On 09/08/2016 11:27 AM, Daniel P. Berrange wrote: > The 'out' buffer will hold a key derived from master > password, so it is best practice to clear this buffer > when no longer required. > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > --- > crypto/pbkdf.c | 15 ++++++++++----- > 1 file changed, 10 insertions(+), 5 deletions(-)
Reviewed-by: Eric Blake <ebl...@redhat.com> It still doesn't prevent the memory from being copied elsewhere (such as the stack being paged out), unless we go to extraordinary lengths to explicitly request volatile memory that can't be paged out. I don't know if we need to worry about that, though. Do any of our crypto libraries provide APIs for allocating local-use-only memory for sensitive data? -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
