When a TFM is unregistered, the sun4i-ss driver does not clean the key used,
leaking it in memory.
This patch adds this absent key cleaning.
Fixes: 6298e948215f ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
Cc: <[email protected]> # 4.3+
Signed-off-by: Corentin Labbe <[email protected]>
---
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
index fa4b1b47822e..60d99370a4ec 100644
--- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
+++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
@@ -503,6 +503,8 @@ int sun4i_ss_cipher_init(struct crypto_tfm *tfm)
void sun4i_ss_cipher_exit(struct crypto_tfm *tfm)
{
struct sun4i_tfm_ctx *op = crypto_tfm_ctx(tfm);
+
+ memzero_explicit(op->key, op->keylen);
crypto_free_sync_skcipher(op->fallback_tfm);
}
--
2.21.0
On Sun, Sep 15, 2019 at 08:35:36PM +0200, Corentin Labbe wrote:
> When a TFM is unregistered, the sun4i-ss driver does not clean the key used,
> leaking it in memory.
> This patch adds this absent key cleaning.
>
> Fixes: 6298e948215f ("crypto: sunxi-ss - Add Allwinner Security System crypto accelerator")
> Cc: <[email protected]> # 4.3+
> Signed-off-by: Corentin Labbe <[email protected]>
> ---
> drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> index fa4b1b47822e..60d99370a4ec 100644
> --- a/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> +++ b/drivers/crypto/sunxi-ss/sun4i-ss-cipher.c
> @@ -503,6 +503,8 @@ int sun4i_ss_cipher_init(struct crypto_tfm *tfm)
> void sun4i_ss_cipher_exit(struct crypto_tfm *tfm)
> {
> struct sun4i_tfm_ctx *op = crypto_tfm_ctx(tfm);
> +
> + memzero_explicit(op->key, op->keylen);
> crypto_free_sync_skcipher(op->fallback_tfm);
> }
>
> --
> 2.21.0
>
It's already zeroed by the kzfree() in crypto_destroy_tfm().
- Eric