platform/x86: think-lmi: Use kfree_sensitive instead of kfree
authorWang Ming <machel@vivo.com>
Mon, 17 Jul 2023 10:11:02 +0000 (18:11 +0800)
committerHans de Goede <hdegoede@redhat.com>
Tue, 25 Jul 2023 13:30:57 +0000 (15:30 +0200)
key might contain private part of the key, so better use
kfree_sensitive to free it.

Signed-off-by: Wang Ming <machel@vivo.com>
Link: https://lore.kernel.org/r/20230717101114.18966-1-machel@vivo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
drivers/platform/x86/think-lmi.c

index 52d1ce8dfe44a2aa94ea7b3a3344026ee1994125..79346881cadb1291571d4c94cb2f56da93ec4175 100644 (file)
@@ -719,12 +719,12 @@ static ssize_t cert_to_password_store(struct kobject *kobj,
        /* Format: 'Password,Signature' */
        auth_str = kasprintf(GFP_KERNEL, "%s,%s", passwd, setting->signature);
        if (!auth_str) {
-               kfree(passwd);
+               kfree_sensitive(passwd);
                return -ENOMEM;
        }
        ret = tlmi_simple_call(LENOVO_CERT_TO_PASSWORD_GUID, auth_str);
        kfree(auth_str);
-       kfree(passwd);
+       kfree_sensitive(passwd);
 
        return ret ?: count;
 }