summaryrefslogtreecommitdiff
path: root/fs/cifs/cifsencrypt.c
diff options
context:
space:
mode:
authorEnzo Matsumiya <ematsumiya@suse.de>2022-09-20 15:10:35 -0300
committerSteve French <stfrench@microsoft.com>2022-10-07 23:06:48 -0500
commita4e430c8c8ba96be8c6ec4f2eb108bb8bcbee069 (patch)
treeff8fb70c06b5dd58f6c8d89a0b5d4d19c5a4fc5d /fs/cifs/cifsencrypt.c
parentf5823f5ee36040c2a8b8b36afe0783fe0bd7ad14 (diff)
cifs: replace kfree() with kfree_sensitive() for sensitive data
Replace kfree with kfree_sensitive, or prepend memzero_explicit() in other cases, when freeing sensitive material that could still be left in memory. Signed-off-by: Enzo Matsumiya <ematsumiya@suse.de> Reported-by: kernel test robot <oliver.sang@intel.com> Link: https://lore.kernel.org/r/202209201529.ec633796-oliver.sang@intel.com Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz> Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com> Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
-rw-r--r--fs/cifs/cifsencrypt.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 46f5718754f9..d848bc0aac27 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -679,7 +679,7 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
unlock:
cifs_server_unlock(ses->server);
setup_ntlmv2_rsp_ret:
- kfree(tiblob);
+ kfree_sensitive(tiblob);
return rc;
}
@@ -753,14 +753,14 @@ cifs_crypto_secmech_release(struct TCP_Server_Info *server)
server->secmech.ccmaesdecrypt = NULL;
}
- kfree(server->secmech.sdesccmacaes);
+ kfree_sensitive(server->secmech.sdesccmacaes);
server->secmech.sdesccmacaes = NULL;
- kfree(server->secmech.sdeschmacsha256);
+ kfree_sensitive(server->secmech.sdeschmacsha256);
server->secmech.sdeschmacsha256 = NULL;
- kfree(server->secmech.sdeschmacmd5);
+ kfree_sensitive(server->secmech.sdeschmacmd5);
server->secmech.sdeschmacmd5 = NULL;
- kfree(server->secmech.sdescmd5);
+ kfree_sensitive(server->secmech.sdescmd5);
server->secmech.sdescmd5 = NULL;
- kfree(server->secmech.sdescsha512);
+ kfree_sensitive(server->secmech.sdescsha512);
server->secmech.sdescsha512 = NULL;
}