crypto: qat - set to zero DH parameters before free
authorGiovanni Cabiddu <giovanni.cabiddu@intel.com>
Mon, 9 May 2022 13:19:27 +0000 (14:19 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 29 Jul 2022 15:25:27 +0000 (17:25 +0200)
commit343cee3eafda7e221641723993ed9f6bf407e74a
tree5d6bb0e594236ed2ad0f9111b15fc8ee73008c7e
parentc1f6637fe1c2e14edf53fb69f0d0eef2d6e4c0e9
crypto: qat - set to zero DH parameters before free

[ Upstream commit 1731160ff7c7bbb11bb1aacb14dd25e18d522779 ]

Set to zero the context buffers containing the DH key before they are
freed.
This is a defense in depth measure that avoids keys to be recovered from
memory in case the system is compromised between the free of the buffer
and when that area of memory (containing keys) gets overwritten.

Cc: stable@vger.kernel.org
Fixes: c9839143ebbf ("crypto: qat - Add DH support")
Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Reviewed-by: Adam Guerin <adam.guerin@intel.com>
Reviewed-by: Wojciech Ziemba <wojciech.ziemba@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/crypto/qat/qat_common/qat_asym_algs.c