Re: [Patch 2.6] dm-crypt: zero key before freeing it

From: Stefan Rompf
Date: Tue Jan 24 2006 - 16:29:04 EST

Next message: Antonino A. Daplas: "Re: [Linux-fbdev-devel] intelfb"
Previous message: Pavel Machek: "Re: [PATCH -mm] swsusp: userland interface (rev 2)"
Next in thread: Neil Brown: "Re: [Patch 2.6] dm-crypt: zero key before freeing it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Dienstag 24 Januar 2006 05:49 schrieb Neil Brown:

> >--- linux-2.6.14.4/drivers/md/dm-crypt.c.old 2005-12-16 18:27:05.000000000
> > +0100 +++ linux-2.6.14.4/drivers/md/dm-crypt.c 2005-12-28
> > 12:49:13.000000000 +0100 @@ -694,6 +694,7 @@ bad3:
> > bad2:
> > crypto_free_tfm(tfm);
> > bad1:
> >+ memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
> > kfree(cc);
> > return -EINVAL;
> > }
>
> There is a small problem with this patch.
> If the 'goto bad1' branch is taken, then 'cc->key_size' will not be
> defined.
> I think you need the following patch on top.

Why? This is from today's git, just before the first goto bad1

559 cc->key_size = key_size;
560 if ((!key_size && strcmp(argv[1], "-") != 0) ||
561 (key_size && crypt_decode_key(cc->key, argv[1], key_size) <
0)) {
562 ti->error = PFX "Error decoding key";
563 goto bad1;
564 }

Stefan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Antonino A. Daplas: "Re: [Linux-fbdev-devel] intelfb"
Previous message: Pavel Machek: "Re: [PATCH -mm] swsusp: userland interface (rev 2)"
Next in thread: Neil Brown: "Re: [Patch 2.6] dm-crypt: zero key before freeing it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]