forked from luck/tmp_suning_uos_patched
s390/crypto: explicitly memzero stack key material in aes_s390.c
aes_s390.c has several functions which allocate space for key material on the stack and leave the used keys there. It is considered good practice to clean these locations before the function returns. Link: https://lkml.kernel.org/r/20200221165511.GB6928@lst.de Signed-off-by: Torsten Duwe <duwe@suse.de> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
This commit is contained in:
parent
fa226f1d81
commit
4a559cd15d
|
@ -342,6 +342,7 @@ static int cbc_aes_crypt(struct skcipher_request *req, unsigned long modifier)
|
||||||
memcpy(walk.iv, param.iv, AES_BLOCK_SIZE);
|
memcpy(walk.iv, param.iv, AES_BLOCK_SIZE);
|
||||||
ret = skcipher_walk_done(&walk, nbytes - n);
|
ret = skcipher_walk_done(&walk, nbytes - n);
|
||||||
}
|
}
|
||||||
|
memzero_explicit(¶m, sizeof(param));
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -470,6 +471,8 @@ static int xts_aes_crypt(struct skcipher_request *req, unsigned long modifier)
|
||||||
walk.dst.virt.addr, walk.src.virt.addr, n);
|
walk.dst.virt.addr, walk.src.virt.addr, n);
|
||||||
ret = skcipher_walk_done(&walk, nbytes - n);
|
ret = skcipher_walk_done(&walk, nbytes - n);
|
||||||
}
|
}
|
||||||
|
memzero_explicit(&pcc_param, sizeof(pcc_param));
|
||||||
|
memzero_explicit(&xts_param, sizeof(xts_param));
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user