Commit 8d1c1904 authored Nov 13, 2022 by Sagi Grimberg Committed by Christoph Hellwig Nov 16, 2022

nvme-auth: clear sensitive info right after authentication completes



We don't want to keep authentication sensitive info in memory for unlimited
amount of time.

Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Chaitanya Kulkarni <kch@nvidia.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>

parent e481fc0a

drivers/nvme/host/auth.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -912,6 +912,8 @@ int nvme_auth_wait(struct nvme_ctrl *ctrl, int qid)
		mutex_unlock(&ctrl->dhchap_auth_mutex);
		flush_work(&chap->auth_work);
		ret = chap->error;
		/* clear sensitive info */
		nvme_auth_reset_dhchap(chap);
		return ret;
		}
		mutex_unlock(&ctrl->dhchap_auth_mutex);