Re: [Patch 2.6] dm-crypt: zero key before freeing it
From: Phillip Susi
Date: Tue Jan 24 2006 - 18:02:14 EST
Once the page is placed on the free list, doesn't that prevent it from
being swapped out? swsusp doesn't bother saving free pages and before
the pages can be recycled, the kernel zeros them right?
Stefan Rompf wrote:
Hi Andrew,
dm-crypt does not clear struct crypt_config before freeing it. Thus,
information on the key could leak f.e. to a swsusp image even after the
encrypted device has been removed. The attached patch against 2.6.14 / 2.6.15
fixes it.
Signed-off-by: Stefan Rompf <stefan@xxxxxxxxx>
Acked-by: Clemens Fruhwirth <clemens@xxxxxxxxxxxxx>
--- linux-2.6.14.4/drivers/md/dm-crypt.c.old 2005-12-16 18:27:05.000000000 +0100
+++ linux-2.6.14.4/drivers/md/dm-crypt.c 2005-12-28 12:49:13.000000000 +0100
@@ -694,6 +694,7 @@ bad3:
bad2:
crypto_free_tfm(tfm);
bad1:
+ memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
kfree(cc);
return -EINVAL;
}
@@ -710,6 +711,7 @@ static void crypt_dtr(struct dm_target *
cc->iv_gen_ops->dtr(cc);
crypto_free_tfm(cc->tfm);
dm_put_device(ti, cc->dev);
+ memset(cc, 0, sizeof(*cc) + cc->key_size * sizeof(u8));
kfree(cc);
}
-
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/