| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Sep 2018 16:53:54 +0300
From: Boris Pismenny <borisp@...lanox.com>
To: Sabrina Dubroca <sd@...asysnail.net>, netdev@...r.kernel.org
Cc: Ilya Lesokhin <ilyal@...lanox.com>,
Aviad Yehezkel <aviadye@...lanox.com>,
Dave Watson <davejwatson@...com>
Subject: Re: [PATCH net 2/3] tls: clear key material from kernel memory when
do_tls_setsockopt_conf fails
Hi Sabrina,
On 9/5/2018 4:21 PM, Sabrina Dubroca wrote:
> Fixes: 3c4d7559159b ("tls: kernel TLS support")
> Signed-off-by: Sabrina Dubroca <sd@...asysnail.net>
> ---
> net/tls/tls_main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
> index 180b6640e531..0d432d025471 100644
> --- a/net/tls/tls_main.c
> +++ b/net/tls/tls_main.c
> @@ -499,7 +499,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
> goto out;
>
> err_crypto_info:
> - memset(crypto_info, 0, sizeof(*crypto_info));
> + memzero_explicit(crypto_info, sizeof(struct tls12_crypto_info_aes_gcm_128));
Besides the key, there are other (not secret) information in
tls12_crypto_info_aes_gcm_128. I'd prefer you do not delete it to enable
users to obtain it (using getsockopt) in case we decide to implement a
fallback to userspace in the future. Such a fallback must obtain the
kernel's iv, and record sequence number.
Thanks,
Boris.
Powered by blists - more mailing lists