Patch "net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree" has been added to the 3.4-stable tree

Tue, 12 Feb 2013 10:53:33 -0800 

This is a note to let you know that I've just added the patch titled

    net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree

to the 3.4-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     net-sctp-sctp_setsockopt_auth_key-use-kzfree-instead-of-kfree.patch
and it can be found in the queue-3.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


>From 838bcd67faa48ef502338e73d4aaf17db407e60d Mon Sep 17 00:00:00 2001
From: Daniel Borkmann <[email protected]>
Date: Fri, 8 Feb 2013 03:04:34 +0000
Subject: net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree


From: Daniel Borkmann <[email protected]>

[ Upstream commit 6ba542a291a5e558603ac51cda9bded347ce7627 ]

In sctp_setsockopt_auth_key, we create a temporary copy of the user
passed shared auth key for the endpoint or association and after
internal setup, we free it right away. Since it's sensitive data, we
should zero out the key before returning the memory back to the
allocator. Thus, use kzfree instead of kfree, just as we do in
sctp_auth_key_put().

Signed-off-by: Daniel Borkmann <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
 net/sctp/socket.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -3375,7 +3375,7 @@ static int sctp_setsockopt_auth_key(stru
 
        ret = sctp_auth_set_key(sctp_sk(sk)->ep, asoc, authkey);
 out:
-       kfree(authkey);
+       kzfree(authkey);
        return ret;
 }
 


Patches currently in stable-queue which might be from [email protected] are

queue-3.4/net-sctp-sctp_endpoint_free-zero-out-secret-key-data.patch
queue-3.4/net-sctp-sctp_setsockopt_auth_key-use-kzfree-instead-of-kfree.patch
queue-3.4/packet-fix-leakage-of-tx_ring-memory.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to