libceph: zero out session key and connection secret

Try and avoid leaving bits and pieces of session key and connection secret (gets split into GCM key and a pair of GCM IVs) around. Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Reviewed-by: Jeff Layton <jlayton@kernel.org>
author: Ilya Dryomov <idryomov@gmail.com> 2020-12-22 21:00:48 +0300
committer: Ilya Dryomov <idryomov@gmail.com> 2021-01-04 19:31:32 +0300
commit: 10f42b3e648377b2f2f323a5530354710616c6cc (patch)
tree: df088d623ba005d946e6c8e3a30d68fd24ebe998 /net/ceph/crypto.c
parent: e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62 (diff)
download: linux-10f42b3e648377b2f2f323a5530354710616c6cc.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ceph/crypto.c b/net/ceph/crypto.c
index 4f75df40fb12..92d89b331645 100644
--- a/net/ceph/crypto.c
+++ b/net/ceph/crypto.c
@@ -96,6 +96,7 @@ int ceph_crypto_key_decode(struct ceph_crypto_key *key, void **p, void *end)
 	key->len = ceph_decode_16(p);
 	ceph_decode_need(p, end, key->len, bad);
 	ret = set_secret(key, *p);
+	memzero_explicit(*p, key->len);
 	*p += key->len;
 	return ret;
 
@@ -134,7 +135,7 @@ int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *inkey)
 void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
 {
 	if (key) {
-		kfree(key->key);
+		kfree_sensitive(key->key);
 		key->key = NULL;
 		if (key->tfm) {
 			crypto_free_sync_skcipher(key->tfm);
author	Ilya Dryomov <idryomov@gmail.com>	2020-12-22 21:00:48 +0300
committer	Ilya Dryomov <idryomov@gmail.com>	2021-01-04 19:31:32 +0300
commit	10f42b3e648377b2f2f323a5530354710616c6cc (patch)
tree	df088d623ba005d946e6c8e3a30d68fd24ebe998 /net/ceph/crypto.c
parent	e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62 (diff)
download	linux-10f42b3e648377b2f2f323a5530354710616c6cc.tar.xz