tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
crypto_memset (was: Re: Zero it if you're going to copy it out.)
On 25.06.2012 15:20, Thor Lancelot Simon wrote:
> On Mon, Jun 25, 2012 at 02:16:33PM +0100, Roger Pau Monne wrote:
>>
>> Yes, it doesn't hurt to zero memory if returning it to the user. Who
>> knows what might be there previously.
>
> I'm sorry, I can't let this go.
>
> This is not a case of "it doesn't hurt" -- it's a case of "it's absolutely
> necessary". It is completely unacceptable to leak the contents of kernel
> memory to the user!
BTW, did we get the {crypto,safe,secure}:
_memset: not optimized by compiler away,
_memcmp: constant-time memcmp for a given size
? I can't find anything in the commit logs.
I am sure these will find their place in the kernel, and also in some
places in userland (except for cache manipulation, maybe).
--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost
Home |
Main Index |
Thread Index |
Old Index