diff options
| author | Sagi Grimberg <sagi@grimberg.me> | 2022-11-13 14:24:15 +0300 |
|---|---|---|
| committer | Christoph Hellwig <hch@lst.de> | 2022-11-16 10:36:35 +0300 |
| commit | 8d1c1904e94757b78c28fbbef9285e4101d86ee9 (patch) | |
| tree | d869264dd728efdaf2052eaceeca53b8c5086508 | |
| parent | e481fc0a377798976d5c3044c7f10c86a8372b92 (diff) | |
| download | linux-8d1c1904e94757b78c28fbbef9285e4101d86ee9.tar.xz | |
nvme-auth: clear sensitive info right after authentication completes
We don't want to keep authentication sensitive info in memory for unlimited
amount of time.
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
| -rw-r--r-- | drivers/nvme/host/auth.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c index 1b44676b6155..04cf183d9519 100644 --- a/drivers/nvme/host/auth.c +++ b/drivers/nvme/host/auth.c @@ -912,6 +912,8 @@ int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid) mutex_unlock(&ctrl->dhchap_auth_mutex); flush_work(&chap->auth_work); ret = chap->error; + /* clear sensitive info */ + nvme_auth_reset_dhchap(chap); return ret; } mutex_unlock(&ctrl->dhchap_auth_mutex); |