subject:"\[PATCH 1\/5\] KEYS\: sanitize add_key\(\) and keyctl\(\) key payloads"

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-06-02 Thread Eric Biggers

On Fri, Jun 02, 2017 at 04:34:44PM +0100, David Howells wrote: > Eric Biggers wrote: > > > error2: > > + memzero_explicit(payload, plen); > > Isn't that wrong? payload can be NULL. > > David If you're talking about memset(NULL, ..., 0) being undefined behavior, it's

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-06-02 Thread Eric Biggers

On Fri, Jun 02, 2017 at 04:34:44PM +0100, David Howells wrote: > Eric Biggers wrote: > > > error2: > > + memzero_explicit(payload, plen); > > Isn't that wrong? payload can be NULL. > > David If you're talking about memset(NULL, ..., 0) being undefined behavior, it's completely insane but

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-06-02 Thread David Howells

Eric Biggers wrote: > error2: > + memzero_explicit(payload, plen); Isn't that wrong? payload can be NULL. David

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-06-02 Thread David Howells

Eric Biggers wrote: > error2: > + memzero_explicit(payload, plen); Isn't that wrong? payload can be NULL. David

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-04-28 Thread Eric Biggers

Hey David, On Fri, Apr 21, 2017 at 01:30:33AM -0700, Eric Biggers wrote: > From: Eric Biggers > > Before returning from add_key() or one of the keyctl() commands that > takes in a key payload, zero the temporary buffer that was allocated to > hold the key payload copied

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-04-28 Thread Eric Biggers

Hey David, On Fri, Apr 21, 2017 at 01:30:33AM -0700, Eric Biggers wrote: > From: Eric Biggers > > Before returning from add_key() or one of the keyctl() commands that > takes in a key payload, zero the temporary buffer that was allocated to > hold the key payload copied from userspace. This

[PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-04-21 Thread Eric Biggers

From: Eric Biggers Before returning from add_key() or one of the keyctl() commands that takes in a key payload, zero the temporary buffer that was allocated to hold the key payload copied from userspace. This may contain sensitive key material that should not be kept around

[PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

2017-04-21 Thread Eric Biggers

From: Eric Biggers Before returning from add_key() or one of the keyctl() commands that takes in a key payload, zero the temporary buffer that was allocated to hold the key payload copied from userspace. This may contain sensitive key material that should not be kept around in the slab caches.

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

Re: [PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

[PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

[PATCH 1/5] KEYS: sanitize add_key() and keyctl() key payloads

8 matches

Site Navigation

Mail list logo

Footer information