| From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| From: Eric Biggers <ebiggers@google.com> |
| Date: Wed, 9 Oct 2019 16:34:17 -0700 |
| Subject: FROMLIST: fscrypt: zeroize fscrypt_info before freeing |
| |
| memset the struct fscrypt_info to zero before freeing. This isn't |
| really needed currently, since there's no secret key directly in the |
| fscrypt_info. But there's a decent chance that someone will add such a |
| field in the future, e.g. in order to use an API that takes a raw key |
| such as siphash(). So it's good to do this as a hardening measure. |
| |
| Change-Id: I0fadabcf72d36a0aa786fd5bcc5153c5dbfec8ba |
| Signed-off-by: Eric Biggers <ebiggers@google.com> |
| Signed-off-by: Satya Tangirala <satyat@google.com> |
| Link: https://patchwork.kernel.org/patch/11182405/ |
| --- |
| fs/crypto/keysetup.c | 1 + |
| 1 file changed, 1 insertion(+) |
| |
| diff --git a/fs/crypto/keysetup.c b/fs/crypto/keysetup.c |
| index 8eb5a0e762ec..b03b33643e4b 100644 |
| --- a/fs/crypto/keysetup.c |
| +++ b/fs/crypto/keysetup.c |
| @@ -327,6 +327,7 @@ static void put_crypt_info(struct fscrypt_info *ci) |
| key_invalidate(key); |
| key_put(key); |
| } |
| + memzero_explicit(ci, sizeof(*ci)); |
| kmem_cache_free(fscrypt_info_cachep, ci); |
| } |
| |