Bug 201376 - explicit_bzero authinfo in sctp
Summary: explicit_bzero authinfo in sctp
Status: Closed Not A Bug
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.1-STABLE
Hardware: Any Any
: --- Affects Only Me
Assignee: Michael Tuexen
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-07-06 15:33 UTC by logan
Modified: 2015-07-13 11:59 UTC (History)
2 users (show)

See Also:

Attachments
bzero->explicit_bzero (392 bytes, text/plain)
2015-07-06 15:33 UTC, logan 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description logan 2015-07-06 15:33:26 UTC 
Created attachment 158422 [details]
bzero->explicit_bzero

Rather than simply bzero() sensitive stuff, go further and use explicit_bzero() for local variables that may be optmized away.
Comment 1 Christian Brueffer freebsd_committer freebsd_triage 2015-07-13 11:27:21 UTC 
Michael, since this is SCTP-related, could you have a look?
Comment 2 Michael Tuexen freebsd_committer freebsd_triage 2015-07-13 11:59:44 UTC 
(In reply to Christian Brueffer from comment #1)
I'll close it for two reasons:
1. The function which is patched (sctp_alloc_authinfo()) is never called.
2. The usage of explicit_bzero() should be used to erase memory which you
   don't need anymore. So you make sure that the compiler doesn't optimize
   it away. However, the proposed patch would affect the structure before
   it is used. So the compiler should not optimize it and bzero() would
   be the right call.

I already explained this to the reporter in a private mail exchange.