lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CB10C1D8-BA86-4E1B-B9B7-FDF6AFD3E089@amazon.de>
Date:   Wed, 14 Jun 2023 13:32:51 +0000
From:   "Adam, Mahmoud" <mngyadam@...zon.de>
To:     Herbert Xu <herbert@...dor.apana.org.au>
CC:     Mahmoud Adam <mngyadam@...zon.com>,
        "dhowells@...hat.com" <dhowells@...hat.com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] KEYS: use kfree_sensitive with key



> On 14. Jun 2023, at 11:49, Herbert Xu <herbert@...dor.apana.org.au> wrote:
> 
> On Tue, Jun 13, 2023 at 04:07:23PM +0000, Mahmoud Adam wrote:
>> key member might contain private part of the key, so better use
>> kfree_sensitive to free it
>> 
>> Signed-off-by: Mahmoud Adam <mngyadam@...zon.com>
>> ---
>> crypto/asymmetric_keys/public_key.c | 8 ++++----
>> 1 file changed, 4 insertions(+), 4 deletions(-)
>> 
>> diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
>> index eca5671ad3f2..006ae170a16f 100644
>> --- a/crypto/asymmetric_keys/public_key.c
>> +++ b/crypto/asymmetric_keys/public_key.c
>> @@ -43,7 +43,7 @@ static void public_key_describe(const struct key *asymmetric_key,
>> void public_key_free(struct public_key *key)
>> {
>> if (key) {
>> - kfree(key->key);
>> + kfree_sensitive(key->key);
> 
> The public key should not be freed with kfree_sensitive.

I think this holds for the other lines as well, I can use pkey->key_is_private to check for them also

Thanks.




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ