summaryrefslogtreecommitdiffstats
path: root/drivers/char/hw_random
diff options
context:
space:
mode:
authorStephan Mueller <smueller@chronox.de>2016-10-22 15:57:05 +0200
committerHerbert Xu <herbert@gondor.apana.org.au>2016-11-01 08:37:10 +0800
commit2cc751545854d7bd7eedf4d7e377bb52e176cd07 (patch)
tree3da983c4888bc5b606db9051f2322af27048fa68 /drivers/char/hw_random
parentd7db7a882debaffc78f91aabedee973aa1f73390 (diff)
downloadlinux-2cc751545854d7bd7eedf4d7e377bb52e176cd07.tar.bz2
hwrng: core - zeroize buffers with random data
The HWRNG core allocates two buffers during initialization which are used to obtain random data. After that data is processed, it is now zeroized as it is possible that the HWRNG core will not be asked to produce more random data for a long time. This prevents leaving such sensitive data in memory. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'drivers/char/hw_random')
-rw-r--r--drivers/char/hw_random/core.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/char/hw_random/core.c b/drivers/char/hw_random/core.c
index d2d2c89de5b4..f9766415ff10 100644
--- a/drivers/char/hw_random/core.c
+++ b/drivers/char/hw_random/core.c
@@ -92,6 +92,7 @@ static void add_early_randomness(struct hwrng *rng)
mutex_unlock(&reading_mutex);
if (bytes_read > 0)
add_device_randomness(rng_buffer, bytes_read);
+ memset(rng_buffer, 0, size);
}
static inline void cleanup_rng(struct kref *kref)
@@ -287,6 +288,7 @@ static ssize_t rng_dev_read(struct file *filp, char __user *buf,
}
}
out:
+ memset(rng_buffer, 0, rng_buffer_size());
return ret ? : err;
out_unlock_reading:
@@ -425,6 +427,7 @@ static int hwrng_fillfn(void *unused)
/* Outside lock, sure, but y'know: randomness. */
add_hwgenerator_randomness((void *)rng_fillbuf, rc,
rc * current_quality * 8 >> 10);
+ memset(rng_fillbuf, 0, rng_buffer_size());
}
hwrng_fill = NULL;
return 0;