releases/2.6.34.15/net-sctp-sctp_endpoint_free-zero-out-secret-key-data.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-2.6.34 - Git at Google

 From 0b4a57ba65ccf292da1b739928030d8825f239af Mon Sep 17 00:00:00 2001
 From: Daniel Borkmann <dborkman@redhat.com>
 Date: Fri, 8 Feb 2013 03:04:35 +0000
 Subject: [PATCH] net: sctp: sctp_endpoint_free: zero out secret key data

 commit b5c37fe6e24eec194bb29d22fdd55d73bcc709bf upstream.

 On sctp_endpoint_destroy, previously used sensitive keying material
 should be zeroed out before the memory is returned, as we already do
 with e.g. auth keys when released.

 Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
 Acked-by: Vlad Yasevich <vyasevic@redhat.com>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
 ---
  net/sctp/endpointola.c | 5 +++++
  1 file changed, 5 insertions(+)

 diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
 index 7ec09ba03a1c..e80ba5def747 100644
 --- a/net/sctp/endpointola.c
 +++ b/net/sctp/endpointola.c
 @@ -250,6 +250,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep)
  /* Final destructor for endpoint.  */
  static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
  {
 +	int i;
 +
  	SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return);

  	/* Free up the HMAC transform. */
 @@ -272,6 +274,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
  	sctp_inq_free(&ep->base.inqueue);
  	sctp_bind_addr_free(&ep->base.bind_addr);

 +	for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i)
 +		memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE);
 +
  	/* Remove and free the port */
  	if (sctp_sk(ep->base.sk)->bind_hash)
  		sctp_put_port(ep->base.sk);
 --
 1.8.5.2
	From 0b4a57ba65ccf292da1b739928030d8825f239af Mon Sep 17 00:00:00 2001
	From: Daniel Borkmann <dborkman@redhat.com>
	Date: Fri, 8 Feb 2013 03:04:35 +0000
	Subject: [PATCH] net: sctp: sctp_endpoint_free: zero out secret key data

	commit b5c37fe6e24eec194bb29d22fdd55d73bcc709bf upstream.

	On sctp_endpoint_destroy, previously used sensitive keying material
	should be zeroed out before the memory is returned, as we already do
	with e.g. auth keys when released.

	Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
	Acked-by: Vlad Yasevich <vyasevic@redhat.com>
	Signed-off-by: David S. Miller <davem@davemloft.net>
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
	---
	net/sctp/endpointola.c \| 5 +++++
	1 file changed, 5 insertions(+)

	diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
	index 7ec09ba03a1c..e80ba5def747 100644
	--- a/net/sctp/endpointola.c
	+++ b/net/sctp/endpointola.c
	@@ -250,6 +250,8 @@ void sctp_endpoint_free(struct sctp_endpoint *ep)
	/* Final destructor for endpoint. */
	static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
	{
	+ int i;
	+
	SCTP_ASSERT(ep->base.dead, "Endpoint is not dead", return);

	/* Free up the HMAC transform. */
	@@ -272,6 +274,9 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep)
	sctp_inq_free(&ep->base.inqueue);
	sctp_bind_addr_free(&ep->base.bind_addr);

	+ for (i = 0; i < SCTP_HOW_MANY_SECRETS; ++i)
	+ memset(&ep->secret_key[i], 0, SCTP_SECRET_SIZE);
	+
	/* Remove and free the port */
	if (sctp_sk(ep->base.sk)->bind_hash)
	sctp_put_port(ep->base.sk);
	--
	1.8.5.2