Commit 9f3fa6bc authored by Mahmoud Adam's avatar Mahmoud Adam Committed by Herbert Xu
Browse files

KEYS: use kfree_sensitive with key 



key might contain private part of the key, so better use
kfree_sensitive to free it

Signed-off-by: default avatarMahmoud Adam <mngyadam@amazon.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent e22471c2

crypto/asymmetric_keys/public_key.c

+4 −4
Original line number Original line Diff line number Diff line
@@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key, 
void public_key_free(struct public_key *key)

void public_key_free(struct public_key *key)

{

{

	if (key) {

	if (key) {

		kfree(key->key);

		kfree_sensitive(key->key);

		kfree(key->params);

		kfree(key->params);

		kfree(key);

		kfree(key);

	}

	}
@@ -263,7 +263,7 @@ static int software_key_query(const struct kernel_pkey_params *params, 
	else

	else

		crypto_free_akcipher(tfm);

		crypto_free_akcipher(tfm);

error_free_key:

error_free_key:

	kfree(key);

	kfree_sensitive(key);

	pr_devel("<==%s() = %d\n", __func__, ret);

	pr_devel("<==%s() = %d\n", __func__, ret);

	return ret;

	return ret;

}

}
@@ -369,7 +369,7 @@ static int software_key_eds_op(struct kernel_pkey_params *params, 
	else

	else

		crypto_free_akcipher(tfm);

		crypto_free_akcipher(tfm);

error_free_key:

error_free_key:

	kfree(key);

	kfree_sensitive(key);

	pr_devel("<==%s() = %d\n", __func__, ret);

	pr_devel("<==%s() = %d\n", __func__, ret);

	return ret;

	return ret;

}

}
@@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey, 
				sig->digest, sig->digest_size);

				sig->digest, sig->digest_size);





error_free_key:

error_free_key:

	kfree(key);

	kfree_sensitive(key);

error_free_tfm:

error_free_tfm:

	crypto_free_sig(tfm);

	crypto_free_sig(tfm);

	pr_devel("<==%s() = %d\n", __func__, ret);

	pr_devel("<==%s() = %d\n", __func__, ret);