tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

crypto_memset (was: Re: Zero it if you're going to copy it out.)



On 25.06.2012 15:20, Thor Lancelot Simon wrote:
> On Mon, Jun 25, 2012 at 02:16:33PM +0100, Roger Pau Monne wrote:
>>
>> Yes, it doesn't hurt to zero memory if returning it to the user. Who
>> knows what might be there previously.
> 
> I'm sorry, I can't let this go.
> 
> This is not a case of "it doesn't hurt" -- it's a case of "it's absolutely
> necessary".  It is completely unacceptable to leak the contents of kernel
> memory to the user!

BTW, did we get the {crypto,safe,secure}:
_memset: not optimized by compiler away,
_memcmp: constant-time memcmp for a given size

? I can't find anything in the commit logs.

I am sure these will find their place in the kernel, and also in some
places in userland (except for cache manipulation, maybe).

-- 
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost


Home | Main Index | Thread Index | Old Index