diff options
author | Sagi Grimberg <sagi@grimberg.me> | 2022-11-13 12:24:15 +0100 |
---|---|---|
committer | Christoph Hellwig <hch@lst.de> | 2022-11-16 08:36:35 +0100 |
commit | 8d1c1904e94757b78c28fbbef9285e4101d86ee9 (patch) | |
tree | d869264dd728efdaf2052eaceeca53b8c5086508 /drivers | |
parent | nvme-auth: guarantee dhchap buffers under memory pressure (diff) | |
download | linux-8d1c1904e94757b78c28fbbef9285e4101d86ee9.tar.xz linux-8d1c1904e94757b78c28fbbef9285e4101d86ee9.zip |
nvme-auth: clear sensitive info right after authentication completes
We don't want to keep authentication sensitive info in memory for unlimited
amount of time.
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/nvme/host/auth.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c index 1b44676b6155..04cf183d9519 100644 --- a/drivers/nvme/host/auth.c +++ b/drivers/nvme/host/auth.c @@ -912,6 +912,8 @@ int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid) mutex_unlock(&ctrl->dhchap_auth_mutex); flush_work(&chap->auth_work); ret = chap->error; + /* clear sensitive info */ + nvme_auth_reset_dhchap(chap); return ret; } mutex_unlock(&ctrl->dhchap_auth_mutex); |