Hi,
I noted that in libsa, explicit_bzero just calls bzero.
Giving that now we support softraid fulldisk encryption, a compiler
optimisation could make the current version of explicit_bzero in libsa
going nop, leaving encryption keys (or other sensible material) in
memory.
The following patch copy libkern code for explicit_bzero into libsa.
Comments ? OK ?
--
Sebastien Marie
Index: explicit_bzero.c
===================================================================
RCS file: /cvs/src/sys/lib/libsa/explicit_bzero.c,v
retrieving revision 1.1
diff -u -p -r1.1 explicit_bzero.c
--- explicit_bzero.c 9 Oct 2012 12:03:51 -0000 1.1
+++ explicit_bzero.c 18 Sep 2015 10:01:06 -0000
@@ -6,11 +6,19 @@
#include <lib/libsa/stand.h>
+__attribute__((weak)) void __explicit_bzero_hook(void *, size_t);
+
+__attribute__((weak)) void
+__explicit_bzero_hook(void *buf, size_t len)
+{
+}
+
/*
* explicit_bzero - don't let the compiler optimize away bzero
*/
void
explicit_bzero(void *p, size_t n)
{
- bzero(p, n);
+ memset(p, 0, n);
+ __explicit_bzero_hook(p, n);
}
