diff options
| author | Johannes Berg <johannes.berg@intel.com> | 2014-09-10 06:39:56 -0400 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2014-09-11 06:07:28 -0400 |
| commit | 538c9eb8b3fd33d3a0722b2c04ec4f574eaa6e9f (patch) | |
| tree | 738b71b941b78e7708c158eb79b7fabeddf480f4 /net/wireless | |
| parent | 29c3f9c3996abea060fa6e0b9e6a30d3f0cc828c (diff) | |
cfg80211: clear wext keys when freeing and removing them
When freeing the keys stored for wireless extensions, clear the memory
to avoid having the key material stick around in memory "forever".
Similarly, when userspace overwrites a key, actually clear it instead
of just setting the key length to zero.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/wireless')
| -rw-r--r-- | net/wireless/core.c | 2 | ||||
| -rw-r--r-- | net/wireless/wext-compat.c | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/net/wireless/core.c b/net/wireless/core.c index 9698fe709251..55ec9be9feb7 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c | |||
| @@ -1007,7 +1007,7 @@ static int cfg80211_netdev_notifier_call(struct notifier_block *nb, | |||
| 1007 | rdev->devlist_generation++; | 1007 | rdev->devlist_generation++; |
| 1008 | cfg80211_mlme_purge_registrations(wdev); | 1008 | cfg80211_mlme_purge_registrations(wdev); |
| 1009 | #ifdef CONFIG_CFG80211_WEXT | 1009 | #ifdef CONFIG_CFG80211_WEXT |
| 1010 | kfree(wdev->wext.keys); | 1010 | kzfree(wdev->wext.keys); |
| 1011 | #endif | 1011 | #endif |
| 1012 | } | 1012 | } |
| 1013 | /* | 1013 | /* |
diff --git a/net/wireless/wext-compat.c b/net/wireless/wext-compat.c index 11120bb14162..0f47948c572f 100644 --- a/net/wireless/wext-compat.c +++ b/net/wireless/wext-compat.c | |||
| @@ -496,6 +496,8 @@ static int __cfg80211_set_encryption(struct cfg80211_registered_device *rdev, | |||
| 496 | err = 0; | 496 | err = 0; |
| 497 | if (!err) { | 497 | if (!err) { |
| 498 | if (!addr) { | 498 | if (!addr) { |
| 499 | memset(wdev->wext.keys->data[idx], 0, | ||
| 500 | sizeof(wdev->wext.keys->data[idx])); | ||
| 499 | wdev->wext.keys->params[idx].key_len = 0; | 501 | wdev->wext.keys->params[idx].key_len = 0; |
| 500 | wdev->wext.keys->params[idx].cipher = 0; | 502 | wdev->wext.keys->params[idx].cipher = 0; |
| 501 | } | 503 | } |