diff options
| author | Eric Biggers <ebiggers@google.com> | 2017-06-08 14:49:18 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-11-15 15:53:17 +0100 |
| commit | 64a234537a8850aeba8fa65b1bf81d04bc5ae946 (patch) | |
| tree | 99c08d59fcabc2c22542649f48ddcfd7afaedcbc /REPORTING-BUGS | |
| parent | bddc61e7732be12d2f09391a2434253d9cb34f52 (diff) | |
KEYS: trusted: sanitize all key material
commit ee618b4619b72527aaed765f0f0b74072b281159 upstream.
As the previous patch did for encrypted-keys, zero sensitive any
potentially sensitive data related to the "trusted" key type before it
is freed. Notably, we were not zeroing the tpm_buf structures in which
the actual key is stored for TPM seal and unseal, nor were we zeroing
the trusted_key_payload in certain error paths.
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Safford <safford@us.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'REPORTING-BUGS')
0 files changed, 0 insertions, 0 deletions