tls: zero the crypto information from tls_context before freeing
This contains key material in crypto_send_aes_gcm_128 and crypto_recv_aes_gcm_128. Introduce union tls_crypto_context, and replace the two identical unions directly embedded in struct tls_context with it. We can then use this union to clean up the memory in the new tls_ctx_free() function. Fixes: 3c4d7559 ("tls: kernel TLS support") Signed-off-by:Sabrina Dubroca <sd@queasysnail.net> Signed-off-by:
David S. Miller <davem@davemloft.net>
Showing
- include/net/tls.h 9 additions, 10 deletionsinclude/net/tls.h
- net/tls/tls_device.c 3 additions, 3 deletionsnet/tls/tls_device.c
- net/tls/tls_device_fallback.c 1 addition, 1 deletionnet/tls/tls_device_fallback.c
- net/tls/tls_main.c 15 additions, 5 deletionsnet/tls/tls_main.c
- net/tls/tls_sw.c 4 additions, 4 deletionsnet/tls/tls_sw.c
Loading
Please register or sign in to comment