openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

tls: clear key material from kernel memory when do_tls_setsockopt_conf fails 

Fixes: 3c4d755915 ("tls: kernel TLS support")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Sabrina Dubroca 2018-09-12 17:44:43 +02:00 committed by David S. Miller
parent 86029d10af
commit c844eb46b7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/tls/tls_main.c
View File

@ -509,7 +509,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
goto out;
err_crypto_info:
memset(crypto_info, 0, sizeof(*crypto_info));
memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
out:
return rc;
}