From: Vlad Yasevich <vyasevich@gmail.com> To: Daniel Borkmann <dborkman@redhat.com> Cc: davem@davemloft.net, linux-sctp@vger.kernel.org, netdev@vger.kernel.org Subject: Re: [PATCH net 2/2] net: sctp: sctp_endpoint_free: zero out secret key data Date: Fri, 08 Feb 2013 10:50:02 -0500 [thread overview] Message-ID: <51151EAA.2090302@gmail.com> (raw) In-Reply-To: <cf390ae999888aafe57914bcd87e5207be154557.1360327229.git.dborkman@redhat.com> On 02/08/2013 08:04 AM, Daniel Borkmann wrote: > On sctp_endpoint_destroy, previously used sensitive keying material > should be zeroed out before the memory is returned, as we already do > with e.g. auth keys when released. > > Signed-off-by: Daniel Borkmann <dborkman@redhat.com> I'll ack this, but the whole multiple cookie keys code is completely unused and has been all this time. Noone uses anything other then the secret_key[0] since there is no changeover support anywhere. It might be nice to clean that up too. Acked-by: Vlad Yasevich <vyasevic@redhat.com> -vlad > --- > net/sctp/endpointola.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c > index 17a001b..1a9c5fb 100644 > --- a/net/sctp/endpointola.c > +++ b/net/sctp/endpointola.c > @@ -249,6 +249,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep) > /* Final destructor for endpoint. */ > static void sctp_endpoint_destroy(struct sctp_endpoint *ep) > { > + int i; > + > SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); > > /* Free up the HMAC transform. */ > @@ -271,6 +273,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) > sctp_inq_free(&ep->base.inqueue); > sctp_bind_addr_free(&ep->base.bind_addr); > > + for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i) > + memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE); > + > /* Remove and free the port */ > if (sctp_sk(ep->base.sk)->bind_hash) > sctp_put_port(ep->base.sk); > c If
WARNING: multiple messages have this Message-ID (diff)
From: Vlad Yasevich <vyasevich@gmail.com> To: Daniel Borkmann <dborkman@redhat.com> Cc: davem@davemloft.net, linux-sctp@vger.kernel.org, netdev@vger.kernel.org Subject: Re: [PATCH net 2/2] net: sctp: sctp_endpoint_free: zero out secret key data Date: Fri, 08 Feb 2013 15:50:02 +0000 [thread overview] Message-ID: <51151EAA.2090302@gmail.com> (raw) In-Reply-To: <cf390ae999888aafe57914bcd87e5207be154557.1360327229.git.dborkman@redhat.com> On 02/08/2013 08:04 AM, Daniel Borkmann wrote: > On sctp_endpoint_destroy, previously used sensitive keying material > should be zeroed out before the memory is returned, as we already do > with e.g. auth keys when released. > > Signed-off-by: Daniel Borkmann <dborkman@redhat.com> I'll ack this, but the whole multiple cookie keys code is completely unused and has been all this time. Noone uses anything other then the secret_key[0] since there is no changeover support anywhere. It might be nice to clean that up too. Acked-by: Vlad Yasevich <vyasevic@redhat.com> -vlad > --- > net/sctp/endpointola.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c > index 17a001b..1a9c5fb 100644 > --- a/net/sctp/endpointola.c > +++ b/net/sctp/endpointola.c > @@ -249,6 +249,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep) > /* Final destructor for endpoint. */ > static void sctp_endpoint_destroy(struct sctp_endpoint *ep) > { > + int i; > + > SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return); > > /* Free up the HMAC transform. */ > @@ -271,6 +273,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) > sctp_inq_free(&ep->base.inqueue); > sctp_bind_addr_free(&ep->base.bind_addr); > > + for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i) > + memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE); > + > /* Remove and free the port */ > if (sctp_sk(ep->base.sk)->bind_hash) > sctp_put_port(ep->base.sk); > c If
next prev parent reply other threads:[~2013-02-08 15:50 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2013-02-08 13:04 [PATCH net 0/2] two small fixes for sctp key usage Daniel Borkmann 2013-02-08 13:04 ` Daniel Borkmann 2013-02-08 13:04 ` [PATCH net 1/2] net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree Daniel Borkmann 2013-02-08 13:04 ` Daniel Borkmann 2013-02-08 13:04 ` [PATCH net 2/2] net: sctp: sctp_endpoint_free: zero out secret key data Daniel Borkmann 2013-02-08 13:04 ` Daniel Borkmann 2013-02-08 15:50 ` Vlad Yasevich [this message] 2013-02-08 15:50 ` Vlad Yasevich 2013-02-08 16:02 ` Daniel Borkmann 2013-02-08 16:02 ` Daniel Borkmann 2013-02-08 19:55 ` [PATCH net 0/2] two small fixes for sctp key usage David Miller 2013-02-08 19:55 ` David Miller
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=51151EAA.2090302@gmail.com \ --to=vyasevich@gmail.com \ --cc=davem@davemloft.net \ --cc=dborkman@redhat.com \ --cc=linux-sctp@vger.kernel.org \ --cc=netdev@vger.kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.