Due to optimization A call to memset() may be removed as a dead store when
the buffer is not used after its value is overwritten. The new function
secure_bzero() ensures a section of memory is padded with zeroes.
>From the GCC manual, section 5.37:
If your assembler instructions access memory in a
> Every byte in the [p,p+n[ range must be used. If you only use the
> first byte, via e.g. asm("" :: "m"(*(char*)p)), then the compiler
> _will_ skip scrubbing bytes beyond the first. This works with
> gcc-3.2.3 up to gcc-4.4.3.
You forgot to credit Mikael who did all the hard work figuring
this o
Andi Kleen wrote:
Every byte in the [p,p+n[ range must be used. If you only use the
first byte, via e.g. asm("" :: "m"(*(char*)p)), then the compiler
_will_ skip scrubbing bytes beyond the first. This works with
gcc-3.2.3 up to gcc-4.4.3.
You forgot to credit Mikael who did all the hard work fi
On Sat, 27 Feb 2010 21:47:42 +0100
Roel Kluin wrote:
> +void secure_bzero(void *p, size_t n)
> +{
> + memset(p, 0, n);
> + ARRAY_PREVENT_DSE(p, n);
> +}
> +EXPORT_SYMBOL(secure_bzero);
please don't introduce bzero again to the kernel;
make it secure_memset() please.
--
Arjan van de V
Arjan van de Ven writes:
> On Sat, 27 Feb 2010 21:47:42 +0100
> Roel Kluin wrote:
> > +void secure_bzero(void *p, size_t n)
> > +{
> > + memset(p, 0, n);
> > + ARRAY_PREVENT_DSE(p, n);
> > +}
> > +EXPORT_SYMBOL(secure_bzero);
>
>
> please don't introduce bzero again to the kernel;
On Mon, Mar 1, 2010 at 11:32 AM, Mikael Pettersson wrote:
> Arjan van de Ven writes:
> > On Sat, 27 Feb 2010 21:47:42 +0100
> > Roel Kluin wrote:
> > > +void secure_bzero(void *p, size_t n)
> > > +{
> > > + memset(p, 0, n);
> > > + ARRAY_PREVENT_DSE(p, n);
> > > +}
> > > +EXPORT_SYMBOL(
On Sun, Feb 28, 2010 at 09:15:11PM -0800, Arjan van de Ven wrote:
> On Sat, 27 Feb 2010 21:47:42 +0100
> Roel Kluin wrote:
> > +void secure_bzero(void *p, size_t n)
> > +{
> > + memset(p, 0, n);
> > + ARRAY_PREVENT_DSE(p, n);
> > +}
> > +EXPORT_SYMBOL(secure_bzero);
>
>
> please don't introd
