forked from Minki/linux
KEYS: Use memzero_explicit() for secret data
I don't think GCC has figured out how to optimize the memset() away, but they might eventually so let's future proof this code a bit. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
This commit is contained in:
parent
57cb17e764
commit
5217660379
@ -985,7 +985,7 @@ static void encrypted_destroy(struct key *key)
|
||||
if (!epayload)
|
||||
return;
|
||||
|
||||
memset(epayload->decrypted_data, 0, epayload->decrypted_datalen);
|
||||
memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen);
|
||||
kfree(key->payload.data[0]);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user