Re: [PATCH] KEYS: use kfree_sensitive with key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> On 14. Jun 2023, at 11:49, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> 
> On Tue, Jun 13, 2023 at 04:07:23PM +0000, Mahmoud Adam wrote:
>> key member might contain private part of the key, so better use
>> kfree_sensitive to free it
>> 
>> Signed-off-by: Mahmoud Adam <mngyadam@xxxxxxxxxx>
>> ---
>> crypto/asymmetric_keys/public_key.c | 8 ++++----
>> 1 file changed, 4 insertions(+), 4 deletions(-)
>> 
>> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
>> index eca5671ad3f2..006ae170a16f 100644
>> --- a/crypto/asymmetric_keys/public_key.c
>> +++ b/crypto/asymmetric_keys/public_key.c
>> @@ -43,7 +43,7 @@ static void public_key_describe(const struct key *asymmetric_key,
>> void public_key_free(struct public_key *key)
>> {
>> if (key) {
>> - kfree(key->key);
>> + kfree_sensitive(key->key);
> 
> The public key should not be freed with kfree_sensitive.

I think this holds for the other lines as well, I can use pkey->key_is_private to check for them also

Thanks.




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879







[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux