hwrng: core - zeroize buffers with random data
The HWRNG core allocates two buffers during initialization which are used to obtain random data. After that data is processed, it is now zeroized as it is possible that the HWRNG core will not be asked to produce more random data for a long time. This prevents leaving such sensitive data in memory. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
d7db7a882d
commit
2cc7515458
|
@ -92,6 +92,7 @@ static void add_early_randomness(struct hwrng *rng)
|
||||||
mutex_unlock(&reading_mutex);
|
mutex_unlock(&reading_mutex);
|
||||||
if (bytes_read > 0)
|
if (bytes_read > 0)
|
||||||
add_device_randomness(rng_buffer, bytes_read);
|
add_device_randomness(rng_buffer, bytes_read);
|
||||||
|
memset(rng_buffer, 0, size);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void cleanup_rng(struct kref *kref)
|
static inline void cleanup_rng(struct kref *kref)
|
||||||
|
@ -287,6 +288,7 @@ static ssize_t rng_dev_read(struct file *filp, char __user *buf,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
out:
|
out:
|
||||||
|
memset(rng_buffer, 0, rng_buffer_size());
|
||||||
return ret ? : err;
|
return ret ? : err;
|
||||||
|
|
||||||
out_unlock_reading:
|
out_unlock_reading:
|
||||||
|
@ -425,6 +427,7 @@ static int hwrng_fillfn(void *unused)
|
||||||
/* Outside lock, sure, but y'know: randomness. */
|
/* Outside lock, sure, but y'know: randomness. */
|
||||||
add_hwgenerator_randomness((void *)rng_fillbuf, rc,
|
add_hwgenerator_randomness((void *)rng_fillbuf, rc,
|
||||||
rc * current_quality * 8 >> 10);
|
rc * current_quality * 8 >> 10);
|
||||||
|
memset(rng_fillbuf, 0, rng_buffer_size());
|
||||||
}
|
}
|
||||||
hwrng_fill = NULL;
|
hwrng_fill = NULL;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
Loading…
Reference in New Issue