diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 15:33:32 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 15:33:32 -0400 |
commit | 14d4cc08832efb724e58944ba2ac22e2ca3143dc (patch) | |
tree | febca1365a5306d5a44b2481ec41f13f4c2defc2 /crypto/sha256_generic.c | |
parent | 1c45d9a920e6ef4fce38921e4fc776c2abca3197 (diff) | |
parent | 7185ad2672a7d50bc384de0e38d90b75d99f3d82 (diff) |
Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random
Pull /dev/random updates from Ted Ts'o:
"This adds a memzero_explicit() call which is guaranteed not to be
optimized away by GCC. This is important when we are wiping
cryptographically sensitive material"
* tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
crypto: memzero_explicit - make sure to clear out sensitive data
random: add and use memzero_explicit() for clearing data
Diffstat (limited to 'crypto/sha256_generic.c')
-rw-r--r-- | crypto/sha256_generic.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c index 0bb558344699..65e7b76b057f 100644 --- a/crypto/sha256_generic.c +++ b/crypto/sha256_generic.c | |||
@@ -211,10 +211,9 @@ static void sha256_transform(u32 *state, const u8 *input) | |||
211 | 211 | ||
212 | /* clear any sensitive info... */ | 212 | /* clear any sensitive info... */ |
213 | a = b = c = d = e = f = g = h = t1 = t2 = 0; | 213 | a = b = c = d = e = f = g = h = t1 = t2 = 0; |
214 | memset(W, 0, 64 * sizeof(u32)); | 214 | memzero_explicit(W, 64 * sizeof(u32)); |
215 | } | 215 | } |
216 | 216 | ||
217 | |||
218 | static int sha224_init(struct shash_desc *desc) | 217 | static int sha224_init(struct shash_desc *desc) |
219 | { | 218 | { |
220 | struct sha256_state *sctx = shash_desc_ctx(desc); | 219 | struct sha256_state *sctx = shash_desc_ctx(desc); |
@@ -317,7 +316,7 @@ static int sha224_final(struct shash_desc *desc, u8 *hash) | |||
317 | sha256_final(desc, D); | 316 | sha256_final(desc, D); |
318 | 317 | ||
319 | memcpy(hash, D, SHA224_DIGEST_SIZE); | 318 | memcpy(hash, D, SHA224_DIGEST_SIZE); |
320 | memset(D, 0, SHA256_DIGEST_SIZE); | 319 | memzero_explicit(D, SHA256_DIGEST_SIZE); |
321 | 320 | ||
322 | return 0; | 321 | return 0; |
323 | } | 322 | } |