Hi Josh We’ve been working to securely zero secrets from memory when they’re no longer required, and I see this bug as being in the same class.
To really have confidence the value is erased from NVRAM is probably going to be platform specific because wear levelling on flash filesystems can create multiple copies of data (e.g., https://en.wikipedia.org/wiki/F2FS). The fix for ASACORE-2618 is probably create a secure delete function that makes a best effort but that can be easily replaced by device manufacturers. Greg From: [email protected] [mailto:[email protected]] On Behalf Of Josh Spain Sent: Thursday, February 25, 2016 1:17 PM To: [email protected] Subject: [Allseen-core] AJ_NVRAM_SecureDelete Issue ASACORE-2618<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fjira.allseenalliance.org%2fbrowse%2fASACORE-2618&data=01%7c01%7cgregz%40microsoft.com%7ced024d93aaad4f27e6a608d33e290e05%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=PSAcWQdafcy8rmufhpePk9CrkpVHAmPE2JkFc5cvojE%3d> discusses the fact that AJ_NVRAM_Delete does not clear the memory, making sensitive data vulnerable to access after deletion. I believe adding an AJ_NVRAM_SecureDelete function would satisfy the requirements without adding undue writes to NVRAM every single time delete is called. There are specific places in the TCL code where we would make the Secure call, but we could leave everything else using the original one, which does nothing but mark the NVRAM element id as invalid (much more optimal). Does anyone have any thoughts on this? -Josh [http://i61.tinypic.com/5luc5u.png] Josh Spain, Director of Engineering, Affinegy 1705 S. Capital of Texas Hwy, Ste. 310, Austin, TX, 78746 512.535.1700 [email protected]<mailto:[email protected]> http://affinegy.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2faffinegy.com%2f&data=01%7c01%7cgregz%40microsoft.com%7ced024d93aaad4f27e6a608d33e290e05%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vKSHo23hNGK5OFnREh5705UdybHoHVOOk2kdsbySc%2bI%3d>
_______________________________________________ Allseen-core mailing list [email protected] https://lists.allseenalliance.org/mailman/listinfo/allseen-core
