| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <581388A8-4FC3-4FC0-9D5B-9F13DCB90073@linux.dev> Date: Mon, 30 Sep 2024 14:15:18 +0200 From: Thorsten Blum <thorsten.blum@...ux.dev> To: Krzysztof Kozlowski <krzk@...nel.org> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] w1: Use kfree_sensitive() instead of memset(0) and kfree() On 30. Sep 2024, at 13:50, Krzysztof Kozlowski <krzk@...nel.org> wrote: > On 30/09/2024 13:44, Thorsten Blum wrote: >> Use kfree_sensitive() to simplify w1_unref_slave() and remove the >> following Coccinelle/coccicheck warning reported by >> kfree_sensitive.cocci: >> >> WARNING opportunity for kfree_sensitive/kvfree_sensitive > > So are you fixing coccinelle just to hide the warning or actually fixing > issue? Why this structure should be zeroed? No issue, just a refactoring (+zeroing out) to silence the warning. The structure probably doesn't need to be zeroed out, but why is it done for DEBUG builds? >> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev> >> --- >> Please note: this change assumes that #ifdef DEBUG is no longer needed >> and we should always zero out the memory. > > But why are you assuming that? Your patch is not equivalent and I do not > see any explanation in commit msg why is that.
Powered by blists - more mailing lists