mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
linux-stable/security
History
Eric Biggers 64a234537a KEYS: trusted: sanitize all key material 
commit ee618b4619 upstream.

As the previous patch did for encrypted-keys, zero sensitive any
potentially sensitive data related to the "trusted" key type before it
is freed.  Notably, we were not zeroing the tpm_buf structures in which
the actual key is stored for TPM seal and unseal, nor were we zeroing
the trusted_key_payload in certain error paths.

Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Safford <safford@us.ibm.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-15 15:53:17 +01:00
..
apparmor apparmor: fix undefined reference to `aa_g_hash_policy' 2017-11-15 15:53:15 +01:00
integrity ima: accept previously set IMA_NEW_FILE 2017-05-25 15:44:34 +02:00
keys KEYS: trusted: sanitize all key material 2017-11-15 15:53:17 +01:00
loadpin LSM: LoadPin: provide enablement CONFIG 2016-05-17 20:10:30 +10:00
selinux selinux: fix off-by-one in setprocattr 2017-02-14 15:25:34 -08:00
smack lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-12 11:51:19 +02:00
tomoyo mm: replace get_user_pages_remote() write/force parameters with gup_flags 2016-10-19 08:12:02 -07:00
yama Yama: fix double-spinlock and user access in atomic context 2016-05-26 09:56:18 +10:00
commoncap.c xattr: Add __vfs_{get,set,remove}xattr helpers 2016-10-07 20:10:44 -04:00
device_cgroup.c security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition 2015-09-03 18:13:10 -07:00
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
Kconfig - force check_object_size() to be inline too 2016-09-07 14:03:49 -07:00
lsm_audit.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-10-04 14:48:27 -07:00
Makefile LSM: LoadPin for kernel file loading restrictions 2016-04-21 10:47:27 +10:00
min_addr.c
security.c security, overlayfs: Provide hook to correctly label newly created files 2016-08-08 20:46:46 -04:00