Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key mater

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key mater

From:	Eric Blake
Subject:	Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free
Date:	Thu, 8 Dec 2016 09:23:01 -0600
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1

On 12/07/2016 08:28 PM, Gonglei (Arei) wrote:

>> As far as I'm aware, other projects usually have a special memset
>> variation for doing this. That is because compilers may choose to
>> "optimize" memset(p, ...) + free(p) to just the free(p). Having a
> 
> Actually, I googled this, but I didn't find a definite answer. And
> 
> The Linux kernel uses kzfree instead of memset + kfree (mm/slab_common.c).

If we're worried about cleaning things without allowing the compiler a
chance to optimize, then writing our own qemu_zfree() wrapper may indeed
make sense.  But that won't cover the case in Daniel's earlier patch
(referenced elsewhere in this thread), as that was zeroizing stack
memory (before it went out of scope) rather than heap memory (before
free).  So you'd still need some sort of 'write this memory no matter
what' primitive that would be directly usable on stack memory and
indirectly used as part of the qemu_zfree() wrapper.

But I wouldn't worry about it for now, unless someone proves we actually
have a compiler optimizing away the cleanups.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei, 2016/12/06
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Eric Blake, 2016/12/07
  - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/07
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Eric Blake, 2016/12/08
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Michael S. Tsirkin, 2016/12/10
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/11
- Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/07
  - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/07
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Eric Blake <=
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/08
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/08
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/09
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Gonglei (Arei), 2016/12/09
    - Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free, Max Reitz, 2016/12/10

Prev by Date: Re: [Qemu-devel] [PATCH v3 0/3] Add HAX support
Next by Date: Re: [Qemu-devel] [PATCH v3 0/3] Add HAX support
Previous by thread: Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free
Next by thread: Re: [Qemu-devel] [PATCH for-2.9 v2] virtio-crypto: zeroize the key material before free
Index(es):
- Date
- Thread