Am Montag, 7. Oktober 2019, 10:55:01 CEST schrieb Hans de Goede: Hi Hans, > The purgatory code now uses the shared lib/crypto/sha256.c sha256 > implementation. This needs memzero_explicit, implement this. > > Reported-by: Arvind Sankar <nivedita@xxxxxxxxxxxx> > Fixes: 906a4bb97f5d ("crypto: sha256 - Use get/put_unaligned_be32 to get > input, memzero_explicit") Signed-off-by: Hans de Goede > <hdegoede@xxxxxxxxxx> > --- > arch/x86/boot/compressed/string.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/arch/x86/boot/compressed/string.c > b/arch/x86/boot/compressed/string.c index 81fc1eaa3229..511332e279fe 100644 > --- a/arch/x86/boot/compressed/string.c > +++ b/arch/x86/boot/compressed/string.c > @@ -50,6 +50,11 @@ void *memset(void *s, int c, size_t n) > return s; > } > > +void memzero_explicit(void *s, size_t count) > +{ > + memset(s, 0, count); May I ask how it is guaranteed that this memset is not optimized out by the compiler, e.g. for stack variables? > +} > + > void *memmove(void *dest, const void *src, size_t n) > { > unsigned char *d = dest; Ciao Stephan