diff options
author | Torsten Duwe <duwe@suse.de> | 2020-03-13 14:02:58 +0300 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2020-03-20 06:36:51 +0300 |
commit | 82ff493eb77cfd28fbfea6ce29bdaaffe238c0b2 (patch) | |
tree | 1857e2353fcf200e133c5f9bccb87c9e0a8b69ff /arch/arm/crypto | |
parent | 7fe8e483ec6f62ad43e9c2ba7e07b047f4d35d69 (diff) | |
download | linux-82ff493eb77cfd28fbfea6ce29bdaaffe238c0b2.tar.xz |
crypto: arm/neon - memzero_explicit aes-cbc key
At function exit, do not leave the expanded key in the rk struct
which got allocated on the stack.
Signed-off-by: Torsten Duwe <duwe@suse.de>
Acked-by: Will Deacon <will@kernel.org>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'arch/arm/crypto')
-rw-r--r-- | arch/arm/crypto/aes-neonbs-glue.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm/crypto/aes-neonbs-glue.c b/arch/arm/crypto/aes-neonbs-glue.c index e85839a8aaeb..e6fd32919c81 100644 --- a/arch/arm/crypto/aes-neonbs-glue.c +++ b/arch/arm/crypto/aes-neonbs-glue.c @@ -138,6 +138,7 @@ static int aesbs_cbc_setkey(struct crypto_skcipher *tfm, const u8 *in_key, kernel_neon_begin(); aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds); kernel_neon_end(); + memzero_explicit(&rk, sizeof(rk)); return crypto_cipher_setkey(ctx->enc_tfm, in_key, key_len); } |