From patchwork Fri Dec 16 09:14:10 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Carpenter X-Patchwork-Id: 9477699 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B732D6047D for ; Fri, 16 Dec 2016 10:41:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A331028420 for ; Fri, 16 Dec 2016 10:41:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 977ED286C8; Fri, 16 Dec 2016 10:41:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6ED4D28420 for ; Fri, 16 Dec 2016 10:41:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759857AbcLPKln (ORCPT ); Fri, 16 Dec 2016 05:41:43 -0500 Received: from aserp1050.oracle.com ([141.146.126.70]:35826 "EHLO aserp1050.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757063AbcLPKlm (ORCPT ); Fri, 16 Dec 2016 05:41:42 -0500 Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by aserp1050.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id uBG9FTxu006631 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 16 Dec 2016 09:15:29 GMT Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id uBG9ELIN030017 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Dec 2016 09:14:22 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0021.oracle.com (8.13.8/8.14.4) with ESMTP id uBG9ELjS010179 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 16 Dec 2016 09:14:21 GMT Received: from abhmp0002.oracle.com (abhmp0002.oracle.com [141.146.116.8]) by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id uBG9EJOd015125; Fri, 16 Dec 2016 09:14:20 GMT Received: from elgon.mountain (/41.202.241.3) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 16 Dec 2016 01:14:18 -0800 Date: Fri, 16 Dec 2016 12:14:10 +0300 From: Dan Carpenter To: Mimi Zohar Cc: David Safford , David Howells , James Morris , "Serge E. Hallyn" , linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [patch] KEYS: Use memzero_explicit() for secret data Message-ID: <20161216091410.GB7285@elgon.mountain> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Source-IP: aserp1040.oracle.com [141.146.126.69] Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP I don't think GCC has figured out how to optimize the memset() away, but they might eventually so let's future proof this code a bit. Signed-off-by: Dan Carpenter --- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index d7a4969b2dd3..4fb315cddf5b 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -985,7 +985,7 @@ static void encrypted_destroy(struct key *key) if (!epayload) return; - memset(epayload->decrypted_data, 0, epayload->decrypted_datalen); + memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen); kfree(key->payload.data[0]); }