From c3b64911331219a3ff6bb6aeb844d92612a8e821 Mon Sep 17 00:00:00 2001 From: Jakub Kicinski Date: Mon, 8 Jul 2019 19:53:14 -0700 Subject: nfp: tls: don't leave key material in freed FW cmsg skbs Make sure the contents of the skb which carried key material to the FW is cleared. Signed-off-by: Jakub Kicinski Reviewed-by: Dirk van der Merwe Signed-off-by: David S. Miller --- drivers/net/ethernet/netronome/nfp/crypto/tls.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'drivers/net') diff --git a/drivers/net/ethernet/netronome/nfp/crypto/tls.c b/drivers/net/ethernet/netronome/nfp/crypto/tls.c index d448c6de8ea4..96a96b35c0ca 100644 --- a/drivers/net/ethernet/netronome/nfp/crypto/tls.c +++ b/drivers/net/ethernet/netronome/nfp/crypto/tls.c @@ -4,6 +4,7 @@ #include #include #include +#include #include #include "../ccm.h" @@ -340,8 +341,22 @@ nfp_net_tls_add(struct net_device *netdev, struct sock *sk, memcpy(&back->salt, tls_ci->salt, TLS_CIPHER_AES_GCM_128_SALT_SIZE); memcpy(back->rec_no, tls_ci->rec_seq, sizeof(tls_ci->rec_seq)); + /* Get an extra ref on the skb so we can wipe the key after */ + skb_get(skb); + err = nfp_ccm_mbox_communicate(nn, skb, NFP_CCM_TYPE_CRYPTO_ADD, sizeof(*reply), sizeof(*reply)); + reply = (void *)skb->data; + + /* We depend on CCM MBOX code not reallocating skb we sent + * so we can clear the key material out of the memory. + */ + if (!WARN_ON_ONCE((u8 *)back < skb->head || + (u8 *)back > skb_end_pointer(skb)) && + !WARN_ON_ONCE((u8 *)&reply[1] > (u8 *)back)) + memzero_explicit(back, sizeof(*back)); + dev_consume_skb_any(skb); /* the extra ref from skb_get() above */ + if (err) { nn_dp_warn(&nn->dp, "failed to add TLS: %d (%d)\n", err, direction == TLS_OFFLOAD_CTX_DIR_TX); @@ -349,7 +364,6 @@ nfp_net_tls_add(struct net_device *netdev, struct sock *sk, goto err_conn_remove; } - reply = (void *)skb->data; err = -be32_to_cpu(reply->error); if (err) { if (err == -ENOSPC) { -- cgit v1.2.3