tls: clear key material from kernel memory when do_tls_setsockopt_conf fails
Fixes: 3c4d755915
("tls: kernel TLS support")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
86029d10af
commit
c844eb46b7
@ -509,7 +509,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
|
||||
goto out;
|
||||
|
||||
err_crypto_info:
|
||||
memset(crypto_info, 0, sizeof(*crypto_info));
|
||||
memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
|
||||
out:
|
||||
return rc;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user