On Tue, Dec 06, 2016 at 05:29:13PM +0800, Gonglei wrote: > Zeroize the memory of CryptoDevBackendSymOpInfo structure pointed > for key material security. > > Signed-off-by: Gonglei <arei.gong...@huawei.com> > --- > hw/virtio/virtio-crypto.c | 13 ++++++++++++- > 1 file changed, 12 insertions(+), 1 deletion(-) > > diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c > index 2f2467e..ecb19b6 100644 > --- a/hw/virtio/virtio-crypto.c > +++ b/hw/virtio/virtio-crypto.c > @@ -337,7 +337,18 @@ static void virtio_crypto_free_request(VirtIOCryptoReq > *req) > { > if (req) { > if (req->flags == CRYPTODEV_BACKEND_ALG_SYM) { > - g_free(req->u.sym_op_info); > + size_t max_len; > + CryptoDevBackendSymOpInfo *op_info = req->u.sym_op_info; > + > + max_len = op_info->iv_len + > + op_info->aad_len + > + op_info->src_len + > + op_info->dst_len + > + op_info->digest_result_len; > + > + /* Zeroize and free request data structure */ > + memset(op_info, 0, sizeof(*op_info) + max_len); > + g_free(op_info);
Write into memory, then free it? This looks rather strange. Why are we doing this? > } > g_free(req); > } > -- > 1.8.3.1 >