• Eric Biggers's avatar
    KEYS: encrypted: sanitize all key material · a9dd74b2
    Eric Biggers authored
    For keys of type "encrypted", consistently zero sensitive key material
    before freeing it.  This was already being done for the decrypted
    payloads of encrypted keys, but not for the master key and the keys
    derived from the master key.
    
    Out of an abundance of caution and because it is trivial to do so, also
    zero buffers containing the key payload in encrypted form, although
    depending on how the encrypted-keys feature is used such information
    does not necessarily need to be kept secret.
    
    Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
    Cc: David Safford <safford@us.ibm.com>
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
    Signed-off-by: default avatarJames Morris <james.l.morris@oracle.com>
    a9dd74b2
encrypted.c 25.7 KB