projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7f5acea)
net: ipv4: Use kfree_sensitive instead of kfree
authorWang Ming <machel@vivo.com>
Mon, 17 Jul 2023 09:59:19 +0000 (17:59 +0800)
committerDavid S. Miller <davem@davemloft.net>
Wed, 19 Jul 2023 10:03:03 +0000 (11:03 +0100)
key might contain private part of the key, so better use
kfree_sensitive to free it.

Fixes: 38320c70d282 ("[IPSEC]: Use crypto_aead and authenc in ESP")
Signed-off-by: Wang Ming <machel@vivo.com>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/esp4.c patch | blob | history

diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index ba06ed4..2be2d49 100644 (file)
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -1132,7 +1132,7 @@ static int esp_init_authenc(struct xfrm_state *x,
        err = crypto_aead_setkey(aead, key, keylen);
 
 free_key:
-       kfree(key);
+       kfree_sensitive(key);
 
 error:
        return err;
Domain: System / Kernel;