diff mbox series

[v5,03/11] crypto/qat: force zero of keys

Message ID	20250211173720.1188517-4-stephen@networkplumber.org (mailing list archive)
State	Superseded
Delegated to:	Thomas Monjalon
Headers	From: Stephen Hemminger <stephen@networkplumber.org> To: dev@dpdk.org Cc: Stephen Hemminger <stephen@networkplumber.org>, Bruce Richardson <bruce.richardson@intel.com>, Kai Ji <kai.ji@intel.com> Subject: [PATCH v5 03/11] crypto/qat: force zero of keys Date: Tue, 11 Feb 2025 09:35:23 -0800 Message-ID: <20250211173720.1188517-4-stephen@networkplumber.org> In-Reply-To: <20250211173720.1188517-1-stephen@networkplumber.org> References: <20241114011129.451243-1-stephen@networkplumber.org> <20250211173720.1188517-1-stephen@networkplumber.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: dev-bounces@dpdk.org
Series	memset security fixes \| [v5,00/11] memset security fixes [v5,01/11] eal: introduce new secure memory fill [v5,02/11] eal: add new secure free function [v5,03/11] crypto/qat: force zero of keys [v5,04/11] crypto/qat: fix size calculation for memset [v5,05/11] crypto/qat: use secure memset [v5,06/11] bus/uacce: remove memset before free [v5,07/11] compress/octeontx: remove unnecessary memset [v5,08/11] test: remove unneeded memset [v5,09/11] net/ntnic: check result of malloc [v5,10/11] net/ntnic: remove unnecessary memset [v5,11/11] devtools/cocci: add script to find problematic memset

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Stephen Hemminger Feb. 11, 2025, 5:35 p.m. UTC

Just doing memset() on keys is not enough, compiler can optimize
it away. Need something with a barrier.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
---
 drivers/crypto/qat/qat_sym_session.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff mbox series

Patch

diff --git a/drivers/crypto/qat/qat_sym_session.c b/drivers/crypto/qat/qat_sym_session.c
index 50d687fd37..2fce8fcb16 100644
--- a/drivers/crypto/qat/qat_sym_session.c
+++ b/drivers/crypto/qat/qat_sym_session.c
@@ -26,6 +26,7 @@ 
 #include <rte_crypto_sym.h>
 #include <rte_security_driver.h>
 #include <rte_ether.h>
+#include <rte_string_fns.h>
 
 #include "qat_logs.h"
 #include "qat_sym_session.h"
@@ -1633,7 +1634,7 @@  static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 			aes_cmac_key_derive(k0, k1);
 			aes_cmac_key_derive(k1, k2);
 
-			memset(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ);
+			rte_memset_sensitive(k0, 0, ICP_QAT_HW_AES_128_KEY_SZ);
 			*p_state_len = ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ;
 			rte_free(in);
 			goto out;
@@ -1668,7 +1669,7 @@  static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 							&enc_key) != 0) {
 					rte_free(in -
 					  (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ));
-					memset(out -
+					rte_memset_sensitive(out -
 					   (x * ICP_QAT_HW_AES_XCBC_MAC_KEY_SZ),
 					  0, ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);
 					return -EFAULT;
@@ -1698,7 +1699,7 @@  static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 			return -ENOMEM;
 		}
 
-		memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ);
+		rte_memset_sensitive(in, 0, ICP_QAT_HW_GALOIS_H_SZ);
 		if (AES_set_encrypt_key(auth_key, auth_keylen << 3,
 			&enc_key) != 0) {
 			return -EFAULT;
@@ -1757,8 +1758,8 @@  static int qat_sym_do_precomputes(enum icp_qat_hw_auth_algo hash_alg,
 	}
 
 	/*  don't leave data lying around */
-	memset(ipad, 0, block_size);
-	memset(opad, 0, block_size);
+	rte_memset_sensitive(ipad, 0, block_size);
+	rte_memset_sensitive(opad, 0, block_size);
 out:
 	return 0;
 }
@@ -2006,8 +2007,8 @@  static int qat_sym_do_precomputes_ipsec_mb(enum icp_qat_hw_auth_algo hash_alg,
 
 out:
 	/*  don't leave data lying around */
-	memset(ipad, 0, block_size);
-	memset(opad, 0, block_size);
+	rte_memset_sensitive(ipad, 0, block_size);
+	rte_memset_sensitive(opad, 0, block_size);
 	free_mb_mgr(m);
 	return ret;
 }
@@ -3232,7 +3233,7 @@  qat_security_session_destroy(void *dev __rte_unused,
 		if (s->mb_mgr)
 			free_mb_mgr(s->mb_mgr);
 #endif
-		memset(s, 0, qat_sym_session_get_private_size(dev));
+		rte_memset_sensitive(s, 0, qat_sym_session_get_private_size(dev));
 	}
 
 	return 0;