linux/lib
Daniel Borkmann d4c5efdb97 random: add and use memzero_explicit() for clearing data
zatimend has reported that in his environment (3.16/gcc4.8.3/corei7)
memset() calls which clear out sensitive data in extract_{buf,entropy,
entropy_user}() in random driver are being optimized away by gcc.

Add a helper memzero_explicit() (similarly as explicit_bzero() variants)
that can be used in such cases where a variable with sensitive data is
being cleared out in the end. Other use cases might also be in crypto
code. [ I have put this into lib/string.c though, as it's always built-in
and doesn't need any dependencies then. ]

Fixes kernel bugzilla: 82041

Reported-by: zatimend@hotmail.co.uk
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
2014-10-17 11:37:29 -04:00
..
fonts partly revert commit 8a10bc9: parisc/sti_console: prefer Linux fonts over built-in ROM fonts 2014-03-23 16:44:42 +01:00
lz4 lz4: add overrun checks to lz4_uncompress_unknownoutputsize() 2014-07-03 16:12:04 -07:00
lzo lzo: properly check for overruns 2014-06-23 14:12:01 -04:00
mpi
raid6
reed_solomon
xz lib/xz: enable all filters by default in Kconfig 2014-06-04 16:54:18 -07:00
zlib_deflate zlib: clean up some dead code 2014-08-06 18:01:24 -07:00
zlib_inflate zlib: clean up some dead code 2014-08-06 18:01:24 -07:00
.gitignore
argv_split.c
asn1_decoder.c lib/asn1_decoder.c: kernel-doc warning fix 2014-06-04 16:54:19 -07:00
assoc_array.c
atomic64_test.c lib/atomic64_test.c: convert printk(KERN_INFO to pr_info 2014-06-04 16:54:19 -07:00
atomic64.c
audit.c audit: Add generic compat syscall support 2014-03-20 10:11:35 -04:00
average.c
bcd.c
bch.c
bitmap.c lib: bitmap: add missing mask in bitmap_andnot 2014-08-06 18:01:27 -07:00
bitrev.c
bsearch.c
btree.c lib/btree.c: fix leak of whole btree nodes 2014-06-04 16:54:18 -07:00
bug.c lib/bug.c: convert printk to pr_foo() 2014-06-04 16:54:19 -07:00
build_OID_registry
bust_spinlocks.c
check_signature.c
checksum.c
clz_ctz.c lib/clz_ctz.c: add prototype declarations in lib/clz_ctz.c 2014-04-03 16:21:12 -07:00
clz_tab.c
cmdline.c lib/cmdline.c: add size unit t/p/e to memparse 2014-08-06 18:01:25 -07:00
compat_audit.c audit: Add generic compat syscall support 2014-03-20 10:11:35 -04:00
cordic.c
cpu_rmap.c
cpu-notifier-error-inject.c
cpumask.c lib/cpumask: cpumask_set_cpu_local_first to use all cores when numa node is not defined 2014-07-02 18:29:23 -07:00
crc7.c lib/crc7: Shift crc7() output left 1 bit 2014-05-16 14:26:52 -04:00
crc8.c
crc16.c
crc32.c lib: crc32: Add some additional __pure annotations 2014-06-25 16:04:00 -07:00
crc32defs.h
crc-ccitt.c
crc-itu-t.c
crc-t10dif.c
ctype.c
debug_locks.c
debugobjects.c lib/debugobjects.c: convert printk(KERN_DEBUG to pr_debug 2014-06-04 16:53:53 -07:00
dec_and_lock.c
decompress_bunzip2.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress_inflate.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress_unlz4.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress_unlzma.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress_unlzo.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress_unxz.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
decompress.c initramfs: support initramfs that is bigger than 2GiB 2014-08-08 15:57:26 -07:00
devres.c Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-08-05 17:46:42 -07:00
digsig.c lib/digsig.c: kernel-doc warning fixes 2014-06-04 16:54:19 -07:00
div64.c
dma-debug.c dma debug: account for cachelines and read-only mappings in overlap tracking 2014-03-04 07:55:47 -08:00
dump_stack.c asmlinkage: Add explicit __visible to drivers/*, lib/*, kernel/* 2014-05-05 16:07:46 -07:00
dynamic_debug.c net: print net_device reg_state in netdev_* unless it's registered 2014-07-20 20:38:43 -07:00
dynamic_queue_limits.c
earlycpio.c
extable.c
fault-inject.c
fdt_empty_tree.c lib: add fdt_empty_tree.c 2014-04-30 19:49:37 +01:00
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
fdt.c
find_last_bit.c
find_next_bit.c
flex_array.c
flex_proportions.c
gcd.c
gen_crc32table.c
genalloc.c lib/genalloc.c: add check gen_pool_dma_alloc() if dma pointer is not NULL 2014-01-29 16:22:39 -08:00
glob.c lib/glob.c: add CONFIG_GLOB_SELFTEST 2014-08-06 18:01:25 -07:00
halfmd4.c
hash.c
hexdump.c
hweight.c
idr.c lib/idr.c: fix out-of-bounds pointer dereference 2014-08-08 15:57:24 -07:00
inflate.c
int_sqrt.c
interval_tree_test.c lib: Export interval_tree 2014-05-05 09:09:14 +02:00
interval_tree.c lib: Export interval_tree 2014-05-05 09:09:14 +02:00
iomap_copy.c
iomap.c Kconfig: rename HAS_IOPORT to HAS_IOPORT_MAP 2014-04-07 16:36:11 -07:00
iommu-helper.c
ioremap.c
iovec.c iovec: make sure the caller actually wants anything in memcpy_fromiovecend 2014-08-02 15:25:21 -07:00
irq_regs.c
is_single_threaded.c
jedec_ddr_data.c
kasprintf.c
Kconfig lib/scatterlist: make ARCH_HAS_SG_CHAIN an actual Kconfig 2014-08-08 15:57:26 -07:00
Kconfig.debug Merge branch 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2014-08-14 11:12:46 -06:00
Kconfig.kgdb
Kconfig.kmemcheck
kfifo.c kfifo: use BUG_ON 2014-08-08 15:57:25 -07:00
klist.c klist: use same naming scheme as hlist for klist_add_after() 2014-08-06 18:01:24 -07:00
kobject_uevent.c kobject: Make support for uevent_helper optional. 2014-04-25 12:00:49 -07:00
kobject.c sysfs, kobject: add sysfs wrapper for kernfs_enable_ns() 2014-02-07 16:08:57 -08:00
kstrtox.c lib/kstrtox.c: remove redundant cleanup 2014-01-23 16:36:57 -08:00
kstrtox.h
lcm.c
libcrc32c.c lib/libcrc32c.c: use PTR_ERR_OR_ZERO 2014-06-04 16:54:18 -07:00
list_debug.c
list_sort.c lib/list_sort.c: convert to pr_foo 2014-08-06 18:01:25 -07:00
llist.c
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c arch, locking: Ciao arch_mutex_cpu_relax() 2014-07-17 12:32:47 +02:00
lru_cache.c drbd: debugfs: add per volume oldest_requests 2014-07-10 18:35:19 +02:00
Makefile lib: add lib/glob.c 2014-08-06 18:01:24 -07:00
md5.c
memory-notifier-error-inject.c
memweight.c
net_utils.c mac_pton: Use bool not int return 2014-06-25 17:45:43 -07:00
nlattr.c Merge branch 'next' (accumulated 3.16 merge window patches) into master 2014-06-08 11:31:16 -07:00
notifier-error-inject.c
notifier-error-inject.h
of-reconfig-notifier-error-inject.c
oid_registry.c
parser.c
pci_iomap.c
percpu_counter.c lib/percpu_counter.c: fix bad percpu counter state during suspend 2014-04-08 16:48:51 -07:00
percpu_ida.c Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2014-02-14 10:45:18 -08:00
percpu_test.c
percpu-refcount.c percpu-refcount: implement percpu_ref_reinit() and percpu_ref_is_zero() 2014-06-28 08:10:14 -04:00
plist.c lib/plist.c: replace pr_debug with printk in plist_test() 2014-06-04 16:54:18 -07:00
pm-notifier-error-inject.c
prio_heap.c
proportions.c
radix-tree.c lib/radix-tree.c: update the kmemleak stack trace for radix tree allocations 2014-06-06 16:08:17 -07:00
random32.c random32: mix in entropy from core to late initcall 2014-07-30 13:55:27 -07:00
ratelimit.c
rational.c
rbtree_test.c rbtree/test: test rbtree_postorder_for_each_entry_safe() 2014-01-23 16:37:03 -08:00
rbtree.c lib/rbtree.c: fix typo in comment of __rb_insert() 2014-08-08 15:57:24 -07:00
reciprocal_div.c
rhashtable.c rhashtable: unexport and make rht_obj() static 2014-08-14 15:13:39 -07:00
scatterlist.c lib/scatterlist: make ARCH_HAS_SG_CHAIN an actual Kconfig 2014-08-08 15:57:26 -07:00
sha1.c
show_mem.c
smp_processor_id.c percpu: add preemption checks to __this_cpu ops 2014-04-07 16:36:14 -07:00
sort.c
stmp_device.c
string_helpers.c lib/string_helpers.c: constify static arrays 2014-08-06 18:01:25 -07:00
string.c random: add and use memzero_explicit() for clearing data 2014-10-17 11:37:29 -04:00
strncpy_from_user.c
strnlen_user.c
swiotlb.c swiotlb: don't assume PA 0 is invalid 2014-06-20 16:04:32 -04:00
syscall.c lib/syscall.c: unexport task_current_syscall() 2014-04-03 16:21:06 -07:00
test_bpf.c net: filter: split 'struct sk_filter' into socket and bpf parts 2014-08-02 15:03:58 -07:00
test_firmware.c test: add firmware_class loader test 2014-07-17 18:44:19 -07:00
test_module.c test: add minimal module for verification testing 2014-01-23 16:36:57 -08:00
test_user_copy.c test: check copy_to/from_user boundary validation 2014-01-23 16:36:57 -08:00
test-kstrtox.c lib/test-kstrtox.c: use ARRAY_SIZE instead of sizeof/sizeof[0] 2014-08-06 18:01:25 -07:00
test-string_helpers.c
textsearch.c lib/textsearch.c: move EXPORT_SYMBOL after functions 2014-06-04 16:54:19 -07:00
timerqueue.c
ts_bm.c
ts_fsm.c
ts_kmp.c
ucs2_string.c
usercopy.c
uuid.c
vsprintf.c lib/vsprintf.c: fix comparison to bool 2014-06-04 16:54:18 -07:00