crypto: algif - zeroize IV buffer

Zeroize the buffer holding the IV used for the completed cipher operation before the buffer is released by the skcipher AF_ALG interface handler. Signed-off-by: Stephan Mueller <[email protected]> Signed-off-by: Herbert Xu <[email protected]>
jix · Nov 12, 2014 · e1bd95b · e1bd95b
1 parent 2a6af25
commit e1bd95b
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
@@ -566,6 +566,7 @@ static void skcipher_sock_destruct(struct sock *sk)
 	struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(&ctx->req);
 
 	skcipher_free_sgl(sk);
+	memzero_explicit(ctx->iv, crypto_ablkcipher_ivsize(tfm));
 	sock_kfree_s(sk, ctx->iv, crypto_ablkcipher_ivsize(tfm));
 	sock_kfree_s(sk, ctx, ctx->len);
 	af_alg_release_parent(sk);