Re: dev/rnd.c more explicit_bzero
That's information is not a secret. > Some functions in rnd have a timespec; make sure to zero it > as already done with other buffers. Also do buf in > dequeue_randomness(). > > - Michael > > > Index: src/sys/dev/rnd.c > === > RCS file: /cvs/src/sys/dev/rnd.c,v > retrieving revision 1.191 > diff -u -p -u -r1.191 rnd.c > --- src/sys/dev/rnd.c 8 Dec 2016 05:32:49 - 1.191 > +++ src/sys/dev/rnd.c 13 Dec 2016 04:49:24 - > @@ -312,6 +312,7 @@ enqueue_randomness(u_int state, u_int va > timeout_add(&rnd_timeout, 1); > > mtx_leave(&entropylock); > + explicit_bzero(&ts, sizeof(ts)); > } > > /* > @@ -388,6 +389,7 @@ dequeue_randomness(void *v) > mtx_enter(&entropylock); > } > mtx_leave(&entropylock); > + explicit_bzero(buf, sizeof(buf)); > } > > /* > @@ -458,6 +460,7 @@ suspend_randomness(void) > dequeue_randomness(NULL); > rs_count = 0; > arc4random_buf(entropy_pool, sizeof(entropy_pool)); > + explicit_bzero(&ts, sizeof(ts)); > } > > void > @@ -473,6 +476,7 @@ resume_randomness(char *buf, size_t bufl > > dequeue_randomness(NULL); > rs_count = 0; > + explicit_bzero(&ts, sizeof(ts)); > } > > static inline void _rs_rekey(u_char *dat, size_t datlen); > @@ -523,6 +527,7 @@ _rs_stir(int do_lock) > mtx_leave(&rndlock); > > explicit_bzero(buf, sizeof(buf)); > + explicit_bzero(&ts, sizeof(ts)); > } > > static inline void >
dev/rnd.c more explicit_bzero
Hi, Some functions in rnd have a timespec; make sure to zero it as already done with other buffers. Also do buf in dequeue_randomness(). - Michael Index: src/sys/dev/rnd.c === RCS file: /cvs/src/sys/dev/rnd.c,v retrieving revision 1.191 diff -u -p -u -r1.191 rnd.c --- src/sys/dev/rnd.c 8 Dec 2016 05:32:49 - 1.191 +++ src/sys/dev/rnd.c 13 Dec 2016 04:49:24 - @@ -312,6 +312,7 @@ enqueue_randomness(u_int state, u_int va timeout_add(&rnd_timeout, 1); mtx_leave(&entropylock); + explicit_bzero(&ts, sizeof(ts)); } /* @@ -388,6 +389,7 @@ dequeue_randomness(void *v) mtx_enter(&entropylock); } mtx_leave(&entropylock); + explicit_bzero(buf, sizeof(buf)); } /* @@ -458,6 +460,7 @@ suspend_randomness(void) dequeue_randomness(NULL); rs_count = 0; arc4random_buf(entropy_pool, sizeof(entropy_pool)); + explicit_bzero(&ts, sizeof(ts)); } void @@ -473,6 +476,7 @@ resume_randomness(char *buf, size_t bufl dequeue_randomness(NULL); rs_count = 0; + explicit_bzero(&ts, sizeof(ts)); } static inline void _rs_rekey(u_char *dat, size_t datlen); @@ -523,6 +527,7 @@ _rs_stir(int do_lock) mtx_leave(&rndlock); explicit_bzero(buf, sizeof(buf)); + explicit_bzero(&ts, sizeof(ts)); } static inline void