[Cryptography] Making sure memory erasure is not optimized away

Theodore Ts'o tytso at mit.edu
Sun Aug 28 12:37:07 EDT 2022


On Sat, Aug 27, 2022 at 10:08:56AM +0200, Stephan Mueller wrote:
> 
> See attached. I used this to validate the Linux kernel memory clearing 
> implementatino.

In Linux kernel code, you can just call memzero_explicit(void *s,
size_t count), which is defined in <linux/string.h>.  It uses
barrier_data(s) which is defined in <linux/compiler.h>

(compiler.h and the header file it includes is where compiler
annotations which might be different between gcc and LLVM, and when
it's necessary to work around random compiler bugs.)

Cheers,

					- Ted


More information about the cryptography mailing list