diff options
| author | Nickolaus Woodruff <nickolauswoodruff@gmail.com> | 2014-11-26 13:40:57 -0500 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2014-11-27 09:26:18 -0500 |
| commit | 421d82f5b3e75f94e31875e37d45cdf6a557c120 (patch) | |
| tree | daf8400560e56d726b40b103b4d67d16a6e15c32 /crypto | |
| parent | 0653a7cf6fa49bc769628b6078c3ea9e1489cb7b (diff) | |
crypto: drbg - use memzero_explicit() for clearing sensitive data
Compiler dead store optimization can sometimes remove final calls
to memset() used to clear sensitive data at the end of a function.
Replace trailing memset() calls with memzero_explicit() to
preclude unwanted removal.
Signed-off-by: Nickolaus Woodruff <nickolauswoodruff@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/drbg.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c index c90e3cf5967f..d748a1d0ca24 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c | |||
| @@ -98,6 +98,7 @@ | |||
| 98 | */ | 98 | */ |
| 99 | 99 | ||
| 100 | #include <crypto/drbg.h> | 100 | #include <crypto/drbg.h> |
| 101 | #include <linux/string.h> | ||
| 101 | 102 | ||
| 102 | /*************************************************************** | 103 | /*************************************************************** |
| 103 | * Backend cipher definitions available to DRBG | 104 | * Backend cipher definitions available to DRBG |
| @@ -497,9 +498,9 @@ static int drbg_ctr_df(struct drbg_state *drbg, | |||
| 497 | ret = 0; | 498 | ret = 0; |
| 498 | 499 | ||
| 499 | out: | 500 | out: |
| 500 | memset(iv, 0, drbg_blocklen(drbg)); | 501 | memzero_explicit(iv, drbg_blocklen(drbg)); |
| 501 | memset(temp, 0, drbg_statelen(drbg)); | 502 | memzero_explicit(temp, drbg_statelen(drbg)); |
| 502 | memset(pad, 0, drbg_blocklen(drbg)); | 503 | memzero_explicit(pad, drbg_blocklen(drbg)); |
| 503 | return ret; | 504 | return ret; |
| 504 | } | 505 | } |
| 505 | 506 | ||
| @@ -573,9 +574,9 @@ static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed, | |||
| 573 | ret = 0; | 574 | ret = 0; |
| 574 | 575 | ||
| 575 | out: | 576 | out: |
| 576 | memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); | 577 | memzero_explicit(temp, drbg_statelen(drbg) + drbg_blocklen(drbg)); |
| 577 | if (2 != reseed) | 578 | if (2 != reseed) |
| 578 | memset(df_data, 0, drbg_statelen(drbg)); | 579 | memzero_explicit(df_data, drbg_statelen(drbg)); |
| 579 | return ret; | 580 | return ret; |
| 580 | } | 581 | } |
| 581 | 582 | ||
| @@ -633,7 +634,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg, | |||
| 633 | len = ret; | 634 | len = ret; |
| 634 | 635 | ||
| 635 | out: | 636 | out: |
| 636 | memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); | 637 | memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); |
| 637 | return len; | 638 | return len; |
| 638 | } | 639 | } |
| 639 | 640 | ||
| @@ -871,7 +872,7 @@ static int drbg_hash_df(struct drbg_state *drbg, | |||
| 871 | } | 872 | } |
| 872 | 873 | ||
| 873 | out: | 874 | out: |
| 874 | memset(tmp, 0, drbg_blocklen(drbg)); | 875 | memzero_explicit(tmp, drbg_blocklen(drbg)); |
| 875 | return ret; | 876 | return ret; |
| 876 | } | 877 | } |
| 877 | 878 | ||
| @@ -915,7 +916,7 @@ static int drbg_hash_update(struct drbg_state *drbg, struct list_head *seed, | |||
| 915 | ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2); | 916 | ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2); |
| 916 | 917 | ||
| 917 | out: | 918 | out: |
| 918 | memset(drbg->scratchpad, 0, drbg_statelen(drbg)); | 919 | memzero_explicit(drbg->scratchpad, drbg_statelen(drbg)); |
| 919 | return ret; | 920 | return ret; |
| 920 | } | 921 | } |
| 921 | 922 | ||
| @@ -950,7 +951,7 @@ static int drbg_hash_process_addtl(struct drbg_state *drbg, | |||
| 950 | drbg->scratchpad, drbg_blocklen(drbg)); | 951 | drbg->scratchpad, drbg_blocklen(drbg)); |
| 951 | 952 | ||
| 952 | out: | 953 | out: |
| 953 | memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); | 954 | memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); |
| 954 | return ret; | 955 | return ret; |
| 955 | } | 956 | } |
| 956 | 957 | ||
| @@ -997,7 +998,7 @@ static int drbg_hash_hashgen(struct drbg_state *drbg, | |||
| 997 | } | 998 | } |
| 998 | 999 | ||
| 999 | out: | 1000 | out: |
| 1000 | memset(drbg->scratchpad, 0, | 1001 | memzero_explicit(drbg->scratchpad, |
| 1001 | (drbg_statelen(drbg) + drbg_blocklen(drbg))); | 1002 | (drbg_statelen(drbg) + drbg_blocklen(drbg))); |
| 1002 | return len; | 1003 | return len; |
| 1003 | } | 1004 | } |
| @@ -1046,7 +1047,7 @@ static int drbg_hash_generate(struct drbg_state *drbg, | |||
| 1046 | drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8); | 1047 | drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8); |
| 1047 | 1048 | ||
| 1048 | out: | 1049 | out: |
| 1049 | memset(drbg->scratchpad, 0, drbg_blocklen(drbg)); | 1050 | memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg)); |
| 1050 | return len; | 1051 | return len; |
| 1051 | } | 1052 | } |
| 1052 | 1053 | ||