This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH RFC] explicit_bzero, again

From: Florian Weimer <fweimer at redhat dot com>
To: Zack Weinberg <zackw at panix dot com>, GNU C Library <libc-alpha at sourceware dot org>
Date: Fri, 21 Aug 2015 08:37:57 +0200
Subject: Re: [PATCH RFC] explicit_bzero, again
Authentication-results: sourceware.org; auth=none
References: <55C7E246 dot 3000006 at panix dot com> <55D0BDA7 dot 40402 at panix dot com>

On 08/16/2015 06:43 PM, Zack Weinberg wrote:
> +@strong{Warning:} The compiler is free to make additional copies of
> +any object, or parts of it, in temporary storage areas (such as
> +registers and ``scratch'' stack space).  @code{explicit_bzero} does
> +not guarantee that temporary copies of sensitive data are destroyed.

Perhaps you should add that explicit_bzero can create the copy which it
is about to overwrite, leaving the original untouched.  A partial
countermeasure could be a barrier with register clobbers for as many
caller-saved registers as possible.

-- 
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: [PATCH RFC] explicit_bzero, again
  - From: Zack Weinberg

References:
- [PATCH RFC] explicit_bzero, again
  - From: Zack Weinberg
- Re: [PATCH RFC] explicit_bzero, again
  - From: Zack Weinberg

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]