[linux-cifs] Re: [PATCH] Use memzero_explicit to clear local buffers


  • Previous message:
  • Re: [linux-cifs-client] [PATCH] cifs: hard mount option behaviour implementation
  • Next message:
  • Re: [PATCH] Use memzero_explicit to clear local buffers
  • Subject:
  • Re: [PATCH] Use memzero_explicit to clear local buffers
  • From:
  • Giel van Schijndel <me <at> mortis.eu>
  • To:
  • Herbert Xu <herbert <at> gondor.apana.org.au>
  • Cc:
  • linux-kernel <at> vger.kernel.org, "David S. Miller" <davem <at> davemloft.net>, Thomas Gleixner <tglx <at> linutronix.de>, Ingo Molnar <mingo <at> redhat.com>, "H. Peter Anvin" <hpa <at> zytor.com>, "maintainer:X86 ARCHITECTURE..." <x86 <at> kernel.org>, Greg Kroah-Hartman <gregkh <at> linuxfoundation.org>, Steve French <sfrench <at> samba.org>, Rahul Bedarkar <rahulbedarkar89 <at> gmail.com>, Thomas Pugliese <thomas.pugliese <at> gmail.com>, Randy Dunlap <rdunlap <at> infradead.org>, Julia Lawall <Julia.Lawall <at> lip6.fr>, "open list:CRYPTO API" <linux-crypto <at> vger.kernel.org>, "open list:CERTIFIED WIRELES..." <linux-usb <at> vger.kernel.org>, "open list:COMMON INTERNET F..." <linux-cifs <at> vger.kernel.org>, "moderated list:COMMON INTERNET F..." <samba-technical <at> lists.samba.org>, Daniel Borkmann <dborkman <at> redhat.com>
  • Date:
  • 2015-01-06 19:42:26
On Mon, Jan 05, 2015 at 10:36:37 +1100, Herbert Xu wrote:
> On Sun, Jan 04, 2015 at 11:49:09PM +0100, Giel van Schijndel wrote:
>>
>>> sctx does not point to stack memory so this is bogus.
>>> 
>>> Only stack memory cleared just before it goes out of scope needs
>>> memzero_explicit.
>> 
>> Is that because the compiler can't safely optimize memset(0) away for a
>> variable with greater-than-local scope?
> 
> Exactly.  memzero_explicit is not a marker for sensitive data.
> Its only purpose is to prevent the compiler from optimising away
> zeroing that occurs at the end of a scope.

Question: are you sure the compiler won't optimize the call to memset(0)
way if it's immediately followed by kfree()?

Because one of my changes concerns that situation.

Another actually does change a stack-allocated buffer, I'll split that
one off right away.

-- 
Met vriendelijke groet,
With kind regards,
Giel van Schijndel
--
"When all you have is a hammer, everything starts to look like a nail."
  -- Abraham Maslow

This message from: http://www.mailbrowse.com/linux-cifs/10394.html
Previous message: Re: [linux-cifs-client] [PATCH] cifs: hard mount option behaviour implementation
Next message:Re: [PATCH] Use memzero_explicit to clear local buffers