Commit 21b116d0 authored by Eric Biggers's avatar Eric Biggers Committed by David Howells

KEYS: user_defined: sanitize key payloads

Zero the payloads of user and logon keys before freeing them.  This
prevents sensitive key material from being kept around in the slab
caches after a key is released.
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
parent 7df036ef
...@@ -86,10 +86,18 @@ EXPORT_SYMBOL_GPL(user_preparse); ...@@ -86,10 +86,18 @@ EXPORT_SYMBOL_GPL(user_preparse);
*/ */
void user_free_preparse(struct key_preparsed_payload *prep) void user_free_preparse(struct key_preparsed_payload *prep)
{ {
kfree(prep->payload.data[0]); kzfree(prep->payload.data[0]);
} }
EXPORT_SYMBOL_GPL(user_free_preparse); EXPORT_SYMBOL_GPL(user_free_preparse);
static void user_free_payload_rcu(struct rcu_head *head)
{
struct user_key_payload *payload;
payload = container_of(head, struct user_key_payload, rcu);
kzfree(payload);
}
/* /*
* update a user defined key * update a user defined key
* - the key's semaphore is write-locked * - the key's semaphore is write-locked
...@@ -112,7 +120,7 @@ int user_update(struct key *key, struct key_preparsed_payload *prep) ...@@ -112,7 +120,7 @@ int user_update(struct key *key, struct key_preparsed_payload *prep)
prep->payload.data[0] = NULL; prep->payload.data[0] = NULL;
if (zap) if (zap)
kfree_rcu(zap, rcu); call_rcu(&zap->rcu, user_free_payload_rcu);
return ret; return ret;
} }
EXPORT_SYMBOL_GPL(user_update); EXPORT_SYMBOL_GPL(user_update);
...@@ -130,7 +138,7 @@ void user_revoke(struct key *key) ...@@ -130,7 +138,7 @@ void user_revoke(struct key *key)
if (upayload) { if (upayload) {
rcu_assign_keypointer(key, NULL); rcu_assign_keypointer(key, NULL);
kfree_rcu(upayload, rcu); call_rcu(&upayload->rcu, user_free_payload_rcu);
} }
} }
...@@ -143,7 +151,7 @@ void user_destroy(struct key *key) ...@@ -143,7 +151,7 @@ void user_destroy(struct key *key)
{ {
struct user_key_payload *upayload = key->payload.data[0]; struct user_key_payload *upayload = key->payload.data[0];
kfree(upayload); kzfree(upayload);
} }
EXPORT_SYMBOL_GPL(user_destroy); EXPORT_SYMBOL_GPL(user_destroy);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment