH_DESC_ON_STACK(desc, tfm); 328 + int err; 322 329 323 - size = sizeof(struct shash_desc) + crypto_shash_descsize(alg); 324 - sdesc = kmalloc(size, GFP_KERNEL); 325 - if (!sdesc) 326 - return ERR_PTR(-ENOMEM); 327 - sdesc->shash.tfm = alg; 328 - sdesc->shash.flags = 0x0; 329 - return sdesc; 330 + desc->tfm = tfm; 331 + desc->flags = 0; 332 + 333 + err = crypto_shash_digest(desc, buf, buflen, digest); 334 + shash_desc_zero(desc); 335 + return err; 330 336 } 331 337 332 338 static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, 333 339 const u8 *buf, unsigned int buflen) 334 340 { 335 - struct sdesc *sdesc; 336 - int ret; 341 + struct crypto_shash *tfm; 342 + int err; 337 343 338 - sdesc = alloc_sdesc(hmacalg); 339 - if (IS_ERR(sdesc)) { 340 - pr_info("encrypted_key: can't alloc %s\n", hmac_alg); 341 - return PTR_ERR(sdesc); 344 + tfm = crypto_alloc_shash(hmac_alg, 0, CRYPTO_ALG_ASYNC); 345 + if (IS_ERR(tfm)) { 346 + pr_err("encrypted_key: can't alloc %s transform: %ld\n", 347 + hmac_alg, PTR_ERR(tfm)); 348 + return PTR_ERR(tfm); 342 349 } 343 350 344 - ret = crypto_shash_setkey(hmacalg, key, keylen); 345 - if (!ret) 346 - ret = crypto_shash_digest(&sdesc->shash, buf, buflen, digest); 347 - kfree(sdesc); 348 - return ret; 349 - } 350 - 351 - static int calc_hash(u8 *digest, const u8 *buf, unsigned int buflen) 352 - { 353 - struct sdesc *sdesc; 354 - int ret; 355 - 356 - sdesc = alloc_sdesc(hashalg); 357 - if (IS_ERR(sdesc)) { 358 - pr_info("encrypted_key: can't alloc %s\n", hash_alg); 359 - return PTR_ERR(sdesc); 360 - } 361 - 362 - ret = crypto_shash_digest(&sdesc->shash, buf, buflen, digest); 363 - kfree(sdesc); 364 - return ret; 351 + err = crypto_shash_setkey(tfm, key, keylen); 352 + if (!err) 353 + err = calc_hash(tfm, digest, buf, buflen); 354 + crypto_free_shash(tfm); 355 + return err; 365 356 } 366 357 367 358 enum derived_key_type { ENC_KEY, AUTH_KEY }; ··· 364 385 derived_buf_len = HASH_SIZE; 365 386 366 387 derived_buf = kzalloc(derived_buf_len, GFP_KERNEL); 367 - if (!derived_buf) { 368 - pr_err("encrypted_key: out of memory\n"); 388 + if (!derived_buf) 369 389 return -ENOMEM; 370 - } 390 + 371 391 if (key_type) 372 392 strcpy(derived_buf, "AUTH_KEY"); 373 393 else ··· 374 396 375 397 memcpy(derived_buf + strlen(derived_buf) + 1, master_key, 376 398 master_keylen); 377 - ret = calc_hash(derived_key, derived_buf, derived_buf_len); 378 - kfree(derived_buf); 399 + ret = calc_hash(hash_tfm, derived_key, derived_buf, derived_buf_len); 400 + kzfree(derived_buf); 379 401 return ret; 380 402 } 381 403 ··· 458 480 struct skcipher_request *req; 459 481 unsigned int encrypted_datalen; 460 482 u8 iv[AES_BLOCK_SIZE]; 461 - unsigned int padlen; 462 - char pad[16]; 463 483 int ret; 464 484 465 485 encrypted_datalen = roundup(epayload->decrypted_datalen, blksize); 466 - padlen = encrypted_datalen - epayload->decrypted_datalen; 467 486 468 487 req = init_skcipher_req(derived_key, derived_keylen); 469 488 ret = PTR_ERR(req); ··· 468 493 goto out; 469 494 dump_decrypted_data(epayload); 470 495 471 - memset(pad, 0, sizeof pad); 472 496 sg_init_table(sg_in, 2); 473 497 sg_set_buf(&sg_in[0], epayload->decrypted_data, 474 498 epayload->decrypted_datalen); 475 - sg_set_buf(&sg_in[1], pad, padlen); 499 + sg_set_page(&sg_in[1], ZERO_PAGE(0), AES_BLOCK_SIZE, 0); 476 500 477 501 sg_init_table(sg_out, 1); 478 502 sg_set_buf(sg_out, epayload->encrypted_data, encrypted_datalen); ··· 507 533 if (!ret) 508 534 dump_hmac(NULL, digest, HASH_SIZE); 509 535 out: 536 + memzero_explicit(derived_key, sizeof(derived_key)); 510 537 return ret; 511 538 } 512 539 ··· 536 561 ret = calc_hmac(digest, derived_key, sizeof derived_key, p, len); 537 562 if (ret < 0) 538 563 goto out; 539 - ret = memcmp(digest, epayload->format + epayload->datablob_len, 540 - sizeof digest); 564 + ret = crypto_memneq(digest, epayload->format + epayload->datablob_len, 565 + sizeof(digest)); 541 566 if (ret) { 542 567 ret = -EINVAL; 543 568 dump_hmac("datablob", ··· 546 571 dump_hmac("calc", digest, HASH_SIZE); 547 572 } 548 573 out: 574 + memzero_explicit(derived_key, sizeof(derived_key)); 549 575 return ret; 550 576 } 551 577 ··· 560 584 struct skcipher_request *req; 561 585 unsigned int encrypted_datalen; 562 586 u8 iv[AES_BLOCK_SIZE]; 563 - char pad[16]; 587 + u8 *pad; 564 588 int ret; 589 + 590 + /* Throwaway buffer to hold the unused zero padding at the end */ 591 + pad = kmalloc(AES_BLOCK_SIZE, GFP_KERNEL); 592 + if (!pad) 593 + return -ENOMEM; 565 594 566 595 encrypted_datalen = roundup(epayload->decrypted_datalen, blksize); 567 596 req = init_skcipher_req(derived_key, derived_keylen); ··· 575 594 goto out; 576 595 dump_encrypted_data(epayload, encrypted_datalen); 577 596 578 - memset(pad, 0, sizeof pad); 579 597 sg_init_table(sg_in, 1); 580 598 sg_init_table(sg_out, 2); 581 599 sg_set_buf(sg_in, epayload->encrypted_data, encrypted_datalen); 582 600 sg_set_buf(&sg_out[0], epayload->decrypted_data, 583 601 epayload->decrypted_datalen); 584 - sg_set_buf(&sg_out[1], pad, sizeof pad); 602 + sg_set_buf(&sg_out[1], pad, AES_BLOCK_SIZE); 585 603 586 604 memcpy(iv, epayload->iv, sizeof(iv)); 587 605 skcipher_request_set_crypt(req, sg_in, sg_out, encrypted_datalen, iv); ··· 592 612 goto out; 593 613 dump_decrypted_data(epayload); 594 614 out: 615 + kfree(pad); 595 616 return ret; 596 617 } 597 618 ··· 703 722 out: 704 723 up_read(&mkey->sem); 705 724 key_put(mkey); 725 + memzero_explicit(derived_key, sizeof(derived_key)); 706 726 return ret; 707 727 } 708 728 ··· 810 828 ret = encrypted_init(epayload, key->description, format, master_desc, 811 829 decrypted_datalen, hex_encoded_iv); 812 830 if (ret < 0) { 813 - kfree(epayload); 831 + kzfree(epayload); 814 832 goto out; 815 833 } 816 834 817 835 rcu_assign_keypointer(key, epayload); 818 836 out: 819 - kfree(datablob); 837 + kzfree(datablob); 820 838 return ret; 821 839 } 822 840 ··· 825 843 struct encrypted_key_payload *epayload; 826 844 827 845 epayload = container_of(rcu, struct encrypted_key_payload, rcu); 828 - memset(epayload->decrypted_data, 0, epayload->decrypted_datalen); 829 - kfree(epayload); 846 + kzfree(epayload); 830 847 } 831 848 832 849 /* ··· 883 902 rcu_assign_keypointer(key, new_epayload); 884 903 call_rcu(&epayload->rcu, encrypted_rcu_free); 885 904 out: 886 - kfree(buf); 905 + kzfree(buf); 887 906 return ret; 888 907 } 889 908 ··· 941 960 942 961 up_read(&mkey->sem); 943 962 key_put(mkey); 963 + memzero_explicit(derived_key, sizeof(derived_key)); 944 964 945 965 if (copy_to_user(buffer, ascii_buf, asciiblob_len) != 0) 946 966 ret = -EFAULT; 947 - kfree(ascii_buf); 967 + kzfree(ascii_buf); 948 968 949 969 return asciiblob_len; 950 970 out: 951 971 up_read(&mkey->sem); 952 972 key_put(mkey); 973 + memzero_explicit(derived_key, sizeof(derived_key)); 953 974 return ret; 954 975 } 955 976 956 977 /* 957 - * encrypted_destroy - before freeing the key, clear the decrypted data 958 - * 959 - * Before freeing the key, clear the memory containing the decrypted 960 - * key data. 978 + * encrypted_destroy - clear and free the key's payload 961 979 */ 962 980 static void encrypted_destroy(struct key *key) 963 981 { 964 - struct encrypted_key_payload *epayload = key->payload.data[0]; 965 - 966 - if (!epayload) 967 - return; 968 - 969 - memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen); 970 - kfree(key->payload.data[0]); 982 + kzfree(key->payload.data[0]); 971 983 } 972 984 973 985 struct key_type key_type_encrypted = { ··· 973 999 }; 974 1000 EXPORT_SYMBOL_GPL(key_type_encrypted); 975 1001 976 - static void encrypted_shash_release(void) 977 - { 978 - if (hashalg) 979 - crypto_free_shash(hashalg); 980 - if (hmacalg) 981 - crypto_free_shash(hmacalg); 982 - } 983 - 984 - static int __init encrypted_shash_alloc(void) 985 - { 986 - int ret; 987 - 988 - hmacalg = crypto_alloc_shash(hmac_alg, 0, CRYPTO_ALG_ASYNC); 989 - if (IS_ERR(hmacalg)) { 990 - pr_info("encrypted_key: could not allocate crypto %s\n", 991 - hmac_alg); 992 - return PTR_ERR(hmacalg); 993 - } 994 - 995 - hashalg = crypto_alloc_shash(hash_alg, 0, CRYPTO_ALG_ASYNC); 996 - if (IS_ERR(hashalg)) { 997 - pr_info("encrypted_key: could not allocate crypto %s\n", 998 - hash_alg); 999 - ret = PTR_ERR(hashalg); 1000 - goto hashalg_fail; 1001 - } 1002 - 1003 - return 0; 1004 - 1005 - hashalg_fail: 1006 - crypto_free_shash(hmacalg); 1007 - return ret; 1008 - } 1009 - 1010 1002 static int __init init_encrypted(void) 1011 1003 { 1012 1004 int ret; 1013 1005 1014 - ret = encrypted_shash_alloc(); 1015 - if (ret < 0) 1016 - return ret; 1006 + hash_tfm = crypto_alloc_shash(hash_alg, 0, CRYPTO_ALG_ASYNC); 1007 + if (IS_ERR(hash_tfm)) { 1008 + pr_err("encrypted_key: can't allocate %s transform: %ld\n", 1009 + hash_alg, PTR_ERR(hash_tfm)); 1010 + return PTR_ERR(hash_tfm); 1011 + } 1012 + 1017 1013 ret = aes_get_sizes(); 1018 1014 if (ret < 0) 1019 1015 goto out; ··· 992 1048 goto out; 993 1049 return 0; 994 1050 out: 995 - encrypted_shash_release(); 1051 + crypto_free_shash(hash_tfm); 996 1052 return ret; 997 1053 998 1054 } 999 1055 1000 1056 static void __exit cleanup_encrypted(void) 1001 1057 { 1002 - encrypted_shash_release(); 1058 + crypto_free_shash(hash_tfm); 1003 1059 unregister_key_type(&key_type_encrypted); 1004 1060 } 1005 1061
+1 -3
security/keys/gc.c
··· 158 158 159 159 kfree(key->description); 160 160 161 - #ifdef KEY_DEBUGGING 162 - key->magic = KEY_DEBUG_MAGIC_X; 163 - #endif 161 + memzero_explicit(key, sizeof(*key)); 164 162 kmem_cache_free(key_jar, key); 165 163 } 166 164 }
+6 -10
security/keys/key.c
··· 660 660 goto error; 661 661 662 662 found: 663 - /* pretend it doesn't exist if it is awaiting deletion */ 664 - if (refcount_read(&key->usage) == 0) 665 - goto not_found; 666 - 667 - /* this races with key_put(), but that doesn't matter since key_put() 668 - * doesn't actually change the key 663 + /* A key is allowed to be looked up only if someone still owns a 664 + * reference to it - otherwise it's awaiting the gc. 669 665 */ 670 - __key_get(key); 666 + if (!refcount_inc_not_zero(&key->usage)) 667 + goto not_found; 671 668 672 669 error: 673 670 spin_unlock(&key_serial_lock); ··· 963 966 /* the key must be writable */ 964 967 ret = key_permission(key_ref, KEY_NEED_WRITE); 965 968 if (ret < 0) 966 - goto error; 969 + return ret; 967 970 968 971 /* attempt to update it if supported */ 969 - ret = -EOPNOTSUPP; 970 972 if (!key->type->update) 971 - goto error; 973 + return -EOPNOTSUPP; 972 974 973 975 memset(&prep, 0, sizeof(prep)); 974 976 prep.data = payload;
+11 -5
security/keys/keyctl.c
··· 99 99 /* pull the payload in if one was supplied */ 100 100 payload = NULL; 101 101 102 - if (_payload) { 102 + if (plen) { 103 103 ret = -ENOMEM; 104 104 payload = kvmalloc(plen, GFP_KERNEL); 105 105 if (!payload) ··· 132 132 133 133 key_ref_put(keyring_ref); 134 134 error3: 135 - kvfree(payload); 135 + if (payload) { 136 + memzero_explicit(payload, plen); 137 + kvfree(payload); 138 + } 136 139 error2: 137 140 kfree(description); 138 141 error: ··· 327 324 328 325 /* pull the payload in if one was supplied */ 329 326 payload = NULL; 330 - if (_payload) { 327 + if (plen) { 331 328 ret = -ENOMEM; 332 329 payload = kmalloc(plen, GFP_KERNEL); 333 330 if (!payload) ··· 350 347 351 348 key_ref_put(key_ref); 352 349 error2: 353 - kfree(payload); 350 + kzfree(payload); 354 351 error: 355 352 return ret; 356 353 } ··· 1096 1093 keyctl_change_reqkey_auth(NULL); 1097 1094 1098 1095 error2: 1099 - kvfree(payload); 1096 + if (payload) { 1097 + memzero_explicit(payload, plen); 1098 + kvfree(payload); 1099 + } 1100 1100 error: 1101 1101 return ret; 1102 1102 }
+6 -6
security/keys/keyring.c
··· 706 706 * Non-keyrings avoid the leftmost branch of the root entirely (root 707 707 * slots 1-15). 708 708 */ 709 - ptr = ACCESS_ONCE(keyring->keys.root); 709 + ptr = READ_ONCE(keyring->keys.root); 710 710 if (!ptr) 711 711 goto not_this_keyring; 712 712 ··· 720 720 if ((shortcut->index_key[0] & ASSOC_ARRAY_FAN_MASK) != 0) 721 721 goto not_this_keyring; 722 722 723 - ptr = ACCESS_ONCE(shortcut->next_node); 723 + ptr = READ_ONCE(shortcut->next_node); 724 724 node = assoc_array_ptr_to_node(ptr); 725 725 goto begin_node; 726 726 } ··· 740 740 if (assoc_array_ptr_is_shortcut(ptr)) { 741 741 shortcut = assoc_array_ptr_to_shortcut(ptr); 742 742 smp_read_barrier_depends(); 743 - ptr = ACCESS_ONCE(shortcut->next_node); 743 + ptr = READ_ONCE(shortcut->next_node); 744 744 BUG_ON(!assoc_array_ptr_is_node(ptr)); 745 745 } 746 746 node = assoc_array_ptr_to_node(ptr); ··· 752 752 ascend_to_node: 753 753 /* Go through the slots in a node */ 754 754 for (; slot < ASSOC_ARRAY_FAN_OUT; slot++) { 755 - ptr = ACCESS_ONCE(node->slots[slot]); 755 + ptr = READ_ONCE(node->slots[slot]); 756 756 757 757 if (assoc_array_ptr_is_meta(ptr) && node->back_pointer) 758 758 goto descend_to_node; ··· 790 790 /* We've dealt with all the slots in the current node, so now we need 791 791 * to ascend to the parent and continue processing there. 792 792 */ 793 - ptr = ACCESS_ONCE(node->back_pointer); 793 + ptr = READ_ONCE(node->back_pointer); 794 794 slot = node->parent_slot; 795 795 796 796 if (ptr && assoc_array_ptr_is_shortcut(ptr)) { 797 797 shortcut = assoc_array_ptr_to_shortcut(ptr); 798 798 smp_read_barrier_depends(); 799 - ptr = ACCESS_ONCE(shortcut->back_pointer); 799 + ptr = READ_ONCE(shortcut->back_pointer); 800 800 slot = shortcut->parent_slot; 801 801 } 802 802 if (!ptr)
+4 -3
security/keys/process_keys.c
··· 809 809 ret = PTR_ERR(keyring); 810 810 goto error2; 811 811 } else if (keyring == new->session_keyring) { 812 - key_put(keyring); 813 812 ret = 0; 814 - goto error2; 813 + goto error3; 815 814 } 816 815 817 816 /* we've got a keyring - now to install it */ 818 817 ret = install_session_keyring_to_cred(new, keyring); 819 818 if (ret < 0) 820 - goto error2; 819 + goto error3; 821 820 822 821 commit_creds(new); 823 822 mutex_unlock(&key_session_mutex); ··· 826 827 okay: 827 828 return ret; 828 829 830 + error3: 831 + key_put(keyring); 829 832 error2: 830 833 mutex_unlock(&key_session_mutex); 831 834 error:
+22 -28
security/keys/trusted.c
··· 70 70 } 71 71 72 72 ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest); 73 - kfree(sdesc); 73 + kzfree(sdesc); 74 74 return ret; 75 75 } 76 76 ··· 114 114 if (!ret) 115 115 ret = crypto_shash_final(&sdesc->shash, digest); 116 116 out: 117 - kfree(sdesc); 117 + kzfree(sdesc); 118 118 return ret; 119 119 } 120 120 ··· 165 165 paramdigest, TPM_NONCE_SIZE, h1, 166 166 TPM_NONCE_SIZE, h2, 1, &c, 0, 0); 167 167 out: 168 - kfree(sdesc); 168 + kzfree(sdesc); 169 169 return ret; 170 170 } 171 171 ··· 246 246 if (memcmp(testhmac, authdata, SHA1_DIGEST_SIZE)) 247 247 ret = -EINVAL; 248 248 out: 249 - kfree(sdesc); 249 + kzfree(sdesc); 250 250 return ret; 251 251 } 252 252 ··· 347 347 if (memcmp(testhmac2, authdata2, SHA1_DIGEST_SIZE)) 348 348 ret = -EINVAL; 349 349 out: 350 - kfree(sdesc); 350 + kzfree(sdesc); 351 351 return ret; 352 352 } 353 353 ··· 564 564 *bloblen = storedsize; 565 565 } 566 566 out: 567 - kfree(td); 567 + kzfree(td); 568 568 return ret; 569 569 } 570 570 ··· 678 678 if (ret < 0) 679 679 pr_info("trusted_key: srkseal failed (%d)\n", ret); 680 680 681 - kfree(tb); 681 + kzfree(tb); 682 682 return ret; 683 683 } 684 684 ··· 703 703 /* pull migratable flag out of sealed key */ 704 704 p->migratable = p->key[--p->key_len]; 705 705 706 - kfree(tb); 706 + kzfree(tb); 707 707 return ret; 708 708 } 709 709 ··· 1037 1037 if (!ret && options->pcrlock) 1038 1038 ret = pcrlock(options->pcrlock); 1039 1039 out: 1040 - kfree(datablob); 1041 - kfree(options); 1040 + kzfree(datablob); 1041 + kzfree(options); 1042 1042 if (!ret) 1043 1043 rcu_assign_keypointer(key, payload); 1044 1044 else 1045 - kfree(payload); 1045 + kzfree(payload); 1046 1046 return ret; 1047 1047 } 1048 1048 ··· 1051 1051 struct trusted_key_payload *p; 1052 1052 1053 1053 p = container_of(rcu, struct trusted_key_payload, rcu); 1054 - memset(p->key, 0, p->key_len); 1055 - kfree(p); 1054 + kzfree(p); 1056 1055 } 1057 1056 1058 1057 /* ··· 1093 1094 ret = datablob_parse(datablob, new_p, new_o); 1094 1095 if (ret != Opt_update) { 1095 1096 ret = -EINVAL; 1096 - kfree(new_p); 1097 + kzfree(new_p); 1097 1098 goto out; 1098 1099 } 1099 1100 1100 1101 if (!new_o->keyhandle) { 1101 1102 ret = -EINVAL; 1102 - kfree(new_p); 1103 + kzfree(new_p); 1103 1104 goto out; 1104 1105 } 1105 1106 ··· 1113 1114 ret = key_seal(new_p, new_o); 1114 1115 if (ret < 0) { 1115 1116 pr_info("trusted_key: key_seal failed (%d)\n", ret); 1116 - kfree(new_p); 1117 + kzfree(new_p); 1117 1118 goto out; 1118 1119 } 1119 1120 if (new_o->pcrlock) { 1120 1121 ret = pcrlock(new_o->pcrlock); 1121 1122 if (ret < 0) { 1122 1123 pr_info("trusted_key: pcrlock failed (%d)\n", ret); 1123 - kfree(new_p); 1124 + kzfree(new_p); 1124 1125 goto out; 1125 1126 } 1126 1127 } 1127 1128 rcu_assign_keypointer(key, new_p); 1128 1129 call_rcu(&p->rcu, trusted_rcu_free); 1129 1130 out: 1130 - kfree(datablob); 1131 - kfree(new_o); 1131 + kzfree(datablob); 1132 + kzfree(new_o); 1132 1133 return ret; 1133 1134 } 1134 1135 ··· 1157 1158 for (i = 0; i < p->blob_len; i++) 1158 1159 bufp = hex_byte_pack(bufp, p->blob[i]); 1159 1160 if ((copy_to_user(buffer, ascii_buf, 2 * p->blob_len)) != 0) { 1160 - kfree(ascii_buf); 1161 + kzfree(ascii_buf); 1161 1162 return -EFAULT; 1162 1163 } 1163 - kfree(ascii_buf); 1164 + kzfree(ascii_buf); 1164 1165 return 2 * p->blob_len; 1165 1166 } 1166 1167 1167 1168 /* 1168 - * trusted_destroy - before freeing the key, clear the decrypted data 1169 + * trusted_destroy - clear and free the key's payload 1169 1170 */ 1170 1171 static void trusted_destroy(struct key *key) 1171 1172 { 1172 - struct trusted_key_payload *p = key->payload.data[0]; 1173 - 1174 - if (!p) 1175 - return; 1176 - memset(p->key, 0, p->key_len); 1177 - kfree(key->payload.data[0]); 1173 + kzfree(key->payload.data[0]); 1178 1174 } 1179 1175 1180 1176 struct key_type key_type_trusted = {
+12 -4
security/keys/user_defined.c
··· 86 86 */ 87 87 void user_free_preparse(struct key_preparsed_payload *prep) 88 88 { 89 - kfree(prep->payload.data[0]); 89 + kzfree(prep->payload.data[0]); 90 90 } 91 91 EXPORT_SYMBOL_GPL(user_free_preparse); 92 + 93 + static void user_free_payload_rcu(struct rcu_head *head) 94 + { 95 + struct user_key_payload *payload; 96 + 97 + payload = container_of(head, struct user_key_payload, rcu); 98 + kzfree(payload); 99 + } 92 100 93 101 /* 94 102 * update a user defined key ··· 120 112 prep->payload.data[0] = NULL; 121 113 122 114 if (zap) 123 - kfree_rcu(zap, rcu); 115 + call_rcu(&zap->rcu, user_free_payload_rcu); 124 116 return ret; 125 117 } 126 118 EXPORT_SYMBOL_GPL(user_update); ··· 138 130 139 131 if (upayload) { 140 132 rcu_assign_keypointer(key, NULL); 141 - kfree_rcu(upayload, rcu); 133 + call_rcu(&upayload->rcu, user_free_payload_rcu); 142 134 } 143 135 } 144 136 ··· 151 143 { 152 144 struct user_key_payload *upayload = key->payload.data[0]; 153 145 154 - kfree(upayload); 146 + kzfree(upayload); 155 147 } 156 148 157 149 EXPORT_SYMBOL_GPL(user_destroy);