key might contain private part of the key, so better use
kfree_sensitive to free it
Signed-off-by: Mahmoud Adam <[email protected]>
---
crypto/asymmetric_keys/public_key.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index 773e159dbbcb..abeecb8329b3 100644
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key,
void public_key_free(struct public_key *key)
{
if (key) {
- kfree(key->key);
+ kfree_sensitive(key->key);
kfree(key->params);
kfree(key);
}
@@ -263,7 +263,7 @@ static int software_key_query(const struct kernel_pkey_params *params,
else
crypto_free_akcipher(tfm);
error_free_key:
- kfree(key);
+ kfree_sensitive(key);
pr_devel("<==%s() = %d\n", __func__, ret);
return ret;
}
@@ -369,7 +369,7 @@ static int software_key_eds_op(struct kernel_pkey_params *params,
else
crypto_free_akcipher(tfm);
error_free_key:
- kfree(key);
+ kfree_sensitive(key);
pr_devel("<==%s() = %d\n", __func__, ret);
return ret;
}
@@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey,
sig->digest, sig->digest_size);
error_free_key:
- kfree(key);
+ kfree_sensitive(key);
error_free_tfm:
crypto_free_sig(tfm);
pr_devel("<==%s() = %d\n", __func__, ret);
--
2.40.1
On Mon, Jul 17, 2023 at 12:55:09PM +0000, Mahmoud Adam wrote:
> key might contain private part of the key, so better use
> kfree_sensitive to free it
>
> Signed-off-by: Mahmoud Adam <[email protected]>
> ---
> crypto/asymmetric_keys/public_key.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
Patch applied. Thanks.
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt