diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 12:33:32 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-10-24 12:33:32 -0700 |
commit | 14d4cc08832efb724e58944ba2ac22e2ca3143dc (patch) | |
tree | febca1365a5306d5a44b2481ec41f13f4c2defc2 /crypto/sha256_generic.c | |
parent | 1c45d9a920e6ef4fce38921e4fc776c2abca3197 (diff) | |
parent | 7185ad2672a7d50bc384de0e38d90b75d99f3d82 (diff) | |
download | linux-14d4cc08832efb724e58944ba2ac22e2ca3143dc.tar.gz linux-14d4cc08832efb724e58944ba2ac22e2ca3143dc.tar.bz2 linux-14d4cc08832efb724e58944ba2ac22e2ca3143dc.zip |
Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random
Pull /dev/random updates from Ted Ts'o:
"This adds a memzero_explicit() call which is guaranteed not to be
optimized away by GCC. This is important when we are wiping
cryptographically sensitive material"
* tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
crypto: memzero_explicit - make sure to clear out sensitive data
random: add and use memzero_explicit() for clearing data
Diffstat (limited to 'crypto/sha256_generic.c')
-rw-r--r-- | crypto/sha256_generic.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c index 0bb558344699..65e7b76b057f 100644 --- a/crypto/sha256_generic.c +++ b/crypto/sha256_generic.c @@ -211,10 +211,9 @@ static void sha256_transform(u32 *state, const u8 *input) /* clear any sensitive info... */ a = b = c = d = e = f = g = h = t1 = t2 = 0; - memset(W, 0, 64 * sizeof(u32)); + memzero_explicit(W, 64 * sizeof(u32)); } - static int sha224_init(struct shash_desc *desc) { struct sha256_state *sctx = shash_desc_ctx(desc); @@ -317,7 +316,7 @@ static int sha224_final(struct shash_desc *desc, u8 *hash) sha256_final(desc, D); memcpy(hash, D, SHA224_DIGEST_SIZE); - memset(D, 0, SHA256_DIGEST_SIZE); + memzero_explicit(D, SHA256_DIGEST_SIZE); return 0; } |