[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
[dm-devel] [PATCH 1/3] dm crypt: wipe keys string immediately after key is set
- From: Milan Broz <mbroz redhat com>
- To: dm-devel redhat com
- Cc: Milan Broz <mbroz redhat com>
- Subject: [dm-devel] [PATCH 1/3] dm crypt: wipe keys string immediately after key is set
- Date: Thu, 3 Feb 2011 01:08:14 +0100
If the tfm key was set up correctly, do not keep another
copy of key and immediately replace it with zero string.
Signed-off-by: Milan Broz <mbroz redhat com>
---
drivers/md/dm-crypt.c | 16 +++++++++++-----
1 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 4e054bd..d748433 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -1331,20 +1331,26 @@ static int crypt_setkey_allcpus(struct crypt_config *cc)
static int crypt_set_key(struct crypt_config *cc, char *key)
{
+ int r = -EINVAL, key_string_len = strlen(key);
+
/* The key size may not be changed. */
- if (cc->key_size != (strlen(key) >> 1))
- return -EINVAL;
+ if (cc->key_size != (key_string_len >> 1))
+ goto out;
/* Hyphen (which gives a key_size of zero) means there is no key. */
if (!cc->key_size && strcmp(key, "-"))
- return -EINVAL;
+ goto out;
if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0)
- return -EINVAL;
+ goto out;
set_bit(DM_CRYPT_KEY_VALID, &cc->flags);
- return crypt_setkey_allcpus(cc);
+ r = crypt_setkey_allcpus(cc);
+out:
+ /* Wipe hexa key string as soon as possible */
+ memset(key, '0', key_string_len);
+ return r;
}
static int crypt_wipe_key(struct crypt_config *cc)
--
1.7.2.3
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]