KEYS: use kfree_sensitive with key

key might contain private part of the key, so better use kfree_sensitive to free it Signed-off-by: Mahmoud Adam <mngyadam@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

KEYS: use kfree_sensitive with key
key might contain private part of the key, so better use kfree_sensitive to free it Signed-off-by: Mahmoud Adam <mngyadam@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
9f3fa6bc · Mahmoud Adam · Herbert Xu · e22471c2 · 9f3fa6bc
Commit 9f3fa6bc authored Jul 17, 2023 by Mahmoud Adam Committed by Herbert Xu Jul 28, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

crypto/asymmetric_keys/public_key.c crypto/asymmetric_keys/public_key.c +4 -4

No files found.
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key,
 void public_key_free(struct public_key *key)
 {
 	if (key) {
-		kfree(key->key);
+		kfree_sensitive(key->key);
 		kfree(key->params);
 		kfree(key);
 	}
@@ -263,7 +263,7 @@ static int software_key_query(const struct kernel_pkey_params *params,
 	else
 		crypto_free_akcipher(tfm);
 error_free_key:
-	kfree(key);
+	kfree_sensitive(key);
 	pr_devel("<==%s() = %d\n", __func__, ret);
 	return ret;
 }
@@ -369,7 +369,7 @@ static int software_key_eds_op(struct kernel_pkey_params *params,
 	else
 		crypto_free_akcipher(tfm);
 error_free_key:
-	kfree(key);
+	kfree_sensitive(key);
 	pr_devel("<==%s() = %d\n", __func__, ret);
 	return ret;
 }
@@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey,
 				sig->digest, sig->digest_size);
 error_free_key:
-	kfree(key);
+	kfree_sensitive(key);
 error_free_tfm:
 	crypto_free_sig(tfm);
 	pr_devel("<==%s() = %d\n", __func__, ret);