On 7/18/23 19:28, 杜敏杰 wrote:
Hi Mike!
Thank you for your reply!
Do I need to submit a new patch to kfree_sensitive for 'password_in' and
'usernames'?
Just submit a V2 version of your original patch, making the changes that
Mike suggested. You can continue to include my Reviewed-by tag.
regards,
Minjie
-----邮件原件-----
发件人: Mike Christie <[email protected]>
发送时间: 2023年7月18日 2:26
收件人: 杜敏杰 <[email protected]>; Lee Duncan <[email protected]>; Chris Leech <[email protected]>; James E.J.
Bottomley <[email protected]>; Martin K. Petersen <[email protected]>; open list:ISCSI
<[email protected]>; open list:ISCSI <[email protected]>; open list
<[email protected]>
抄送: opensource.kernel <[email protected]>
主题: Re: [PATCH v1] scsi: iscsi: use kfree_sensitive() in iscsi_session_free()
On 7/17/23 4:26 AM, Minjie Du wrote:
session might contain private part of the password, so better use
kfree_sensitive() to free it.
In iscsi_session_free() use kfree_sensitive() to free session->password.
Signed-off-by: Minjie Du <[email protected]>
---
drivers/scsi/libiscsi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/libiscsi.c b/drivers/scsi/libiscsi.c index
0fda8905e..2f273229c 100644
--- a/drivers/scsi/libiscsi.c
+++ b/drivers/scsi/libiscsi.c
@@ -3132,7 +3132,7 @@ void iscsi_session_free(struct iscsi_cls_session
*cls_session)
struct module *owner = cls_session->transport->owner;
iscsi_pool_free(&session->cmdpool);
- kfree(session->password);
+ kfree_sensitive(session->password);
kfree(session->password_in);
You then also want kfree_sensitive for password_in.
I would also use it for the usernames then too.
kfree(session->username);
kfree(session->username_in);
--
You received this message because you are subscribed to the Google Groups
"open-iscsi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/open-iscsi/7483deb3-2b69-37fa-28ea-fb54aac58ff8%40suse.com.
