[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key mater
From: |
Max Reitz |
Subject: |
Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free |
Date: |
Wed, 7 Dec 2016 16:49:01 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.0 |
On 07.12.2016 03:29, Gonglei wrote:
> Common practice with sensitive information (key material, passwords,
> etc). Prevents sensitive information from being exposed by accident later in
> coredumps, memory disclosure bugs when heap memory is reused, etc.
>
> Sensitive information is sometimes also held in mlocked pages to prevent
> it being swapped to disk but that's not being done here.
>
> Let's zeroize the memory of CryptoDevBackendSymOpInfo structure pointed
> for key material security.
>
> [v2: Stefan perfects the commit message, thanks]
> Signed-off-by: Gonglei <address@hidden>
> Reviewed-by: Stefan Hajnoczi <address@hidden>
> ---
> hw/virtio/virtio-crypto.c | 13 ++++++++++++-
> 1 file changed, 12 insertions(+), 1 deletion(-)
As far as I'm aware, other projects usually have a special memset
variation for doing this. That is because compilers may choose to
"optimize" memset(p, ...) + free(p) to just the free(p). Having a
special zeroizing function that the compiler cannot drop would prevent
this. (By the way, C11 provides this functionality with memset_s().)
We are not using free() but g_free(), so the danger of a compiler
detecting the pattern and "optimizing" it is probably much lower, but
still, the possibility exists.
Max
signature.asc
Description: OpenPGP digital signature
Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free,
Max Reitz <=
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/07
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Eric Blake, 2016/12/08
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/08
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/08
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/09
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/09
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/10