KEYS: trusted: sanitize all key material - bcachefs.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Eric Biggers <ebiggers@google.com>	2017-06-08 14:49:18 +0100
committer	James Morris <james.l.morris@oracle.com>	2017-06-09 13:29:48 +1000
commit	ee618b4619b72527aaed765f0f0b74072b281159 (patch)
tree	7a01f2a757a88fab95d9acf6353494a6e8e1a32e /security/keys/gc.c
parent	a9dd74b252e04b7e41ffe78d418b896b33b70a13 (diff)

KEYS: trusted: sanitize all key material

As the previous patch did for encrypted-keys, zero sensitive any potentially sensitive data related to the "trusted" key type before it is freed. Notably, we were not zeroing the tpm_buf structures in which the actual key is stored for TPM seal and unseal, nor were we zeroing the trusted_key_payload in certain error paths. Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: David Safford <safford@us.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>

Diffstat (limited to 'security/keys/gc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: