Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6966c749 authored by Eric Biggers's avatar Eric Biggers Committed by James Morris
Browse files

KEYS: user_defined: sanitize key payloads 



Zero the payloads of user and logon keys before freeing them.  This
prevents sensitive key material from being kept around in the slab
caches after a key is released.

Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Signed-off-by: default avatarJames Morris <james.l.morris@oracle.com>
parent 57070c85

security/keys/user_defined.c

+12 −4
Original line number Diff line number Diff line
@@ -86,10 +86,18 @@ EXPORT_SYMBOL_GPL(user_preparse); 
 */

void user_free_preparse(struct key_preparsed_payload *prep)

{

	kfree(prep->payload.data[0]);

	kzfree(prep->payload.data[0]);

}

EXPORT_SYMBOL_GPL(user_free_preparse);



static void user_free_payload_rcu(struct rcu_head *head)

{

	struct user_key_payload *payload;



	payload = container_of(head, struct user_key_payload, rcu);

	kzfree(payload);

}



/*

 * update a user defined key

 * - the key's semaphore is write-locked
@@ -112,7 +120,7 @@ int user_update(struct key *key, struct key_preparsed_payload *prep) 
	prep->payload.data[0] = NULL;



	if (zap)

		kfree_rcu(zap, rcu);

		call_rcu(&zap->rcu, user_free_payload_rcu);

	return ret;

}

EXPORT_SYMBOL_GPL(user_update);
@@ -130,7 +138,7 @@ void user_revoke(struct key *key) 


	if (upayload) {

		rcu_assign_keypointer(key, NULL);

		kfree_rcu(upayload, rcu);

		call_rcu(&upayload->rcu, user_free_payload_rcu);

	}

}
@@ -143,7 +151,7 @@ void user_destroy(struct key *key) 
{

	struct user_key_payload *upayload = key->payload.data[0];



	kfree(upayload);

	kzfree(upayload);

}



EXPORT_SYMBOL_GPL(user_destroy);