[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and pas
|
From: |
Maxim Levitsky |
|
Subject: |
Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always |
|
Date: |
Sun, 25 Aug 2019 20:15:52 +0300 |
On Sun, 2019-08-25 at 18:31 +0300, Maxim Levitsky wrote:
> On Thu, 2019-08-22 at 13:56 +0300, Maxim Levitsky wrote:
> > On Thu, 2019-08-22 at 11:49 +0100, Daniel P. Berrangé wrote:
> > > On Tue, Aug 20, 2019 at 08:12:51PM +0200, Max Reitz wrote:
> > > > On 14.08.19 22:22, Maxim Levitsky wrote:
> > > > > While there are other places where these are still stored in memory,
> > > > > this is still one less key material area that can be sniffed with
> > > > > various side channel attacks
> > > > >
> > > > >
> > > > >
> > > >
> > > > (Many empty lines here)
> > > >
> > > > > Signed-off-by: Maxim Levitsky <address@hidden>
> > > > > ---
> > > > > crypto/block-luks.c | 52
> > > > > ++++++++++++++++++++++++++++++++++++++-------
> > > > > 1 file changed, 44 insertions(+), 8 deletions(-)
> > > >
> > > > Wouldn’t it make sense to introduce a dedicated function for this?
> > >
> > > Yes, it would.
> > >
> > > In fact I have a series pending which bumps min glib and introduces
> > > use of auto-free functions in this code.
> > >
> > > It would be desirable to have a autp-free func for memset+free
> > > so we can just declare the variable
> > >
> > > q_autowipefree char *password = NULL;
> > >
> > > and have it result in memset+free
> > >
> >
> > That is perfect.
> > When do you think you could post the series so that I could rebase
> > on top of it?
>
>
> I am thinking that I will keep my patch as is, just so that code is
> consistent in memsetting the secrets (even though as Nir pointed out,
> that these will be probably optimized away anyway).
> And then when you send your patch you will just remove all
> of these memsets.
>
> Is this all right?
I see that your series actually already got merged.
Can I now implement the 'q_autowipefree', or do I need another glib version bump
for that?
Best regards,
Maxim Levitsky
>
> Best regards,
> Maxim Levitsky
- Re: [Qemu-devel] [PATCH 02/13] qcrypto-luks: misc refactoring, (continued)
- [Qemu-devel] [PATCH 04/13] qcrypto-luks: refactoring: simplify the math used for keyslot locations, Maxim Levitsky, 2019/08/14
- [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/14
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Max Reitz, 2019/08/20
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/21
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Daniel P . Berrangé, 2019/08/22
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/22
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Maxim Levitsky, 2019/08/25
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always,
Maxim Levitsky <=
- Re: [Qemu-devel] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Daniel P . Berrangé, 2019/08/27
Re: [Qemu-devel] [Qemu-block] [PATCH 05/13] qcrypto-luks: clear the masterkey and password before freeing them always, Nir Soffer, 2019/08/21
[Qemu-devel] [PATCH 07/13] block: add manage-encryption command (qmp and blockdev), Maxim Levitsky, 2019/08/14