d/numam-spdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

module/crypto: zero in memory keys before freeing memory

Browse Source 
For security.

Signed-off-by: paul luse <paul.e.luse@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/2074 (master)

(cherry picked from commit 9da404699e)
Change-Id: I805d5d0c4584de0389316c00c1eaf43566fa2aea
Signed-off-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/2117
Reviewed-by: Paul Luse <paul.e.luse@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Reviewed-by: Aleksey Marchuk <alexeymar@mellanox.com>
Reviewed-by: Darek Stojaczyk <dariusz.stojaczyk@intel.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
This commit is contained in:
paul luse 2020-04-28 20:04:55 -04:00 committed by Tomasz Zawadzki
parent a10baa808e
commit bb9348e736
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
module/bdev/crypto/vbdev_crypto.c
View File

@ -1204,9 +1204,18 @@ _device_unregister_cb(void *io_device)
rte_cryptodev_sym_session_free(crypto_bdev->session_decrypt);
rte_cryptodev_sym_session_free(crypto_bdev->session_encrypt);
free(crypto_bdev->drv_name);
free(crypto_bdev->key);
free(crypto_bdev->key2);
free(crypto_bdev->xts_key);
if (crypto_bdev->key) {
memset(crypto_bdev->key, 0, strnlen(crypto_bdev->key, (AES_CBC_KEY_LENGTH + 1)));
free(crypto_bdev->key);
}
if (crypto_bdev->key2) {
memset(crypto_bdev->key2, 0, strnlen(crypto_bdev->key2, (AES_XTS_KEY_LENGTH + 1)));
free(crypto_bdev->key2);
}
if (crypto_bdev->xts_key) {
memset(crypto_bdev->xts_key, 0, strnlen(crypto_bdev->xts_key, (AES_XTS_KEY_LENGTH * 2) + 1));
free(crypto_bdev->xts_key);
}
free(crypto_bdev->crypto_bdev.name);
free(crypto_bdev);
}