[Cryptography] WIPEONFORK in Linux 4.14
Nico Williams
nico at cryptonector.com
Mon Nov 27 12:58:28 EST 2017
On Sun, Nov 26, 2017 at 11:16:00AM +0000, Peter Gutmann wrote:
> Colm MacCárthaigh <colm at allcosts.net> writes:
>
> >For crypto libraries this is particularly useful:
>
> It's actually not that useful unless you rewrite your code's memory handling
> just so you can use it. [...]
C libraries should provide a secure_malloc() (and calloc and realloc)
whose allocation can be freed with free(), and which means "don't write
to unencrypted swap" and "don't allow underprivileged debuggers to see
this". A "wipe on fork()" variant, or a flags argument by which to
specify desired (critical!) allocation options would be nice.
pthread_atfork() suffices for fork-safety for userland PRNGs, though an
mmap() wipe-on-fork option does seem more likely to be more robust.
Nico
--
More information about the cryptography
mailing list