Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <64a5c40d-82b5-06ea-fe03-bd04eb02e2c9@cs.ucla.edu>
Date: Tue, 5 Oct 2021 17:51:57 -0700
From: Paul Eggert <eggert@...ucla.edu>
To: Alan Coopersmith <alan.coopersmith@...cle.com>,
 Konstantin Belousov <kostikbel@...il.com>
Cc: libc-coord@...ts.openwall.com, Keith Packard <keithp@...thp.com>
Subject: Re: freezero() and freezeroall()

On 10/4/21 18:22, Alan Coopersmith wrote:
> C23 seems to be using the convention that alternatives to free() still
> start with the "free_" prefix:

OK, if the "free_" prefix is the naming convention, how about 'free_zap 
(ptr)'? Short and to the point, and easier to read and remember than 
'freezeroall (ptr)'. We could say that "zap" is short for "zero all 
plenary" (or something like that...).

> I believe the goal is to protect against the memory being visible in core files
> and to debuggers, not to a physical RAM dump of some sort.

OK, so it's not full protection but it's better than nothing.

What's the connection (if any) between freezeroall/free_zap/whatever, 
and memfd_secret as introduced Linux 5.14? If I use memfd_secret, I 
needn't bother with the new "free" forms?

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.