Commit 82ff493e authored by Torsten Duwe's avatar Torsten Duwe Committed by Herbert Xu
Browse files

crypto: arm/neon - memzero_explicit aes-cbc key 



At function exit, do not leave the expanded key in the rk struct
which got allocated on the stack.

Signed-off-by: default avatarTorsten Duwe <duwe@suse.de>
Acked-by: default avatarWill Deacon <will@kernel.org>
Acked-by: default avatarArd Biesheuvel <ardb@kernel.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 7fe8e483

arch/arm/crypto/aes-neonbs-glue.c

+1 −0
Original line number Diff line number Diff line
@@ -138,6 +138,7 @@ static int aesbs_cbc_setkey(struct crypto_skcipher *tfm, const u8 *in_key, 
	kernel_neon_begin();

	aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds);

	kernel_neon_end();

	memzero_explicit(&rk, sizeof(rk));



	return crypto_cipher_setkey(ctx->enc_tfm, in_key, key_len);

}

arch/arm64/crypto/aes-neonbs-glue.c

+1 −0
Original line number Diff line number Diff line
@@ -151,6 +151,7 @@ static int aesbs_cbc_setkey(struct crypto_skcipher *tfm, const u8 *in_key, 
	kernel_neon_begin();

	aesbs_convert_key(ctx->key.rk, rk.key_enc, ctx->key.rounds);

	kernel_neon_end();

	memzero_explicit(&rk, sizeof(rk));



	return 0;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE