diff options
author | Dinesh K Garg <dineshg@codeaurora.org> | 2016-01-21 12:55:52 -0800 |
---|---|---|
committer | Zhao Wei Liew <zhaoweiliew@gmail.com> | 2017-02-12 20:45:48 +0800 |
commit | 8d14c48ec1a01c97ae70443a39126939950a28f4 (patch) | |
tree | d0f19e1b3ead398a27f96fd780eb741fc6344636 | |
parent | 3494750761d3d867ea01144ba4c7fb7e4138c55b (diff) | |
download | android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.gz android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.bz2 android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.zip |
Cleanup temporarily stored passwords
While verifying or updating passwords, those are copied into temp
variables which are freed after use. These variables should be
cleaned up before freeing so that passwords are not left in memory
if someone dumps the memory.
Change-Id: I94f76f679bac18a682c796fe98236549e8f5e1aa
-rwxr-xr-x | cryptfs_hw.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c index a0177fa..e149aec 100755 --- a/cryptfs_hw.c +++ b/cryptfs_hw.c @@ -74,6 +74,13 @@ static int (*qseecom_create_key)(int, void*); static int (*qseecom_update_key)(int, void*, void*); static int (*qseecom_wipe_key)(int); +inline void* secure_memset(void* v, int c , size_t n) { + volatile unsigned char* p = (volatile unsigned char* )v; + while (n--) *p++ = c; + return v; +} + + static int map_usage(int usage) { int storage_type = is_ice_enabled(); @@ -189,8 +196,10 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en unsigned char* tmp_currentpasswd = get_tmp_passwd(currentpasswd); if(tmp_passwd) { if (operation == UPDATE_HW_DISK_ENC_KEY) { - if (tmp_currentpasswd) + if (tmp_currentpasswd) { err = qseecom_update_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_currentpasswd, tmp_passwd); + secure_memset(tmp_currentpasswd, 0, MAX_PASSWORD_LEN); + } } else if (operation == SET_HW_DISK_ENC_KEY) { err = qseecom_create_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_passwd); } @@ -198,6 +207,7 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en if(ERR_MAX_PASSWORD_ATTEMPTS == err) wipe_userdata(); } + secure_memset(tmp_passwd, 0, MAX_PASSWORD_LEN); free(tmp_passwd); free(tmp_currentpasswd); } |