cfg80211: clear connect keys when freeing them

When freeing the connect keys, clear the memory to avoid
having the key material stick around in memory "forever".

Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
index 8f345da..e24fc58 100644 (file)
--- a/net/wireless/ibss.c
+++ b/net/wireless/ibss.c
@@ -115,7 +115,7 @@ static int __cfg80211_join_ibss(struct cfg80211_registered_device *rdev,
        }
 
        if (WARN_ON(wdev->connect_keys))
-               kfree(wdev->connect_keys);
+               kzfree(wdev->connect_keys);
        wdev->connect_keys = connkeys;
 
        wdev->ibss_fixed = params->channel_fixed;
@@ -161,7 +161,7 @@ static void __cfg80211_clear_ibss(struct net_device *dev, bool nowext)
 
        ASSERT_WDEV_LOCK(wdev);
 
-       kfree(wdev->connect_keys);
+       kzfree(wdev->connect_keys);
        wdev->connect_keys = NULL;
 
        rdev_set_qos_map(rdev, dev, NULL);

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index cf178d2..e388a9f 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -6866,7 +6866,7 @@ static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
 
        err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
        if (err)
-               kfree(connkeys);
+               kzfree(connkeys);
        return err;
 }
 
@@ -7235,7 +7235,7 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
 
        if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
                if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
-                       kfree(connkeys);
+                       kzfree(connkeys);
                        return -EINVAL;
                }
                memcpy(&connect.ht_capa,
@@ -7253,7 +7253,7 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
 
        if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
                if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
-                       kfree(connkeys);
+                       kzfree(connkeys);
                        return -EINVAL;
                }
                memcpy(&connect.vht_capa,
@@ -7273,7 +7273,7 @@ static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
        err = cfg80211_connect(rdev, dev, &connect, connkeys, NULL);
        wdev_unlock(dev->ieee80211_ptr);
        if (err)
-               kfree(connkeys);
+               kzfree(connkeys);
        return err;
 }
 

diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 8bbeeb3..dc1668f 100644 (file)
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -641,7 +641,7 @@ void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid,
        }
 
        if (status != WLAN_STATUS_SUCCESS) {
-               kfree(wdev->connect_keys);
+               kzfree(wdev->connect_keys);
                wdev->connect_keys = NULL;
                wdev->ssid_len = 0;
                if (bss) {
@@ -918,7 +918,7 @@ int cfg80211_connect(struct cfg80211_registered_device *rdev,
        ASSERT_WDEV_LOCK(wdev);
 
        if (WARN_ON(wdev->connect_keys)) {
-               kfree(wdev->connect_keys);
+               kzfree(wdev->connect_keys);
                wdev->connect_keys = NULL;
        }
 
@@ -978,7 +978,7 @@ int cfg80211_disconnect(struct cfg80211_registered_device *rdev,
 
        ASSERT_WDEV_LOCK(wdev);
 
-       kfree(wdev->connect_keys);
+       kzfree(wdev->connect_keys);
        wdev->connect_keys = NULL;
 
        if (wdev->conn)

diff --git a/net/wireless/util.c b/net/wireless/util.c
index a8b2816..5e233a5 100644 (file)
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -797,7 +797,7 @@ void cfg80211_upload_connect_keys(struct wireless_dev *wdev)
                                netdev_err(dev, "failed to set mgtdef %d\n", i);
        }
 
-       kfree(wdev->connect_keys);
+       kzfree(wdev->connect_keys);
        wdev->connect_keys = NULL;
 }
 

diff --git a/net/wireless/wext-sme.c b/net/wireless/wext-sme.c
index c7e5c8e..368611c 100644 (file)
--- a/net/wireless/wext-sme.c
+++ b/net/wireless/wext-sme.c
@@ -57,7 +57,7 @@ int cfg80211_mgd_wext_connect(struct cfg80211_registered_device *rdev,
        err = cfg80211_connect(rdev, wdev->netdev,
                               &wdev->wext.connect, ck, prev_bssid);
        if (err)
-               kfree(ck);
+               kzfree(ck);
 
        return err;
 }