summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDinesh K Garg <dineshg@codeaurora.org>2016-01-21 20:55:52 (GMT)
committerZhao Wei Liew <zhaoweiliew@gmail.com>2017-02-12 12:45:48 (GMT)
commit8d14c48ec1a01c97ae70443a39126939950a28f4 (patch)
treed0f19e1b3ead398a27f96fd780eb741fc6344636
parent3494750761d3d867ea01144ba4c7fb7e4138c55b (diff)
downloadandroid_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.zip
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.gz
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.bz2
Cleanup temporarily stored passwords
While verifying or updating passwords, those are copied into temp variables which are freed after use. These variables should be cleaned up before freeing so that passwords are not left in memory if someone dumps the memory. Change-Id: I94f76f679bac18a682c796fe98236549e8f5e1aa
-rwxr-xr-xcryptfs_hw.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index a0177fa..e149aec 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -74,6 +74,13 @@ static int (*qseecom_create_key)(int, void*);
static int (*qseecom_update_key)(int, void*, void*);
static int (*qseecom_wipe_key)(int);
+inline void* secure_memset(void* v, int c , size_t n) {
+ volatile unsigned char* p = (volatile unsigned char* )v;
+ while (n--) *p++ = c;
+ return v;
+}
+
+
static int map_usage(int usage)
{
int storage_type = is_ice_enabled();
@@ -189,8 +196,10 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
unsigned char* tmp_currentpasswd = get_tmp_passwd(currentpasswd);
if(tmp_passwd) {
if (operation == UPDATE_HW_DISK_ENC_KEY) {
- if (tmp_currentpasswd)
+ if (tmp_currentpasswd) {
err = qseecom_update_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_currentpasswd, tmp_passwd);
+ secure_memset(tmp_currentpasswd, 0, MAX_PASSWORD_LEN);
+ }
} else if (operation == SET_HW_DISK_ENC_KEY) {
err = qseecom_create_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_passwd);
}
@@ -198,6 +207,7 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
if(ERR_MAX_PASSWORD_ATTEMPTS == err)
wipe_userdata();
}
+ secure_memset(tmp_passwd, 0, MAX_PASSWORD_LEN);
free(tmp_passwd);
free(tmp_currentpasswd);
}