KEYS: trusted: sanitize all key material - linux-dev - Linux kernel development work

diff options

author	Eric Biggers <ebiggers@google.com>	2017-06-08 14:49:18 +0100
committer	James Morris <james.l.morris@oracle.com>	2017-06-09 13:29:48 +1000
commit	ee618b4619b72527aaed765f0f0b74072b281159 (patch)
tree	7a01f2a757a88fab95d9acf6353494a6e8e1a32e /include/linux/key.h
parent	KEYS: encrypted: sanitize all key material (diff)
download	linux-dev-ee618b4619b72527aaed765f0f0b74072b281159.tar.xz linux-dev-ee618b4619b72527aaed765f0f0b74072b281159.zip

KEYS: trusted: sanitize all key material

As the previous patch did for encrypted-keys, zero sensitive any potentially sensitive data related to the "trusted" key type before it is freed. Notably, we were not zeroing the tpm_buf structures in which the actual key is stored for TPM seal and unseal, nor were we zeroing the trusted_key_payload in certain error paths. Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: David Safford <safford@us.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>

Diffstat (limited to 'include/linux/key.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: