On Wed, Feb 02 2011 at 7:08pm -0500, Milan Broz <mbroz@xxxxxxxxxx> wrote: > If the tfm key was set up correctly, do not keep another > copy of key and immediately replace it with zero string. > > Signed-off-by: Milan Broz <mbroz@xxxxxxxxxx> > --- > drivers/md/dm-crypt.c | 16 +++++++++++----- > 1 files changed, 11 insertions(+), 5 deletions(-) > > diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c > index 4e054bd..d748433 100644 > --- a/drivers/md/dm-crypt.c > +++ b/drivers/md/dm-crypt.c > @@ -1331,20 +1331,26 @@ static int crypt_setkey_allcpus(struct crypt_config *cc) > > static int crypt_set_key(struct crypt_config *cc, char *key) > { > + int r = -EINVAL, key_string_len = strlen(key); > + > /* The key size may not be changed. */ > - if (cc->key_size != (strlen(key) >> 1)) > - return -EINVAL; > + if (cc->key_size != (key_string_len >> 1)) > + goto out; > > /* Hyphen (which gives a key_size of zero) means there is no key. */ > if (!cc->key_size && strcmp(key, "-")) > - return -EINVAL; > + goto out; > > if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0) > - return -EINVAL; > + goto out; > > set_bit(DM_CRYPT_KEY_VALID, &cc->flags); > > - return crypt_setkey_allcpus(cc); > + r = crypt_setkey_allcpus(cc); > +out: > + /* Wipe hexa key string as soon as possible */ s/hexa/hex/ ? > + memset(key, '0', key_string_len); > + return r; > } > > static int crypt_wipe_key(struct crypt_config *cc) Acked-by: Mike Snitzer <snitzer@xxxxxxxxxx> -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel