KEYS: trusted: sanitize all key material - kernel/linux.git

diff options

author	Eric Biggers <ebiggers@google.com>	2017-06-08 16:49:18 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-11-15 12:04:13 +0300
commit	cdd1a3fd76d5e232e5432998fc8e72cbc29f6bf3 (patch)
tree	e1ab64645d3bc614a0ee6ea862d9172c21e505ae /security/apparmor/.gitignore
parent	76fc35d849a1464142af7d628e29eb6dd62570b0 (diff)
download	linux-cdd1a3fd76d5e232e5432998fc8e72cbc29f6bf3.tar.xz

KEYS: trusted: sanitize all key material

commit ee618b4619b72527aaed765f0f0b74072b281159 upstream. As the previous patch did for encrypted-keys, zero sensitive any potentially sensitive data related to the "trusted" key type before it is freed. Notably, we were not zeroing the tpm_buf structures in which the actual key is stored for TPM seal and unseal, nor were we zeroing the trusted_key_payload in certain error paths. Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Cc: David Safford <safford@us.ibm.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'security/apparmor/.gitignore')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: