s390/crypto: explicitly memzero stack key material in aes_s390.c
authorTorsten Duwe <duwe@suse.de>
Tue, 25 Feb 2020 14:34:30 +0000 (15:34 +0100)
committerVasily Gorbik <gor@linux.ibm.com>
Thu, 27 Feb 2020 15:02:21 +0000 (16:02 +0100)
aes_s390.c has several functions which allocate space for key material on
the stack and leave the used keys there. It is considered good practice
to clean these locations before the function returns.

Link: https://lkml.kernel.org/r/20200221165511.GB6928@lst.de
Signed-off-by: Torsten Duwe <duwe@suse.de>
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
arch/s390/crypto/aes_s390.c

index 1c23d84a9097d92d99c107e59e4dab4939ee7c17..73044634d3427f63e62506ed8bebc0a8f840a492 100644 (file)
@@ -342,6 +342,7 @@ static int cbc_aes_crypt(struct skcipher_request *req, unsigned long modifier)
                memcpy(walk.iv, param.iv, AES_BLOCK_SIZE);
                ret = skcipher_walk_done(&walk, nbytes - n);
        }
+       memzero_explicit(&param, sizeof(param));
        return ret;
 }
 
@@ -470,6 +471,8 @@ static int xts_aes_crypt(struct skcipher_request *req, unsigned long modifier)
                         walk.dst.virt.addr, walk.src.virt.addr, n);
                ret = skcipher_walk_done(&walk, nbytes - n);
        }
+       memzero_explicit(&pcc_param, sizeof(pcc_param));
+       memzero_explicit(&xts_param, sizeof(xts_param));
        return ret;
 }