summaryrefslogtreecommitdiffstats
path: root/cryptfs_hw.c
diff options
context:
space:
mode:
authorDinesh K Garg <dineshg@codeaurora.org>2016-01-21 12:55:52 -0800
committerZhao Wei Liew <zhaoweiliew@gmail.com>2017-02-12 20:45:48 +0800
commit8d14c48ec1a01c97ae70443a39126939950a28f4 (patch)
treed0f19e1b3ead398a27f96fd780eb741fc6344636 /cryptfs_hw.c
parent3494750761d3d867ea01144ba4c7fb7e4138c55b (diff)
downloadandroid_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.gz
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.tar.bz2
android_vendor_qcom_opensource_cryptfs_hw-8d14c48ec1a01c97ae70443a39126939950a28f4.zip
Cleanup temporarily stored passwords
While verifying or updating passwords, those are copied into temp variables which are freed after use. These variables should be cleaned up before freeing so that passwords are not left in memory if someone dumps the memory. Change-Id: I94f76f679bac18a682c796fe98236549e8f5e1aa
Diffstat (limited to 'cryptfs_hw.c')
-rwxr-xr-xcryptfs_hw.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index a0177fa..e149aec 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -74,6 +74,13 @@ static int (*qseecom_create_key)(int, void*);
static int (*qseecom_update_key)(int, void*, void*);
static int (*qseecom_wipe_key)(int);
+inline void* secure_memset(void* v, int c , size_t n) {
+ volatile unsigned char* p = (volatile unsigned char* )v;
+ while (n--) *p++ = c;
+ return v;
+}
+
+
static int map_usage(int usage)
{
int storage_type = is_ice_enabled();
@@ -189,8 +196,10 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
unsigned char* tmp_currentpasswd = get_tmp_passwd(currentpasswd);
if(tmp_passwd) {
if (operation == UPDATE_HW_DISK_ENC_KEY) {
- if (tmp_currentpasswd)
+ if (tmp_currentpasswd) {
err = qseecom_update_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_currentpasswd, tmp_passwd);
+ secure_memset(tmp_currentpasswd, 0, MAX_PASSWORD_LEN);
+ }
} else if (operation == SET_HW_DISK_ENC_KEY) {
err = qseecom_create_key(map_usage(QSEECOM_DISK_ENCRYPTION), tmp_passwd);
}
@@ -198,6 +207,7 @@ static int set_key(const char* currentpasswd, const char* passwd, const char* en
if(ERR_MAX_PASSWORD_ATTEMPTS == err)
wipe_userdata();
}
+ secure_memset(tmp_passwd, 0, MAX_PASSWORD_LEN);
free(tmp_passwd);
free(tmp_currentpasswd);
}