From 02ed3e7c1665205ddae052774d6f26c71d3d9b30 Mon Sep 17 00:00:00 2001 From: Gonglei Date: Thu, 22 Dec 2016 11:01:28 +0800 Subject: virtio-crypto: zeroize the key material before free Common practice with sensitive information (key material, passwords, etc). Prevents sensitive information from being exposed by accident later in coredumps, memory disclosure bugs when heap memory is reused, etc. Sensitive information is sometimes also held in mlocked pages to prevent it being swapped to disk but that's not being done here. Let's zeroize the memory of CryptoDevBackendSymOpInfo structure pointed for key material security. [Thanks to Stefan for help with crafting the commit message] Signed-off-by: Gonglei Reviewed-by: Stefan Hajnoczi Reviewed-by: Eric Blake Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- hw/virtio/virtio-crypto.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'hw/virtio/virtio-crypto.c') diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c index fc30bc3ddc..296472fc6e 100644 --- a/hw/virtio/virtio-crypto.c +++ b/hw/virtio/virtio-crypto.c @@ -337,7 +337,18 @@ static void virtio_crypto_free_request(VirtIOCryptoReq *req) { if (req) { if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) { - g_free(req->u.sym_op_info); + size_t max_len; + CryptoDevBackendSymOpInfo *op_info = req->u.sym_op_info; + + max_len = op_info->iv_len + + op_info->aad_len + + op_info->src_len + + op_info->dst_len + + op_info->digest_result_len; + + /* Zeroize and free request data structure */ + memset(op_info, 0, sizeof(*op_info) + max_len); + g_free(op_info); } g_free(req); } -- cgit v1.2.3