s390/pkey: zeroize key blobs

Key blobs for the IOCTLs PKEY_KBLOB2PROTK[23] may contain clear key
material. Zeroize the copies of these keys in kernel memory after
creating the protected key.

Reviewed-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Holger Dengler <dengler@linux.ibm.com>
Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>

diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index 5a05d1c..a8def50 100644 (file)
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -1293,6 +1293,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
                        return PTR_ERR(kkey);
                rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
                DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
+               memzero_explicit(kkey, ktp.keylen);
                kfree(kkey);
                if (rc)
                        break;
@@ -1426,6 +1427,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
                                        kkey, ktp.keylen, &ktp.protkey);
                DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
                kfree(apqns);
+               memzero_explicit(kkey, ktp.keylen);
                kfree(kkey);
                if (rc)
                        break;
@@ -1552,6 +1554,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
                                        protkey, &protkeylen);
                DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
                kfree(apqns);
+               memzero_explicit(kkey, ktp.keylen);
                kfree(kkey);
                if (rc) {
                        kfree(protkey);