Eric Biggers wrote:
> It's not actually needed because it's impossible for the compiler to optimize
> away the memset(). memzero_explicit() is only needed on stack data.
Okay, also reasonable.
David
Eric Biggers wrote:
> It's not actually needed because it's impossible for the compiler to optimize
> away the memset(). memzero_explicit() is only needed on stack data.
Okay, also reasonable.
David
On Fri, Apr 21, 2017 at 03:31:08PM +0100, David Howells wrote:
> Eric Biggers wrote:
>
> > - memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen);
> > - kfree(key->payload.data[0]);
> > + kzfree(key->payload.data[0]);
>
> Should kzfree() be using
On Fri, Apr 21, 2017 at 03:31:08PM +0100, David Howells wrote:
> Eric Biggers wrote:
>
> > - memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen);
> > - kfree(key->payload.data[0]);
> > + kzfree(key->payload.data[0]);
>
> Should kzfree() be using memzero_explicit()
Eric Biggers wrote:
> - memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen);
> - kfree(key->payload.data[0]);
> + kzfree(key->payload.data[0]);
Should kzfree() be using memzero_explicit() rather than memset()?
David
Eric Biggers wrote:
> - memzero_explicit(epayload->decrypted_data, epayload->decrypted_datalen);
> - kfree(key->payload.data[0]);
> + kzfree(key->payload.data[0]);
Should kzfree() be using memzero_explicit() rather than memset()?
David
From: Eric Biggers
For keys of type "encrypted", consistently zero sensitive key material
before freeing it. This was already being done for the decrypted
payloads of encrypted keys, but not for the master key and the keys
derived from the master key.
Out of an abundance
From: Eric Biggers
For keys of type "encrypted", consistently zero sensitive key material
before freeing it. This was already being done for the decrypted
payloads of encrypted keys, but not for the master key and the keys
derived from the master key.
Out of an abundance of caution and because
8 matches
Mail list logo