On 12/06/2016 08:29 PM, Gonglei wrote: > Common practice with sensitive information (key material, passwords, > etc). Prevents sensitive information from being exposed by accident later in > coredumps, memory disclosure bugs when heap memory is reused, etc. > > Sensitive information is sometimes also held in mlocked pages to prevent > it being swapped to disk but that's not being done here.
I also think that pointing to earlier commit ids with similar behavior is a good idea; in other words, call out commit 8813800b. So maybe rework this second paragraph to: Sensitive information is sometimes also held in mlocked pages to prevent it being swapped to disk, but qemu in general is not currently taking that level of precaution (see also commit 8813800b). > > Let's zeroize the memory of CryptoDevBackendSymOpInfo structure pointed > for key material security. > > [v2: Stefan perfects the commit message, thanks] The v2 blurb should appear after the --- line, as it is nice for reviewers but a year from now when reading 'git log' we won't care how many versions were on the list, only about the one version in git. > Signed-off-by: Gonglei <arei.gong...@huawei.com> > Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com> > --- > hw/virtio/virtio-crypto.c | 13 ++++++++++++- > 1 file changed, 12 insertions(+), 1 deletion(-) > The commit message may still need improvement, but the maintainer might be willing to do that without needing a v3. At any rate, Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature