[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the mast
From: |
Maxim Levitsky |
Subject: |
Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always |
Date: |
Sun, 25 Aug 2019 18:31:02 +0300 |
On Thu, 2019-08-22 at 13:56 +0300, Maxim Levitsky wrote:
> On Thu, 2019-08-22 at 11:49 +0100, Daniel P. Berrangé wrote:
> > On Tue, Aug 20, 2019 at 08:12:51PM +0200, Max Reitz wrote:
> > > On 14.08.19 22:22, Maxim Levitsky wrote:
> > > > While there are other places where these are still stored in memory,
> > > > this is still one less key material area that can be sniffed with
> > > > various side channel attacks
> > > >
> > > >
> > > >
> > >
> > > (Many empty lines here)
> > >
> > > > Signed-off-by: Maxim Levitsky <address@hidden>
> > > > ---
> > > > crypto/block-luks.c | 52 ++++++++++++++++++++++++++++++++++++++-------
> > > > 1 file changed, 44 insertions(+), 8 deletions(-)
> > >
> > > Wouldn’t it make sense to introduce a dedicated function for this?
> >
> > Yes, it would.
> >
> > In fact I have a series pending which bumps min glib and introduces
> > use of auto-free functions in this code.
> >
> > It would be desirable to have a autp-free func for memset+free
> > so we can just declare the variable
> >
> > q_autowipefree char *password = NULL;
> >
> > and have it result in memset+free
> >
>
> That is perfect.
> When do you think you could post the series so that I could rebase
> on top of it?
I am thinking that I will keep my patch as is, just so that code is
consistent in memsetting the secrets (even though as Nir pointed out,
that these will be probably optimized away anyway).
And then when you send your patch you will just remove all
of these memsets.
Is this all right?
Best regards,
Maxim Levitsky
- Re: [Qemu-block] [Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions, (continued)
Re: [Qemu-block] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions, Daniel P . Berrangé, 2019/08/22
[Qemu-block] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/14
- Re: [Qemu-block] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Max Reitz, 2019/08/20
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/21
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Daniel P . Berrangé, 2019/08/22
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/22
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always,
Maxim Levitsky <=
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/25
- Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Daniel P . Berrangé, 2019/08/27
Re: [Qemu-block] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Nir Soffer, 2019/08/21
[Qemu-block] [PATCH 07/13] block: add manage-encryption command (qmp and blockdev), Maxim Levitsky, 2019/08/14