Re: [Patch 2.6] dm-crypt: zero key before freeing it

[Neil Brown]

>
>Hi Andrew,
>
>dm-crypt does not clear struct crypt_config before freeing it. Thus, 
>information on the key could leak f.e. to a swsusp image even after the 
>encrypted device has been removed. The attached patch against 2.6.14 / 2.6.15 
>fixes it.
>
>Signed-off-by: Stefan Rompf <stefan@xxxxxxxxx>
>Acked-by: Clemens Fruhwirth <clemens@xxxxxxxxxxxxx>
>
>--- linux-2.6.14.4/drivers/md/dm-crypt.c.old	2005-12-16 18:27:05.000000000 +0100
>+++ linux-2.6.14.4/drivers/md/dm-crypt.c	2005-12-28 12:49:13.000000000 +0100
>@@ -694,6 +694,7 @@ bad3:
> bad2:
> 	crypto_free_tfm(tfm);
> bad1:
>+	memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
> 	kfree(cc);
> 	return -EINVAL;
> }

There is a small problem with this patch.
If the 'goto bad1' branch is taken, then 'cc->key_size' will not be
defined.
I think you need the following patch on top.

(Is that "sizeof(u8)" *really* necessary?? :-)

NeilBrown


Signed-off-by: Neil Brown <neilb@xxxxxxx>

### Diffstat output
 ./drivers/md/dm-crypt.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff ./drivers/md/dm-crypt.c~current~ ./drivers/md/dm-crypt.c
--- ./drivers/md/dm-crypt.c~current~	2006-01-24 15:42:52.000000000 +1100
+++ ./drivers/md/dm-crypt.c	2006-01-24 15:43:07.000000000 +1100
@@ -691,7 +691,7 @@ bad2:
 	crypto_free_tfm(tfm);
 bad1:
 	/* Must zero key material before freeing */
-	memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
+	memset(cc, 0, sizeof(*cc) + key_size * sizeof(u8));
 	kfree(cc);
 	return -EINVAL;
 }
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/