Commit 276812ec authored by Marcel Holtmann's avatar Marcel Holtmann Committed by Johan Hedberg

Bluetooth: Use kzfree instead of kfree in security manager

Within the security manager, it makes sense to use kzfree instead of
kfree for all data structures. This ensures that no key material leaks
by accident.
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
parent aefedc1a
...@@ -681,9 +681,9 @@ static void smp_chan_destroy(struct l2cap_conn *conn) ...@@ -681,9 +681,9 @@ static void smp_chan_destroy(struct l2cap_conn *conn)
complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags); complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
mgmt_smp_complete(hcon, complete); mgmt_smp_complete(hcon, complete);
kfree(smp->csrk); kzfree(smp->csrk);
kfree(smp->slave_csrk); kzfree(smp->slave_csrk);
kfree(smp->link_key); kzfree(smp->link_key);
crypto_free_blkcipher(smp->tfm_aes); crypto_free_blkcipher(smp->tfm_aes);
crypto_free_hash(smp->tfm_cmac); crypto_free_hash(smp->tfm_cmac);
...@@ -717,7 +717,7 @@ static void smp_chan_destroy(struct l2cap_conn *conn) ...@@ -717,7 +717,7 @@ static void smp_chan_destroy(struct l2cap_conn *conn)
} }
chan->data = NULL; chan->data = NULL;
kfree(smp); kzfree(smp);
hci_conn_drop(hcon); hci_conn_drop(hcon);
} }
...@@ -1097,13 +1097,13 @@ static void sc_generate_link_key(struct smp_chan *smp) ...@@ -1097,13 +1097,13 @@ static void sc_generate_link_key(struct smp_chan *smp)
return; return;
if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) { if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
kfree(smp->link_key); kzfree(smp->link_key);
smp->link_key = NULL; smp->link_key = NULL;
return; return;
} }
if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) { if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
kfree(smp->link_key); kzfree(smp->link_key);
smp->link_key = NULL; smp->link_key = NULL;
return; return;
} }
...@@ -1300,7 +1300,7 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn) ...@@ -1300,7 +1300,7 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC); smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(smp->tfm_aes)) { if (IS_ERR(smp->tfm_aes)) {
BT_ERR("Unable to create ECB crypto context"); BT_ERR("Unable to create ECB crypto context");
kfree(smp); kzfree(smp);
return NULL; return NULL;
} }
...@@ -1308,7 +1308,7 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn) ...@@ -1308,7 +1308,7 @@ static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
if (IS_ERR(smp->tfm_cmac)) { if (IS_ERR(smp->tfm_cmac)) {
BT_ERR("Unable to create CMAC crypto context"); BT_ERR("Unable to create CMAC crypto context");
crypto_free_blkcipher(smp->tfm_aes); crypto_free_blkcipher(smp->tfm_aes);
kfree(smp); kzfree(smp);
return NULL; return NULL;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment