Re: CVS commit: src/lib/libcrypt

[Joerg Sonnenberger <joerg%britannica.bec.de@localhost>]

On Thu, Dec 01, 2011 at 05:45:25PM +0000, David Laight wrote:
> On Tue, Nov 29, 2011 at 09:23:20PM +0100, Joerg Sonnenberger wrote:
> > On Tue, Nov 29, 2011 at 09:09:38PM +0100, Matthias Drochner wrote:
> > > Anyway, here is a first cut on an "explicit_bzero" function
> > > which doesn't get optimized away. I've put it to src/common
> > > because the same thing makes sense in the kernel too.
> > > Comments?
> > 
> > Just make it an alias on memset. That's good enough. I think calling it
> > something like "secure_memset" or "safe_memset" is better, but opinions
> > might differ.
> 
> I'm not sure that 'secure' or 'safe' are good prefixes for any function name.
> You need to say WHY is is better.

Well, an alternative idea would be crypto_memset and crypto_memcpy.
The former is to avoid DSE, the latter is aimed to have constant run
time for fixed size.

Joerg