From: Vlad Yasevich <vyasevich@gmail.com>
To: Daniel Borkmann <dborkman@redhat.com>
Cc: davem@davemloft.net, linux-sctp@vger.kernel.org, netdev@vger.kernel.org
Subject: Re: [PATCH net 2/2] net: sctp: sctp_endpoint_free: zero out secret key data
Date: Fri, 08 Feb 2013 10:50:02 -0500 [thread overview]
Message-ID: <51151EAA.2090302@gmail.com> (raw)
In-Reply-To: <cf390ae999888aafe57914bcd87e5207be154557.1360327229.git.dborkman@redhat.com>
On 02/08/2013 08:04 AM, Daniel Borkmann wrote:
> On sctp_endpoint_destroy, previously used sensitive keying material
> should be zeroed out before the memory is returned, as we already do
> with e.g. auth keys when released.
>
> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
I'll ack this, but the whole multiple cookie keys code is completely
unused and has been all this time. Noone uses anything other then the
secret_key[0] since there is no changeover support anywhere. It might
be nice to clean that up too.
Acked-by: Vlad Yasevich <vyasevic@redhat.com>
-vlad
> ---
> net/sctp/endpointola.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
> index 17a001b..1a9c5fb 100644
> --- a/net/sctp/endpointola.c
> +++ b/net/sctp/endpointola.c
> @@ -249,6 +249,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep)
> /* Final destructor for endpoint. */
> static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
> {
> + int i;
> +
> SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return);
>
> /* Free up the HMAC transform. */
> @@ -271,6 +273,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
> sctp_inq_free(&ep->base.inqueue);
> sctp_bind_addr_free(&ep->base.bind_addr);
>
> + for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i)
> + memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE);
> +
> /* Remove and free the port */
> if (sctp_sk(ep->base.sk)->bind_hash)
> sctp_put_port(ep->base.sk);
>
c
If
next prev parent reply other threads:[~2013-02-08 15:50 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-08 13:04 [PATCH net 0/2] two small fixes for sctp key usage Daniel Borkmann
2013-02-08 13:04 ` [PATCH net 1/2] net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree Daniel Borkmann
2013-02-08 13:04 ` [PATCH net 2/2] net: sctp: sctp_endpoint_free: zero out secret key data Daniel Borkmann
2013-02-08 15:50 ` Vlad Yasevich [this message]
2013-02-08 16:02 ` Daniel Borkmann
2013-02-08 19:55 ` [PATCH net 0/2] two small fixes for sctp key usage David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51151EAA.2090302@gmail.com \
--to=vyasevich@gmail.com \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=linux-sctp@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).