From: Tudor-Dan Ambarus Date: Fri, 23 Mar 2018 10:42:18 +0000 (+0200) Subject: crypto: caam - don't leak pointers to authenc keys X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=61dab9726050b0ffa826f1b540e9518768914b76;p=openwrt%2Fstaging%2Fblogic.git crypto: caam - don't leak pointers to authenc keys In caam's aead_setkey we save pointers to the authenc keys in a local variable of type struct crypto_authenc_keys and we don't zeroize it after use. Fix this and don't leak pointers to the authenc keys. Signed-off-by: Tudor Ambarus Reviewed-by: Horia Geantă Signed-off-by: Herbert Xu --- diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 584a6c183548..7207a535942d 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -570,9 +570,11 @@ static int aead_setkey(struct crypto_aead *aead, skip_split_key: ctx->cdata.keylen = keys.enckeylen; + memzero_explicit(&keys, sizeof(keys)); return aead_set_sh_desc(aead); badkey: crypto_aead_set_flags(aead, CRYPTO_TFM_RES_BAD_KEY_LEN); + memzero_explicit(&keys, sizeof(keys)); return -EINVAL; }