Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
dm crypt: wipe keys string immediately after key is set
Always wipe the original copy of the key after processing it
in crypt_set_key().
Signed-off-by: Milan Broz <mbroz@redhat.com>
Acked-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
authored by Milan Broz and committed by Alasdair G Kergon de8be5ac 3407ef52
+14
-5
drivers/md/dm-crypt.c
+14
-5
drivers/md/dm-crypt.c
···
1331
1331
1332
1332
static int crypt_set_key(struct crypt_config *cc, char *key)
1333
1333
{
1334
+
int r = -EINVAL;
1335
+
int key_string_len = strlen(key);
1336
+
1334
1337
/* The key size may not be changed. */
1335
-
if (cc->key_size != (strlen(key) >> 1))
1336
-
return -EINVAL;
1338
+
if (cc->key_size != (key_string_len >> 1))
1339
+
goto out;
1337
1340
1338
1341
/* Hyphen (which gives a key_size of zero) means there is no key. */
1339
1342
if (!cc->key_size && strcmp(key, "-"))
1340
-
return -EINVAL;
1343
+
goto out;
1341
1344
1342
1345
if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0)
1343
-
return -EINVAL;
1346
+
goto out;
1344
1347
1345
1348
set_bit(DM_CRYPT_KEY_VALID, &cc->flags);
1346
1349
1347
-
return crypt_setkey_allcpus(cc);
1350
+
r = crypt_setkey_allcpus(cc);
1351
+
1352
+
out:
1353
+
/* Hex key string not needed after here, so wipe it. */
1354
+
memset(key, '0', key_string_len);
1355
+
1356
+
return r;
1348
1357
}
1349
1358
1350
1359
static int crypt_wipe_key(struct crypt_config *cc)