If the tfm key was set up correctly, do not keep another
copy of key and immediately replace it with zero string.

Signed-off-by: Milan Broz <mbroz@redhat.com>
---
drivers/md/dm-crypt.c | 16 +++++++++++-----
1 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 4e054bd..d748433 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -1331,20 +1331,26 @@ static int crypt_setkey_allcpus(struct crypt_config *cc)

static int crypt_set_key(struct crypt_config *cc, char *key)
{
+ int r = -EINVAL, key_string_len = strlen(key);
+
/* The key size may not be changed. */
- if (cc->key_size != (strlen(key) >> 1))
- return -EINVAL;
+ if (cc->key_size != (key_string_len >> 1))
+ goto out;

/* Hyphen (which gives a key_size of zero) means there is no key. */
if (!cc->key_size && strcmp(key, "-"))
- return -EINVAL;
+ goto out;

if (cc->key_size && crypt_decode_key(cc->key, key, cc->key_size) < 0)
- return -EINVAL;
+ goto out;

set_bit(DM_CRYPT_KEY_VALID, &cc->flags);

- return crypt_setkey_allcpus(cc);
+ r = crypt_setkey_allcpus(cc);
+out:
+ /* Wipe hexa key string as soon as possible */
+ memset(key, '0', key_string_len);
+ return r;
}

static int crypt_wipe_key(struct crypt_config *cc)
--
1.7.2.3

--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel