SYS/ESYS/FAPI: wipe sensitive data using secure_mem_zero#3072
Draft
JuergenReppSIT wants to merge 1 commit intotpm2-software:masterfrom
Draft
SYS/ESYS/FAPI: wipe sensitive data using secure_mem_zero#3072JuergenReppSIT wants to merge 1 commit intotpm2-software:masterfrom
JuergenReppSIT wants to merge 1 commit intotpm2-software:masterfrom
Conversation
JuergenReppSIT
force-pushed
the
explicit-mem-zero
branch
2 times, most recently
from
63646bf to
d5dcb82
Compare
Update functions handling sensitive data to use secure_mem_zero instead of regular memory clearing. This ensures that buffers containing secrets are reliably overwritten and not subject to compiler optimizations. For strings the function secure_char_zero is used. Addresses: tpm2-software#2994 Signed-off-by: Juergen Repp <juergen_repp@web.de>
JuergenReppSIT
force-pushed
the
explicit-mem-zero
branch
from
d5dcb82 to
b440701
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Update functions handling sensitive data to use secure_mem_zero instead of regular memory clearing. This ensures that buffers containing secrets are reliably overwritten and not subject to compiler optimizations.
Addresses: #2994