tls: clear key material from kernel memory when do_tls_setsockopt_conf fails

[ Upstream commit c844eb46 ] Fixes: 3c4d7559 ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

tls: clear key material from kernel memory when do_tls_setsockopt_conf fails
[ Upstream commit c844eb46 ] Fixes: 3c4d7559 ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
18fef87e · Sabrina Dubroca · Greg Kroah-Hartman · 0c033429 · 18fef87e
Commit 18fef87e authored Sep 12, 2018 by Sabrina Dubroca Committed by Greg Kroah-Hartman Sep 29, 2018
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

net/tls/tls_main.c net/tls/tls_main.c +1 -1

No files found.
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -425,7 +425,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,
 	goto out;

 err_crypto_info:
-	memset(crypto_info, 0, sizeof(*crypto_info));
+	memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
 out:
 	return rc;
 }