summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDinesh K Garg <dineshg@codeaurora.org>2016-01-21 12:55:52 -0800
committerZhao Wei Liew <zhaoweiliew@gmail.com>2017-02-12 20:45:48 +0800
commit8d14c48ec1a01c97ae70443a39126939950a28f4 (patch)
treed0f19e1b3ead398a27f96fd780eb741fc6344636
parent3494750761d3d867ea01144ba4c7fb7e4138c55b (diff)
downloadandroid_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.gz
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.bz2
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.zip
Cleanup temporarily stored passwords
While verifying or updating passwords, those are copied into temp variables which are freed after use. These variables should be cleaned up before freeing so that passwords are not left in memory if someone dumps the memory. Change-Id: I94f76f679bac18a682c796fe98236549e8f5e1aa
-rwxr-xr-xcryptfs_hw.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index a0177fa..e149aec 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -74,6 +74,13 @@ static int (*qseecom_create_key)(int, void*);
static int (*qseecom_update_key)(int, void*, void*);
static int (*qseecom_wipe_key)(int);
+inline void* secure_memset(void* v, int c , size_t n) {
+ volatile unsigned char* p = (volatile unsigned char* )v;
+ while (n--) *p++ = c;
+ return v;
+}
+
+
static int map_usage(int usage)
{
int storage_type = is_ice_enabled();
@@ -189,8 +196,10 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
unsigned char* tmp_currentpasswd = get_tmp_passwd(currentpasswd);
if(tmp_passwd) {
if (operation == UPDATE_HW_DISK_ENC_KEY) {
- if (tmp_currentpasswd)
+ if (tmp_currentpasswd) {
err = qseecom_update_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_currentpasswd, tmp_passwd);
+ secure_memset(tmp_currentpasswd, 0, MAX_PASSWORD_LEN);
+ }
} else if (operation == SET_HW_DISK_ENC_KEY) {
err = qseecom_create_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_passwd);
}
@@ -198,6 +207,7 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
if(ERR_MAX_PASSWORD_ATTEMPTS == err)
wipe_userdata();
}
+ secure_memset(tmp_passwd, 0, MAX_PASSWORD_LEN);
free(tmp_passwd);
free(tmp_currentpasswd);
}