diff options
| author |  Eric Biggers <ebiggers@google.com>
| 2017-06-08 14:49:18 +0100 |
|---|---|---|
| committer |  James Morris <james.l.morris@oracle.com>
| 2017-06-09 13:29:48 +1000 |
| commit | ee618b4619b72527aaed765f0f0b74072b281159 (patch) | |
| tree | 7a01f2a757a88fab95d9acf6353494a6e8e1a32e /include | |
| parent | KEYS: encrypted: sanitize all key material (diff) | |
| download | linux-ee618b4619b72527aaed765f0f0b74072b281159.tar.gz linux-ee618b4619b72527aaed765f0f0b74072b281159.tar.bz2 linux-ee618b4619b72527aaed765f0f0b74072b281159.zip | |
KEYS: trusted: sanitize all key material
As the previous patch did for encrypted-keys, zero sensitive any
potentially sensitive data related to the "trusted" key type before it
is freed. Notably, we were not zeroing the tpm_buf structures in which
the actual key is stored for TPM seal and unseal, nor were we zeroing
the trusted_key_payload in certain error paths.
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Safford <safford@us.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions