svn commit: r362632 - head/sys/netipsec

John Baldwin jhb at FreeBSD.org
Thu Jun 25 20:31:07 UTC 2020 

Author: jhb
Date: Thu Jun 25 20:31:06 2020
New Revision: 362632
URL: https://svnweb.freebsd.org/changeset/base/362632

Log:
  Use zfree() to explicitly zero IPsec keys.
  
  Reviewed by:	delphij
  Sponsored by:	Chelsio Communications
  Differential Revision:	https://reviews.freebsd.org/D25442

Modified:
  head/sys/netipsec/key.c
  head/sys/netipsec/xform_ah.c
  head/sys/netipsec/xform_esp.c
  head/sys/netipsec/xform_tcp.c

Modified: head/sys/netipsec/key.c
==============================================================================
--- head/sys/netipsec/key.c	Thu Jun 25 20:30:30 2020	(r362631)
+++ head/sys/netipsec/key.c	Thu Jun 25 20:31:06 2020	(r362632)
@@ -3060,27 +3060,19 @@ key_cleansav(struct secasvar *sav)
 	if (sav->flags & SADB_X_EXT_F_CLONED)
 		return;
 	/*
-	 * Cleanup xform state.  Note that zeroize'ing causes the
-	 * keys to be cleared; otherwise we must do it ourself.
+	 * Cleanup xform state.
 	 */
 	if (sav->tdb_xform != NULL) {
 		sav->tdb_xform->xf_zeroize(sav);
 		sav->tdb_xform = NULL;
-	} else {
-		if (sav->key_auth != NULL)
-			bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
-		if (sav->key_enc != NULL)
-			bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
 	}
 	if (sav->key_auth != NULL) {
-		if (sav->key_auth->key_data != NULL)
-			free(sav->key_auth->key_data, M_IPSEC_MISC);
+		zfree(sav->key_auth->key_data, M_IPSEC_MISC);
 		free(sav->key_auth, M_IPSEC_MISC);
 		sav->key_auth = NULL;
 	}
 	if (sav->key_enc != NULL) {
-		if (sav->key_enc->key_data != NULL)
-			free(sav->key_enc->key_data, M_IPSEC_MISC);
+		zfree(sav->key_enc->key_data, M_IPSEC_MISC);
 		free(sav->key_enc, M_IPSEC_MISC);
 		sav->key_enc = NULL;
 	}

Modified: head/sys/netipsec/xform_ah.c
==============================================================================
--- head/sys/netipsec/xform_ah.c	Thu Jun 25 20:30:30 2020	(r362631)
+++ head/sys/netipsec/xform_ah.c	Thu Jun 25 20:31:06 2020	(r362632)
@@ -250,9 +250,6 @@ int
 ah_zeroize(struct secasvar *sav)
 {
 
-	if (sav->key_auth)
-		bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
-
 	crypto_freesession(sav->tdb_cryptoid);
 	sav->tdb_cryptoid = NULL;
 	sav->tdb_authalgxform = NULL;

Modified: head/sys/netipsec/xform_esp.c
==============================================================================
--- head/sys/netipsec/xform_esp.c	Thu Jun 25 20:30:30 2020	(r362631)
+++ head/sys/netipsec/xform_esp.c	Thu Jun 25 20:31:06 2020	(r362632)
@@ -243,11 +243,9 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
 static int
 esp_zeroize(struct secasvar *sav)
 {
-	/* NB: ah_zerorize free's the crypto session state */
+	/* NB: ah_zeroize free's the crypto session state */
 	int error = ah_zeroize(sav);
 
-	if (sav->key_enc)
-		bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
 	sav->tdb_encalgxform = NULL;
 	sav->tdb_xform = NULL;
 	return error;

Modified: head/sys/netipsec/xform_tcp.c
==============================================================================
--- head/sys/netipsec/xform_tcp.c	Thu Jun 25 20:30:30 2020	(r362631)
+++ head/sys/netipsec/xform_tcp.c	Thu Jun 25 20:31:06 2020	(r362632)
@@ -365,8 +365,6 @@ static int
 tcpsignature_zeroize(struct secasvar *sav)
 {
 
-	if (sav->key_auth != NULL)
-		bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
 	sav->tdb_xform = NULL;
 	return (0);
 }

More information about the svn-src-all mailing list