KEYS: use kfree_sensitive with key
key might contain private part of the key, so better use kfree_sensitive to free it Signed-off-by: Mahmoud Adam <mngyadam@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
e22471c233
commit
9f3fa6bc4f
@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key,
|
||||
void public_key_free(struct public_key *key)
|
||||
{
|
||||
if (key) {
|
||||
kfree(key->key);
|
||||
kfree_sensitive(key->key);
|
||||
kfree(key->params);
|
||||
kfree(key);
|
||||
}
|
||||
@ -263,7 +263,7 @@ error_free_tfm:
|
||||
else
|
||||
crypto_free_akcipher(tfm);
|
||||
error_free_key:
|
||||
kfree(key);
|
||||
kfree_sensitive(key);
|
||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||
return ret;
|
||||
}
|
||||
@ -369,7 +369,7 @@ error_free_tfm:
|
||||
else
|
||||
crypto_free_akcipher(tfm);
|
||||
error_free_key:
|
||||
kfree(key);
|
||||
kfree_sensitive(key);
|
||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||
return ret;
|
||||
}
|
||||
@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey,
|
||||
sig->digest, sig->digest_size);
|
||||
|
||||
error_free_key:
|
||||
kfree(key);
|
||||
kfree_sensitive(key);
|
||||
error_free_tfm:
|
||||
crypto_free_sig(tfm);
|
||||
pr_devel("<==%s() = %d\n", __func__, ret);
|
||||
|
Loading…
Reference in New Issue
Block a user