c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2024-11-19 10:51:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2f76797ad9
mirror_zfs/module/icp
History
Attila Fülöp f58e513f74
ICP: AES-GCM: Refactor gcm_clear_ctx() 
Currently the temporary buffer in which decryption takes place
isn't cleared on context destruction. Further in some routines we
fail to call gcm_clear_ctx() on error exit. Both flaws may result
in leaking sensitive data.

We follow best practices and zero out the plaintext buffer before
freeing the memory holding it. Also move all cleanup into
gcm_clear_ctx() and call it on any context destruction.

The performance impact should be negligible.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Rob Norris <robn@despairlabs.com>
Signed-off-by: Attila Fülöp <attila@fueloep.org>
Closes #14528
2023-02-27 14:38:12 -08:00
..
algs ICP: AES-GCM: Refactor gcm_clear_ctx() 2023-02-27 14:38:12 -08:00
api Cleanup: Remove unnecessary explicit casts of pointers from allocators 2023-01-12 15:59:12 -08:00
asm-aarch64/blake3 Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
asm-ppc64/blake3 Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
asm-x86_64 Unify assembly files with macOS 2023-02-06 09:27:55 -08:00
core Cleanup: Remove unneeded semicolons 2023-01-12 16:00:30 -08:00
include ICP: AES-GCM: Refactor gcm_clear_ctx() 2023-02-27 14:38:12 -08:00
io ICP: AES-GCM: Refactor gcm_clear_ctx() 2023-02-27 14:38:12 -08:00
spi Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00
illumos-crypto.c Replace dead opensolaris.org license link 2022-07-11 14:16:13 -07:00