On 11/11/2014 05:16 AM, Stephan Mueller wrote:
...
That is a good idea.
Herbert: I can prepare a patch that uses memzero_explicit. However, your
current tree does not yet implement that function as it was added to Linus'
tree after you pulled from it.
Yep, Ted took it [1] on top of the random
On Tue, Nov 11, 2014 at 05:16:54AM +0100, Stephan Mueller wrote:
>
> Shall I now still use memset(0) or prepare a patch that does not yet compile
> by using memzero_explicit?
Just send the patch with the memzer_explicit and I'll make sure
that I pull the requisite changes in before I apply your
Am Montag, 10. November 2014, 21:55:43 schrieb Sandy Harris:
Hi Sandy, Herbert,
> On Sun, Nov 9, 2014 at 5:33 PM, Stephan Mueller wrote:
> > while working on the AF_ALG interface, I saw no active zeroizations of
> > memory that may hold sensitive data that is maintained outside the kernel
> > cr
On Sun, Nov 9, 2014 at 5:33 PM, Stephan Mueller wrote:
> while working on the AF_ALG interface, I saw no active zeroizations of memory
> that may hold sensitive data that is maintained outside the kernel crypto API
> cipher handles. ...
> I think I found the location for the first one: hash_sock
On Tue, Nov 11, 2014 at 03:06:32AM +0100, Stephan Mueller wrote:
> Am Montag, 10. November 2014, 22:05:18 schrieb Herbert Xu:
>
> Hi Herbert,
>
> > On Sun, Nov 09, 2014 at 11:33:52PM +0100, Stephan Mueller wrote:
> > > while working on the AF_ALG interface, I saw no active zeroizations of
> > > m
Am Montag, 10. November 2014, 22:05:18 schrieb Herbert Xu:
Hi Herbert,
> On Sun, Nov 09, 2014 at 11:33:52PM +0100, Stephan Mueller wrote:
> > while working on the AF_ALG interface, I saw no active zeroizations of
> > memory that may hold sensitive data that is maintained outside the kernel
> > cr
On Sun, Nov 09, 2014 at 11:33:52PM +0100, Stephan Mueller wrote:
>
> while working on the AF_ALG interface, I saw no active zeroizations of memory
> that may hold sensitive data that is maintained outside the kernel crypto API
> cipher handles. I think the following memory segments fall under th
Hi Herbert,
while working on the AF_ALG interface, I saw no active zeroizations of memory
that may hold sensitive data that is maintained outside the kernel crypto API
cipher handles. I think the following memory segments fall under that
category:
* message digest
* IV