Re: [PATCH] random: add and use memzero_explicit() for clearing data

[Daniel Borkmann]

On 12/01/2014 11:27 AM, Dan Carpenter wrote:
> On Mon, Aug 25, 2014 at 10:01:39PM +0200, Daniel Borkmann wrote:
> > zatimend has reported that in his environment (3.16/gcc4.8.3/corei7)
> > memset() calls which clear out sensitive data in extract_{buf,entropy,
> > entropy_user}() in random driver are being optimized away by gcc.
> >
> > Add a helper memzero_explicit() (similarly as explicit_bzero() variants)
> > that can be used in such cases where a variable with sensitive data is
> > being cleared out in the end. Other use cases might also be in crypto
> > code. [ I have put this into lib/string.c though, as it's always built-in
> > and doesn't need any dependencies then. ]
> >
> > Fixes kernel bugzilla: 82041
>
> What???
>
> That's not ok.  We totally rely on memset to work.  Every single memset
> that I have added was absolutely necessary.  This should be fixed
> so that memset works instead of adding a work around for specific
> drivers.

Well, BSD has helpers such as bzero_explicit() for such cases to work
around this, which memzero_explicit() similarly does; see also [1].

  [1] https://gcc.gnu.org/ml/gcc-help/2014-10/msg00059.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/