From 19e7403268e80e02508ec2b0c95dcf7b7e6b4cff Mon Sep 17 00:00:00 2001
From: Yu'an Wang <wangyuan46@huawei.com>
Date: Thu, 20 Feb 2020 16:55:14 +0800
Subject: [PATCH] hpre: optimize key process before free
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

driver inclusion
category: bugfix
bugzilla: NA
CVE: NA

In this patch, we try to optimize key process before free of hpre
module.
1、for DH algorithm, we use para g to compute public key, para g is
public, so we need not clear it before free.
2、for RSA algorithm, we should use memzero_explicit to clear prikey.
It will be optimized, when memset follows free.
3、For standard RSA algorithm, we use one buf to store public and
prikey, to consider performance, we just clear prikey buf.

Signed-off-by: Yu'an Wang <wangyuan46@huawei.com>
Reviewed-by: Cheng Hu <hucheng.hu@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 drivers/crypto/hisilicon/hpre/hpre_crypto.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
index a43f82ead0a5..803b611bbf03 100644
--- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
+++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
@@ -559,7 +559,6 @@ static void hpre_dh_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all)
 		hisi_qm_stop_qp(ctx->qp);
 
 	if (ctx->dh.g) {
-		memzero_explicit(ctx->dh.g, sz);
 		dma_free_coherent(dev, sz, ctx->dh.g, ctx->dh.dma_g);
 		ctx->dh.g = NULL;
 	}
@@ -893,7 +892,7 @@ static int hpre_rsa_setkey_crt(struct hpre_ctx *ctx, struct rsa_key *rsa_key)
 
 free_key:
 	offset = hlf_ksz * HPRE_CRT_PRMS;
-	memset(ctx->rsa.crt_prikey, 0, offset);
+	memzero_explicit(ctx->rsa.crt_prikey, offset);
 	dma_free_coherent(dev, hlf_ksz * HPRE_CRT_PRMS, ctx->rsa.crt_prikey,
 			  ctx->rsa.dma_crt_prikey);
 	ctx->rsa.crt_prikey = NULL;
@@ -926,7 +925,7 @@ static void hpre_rsa_clear_ctx(struct hpre_ctx *ctx, bool is_clear_all)
 	}
 
 	if (ctx->rsa.prikey) {
-		memzero_explicit(ctx->rsa.prikey, ctx->key_sz << 1);
+		memzero_explicit(ctx->rsa.prikey, ctx->key_sz);
 		dma_free_coherent(dev, ctx->key_sz << 1, ctx->rsa.prikey,
 				  ctx->rsa.dma_prikey);
 		ctx->rsa.prikey = NULL;
-- 
GitLab