tls: clear key material from kernel memory when do_tls_setsockopt_conf fails
[ Upstream commitpull/10/headc844eb46b7
] Fixes:3c4d755915
("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
parent
0c0334299a
commit
18fef87e05
|
@ -425,7 +425,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,
|
|||
goto out;
|
||||
|
||||
err_crypto_info:
|
||||
memset(crypto_info, 0, sizeof(*crypto_info));
|
||||
memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
|
||||
out:
|
||||
return rc;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue