crypto: arm/neon - memzero_explicit aes-cbc key

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

At function exit, do not leave the expanded key in the rk struct
which got allocated on the stack.

Signed-off-by: Torsten Duwe <duwe@suse.de>
Acked-by: Will Deacon <will@kernel.org>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Torsten Duwe and committed by

Herbert Xu 6 years ago 82ff493e 7fe8e483

2 changed files

expand all

arch

arm

crypto

aes-neonbs-glue.c

arm64

crypto

aes-neonbs-glue.c

arch/arm/crypto/aes-neonbs-glue.c

··· 138 138 kernel_neon_begin(); 139 139 aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds); 140 140 kernel_neon_end(); 141 + memzero_explicit(&rk, sizeof(rk)); 141 142 142 143 return crypto_cipher_setkey(ctx->enc_tfm, in_key, key_len); 143 144 }

arch/arm64/crypto/aes-neonbs-glue.c

··· 151 151 kernel_neon_begin(); 152 152 aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds); 153 153 kernel_neon_end(); 154 + memzero_explicit(&rk, sizeof(rk)); 154 155 155 156 return 0; 156 157 }