RE: [PATCH] tipc: use kfree_sensitive() for aead cleanup
From: Tung Quang Nguyen
Date: Sun May 25 2025 - 21:03:05 EST
>Subject: [PATCH] tipc: use kfree_sensitive() for aead cleanup
>
>The tipc_aead_free() function currently uses kfree() to release the aead
>structure. However, this structure contains sensitive information, such as key's
>SALT value, which should be securely erased from memory to prevent potential
>leakage.
>
>To enhance security, replace kfree() with kfree_sensitive() when freeing the
>aead structure. This change ensures that sensitive data is explicitly cleared
>before memory deallocation, aligning with the approach used in
>tipc_aead_init() and adhering to best practices for handling confidential
>information.
>
>Signed-off-by: Zilin Guan <zilin@xxxxxxxxxx>
>---
> net/tipc/crypto.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/net/tipc/crypto.c b/net/tipc/crypto.c index
>8584893b4785..f4cfe88670f5 100644
>--- a/net/tipc/crypto.c
>+++ b/net/tipc/crypto.c
>@@ -425,7 +425,7 @@ static void tipc_aead_free(struct rcu_head *rp)
> }
> free_percpu(aead->tfm_entry);
> kfree_sensitive(aead->key);
>- kfree(aead);
>+ kfree_sensitive(aead);
> }
>
> static int tipc_aead_users(struct tipc_aead __rcu *aead)
>--
>2.34.1
>
Reviewed-by: Tung Nguyen <tung.quang.nguyen@xxxxxxxx>