Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2101507ybv; Fri, 21 Feb 2020 08:55:34 -0800 (PST) X-Google-Smtp-Source: APXvYqwhJwkaeaxHaBoJrj71aH9XeTkAOenf0AMytwU2iUmaKUyW2DN3KRduA87HJFqq0olnZz1U X-Received: by 2002:aca:4e10:: with SMTP id c16mr2705983oib.6.1582304133827; Fri, 21 Feb 2020 08:55:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582304133; cv=none; d=google.com; s=arc-20160816; b=OtzBR8D0dcTyn0nFiiz9BSGCQpUFTv1FZeZyE2469oeoX4LVv0ZEax8ez96CJe8nec 3/XTN+GPcp8ObcIfNfiARBARjZsv663r98CXh9wDS+8N959BRPHMoOxBwmvAFFn4mVIc 8H/mirduBSolhYcCrrcOBRN5eggmwB7OliSBWC3HJGuJbhRXks+7MkNiwLvBy2UaLF8a DJ7vj1L9VVX0HrgLyVFP6UjNauVCol9CQAH2uYZur43xUhGIuqcsxtv4+FF62F77Bcpy IJkwya7YOP+EpCSU746qe88+Wf21LLCAGxIvgXhdUd6dLPUzwskB79Kfqo4kprErzBeT S1Zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:content-disposition :mime-version:message-id:subject:cc:to:from:date; bh=fWnChUpLTc0cgA68O2UYas2+G7Cnna2Jxl2thkDqzKA=; b=aPQLfss58wJMZcuaL/vWczT7VTEFJ+LxKK7fAChDjN1L2Zb/BhA31rk+4B0oFNYtBx GwzYcWkMSAR/cRHFIhHv6GJYTonMMNZjD5qagrVbixcIcu3+YaQmE33qHPPuyiEql+HC q39VdPKIYpQpmVRW57tvgP17h1ZAPaY5JOL+qvWUvyhNj1cKooWGWnyauI9hLOtVgHzJ 8CvTkuW/WT+JCuVpaYno2+ZIKiaB14KnsJARcsO9K31c5nYzD6ZIxzGLgZBzui07tSrx TPb6UIOohYDoneXcv2GcyRaRBBMYQPQsMAOAs7OACaketuFF88ZsAkflAvkLQF/j0y39 SRBA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i15si1009411oik.46.2020.02.21.08.55.21; Fri, 21 Feb 2020 08:55:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727469AbgBUQzQ (ORCPT + 99 others); Fri, 21 Feb 2020 11:55:16 -0500 Received: from verein.lst.de ([213.95.11.211]:56480 "EHLO verein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725995AbgBUQzP (ORCPT ); Fri, 21 Feb 2020 11:55:15 -0500 Received: by verein.lst.de (Postfix, from userid 2005) id E5EB068BFE; Fri, 21 Feb 2020 17:55:11 +0100 (CET) Date: Fri, 21 Feb 2020 17:55:11 +0100 From: Torsten Duwe To: Herbert Xu , "David S. Miller" , Heiko Carstens , Vasily Gorbik , Christian Borntraeger Cc: linux-crypto@vger.kernel.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org Subject: s390 crypto: explicitly memzero stack key material in aes_s390.c Message-ID: <20200221165511.GB6928@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.17 (2007-11-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Torsten Duwe s390 crypto: explicitly memzero stack key material in aes_s390.c aes_s390.c has several functions which allocate space for key material on the stack and leave the used keys there. It is considered good practice to clean these locations before the function returns. Signed-off-by: Torsten Duwe --- This popped up during our FIPS certification. It's obviously a good idea not to leave key material on the stack. --- a/arch/s390/crypto/aes_s390.c +++ b/arch/s390/crypto/aes_s390.c @@ -392,6 +392,7 @@ static int cbc_aes_crypt(struct blkciphe ret = blkcipher_walk_done(desc, walk, nbytes - n); } memcpy(walk->iv, param.iv, AES_BLOCK_SIZE); + memzero_explicit(¶m, sizeof(param)); return ret; } @@ -576,6 +577,8 @@ static int xts_aes_crypt(struct blkciphe walk->dst.virt.addr, walk->src.virt.addr, n); ret = blkcipher_walk_done(desc, walk, nbytes - n); } + memzero_explicit(&pcc_param, sizeof(pcc_param)); + memzero_explicit(&xts_param, sizeof(xts_param)); return ret; }