Re: getentropy does not explicit_bzero if copyout fails

2018-02-21 Thread Mateusz Guzik
On Wed, Feb 21, 2018 at 10:28 PM, Ted Unangst wrote: > Mateusz Guzik wrote: > > As the subject states. By the time the code gets to copyout, buf is > > already populated. Clearing it only if copyout succeeds looks like a > > braino, thus the following trivial proposal: > >

Re: getentropy does not explicit_bzero if copyout fails

2018-02-21 Thread Ted Unangst
Mateusz Guzik wrote: > As the subject states. By the time the code gets to copyout, buf is > already populated. Clearing it only if copyout succeeds looks like a > braino, thus the following trivial proposal: If the secret random data is not copied out, it will not be used, and there's nothing to

getentropy does not explicit_bzero if copyout fails

2018-02-21 Thread Mateusz Guzik
As the subject states. By the time the code gets to copyout, buf is already populated. Clearing it only if copyout succeeds looks like a braino, thus the following trivial proposal: diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c index e33cb5fd7c0..fa876a950b9 100644 --- a/sys/dev/rnd.c +++