Hello Sascha,
On 01.08.24 07:57, Sascha Hauer wrote:
> barebox sometimes stores sensitive data in memory. Add a
> (k)free_sensitive() function which zeroes out the memory before freeing it.
Could you export a malloc_usable_size() from the allocators and use that to
implement free_sensitive?
> Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
> +void free_sensitive(void *mem)
> +{
> + mchunkptr p;
> + size_t size;
> +
> + if (!mem)
> + return;
> +
> + p = mem2chunk(mem);
> + size = chunksize(p);
> + if (size)
> + memset(mem, size, 0x0);
buffer size is the last argument, so this is a no-op. Please implement a
memzero_explicit operation like Linux does and use it here as that
doesn't risk confusion the last two parameters.
> +void free_sensitive(void *mem)
> +{
> + size_t size;
> +
> + size = tlsf_block_size(mem);
> + if (size)
> + memset(mem, size, 0x0);
Same issue.
Cheers,
Ahmad
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
