Hi Tudor, On Wed, Mar 21, 2018 at 03:15:27PM +0200, Tudor Ambarus wrote: > On 02/23/2018 02:37 PM, Antoine Tenart wrote: > > On Fri, Feb 23, 2018 at 02:04:33PM +0200, Tudor Ambarus wrote: > > > > > > There are few other places in crypto where we extract the authenc keys > > > in the same type of local variable, struct crypto_authenc_keys keys, and > > > we don't zeroize it after use. I think we should fix those cases too. > > > > You're right, I spotted other places where keys weren't zeroed. I > > haven't got the time to do anything about it so far :) > > > > Will you send a patch to fix those cases? We will forget about it. > I can do it myself, but it's better to ask first. The sooner those issues are fixed the better, and I haven't done anything yet. So yes, if you can, please take care of this :) Thanks, Antoine -- Antoine Ténart, Bootlin (formerly Free Electrons) Embedded Linux and Kernel engineering https://bootlin.com