diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 12:33:32 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 12:33:32 -0700 |
commit | c8c48001eb241f335739ef06492ae99b4cd891d6 (patch) | |
tree | 14b6f6d514b25ffb16981a2867c6902edf41b685 /crypto/sha256_generic.c | |
parent | 6de0bdb30d75edcf5f1e3f80da5b65670b9831f1 (diff) | |
parent | 8ff8c72485c0d0bbb91377d33bbf016ae0744cd8 (diff) | |
download | linux-crypto-c8c48001eb241f335739ef06492ae99b4cd891d6.tar.gz linux-crypto-c8c48001eb241f335739ef06492ae99b4cd891d6.zip |
Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random
Pull /dev/random updates from Ted Ts'o:
"This adds a memzero_explicit() call which is guaranteed not to be
optimized away by GCC. This is important when we are wiping
cryptographically sensitive material"
* tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
crypto: memzero_explicit - make sure to clear out sensitive data
random: add and use memzero_explicit() for clearing data
Diffstat (limited to '')
-rw-r--r-- | crypto/sha256_generic.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c index 0bb55834..65e7b76b 100644 --- a/crypto/sha256_generic.c +++ b/crypto/sha256_generic.c @@ -211,10 +211,9 @@ static void sha256_transform(u32 *state, const u8 *input) /* clear any sensitive info... */ a = b = c = d = e = f = g = h = t1 = t2 = 0; - memset(W, 0, 64 * sizeof(u32)); + memzero_explicit(W, 64 * sizeof(u32)); } - static int sha224_init(struct shash_desc *desc) { struct sha256_state *sctx = shash_desc_ctx(desc); @@ -317,7 +316,7 @@ static int sha224_final(struct shash_desc *desc, u8 *hash) sha256_final(desc, D); memcpy(hash, D, SHA224_DIGEST_SIZE); - memset(D, 0, SHA256_DIGEST_SIZE); + memzero_explicit(D, SHA256_DIGEST_SIZE); return 0; } |