Am Donnerstag, 7. Dezember 2017, 15:21:03 CET schrieb Atul Gupta: Hi Atul, > > memzero_explicit(key)? > [Atul] may not be required as entire info of size keylen and AEAD_H_SIZE is > copied onto kctx->key. Key data is received from user, while ghash is > memset and locally generated Sure, but wouldn't it make sense to zap all instances where key material was stored? > > As far as I see, the key is part of the skb (via kctx). This skb is released > after being processed. The release calls kfree_skb which does not zeroize > the key. Wouldn't it make sense to clear the memory of the key when the skb > is released? [Atul] we should perhaps memset the info received from user so > that driver has no info on key once its written on chip memory. > memset(gcm_ctx->key, 0, keylen); Are you saying that the skb (via kctx) above does not obtain a copy of the key? If not, what is done in chtls_key_info? Ciao Stephan
