Re: [PATCH] crypto: qat - set to zero DH parameters before free

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 09, 2022 at 04:09:55PM +0200, Greg KH wrote:
> On Mon, May 09, 2022 at 02:19:27PM +0100, Giovanni Cabiddu wrote:
> > Set to zero the context buffers containing the DH key before they are
> > freed.
> > This is a defense in depth measure that avoids keys to be recovered from
> > memory in case the system is compromised between the free of the buffer
> > and when that area of memory (containing keys) gets overwritten.
> > 
> > Cc: stable@xxxxxxxxxxxxxxx
> > Fixes: c9839143ebbf ("crypto: qat - Add DH support")
> > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@xxxxxxxxx>
> > Reviewed-by: Adam Guerin <adam.guerin@xxxxxxxxx>
> > Reviewed-by: Wojciech Ziemba <wojciech.ziemba@xxxxxxxxx>
> > ---
> >  drivers/crypto/qat/qat_common/qat_asym_algs.c | 3 +++
> >  1 file changed, 3 insertions(+)
> 
> Why isn't this part of the other series for this "driver"?
Just for consistency.
I preferred to decouple this from the set `crypto: qat - re-enable algorithms`
since differently from the other patches in that set, this is not fixing
a functional issue in the driver but it is adding a protection measure.

Regards,

-- 
Giovanni



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux