From patchwork Wed Sep 20 14:58:38 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Jason A. Donenfeld" <Jason@zx2c4.com>
X-Patchwork-Id: 9961597
Return-Path: 
 <kernel-hardening-return-9844-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E94C26056A for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 20 Sep 2017 14:59:05 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D93FB2918D
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 20 Sep 2017 14:59:05 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id CD1972918F; Wed, 20 Sep 2017 14:59:05 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 8FF5329185
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed, 20 Sep 2017 14:59:04 +0000 (UTC)
Received: (qmail 1424 invoked by uid 550); 20 Sep 2017 14:59:02 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 1406 invoked from network); 20 Sep 2017 14:59:01 -0000
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc
	:subject:date:message-id; s=mail; bh=rIV+XhzQ9zLxDz6/RH2EJJk7ZC0
	=; b=mVvKtP+SrQ+Zd/2qL51zWqBE2z7AJiTy2m5zmLLtSQg7Kxioog0e4KJ1vdW
	j0ngw1kmyjbQcGD/eohqWRapedZXV8ffti9w0tsNM1bEYfafN1MI9e4OQGUTFlaY
	v4Yz0SuibCINvKzQ99j5wjqECzC5iM/pOtYeFoGp430FIr1ItlumYh4SLOGgkHkm
	2IBn1XMrLlajh8Vv0zVFXgz5FHnyaomkiHZWAXFGOKT1HweKrzQdtg5V98D0+fWc
	kYiQXRMKAPPxhdDQfscJc5/z7sNwwJNzIwY8ppJeQWX8Gf735FK3fzQPJFSqBqJ8
	5Bzlf+ekeg+oPjwsd7zxRQaT/mw==
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
	kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org,
	dhowells@redhat.com, ebiggers3@gmail.com
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Kirill Marinushkin <k.marinushkin@gmail.com>, security@kernel.org,
	stable@vger.kernel.org
Date: Wed, 20 Sep 2017 16:58:38 +0200
Message-Id: <20170920145839.27511-1-Jason@zx2c4.com>
Subject: [kernel-hardening] [PATCH v7 1/2] security/keys: properly zero out
	sensitive key material in big_key
X-Virus-Scanned: ClamAV using ClamSMTP

Error paths forgot to zero out sensitive material, so this patch changes
some kfrees into a kzfrees.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Eric Biggers <ebiggers3@gmail.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Kirill Marinushkin <k.marinushkin@gmail.com>
Cc: security@kernel.org
Cc: stable@vger.kernel.org
---
 security/keys/big_key.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/security/keys/big_key.c b/security/keys/big_key.c
index 6acb00f6f22c..507d6fb86a4f 100644
--- a/security/keys/big_key.c
+++ b/security/keys/big_key.c
@@ -195,7 +195,7 @@ int big_key_preparse(struct key_preparsed_payload *prep)
 		*path = file->f_path;
 		path_get(path);
 		fput(file);
-		kfree(data);
+		kzfree(data);
 	} else {
 		/* Just store the data in a buffer */
 		void *data = kmalloc(datalen, GFP_KERNEL);
@@ -211,9 +211,9 @@ int big_key_preparse(struct key_preparsed_payload *prep)
 err_fput:
 	fput(file);
 err_enckey:
-	kfree(enckey);
+	kzfree(enckey);
 error:
-	kfree(data);
+	kzfree(data);
 	return ret;
 }
 
@@ -227,7 +227,7 @@ void big_key_free_preparse(struct key_preparsed_payload *prep)
 
 		path_put(path);
 	}
-	kfree(prep->payload.data[big_key_data]);
+	kzfree(prep->payload.data[big_key_data]);
 }
 
 /*
@@ -259,7 +259,7 @@ void big_key_destroy(struct key *key)
 		path->mnt = NULL;
 		path->dentry = NULL;
 	}
-	kfree(key->payload.data[big_key_data]);
+	kzfree(key->payload.data[big_key_data]);
 	key->payload.data[big_key_data] = NULL;
 }
 
@@ -328,7 +328,7 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen)
 err_fput:
 		fput(file);
 error:
-		kfree(data);
+		kzfree(data);
 	} else {
 		ret = datalen;
 		if (copy_to_user(buffer, key->payload.data[big_key_data],