]>
Commit | Line | Data |
---|---|---|
a81a45e9 GKH |
1 | From foo@baz Wed Sep 26 11:27:32 CEST 2018 |
2 | From: Sabrina Dubroca <sd@queasysnail.net> | |
3 | Date: Wed, 12 Sep 2018 17:44:43 +0200 | |
4 | Subject: tls: clear key material from kernel memory when do_tls_setsockopt_conf fails | |
5 | ||
6 | From: Sabrina Dubroca <sd@queasysnail.net> | |
7 | ||
8 | [ Upstream commit c844eb46b7d43c2cf760169df5ae1d5b033af338 ] | |
9 | ||
10 | Fixes: 3c4d7559159b ("tls: kernel TLS support") | |
11 | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> | |
12 | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> | |
13 | Signed-off-by: David S. Miller <davem@davemloft.net> | |
14 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
15 | --- | |
16 | net/tls/tls_main.c | 2 +- | |
17 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
18 | ||
19 | --- a/net/tls/tls_main.c | |
20 | +++ b/net/tls/tls_main.c | |
21 | @@ -502,7 +502,7 @@ static int do_tls_setsockopt_conf(struct | |
22 | goto out; | |
23 | ||
24 | err_crypto_info: | |
25 | - memset(crypto_info, 0, sizeof(*crypto_info)); | |
26 | + memzero_explicit(crypto_info, sizeof(union tls_crypto_context)); | |
27 | out: | |
28 | return rc; | |
29 | } |