Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-06 Thread Herbert Xu
On Tue, Jan 06, 2015 at 08:42:26PM +0100, Giel van Schijndel wrote: > > Question: are you sure the compiler won't optimize the call to memset(0) > way if it's immediately followed by kfree()? Yes it won't be optimised away. However, you could use kzfree. > Another actually does change a stack-a

Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-06 Thread Giel van Schijndel
On Mon, Jan 05, 2015 at 10:36:37 +1100, Herbert Xu wrote: > On Sun, Jan 04, 2015 at 11:49:09PM +0100, Giel van Schijndel wrote: >> >>> sctx does not point to stack memory so this is bogus. >>> >>> Only stack memory cleared just before it goes out of scope needs >>> memzero_explicit. >> >> Is that

Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-04 Thread Herbert Xu
On Sun, Jan 04, 2015 at 11:49:09PM +0100, Giel van Schijndel wrote: > > > sctx does not point to stack memory so this is bogus. > > > > Only stack memory cleared just before it goes out of scope needs > > memzero_explicit. > > Is that because the compiler can't safely optimize memset(0) away for

Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-04 Thread Giel van Schijndel
On Sun, Jan 04, 2015 at 19:05:40 +0100, Giel van Schijndel wrote: > When leaving a function use memzero_explicit instead of memset(0) to > clear locally allocated/owned buffers. memset(0) may be optimized away. > > All of the affected buffers contain sensitive data, key material or > derivatives o

Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-04 Thread Giel van Schijndel
On Mon, Jan 05, 2015 at 08:35:38 +1100, Herbert Xu wrote: > On Sun, Jan 04, 2015 at 07:05:40PM +0100, Giel van Schijndel wrote: >> When leaving a function use memzero_explicit instead of memset(0) to >> clear locally allocated/owned buffers. memset(0) may be optimized away. >> >> All of the affect

Re: [PATCH] Use memzero_explicit to clear local buffers

2015-01-04 Thread Herbert Xu
On Sun, Jan 04, 2015 at 07:05:40PM +0100, Giel van Schijndel wrote: > When leaving a function use memzero_explicit instead of memset(0) to > clear locally allocated/owned buffers. memset(0) may be optimized away. > > All of the affected buffers contain sensitive data, key material or > derivatives

[PATCH] Use memzero_explicit to clear local buffers

2015-01-04 Thread Giel van Schijndel
When leaving a function use memzero_explicit instead of memset(0) to clear locally allocated/owned buffers. memset(0) may be optimized away. All of the affected buffers contain sensitive data, key material or derivatives of one of those two. --- arch/x86/crypto/sha256_ssse3_glue.c | 2 +- drivers