Message ID | 8c764d916f21d56402a5b9a915ea31d927898da0.1360231701.git.dborkman@redhat.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
On 02/07/2013 05:55 AM, Daniel Borkmann wrote: > For sensitive data like keying material, it is common practice to zero > out keys before returning the memory back to the allocator. Thus, use > kzfree instead of kfree. > > Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> -vlad > --- > net/sctp/auth.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/sctp/auth.c b/net/sctp/auth.c > index 55f1b06..69fcd6d 100644 > --- a/net/sctp/auth.c > +++ b/net/sctp/auth.c > @@ -71,7 +71,7 @@ void sctp_auth_key_put(struct sctp_auth_bytes *key) > return; > > if (atomic_dec_and_test(&key->refcnt)) { > - kfree(key); > + kzfree(key); > SCTP_DBG_OBJCNT_DEC(keys); > } > } > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Daniel Borkmann <dborkman@redhat.com> Date: Thu, 7 Feb 2013 11:55:37 +0100 > For sensitive data like keying material, it is common practice to zero > out keys before returning the memory back to the allocator. Thus, use > kzfree instead of kfree. > > Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Applied and queued up for -stable. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/sctp/auth.c b/net/sctp/auth.c index 55f1b06..69fcd6d 100644 --- a/net/sctp/auth.c +++ b/net/sctp/auth.c @@ -71,7 +71,7 @@ void sctp_auth_key_put(struct sctp_auth_bytes *key) return; if (atomic_dec_and_test(&key->refcnt)) { - kfree(key); + kzfree(key); SCTP_DBG_OBJCNT_DEC(keys); } }
For sensitive data like keying material, it is common practice to zero out keys before returning the memory back to the allocator. Thus, use kzfree instead of kfree. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> --- net/sctp/auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)