Commit c844eb46 authored by Sabrina Dubroca's avatar Sabrina Dubroca Committed by David S. Miller

tls: clear key material from kernel memory when do_tls_setsockopt_conf fails

Fixes: 3c4d7559 ("tls: kernel TLS support")
Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 86029d10
...@@ -509,7 +509,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, ...@@ -509,7 +509,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
goto out; goto out;
err_crypto_info: err_crypto_info:
memset(crypto_info, 0, sizeof(*crypto_info)); memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
out: out:
return rc; return rc;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment