dm crypt: wipe keys string immediately after key is set
Always wipe the original copy of the key after processing it in crypt_set_key(). Signed-off-by: Milan Broz <mbroz@redhat.com> Acked-by: Mike Snitzer <snitzer@redhat.com> Signed-off-by: Alasdair G Kergon <agk@redhat.com>
This commit is contained in:
parent
3407ef5262
commit
de8be5ac70
1 changed files with 14 additions and 5 deletions
|
@ -1331,20 +1331,29 @@ static int crypt_setkey_allcpus(struct crypt_config *cc)
|
|||
|
||||
static int crypt_set_key(struct crypt_config *cc, char *key)
|
||||
{
|
||||
int r = -EINVAL;
|
||||
int key_string_len = strlen(key);
|
||||
|
||||
/* The key size may not be changed. */
|
||||
if (cc->key_size != (strlen(key) >> 1))
|
||||
return -EINVAL;
|
||||
if (cc->key_size != (key_string_len >> 1))
|
||||
goto out;
|
||||
|
||||
/* Hyphen (which gives a key_size of zero) means there is no key. */
|
||||
if (!cc->key_size && strcmp(key, "-"))
|
||||
return -EINVAL;
|
||||
goto out;
|
||||
|
||||
if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0)
|
||||
return -EINVAL;
|
||||
goto out;
|
||||
|
||||
set_bit(DM_CRYPT_KEY_VALID, &cc->flags);
|
||||
|
||||
return crypt_setkey_allcpus(cc);
|
||||
r = crypt_setkey_allcpus(cc);
|
||||
|
||||
out:
|
||||
/* Hex key string not needed after here, so wipe it. */
|
||||
memset(key, '0', key_string_len);
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
static int crypt_wipe_key(struct crypt_config *cc)
|
||||
|
|
Loading…
Reference in a new issue