From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Daniel Borkmann <dborkman@redhat.com>,
Neil Horman <nhorman@tuxdriver.com>,
Vlad Yasevich <vyasevich@gmail.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [ 30/34] net: sctp: sctp_auth_key_put: use kzfree instead of kfree
Date: Mon, 29 Apr 2013 12:02:37 -0700 [thread overview]
Message-ID: <20130429184704.295077191@linuxfoundation.org> (raw)
In-Reply-To: <20130429184700.845644077@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Daniel Borkmann <dborkman@redhat.com>
[ Upstream commit 586c31f3bf04c290dc0a0de7fc91d20aa9a5ee53 ]
For sensitive data like keying material, it is common practice to zero
out keys before returning the memory back to the allocator. Thus, use
kzfree instead of kfree.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/sctp/auth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -71,7 +71,7 @@ void sctp_auth_key_put(struct sctp_auth_
return;
if (atomic_dec_and_test(&key->refcnt)) {
- kfree(key);
+ kzfree(key);
SCTP_DBG_OBJCNT_DEC(keys);
}
}
next prev parent reply other threads:[~2013-04-29 19:14 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-29 19:02 [ 00/34] 3.4.43-stable review Greg Kroah-Hartman
2013-04-29 19:02 ` [ 01/34] aio: fix possible invalid memory access when DEBUG is enabled Greg Kroah-Hartman
2013-04-29 19:02 ` [ 02/34] TTY: do not update atime/mtime on read/write Greg Kroah-Hartman
2013-04-29 19:02 ` [ 03/34] TTY: fix atime/mtime regression Greg Kroah-Hartman
2013-04-29 19:02 ` [ 04/34] sparc64: Fix race in TLB batch processing Greg Kroah-Hartman
2013-04-29 19:02 ` [ 05/34] atm: update msg_namelen in vcc_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 06/34] ax25: fix info leak via msg_name in ax25_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 07/34] Bluetooth: fix possible info leak in bt_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 08/34] Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 09/34] caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 10/34] irda: Fix missing msg_namelen update in irda_recvmsg_dgram() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 11/34] iucv: Fix missing msg_namelen update in iucv_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 12/34] llc: Fix missing msg_namelen update in llc_ui_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 13/34] netrom: fix info leak via msg_name in nr_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 14/34] NFC: llcp: fix info leaks via msg_name in llcp_sock_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 15/34] rose: fix info leak via msg_name in rose_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 16/34] tipc: fix info leaks via msg_name in recv_msg/recv_stream Greg Kroah-Hartman
2013-04-29 19:02 ` [ 17/34] netrom: fix invalid use of sizeof in nr_recvmsg() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 18/34] cbq: incorrect processing of high limits Greg Kroah-Hartman
2013-04-29 19:02 ` [ 19/34] net IPv6 : Fix broken IPv6 routing table after loopback down-up Greg Kroah-Hartman
2013-04-29 19:02 ` [ 20/34] net: count hw_addr syncs so that unsync works properly Greg Kroah-Hartman
2013-04-29 19:02 ` [ 21/34] atl1e: limit gso segment size to prevent generation of wrong ip length fields Greg Kroah-Hartman
2013-04-29 19:02 ` [ 22/34] bonding: fix bonding_masters race condition in bond unloading Greg Kroah-Hartman
2013-04-29 19:02 ` [ 23/34] bonding: IFF_BONDING is not stripped on enslave failure Greg Kroah-Hartman
2013-04-29 19:02 ` [ 24/34] af_unix: If we dont care about credentials coallesce all messages Greg Kroah-Hartman
2013-04-29 19:02 ` [ 25/34] netfilter: dont reset nf_trace in nf_reset() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 26/34] rtnetlink: Call nlmsg_parse() with correct header length Greg Kroah-Hartman
2013-04-29 19:02 ` [ 27/34] tcp: incoming connections might use wrong route under synflood Greg Kroah-Hartman
2013-04-29 19:02 ` [ 28/34] tcp: Reallocate headroom if it would overflow csum_start Greg Kroah-Hartman
2013-04-29 19:02 ` [ 29/34] esp4: fix error return code in esp_output() Greg Kroah-Hartman
2013-04-29 19:02 ` Greg Kroah-Hartman [this message]
2013-04-29 19:02 ` [ 31/34] tcp: call tcp_replace_ts_recent() from tcp_ack() Greg Kroah-Hartman
2013-04-29 19:02 ` [ 32/34] net: rate-limit warn-bad-offload splats Greg Kroah-Hartman
2013-04-29 19:02 ` [ 33/34] net: fix incorrect credentials passing Greg Kroah-Hartman
2013-04-29 19:02 ` [ 34/34] net: drop dst before queueing fragments Greg Kroah-Hartman
2013-04-30 1:54 ` [ 00/34] 3.4.43-stable review Shuah Khan
2013-04-30 1:54 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130429184704.295077191@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=nhorman@tuxdriver.com \
--cc=stable@vger.kernel.org \
--cc=vyasevich@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.