From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Sabrina Dubroca <sd@queasysnail.net>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.14 12/64] tls: zero the crypto information from tls_context before freeing
Date: Thu, 27 Sep 2018 11:03:29 +0200 [thread overview]
Message-ID: <20180927090251.401406514@linuxfoundation.org> (raw)
In-Reply-To: <20180927090249.801943776@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sabrina Dubroca <sd@queasysnail.net>
[ Upstream commit 86029d10af18381814881d6cce2dd6872163b59f ]
This contains key material in crypto_send_aes_gcm_128 and
crypto_recv_aes_gcm_128.
Introduce union tls_crypto_context, and replace the two identical
unions directly embedded in struct tls_context with it. We can then
use this union to clean up the memory in the new tls_ctx_free()
function.
Fixes: 3c4d7559159b ("tls: kernel TLS support")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/net/tls.h | 14 ++++++++------
net/tls/tls_main.c | 15 ++++++++++++---
net/tls/tls_sw.c | 2 +-
3 files changed, 21 insertions(+), 10 deletions(-)
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -79,11 +79,13 @@ enum {
TLS_PENDING_CLOSED_RECORD
};
+union tls_crypto_context {
+ struct tls_crypto_info info;
+ struct tls12_crypto_info_aes_gcm_128 aes_gcm_128;
+};
+
struct tls_context {
- union {
- struct tls_crypto_info crypto_send;
- struct tls12_crypto_info_aes_gcm_128 crypto_send_aes_gcm_128;
- };
+ union tls_crypto_context crypto_send;
void *priv_ctx;
@@ -208,8 +210,8 @@ static inline void tls_fill_prepend(stru
* size KTLS_DTLS_HEADER_SIZE + KTLS_DTLS_NONCE_EXPLICIT_SIZE
*/
buf[0] = record_type;
- buf[1] = TLS_VERSION_MINOR(ctx->crypto_send.version);
- buf[2] = TLS_VERSION_MAJOR(ctx->crypto_send.version);
+ buf[1] = TLS_VERSION_MINOR(ctx->crypto_send.info.version);
+ buf[2] = TLS_VERSION_MAJOR(ctx->crypto_send.info.version);
/* we can use IV for nonce explicit according to spec */
buf[3] = pkt_len >> 8;
buf[4] = pkt_len & 0xFF;
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -218,6 +218,15 @@ static void tls_write_space(struct sock
ctx->sk_write_space(sk);
}
+static void tls_ctx_free(struct tls_context *ctx)
+{
+ if (!ctx)
+ return;
+
+ memzero_explicit(&ctx->crypto_send, sizeof(ctx->crypto_send));
+ kfree(ctx);
+}
+
static void tls_sk_proto_close(struct sock *sk, long timeout)
{
struct tls_context *ctx = tls_get_ctx(sk);
@@ -246,7 +255,7 @@ static void tls_sk_proto_close(struct so
kfree(ctx->iv);
sk_proto_close = ctx->sk_proto_close;
- kfree(ctx);
+ tls_ctx_free(ctx);
release_sock(sk);
sk_proto_close(sk, timeout);
@@ -274,7 +283,7 @@ static int do_tls_getsockopt_tx(struct s
}
/* get user crypto info */
- crypto_info = &ctx->crypto_send;
+ crypto_info = &ctx->crypto_send.info;
if (!TLS_CRYPTO_INFO_READY(crypto_info)) {
rc = -EBUSY;
@@ -371,7 +380,7 @@ static int do_tls_setsockopt_tx(struct s
}
/* get user crypto info */
- crypto_info = &ctx->crypto_send;
+ crypto_info = &ctx->crypto_send.info;
/* Currently we don't support set crypto info more than one time */
if (TLS_CRYPTO_INFO_READY(crypto_info)) {
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -687,7 +687,7 @@ int tls_set_sw_offload(struct sock *sk,
ctx->priv_ctx = (struct tls_offload_context *)sw_ctx;
ctx->free_resources = tls_sw_free_resources;
- crypto_info = &ctx->crypto_send;
+ crypto_info = &ctx->crypto_send.info;
switch (crypto_info->cipher_type) {
case TLS_CIPHER_AES_GCM_128: {
nonce_size = TLS_CIPHER_AES_GCM_128_IV_SIZE;
next prev parent reply other threads:[~2018-09-27 9:16 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-27 9:03 [PATCH 4.14 00/64] 4.14.73-stable review Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 01/64] gso_segment: Reset skb->mac_len after modifying network header Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 02/64] ipv6: fix possible use-after-free in ip6_xmit() Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 03/64] net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 04/64] net: hp100: fix always-true check for link up state Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 05/64] pppoe: fix reception of frames with no mac header Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 06/64] qmi_wwan: set DTR for modems in forced USB2 mode Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 07/64] udp4: fix IP_CMSG_CHECKSUM for connected sockets Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 08/64] neighbour: confirm neigh entries when ARP packet is received Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 09/64] udp6: add missing checks on edumux packet processing Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 10/64] net/sched: act_sample: fix NULL dereference in the data path Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 11/64] tls: dont copy the key out of tls12_crypto_info_aes_gcm_128 Greg Kroah-Hartman
2018-09-27 9:03 ` Greg Kroah-Hartman [this message]
2018-09-27 9:03 ` [PATCH 4.14 13/64] tls: clear key material from kernel memory when do_tls_setsockopt_conf fails Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 14/64] NFC: Fix possible memory corruption when handling SHDLC I-Frame commands Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 15/64] NFC: Fix the number of pipes Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 16/64] ASoC: cs4265: fix MMTLR Data switch control Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 17/64] ASoC: rsnd: fixup not to call clk_get/set under non-atomic Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 18/64] ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 19/64] ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 20/64] ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 21/64] ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 22/64] ALSA: firewire-digi00x: fix memory leak of private data Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 23/64] ALSA: firewire-tascam: " Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 24/64] ALSA: fireworks: fix memory leak of response buffer at error path Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 25/64] ALSA: oxfw: fix memory leak for model-dependent data " Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 26/64] ALSA: oxfw: fix memory leak of discovered stream formats " Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 27/64] ALSA: oxfw: fix memory leak of private data Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 28/64] platform/x86: alienware-wmi: Correct a memory leak Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 29/64] xen/netfront: dont bug in case of too many frags Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 30/64] xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 31/64] spi: fix IDR collision on systems with both fixed and dynamic SPI bus numbers Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 32/64] Revert "PCI: Add ACS quirk for Intel 300 series" Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 33/64] ring-buffer: Allow for rescheduling when removing pages Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 34/64] mm: shmem.c: Correctly annotate new inodes for lockdep Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 35/64] Revert "rpmsg: core: add support to power domains for devices" Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 36/64] Revert "uapi/linux/keyctl.h: dont use C++ reserved keyword as a struct member name" Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 37/64] scsi: target: iscsi: Use hex2bin instead of a re-implementation Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 38/64] scsi: target: iscsi: Use bin2hex " Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 39/64] Revert "ubifs: xattr: Dont operate on deleted inodes" Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 40/64] ocfs2: fix ocfs2 read block panic Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 41/64] drm/nouveau: Fix deadlocks in nouveau_connector_detect() Greg Kroah-Hartman
2018-09-27 9:03 ` [PATCH 4.14 42/64] drm/nouveau/drm/nouveau: Dont forget to cancel hpd_work on suspend/unload Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 43/64] drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 44/64] drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 45/64] drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 46/64] drm/vc4: Fix the "no scaling" case on multi-planar YUV formats Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 47/64] drm: udl: Destroy framebuffer only if it was initialized Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 48/64] drm/amdgpu: add new polaris pci id Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 49/64] drm/atomic: Use drm_drv_uses_atomic_modeset() for debugfs creation Greg Kroah-Hartman
2018-09-27 18:00 ` Jon Hunter
2018-09-27 19:01 ` Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 50/64] tty: vt_ioctl: fix potential Spectre v1 Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 51/64] ext4: check to make sure the rename(2)s destination is not freed Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 52/64] ext4: avoid divide by zero fault when deleting corrupted inline directories Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 53/64] ext4: avoid arithemetic overflow that can trigger a BUG Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 54/64] ext4: recalucate superblock checksum after updating free blocks/inodes Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 55/64] ext4: fix online resizes handling of a too-small final block group Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 56/64] ext4: fix online resizing for bigalloc file systems with a 1k block size Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 57/64] ext4: dont mark mmp buffer head dirty Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 58/64] ext4: show test_dummy_encryption mount option in /proc/mounts Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 59/64] sched/fair: Fix vruntime_normalized() for remote non-migration wakeup Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 60/64] PCI: aardvark: Size bridges before resources allocation Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 61/64] vmw_balloon: include asm/io.h Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 62/64] iw_cxgb4: only allow 1 flush on user qps Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 63/64] tick/nohz: Prevent bogus softirq pending warning Greg Kroah-Hartman
2018-09-27 9:04 ` [PATCH 4.14 64/64] crypto: x86/aegis,morus - Do not require OSXSAVE for SSE2 Greg Kroah-Hartman
2018-09-27 11:30 ` Sudip Mukherjee
2018-09-27 12:40 ` Greg Kroah-Hartman
2018-09-27 19:00 ` [PATCH 4.14 00/64] 4.14.73-stable review Nathan Chancellor
2018-09-27 19:20 ` Greg Kroah-Hartman
2018-09-27 19:57 ` Rafael David Tinoco
2018-09-27 20:10 ` Shuah Khan
2018-09-27 20:56 ` Sudip Mukherjee
2018-09-27 21:45 ` Sudip Mukherjee
2018-09-28 4:46 ` Greg Kroah-Hartman
2018-09-27 21:56 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180927090251.401406514@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=sd@queasysnail.net \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).