/[linux-patches]/genpatches-2.6/trunk/2.6.14/1417_15.4_dm-crypt-zero-key.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.14/1417_15.4_dm-crypt-zero-key.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 328 - (show annotations) (download) (as text)
Tue Mar 14 13:34:17 2006 UTC (14 years, 7 months ago) by johnm
File MIME type: text/x-diff
File size: 1425 byte(s)
2.6.14-11, rebase against local tree
1 From stable-bounces@linux.kernel.org Fri Feb 3 11:03:07 2006
2 Date: Fri, 6 Jan 2006 09:21:39 -0800
3 From: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
4 To: git-commits-head@vger.kernel.org
5 Cc:
6 Subject: [PATCH] dm-crypt: zero key before freeing it
7
8 From: Stefan Rompf <stefan@loplof.de>
9
10 Zap the memory before freeing it so we don't leave crypto information
11 around in memory.
12
13 Signed-off-by: Stefan Rompf <stefan@loplof.de>
14 Acked-by: Clemens Fruhwirth <clemens@endorphin.org>
15 Acked-by: Alasdair G Kergon <agk@redhat.com>
16 Signed-off-by: Andrew Morton <akpm@osdl.org>
17 Signed-off-by: Linus Torvalds <torvalds@osdl.org>
18 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
19 ---
20
21 drivers/md/dm-crypt.c | 5 +++++
22 1 files changed, 5 insertions(+)
23
24 Index: linux-2.6.15.2/drivers/md/dm-crypt.c
25 ===================================================================
26 --- linux-2.6.15.2.orig/drivers/md/dm-crypt.c
27 +++ linux-2.6.15.2/drivers/md/dm-crypt.c
28 @@ -690,6 +690,8 @@ bad3:
29 bad2:
30 crypto_free_tfm(tfm);
31 bad1:
32 + /* Must zero key material before freeing */
33 + memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
34 kfree(cc);
35 return -EINVAL;
36 }
37 @@ -706,6 +708,9 @@ static void crypt_dtr(struct dm_target *
38 cc->iv_gen_ops->dtr(cc);
39 crypto_free_tfm(cc->tfm);
40 dm_put_device(ti, cc->dev);
41 +
42 + /* Must zero key material before freeing */
43 + memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
44 kfree(cc);
45 }
46

  ViewVC Help
Powered by ViewVC 1.1.20