Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit add89d47 authored by Neeraj Soni's avatar Neeraj Soni Committed by Gerrit - the friendly Code Review server
Browse files

fs/crypto: do not clear encryption key before inode is updated 



Although an all zero key is not an invalid key but it is indeed a
weak key. Clearing crypt key memory before updating the file inode with
crypto information will lead to a weak file encryption key to be
used in encryption operation.

Change-Id: Ide6340ea58f7ff916d3161716f0e9b4adf9b9c75
Signed-off-by: default avatarNeeraj Soni <neersoni@codeaurora.org>
parent c5ef08e5

fs/crypto/keyinfo.c

+0 −2
Original line number Diff line number Diff line
@@ -606,8 +606,6 @@ int fscrypt_get_encryption_info(struct inode *inode) 
	if (res)

		goto out;



	memzero_explicit(crypt_info->ci_raw_key,

		sizeof(crypt_info->ci_raw_key));

do_ice:

	if (cmpxchg(&inode->i_crypt_info, NULL, crypt_info) == NULL)

		crypt_info = NULL;