diff options
author | John Baldwin <jhb@FreeBSD.org> | 2020-06-25 20:31:06 +0000 |
---|---|---|
committer | John Baldwin <jhb@FreeBSD.org> | 2020-06-25 20:31:06 +0000 |
commit | 20869b25cc7d7eac81ca51041c8ccbc0404a8473 (patch) | |
tree | e2151b786caf7869be6e58fe3ca7f0e053a9c958 /sys/netipsec | |
parent | f4134e3d875b8760a2fae9f4e2b2befe5a28cac9 (diff) | |
download | src-20869b25cc7d7eac81ca51041c8ccbc0404a8473.tar.gz src-20869b25cc7d7eac81ca51041c8ccbc0404a8473.zip |
Use zfree() to explicitly zero IPsec keys.
Reviewed by: delphij
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D25442
Notes
Notes:
svn path=/head/; revision=362632
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/key.c | 14 | ||||
-rw-r--r-- | sys/netipsec/xform_ah.c | 3 | ||||
-rw-r--r-- | sys/netipsec/xform_esp.c | 4 | ||||
-rw-r--r-- | sys/netipsec/xform_tcp.c | 2 |
4 files changed, 4 insertions, 19 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index f97c2195af9d..8bdda61f5b36 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -3060,27 +3060,19 @@ key_cleansav(struct secasvar *sav) if (sav->flags & SADB_X_EXT_F_CLONED) return; /* - * Cleanup xform state. Note that zeroize'ing causes the - * keys to be cleared; otherwise we must do it ourself. + * Cleanup xform state. */ if (sav->tdb_xform != NULL) { sav->tdb_xform->xf_zeroize(sav); sav->tdb_xform = NULL; - } else { - if (sav->key_auth != NULL) - bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth)); - if (sav->key_enc != NULL) - bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc)); } if (sav->key_auth != NULL) { - if (sav->key_auth->key_data != NULL) - free(sav->key_auth->key_data, M_IPSEC_MISC); + zfree(sav->key_auth->key_data, M_IPSEC_MISC); free(sav->key_auth, M_IPSEC_MISC); sav->key_auth = NULL; } if (sav->key_enc != NULL) { - if (sav->key_enc->key_data != NULL) - free(sav->key_enc->key_data, M_IPSEC_MISC); + zfree(sav->key_enc->key_data, M_IPSEC_MISC); free(sav->key_enc, M_IPSEC_MISC); sav->key_enc = NULL; } diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 50e913512a0d..8aea3a45dd96 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -250,9 +250,6 @@ int ah_zeroize(struct secasvar *sav) { - if (sav->key_auth) - bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth)); - crypto_freesession(sav->tdb_cryptoid); sav->tdb_cryptoid = NULL; sav->tdb_authalgxform = NULL; diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index c8be18bf868a..f4292d62a0a7 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -243,11 +243,9 @@ esp_init(struct secasvar *sav, struct xformsw *xsp) static int esp_zeroize(struct secasvar *sav) { - /* NB: ah_zerorize free's the crypto session state */ + /* NB: ah_zeroize free's the crypto session state */ int error = ah_zeroize(sav); - if (sav->key_enc) - bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc)); sav->tdb_encalgxform = NULL; sav->tdb_xform = NULL; return error; diff --git a/sys/netipsec/xform_tcp.c b/sys/netipsec/xform_tcp.c index b4979182b470..61f9aaee46e2 100644 --- a/sys/netipsec/xform_tcp.c +++ b/sys/netipsec/xform_tcp.c @@ -365,8 +365,6 @@ static int tcpsignature_zeroize(struct secasvar *sav) { - if (sav->key_auth != NULL) - bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth)); sav->tdb_xform = NULL; return (0); } |