From 272a121940a286d7abaf7ac3ec5a37c5dbfa7b89 Mon Sep 17 00:00:00 2001 From: Denis Efremov Date: Thu, 27 Aug 2020 10:29:23 +0300 Subject: security/keys: use kvfree_sensitive() Use kvfree_sensitive() instead of open-coding it. Signed-off-by: Denis Efremov Signed-off-by: David Howells Reviewed-by: Jarkko Sakkinen Reviewed-by: Ben Boeckel --- security/keys/big_key.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'security/keys') diff --git a/security/keys/big_key.c b/security/keys/big_key.c index 691347dea3c1..d17e5f09eeb8 100644 --- a/security/keys/big_key.c +++ b/security/keys/big_key.c @@ -121,8 +121,7 @@ int big_key_preparse(struct key_preparsed_payload *prep) *path = file->f_path; path_get(path); fput(file); - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); } else { /* Just store the data in a buffer */ void *data = kmalloc(datalen, GFP_KERNEL); @@ -140,8 +139,7 @@ err_fput: err_enckey: kfree_sensitive(enckey); error: - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); return ret; } @@ -273,8 +271,7 @@ long big_key_read(const struct key *key, char *buffer, size_t buflen) err_fput: fput(file); error: - memzero_explicit(buf, enclen); - kvfree(buf); + kvfree_sensitive(buf, enclen); } else { ret = datalen; memcpy(buffer, key->payload.data[big_key_data], datalen); -- cgit v1.2.3