Re: dev/rnd.c more explicit_bzero

2016-12-12 Thread Theo de Raadt 
That's information is not a secret.

> Some functions in rnd have a timespec; make sure to zero it
> as already done with other buffers. Also do buf in
> dequeue_randomness().
> 
> - Michael
> 
> 
> Index: src/sys/dev/rnd.c
> ===
> RCS file: /cvs/src/sys/dev/rnd.c,v
> retrieving revision 1.191
> diff -u -p -u -r1.191 rnd.c
> --- src/sys/dev/rnd.c 8 Dec 2016 05:32:49 -   1.191
> +++ src/sys/dev/rnd.c 13 Dec 2016 04:49:24 -
> @@ -312,6 +312,7 @@ enqueue_randomness(u_int state, u_int va
>   timeout_add(_timeout, 1);
>  
>   mtx_leave();
> + explicit_bzero(, sizeof(ts));
>  }
>  
>  /*
> @@ -388,6 +389,7 @@ dequeue_randomness(void *v)
>   mtx_enter();
>   }
>   mtx_leave();
> + explicit_bzero(buf, sizeof(buf));
>  }
>  
>  /*
> @@ -458,6 +460,7 @@ suspend_randomness(void)
>   dequeue_randomness(NULL);
>   rs_count = 0;
>   arc4random_buf(entropy_pool, sizeof(entropy_pool));
> + explicit_bzero(, sizeof(ts));
>  }
>  
>  void
> @@ -473,6 +476,7 @@ resume_randomness(char *buf, size_t bufl
>  
>   dequeue_randomness(NULL);
>   rs_count = 0;
> + explicit_bzero(, sizeof(ts));
>  }
>  
>  static inline void _rs_rekey(u_char *dat, size_t datlen);
> @@ -523,6 +527,7 @@ _rs_stir(int do_lock)
>   mtx_leave();
>  
>   explicit_bzero(buf, sizeof(buf));
> + explicit_bzero(, sizeof(ts));
>  }
>  
>  static inline void
>

dev/rnd.c more explicit_bzero

2016-12-12 Thread Michael W. Bombardieri 
Hi,

Some functions in rnd have a timespec; make sure to zero it
as already done with other buffers. Also do buf in
dequeue_randomness().

- Michael


Index: src/sys/dev/rnd.c
===
RCS file: /cvs/src/sys/dev/rnd.c,v
retrieving revision 1.191
diff -u -p -u -r1.191 rnd.c
--- src/sys/dev/rnd.c   8 Dec 2016 05:32:49 -   1.191
+++ src/sys/dev/rnd.c   13 Dec 2016 04:49:24 -
@@ -312,6 +312,7 @@ enqueue_randomness(u_int state, u_int va
timeout_add(_timeout, 1);
 
mtx_leave();
+   explicit_bzero(, sizeof(ts));
 }
 
 /*
@@ -388,6 +389,7 @@ dequeue_randomness(void *v)
mtx_enter();
}
mtx_leave();
+   explicit_bzero(buf, sizeof(buf));
 }
 
 /*
@@ -458,6 +460,7 @@ suspend_randomness(void)
dequeue_randomness(NULL);
rs_count = 0;
arc4random_buf(entropy_pool, sizeof(entropy_pool));
+   explicit_bzero(, sizeof(ts));
 }
 
 void
@@ -473,6 +476,7 @@ resume_randomness(char *buf, size_t bufl
 
dequeue_randomness(NULL);
rs_count = 0;
+   explicit_bzero(, sizeof(ts));
 }
 
 static inline void _rs_rekey(u_char *dat, size_t datlen);
@@ -523,6 +527,7 @@ _rs_stir(int do_lock)
mtx_leave();
 
explicit_bzero(buf, sizeof(buf));
+   explicit_bzero(, sizeof(ts));
 }
 
 static inline void