KEYS: use kfree_sensitive with key
key might contain private part of the key, so better use kfree_sensitive to free it Signed-off-by: Mahmoud Adam <mngyadam@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Mahmoud Adam
Herbert Xu
parent
e22471c233
commit
9f3fa6bc4f
|
|
@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key,
|
||||||
void public_key_free(struct public_key *key)
|
void public_key_free(struct public_key *key)
|
||||||
{
|
{
|
||||||
if (key) {
|
if (key) {
|
||||||
kfree(key->key);
|
kfree_sensitive(key->key);
|
||||||
kfree(key->params);
|
kfree(key->params);
|
||||||
kfree(key);
|
kfree(key);
|
||||||
}
|
}
|
||||||
|
|
@ -263,7 +263,7 @@ error_free_tfm:
|
||||||
else
|
else
|
||||||
crypto_free_akcipher(tfm);
|
crypto_free_akcipher(tfm);
|
||||||
error_free_key:
|
error_free_key:
|
||||||
kfree(key);
|
kfree_sensitive(key);
|
||||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
@ -369,7 +369,7 @@ error_free_tfm:
|
||||||
else
|
else
|
||||||
crypto_free_akcipher(tfm);
|
crypto_free_akcipher(tfm);
|
||||||
error_free_key:
|
error_free_key:
|
||||||
kfree(key);
|
kfree_sensitive(key);
|
||||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey,
|
||||||
sig->digest, sig->digest_size);
|
sig->digest, sig->digest_size);
|
||||||
|
|
||||||
error_free_key:
|
error_free_key:
|
||||||
kfree(key);
|
kfree_sensitive(key);
|
||||||
error_free_tfm:
|
error_free_tfm:
|
||||||
crypto_free_sig(tfm);
|
crypto_free_sig(tfm);
|
||||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue