[1/1] CIFS: zero sensitive data when freeing

Message ID 20180125145939.1021-1-aaptel@suse.com
State New
Headers show
Series
  • [1/1] CIFS: zero sensitive data when freeing
Related show

Commit Message

Aurélien Aptel Jan. 25, 2018, 2:59 p.m.
also replaces memset()+kfree() by kzfree().

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
---
 fs/cifs/cifsencrypt.c |  3 +--
 fs/cifs/connect.c     |  6 +++---
 fs/cifs/misc.c        | 14 ++++----------
 3 files changed, 8 insertions(+), 15 deletions(-)

Comments

Pavel Shilovskiy Jan. 26, 2018, 11:01 p.m. | #1
2018-01-25 6:59 GMT-08:00 Aurelien Aptel <aaptel@suse.com>:
> also replaces memset()+kfree() by kzfree().
>
> Signed-off-by: Aurelien Aptel <aaptel@suse.com>
> ---
>  fs/cifs/cifsencrypt.c |  3 +--
>  fs/cifs/connect.c     |  6 +++---
>  fs/cifs/misc.c        | 14 ++++----------
>  3 files changed, 8 insertions(+), 15 deletions(-)
>
> diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
> index 68abbb0db608..f2b0a7f124da 100644
> --- a/fs/cifs/cifsencrypt.c
> +++ b/fs/cifs/cifsencrypt.c
> @@ -325,9 +325,8 @@ int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
>  {
>         int i;
>         int rc;
> -       char password_with_pad[CIFS_ENCPWD_SIZE];
> +       char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
>
> -       memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
>         if (password)
>                 strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
>
> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> index 8b5e401f547a..ee2ab86bff5b 100644
> --- a/fs/cifs/connect.c
> +++ b/fs/cifs/connect.c
> @@ -1720,7 +1720,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
>                         tmp_end++;
>                         if (!(tmp_end < end && tmp_end[1] == delim)) {
>                                 /* No it is not. Set the password to NULL */
> -                               kfree(vol->password);
> +                               kzfree(vol->password);
>                                 vol->password = NULL;
>                                 break;
>                         }
> @@ -1758,7 +1758,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
>                                         options = end;
>                         }
>
> -                       kfree(vol->password);
> +                       kzfree(vol->password);
>                         /* Now build new password string */
>                         temp_len = strlen(value);
>                         vol->password = kzalloc(temp_len+1, GFP_KERNEL);
> @@ -4356,7 +4356,7 @@ cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
>                 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
>  out:
>         kfree(vol_info->username);
> -       kfree(vol_info->password);
> +       kzfree(vol_info->password);
>         kfree(vol_info);
>
>         return tcon;
> diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
> index eea93ac15ef0..a0dbced4a45c 100644
> --- a/fs/cifs/misc.c
> +++ b/fs/cifs/misc.c
> @@ -98,14 +98,11 @@ sesInfoFree(struct cifs_ses *buf_to_free)
>         kfree(buf_to_free->serverOS);
>         kfree(buf_to_free->serverDomain);
>         kfree(buf_to_free->serverNOS);
> -       if (buf_to_free->password) {
> -               memset(buf_to_free->password, 0, strlen(buf_to_free->password));
> -               kfree(buf_to_free->password);
> -       }
> +       kzfree(buf_to_free->password);
>         kfree(buf_to_free->user_name);
>         kfree(buf_to_free->domainName);
> -       kfree(buf_to_free->auth_key.response);
> -       kfree(buf_to_free);
> +       kzfree(buf_to_free->auth_key.response);
> +       kzfree(buf_to_free);
>  }
>
>  struct cifs_tcon *
> @@ -136,10 +133,7 @@ tconInfoFree(struct cifs_tcon *buf_to_free)
>         }
>         atomic_dec(&tconInfoAllocCount);
>         kfree(buf_to_free->nativeFileSystem);
> -       if (buf_to_free->password) {
> -               memset(buf_to_free->password, 0, strlen(buf_to_free->password));
> -               kfree(buf_to_free->password);
> -       }
> +       kzfree(buf_to_free->password);
>         kfree(buf_to_free);
>  }
>
> --
> 2.12.3
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>

--
Best regards,
Pavel Shilovsky
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Ronnie Sahlberg Jan. 29, 2018, 1:37 a.m. | #2
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>

----- Original Message -----
From: "Aurelien Aptel" <aaptel@suse.com>
To: linux-cifs@vger.kernel.org
Cc: smfrench@gmail.com, "Aurelien Aptel" <aaptel@suse.com>
Sent: Friday, 26 January, 2018 1:59:39 AM
Subject: [PATCH 1/1] CIFS: zero sensitive data when freeing

also replaces memset()+kfree() by kzfree().

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
---
 fs/cifs/cifsencrypt.c |  3 +--
 fs/cifs/connect.c     |  6 +++---
 fs/cifs/misc.c        | 14 ++++----------
 3 files changed, 8 insertions(+), 15 deletions(-)

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 68abbb0db608..f2b0a7f124da 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -325,9 +325,8 @@ int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
 {
 	int i;
 	int rc;
-	char password_with_pad[CIFS_ENCPWD_SIZE];
+	char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
 
-	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
 	if (password)
 		strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
 
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 8b5e401f547a..ee2ab86bff5b 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1720,7 +1720,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
 			tmp_end++;
 			if (!(tmp_end < end && tmp_end[1] == delim)) {
 				/* No it is not. Set the password to NULL */
-				kfree(vol->password);
+				kzfree(vol->password);
 				vol->password = NULL;
 				break;
 			}
@@ -1758,7 +1758,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
 					options = end;
 			}
 
-			kfree(vol->password);
+			kzfree(vol->password);
 			/* Now build new password string */
 			temp_len = strlen(value);
 			vol->password = kzalloc(temp_len+1, GFP_KERNEL);
@@ -4356,7 +4356,7 @@ cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
 		reset_cifs_unix_caps(0, tcon, NULL, vol_info);
 out:
 	kfree(vol_info->username);
-	kfree(vol_info->password);
+	kzfree(vol_info->password);
 	kfree(vol_info);
 
 	return tcon;
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index eea93ac15ef0..a0dbced4a45c 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -98,14 +98,11 @@ sesInfoFree(struct cifs_ses *buf_to_free)
 	kfree(buf_to_free->serverOS);
 	kfree(buf_to_free->serverDomain);
 	kfree(buf_to_free->serverNOS);
-	if (buf_to_free->password) {
-		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-		kfree(buf_to_free->password);
-	}
+	kzfree(buf_to_free->password);
 	kfree(buf_to_free->user_name);
 	kfree(buf_to_free->domainName);
-	kfree(buf_to_free->auth_key.response);
-	kfree(buf_to_free);
+	kzfree(buf_to_free->auth_key.response);
+	kzfree(buf_to_free);
 }
 
 struct cifs_tcon *
@@ -136,10 +133,7 @@ tconInfoFree(struct cifs_tcon *buf_to_free)
 	}
 	atomic_dec(&tconInfoAllocCount);
 	kfree(buf_to_free->nativeFileSystem);
-	if (buf_to_free->password) {
-		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-		kfree(buf_to_free->password);
-	}
+	kzfree(buf_to_free->password);
 	kfree(buf_to_free);
 }

Patch

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 68abbb0db608..f2b0a7f124da 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -325,9 +325,8 @@  int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
 {
 	int i;
 	int rc;
-	char password_with_pad[CIFS_ENCPWD_SIZE];
+	char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
 
-	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
 	if (password)
 		strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
 
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 8b5e401f547a..ee2ab86bff5b 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1720,7 +1720,7 @@  cifs_parse_mount_options(const char *mountdata, const char *devname,
 			tmp_end++;
 			if (!(tmp_end < end && tmp_end[1] == delim)) {
 				/* No it is not. Set the password to NULL */
-				kfree(vol->password);
+				kzfree(vol->password);
 				vol->password = NULL;
 				break;
 			}
@@ -1758,7 +1758,7 @@  cifs_parse_mount_options(const char *mountdata, const char *devname,
 					options = end;
 			}
 
-			kfree(vol->password);
+			kzfree(vol->password);
 			/* Now build new password string */
 			temp_len = strlen(value);
 			vol->password = kzalloc(temp_len+1, GFP_KERNEL);
@@ -4356,7 +4356,7 @@  cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
 		reset_cifs_unix_caps(0, tcon, NULL, vol_info);
 out:
 	kfree(vol_info->username);
-	kfree(vol_info->password);
+	kzfree(vol_info->password);
 	kfree(vol_info);
 
 	return tcon;
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index eea93ac15ef0..a0dbced4a45c 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -98,14 +98,11 @@  sesInfoFree(struct cifs_ses *buf_to_free)
 	kfree(buf_to_free->serverOS);
 	kfree(buf_to_free->serverDomain);
 	kfree(buf_to_free->serverNOS);
-	if (buf_to_free->password) {
-		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-		kfree(buf_to_free->password);
-	}
+	kzfree(buf_to_free->password);
 	kfree(buf_to_free->user_name);
 	kfree(buf_to_free->domainName);
-	kfree(buf_to_free->auth_key.response);
-	kfree(buf_to_free);
+	kzfree(buf_to_free->auth_key.response);
+	kzfree(buf_to_free);
 }
 
 struct cifs_tcon *
@@ -136,10 +133,7 @@  tconInfoFree(struct cifs_tcon *buf_to_free)
 	}
 	atomic_dec(&tconInfoAllocCount);
 	kfree(buf_to_free->nativeFileSystem);
-	if (buf_to_free->password) {
-		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-		kfree(buf_to_free->password);
-	}
+	kzfree(buf_to_free->password);
 	kfree(buf_to_free);
 }