MFC r272673:

Add explicit_bzero(3) and its kernel counterpart. Obtained from: OpenBSD MFC after: 2 weeks TAG: IPSEC-HEAD Issue: #4841
author: Luiz Otavio O Souza <luiz@netgate.com> 2015-09-15 13:41:59 -0500
committer: Luiz Otavio O Souza <luiz@netgate.com> 2015-10-20 11:52:44 -0500
commit: 9b291aa4649f2230d48a12c9089e526ef2182abf (patch)
tree: 9033aaffbe687fc2e95ac22e7c994e4c1e857cf3
parent: 695f7c561490cfa30431266c02d4194ea59ef443 (diff)
download: FreeBSD-src-9b291aa4649f2230d48a12c9089e526ef2182abf.zip
FreeBSD-src-9b291aa4649f2230d48a12c9089e526ef2182abf.tar.gz
8 files changed, 71 insertions, 2 deletions
diff --git a/include/strings.h b/include/strings.h
index 4fb9311..2210df0 100644
--- a/include/strings.h
+++ b/include/strings.h
@@ -43,6 +43,9 @@ int	 bcmp(const void *, const void *, size_t) __pure;	/* LEGACY */
 void	 bcopy(const void *, void *, size_t);			/* LEGACY */
 void	 bzero(void *, size_t);					/* LEGACY */
 #endif
+#if __BSD_VISIBLE
+void	 explicit_bzero(void *, size_t);
+#endif
 #if __XSI_VISIBLE
 int	 ffs(int) __pure2;
 #endif
diff --git a/lib/libc/string/Makefile.inc b/lib/libc/string/Makefile.inc
index cc25c25..4efe764 100644
--- a/lib/libc/string/Makefile.inc
+++ b/lib/libc/string/Makefile.inc
@@ -6,7 +6,8 @@
 CFLAGS+= -I${.CURDIR}/locale
 
 # machine-independent string sources
-MISRCS+=bcmp.c bcopy.c bzero.c ffs.c ffsl.c ffsll.c fls.c flsl.c flsll.c \
+MISRCS+=bcmp.c bcopy.c bzero.c explicit_bzero.c \
+	ffs.c ffsl.c ffsll.c fls.c flsl.c flsll.c \
 	memccpy.c memchr.c memrchr.c memcmp.c \
 	memcpy.c memmem.c memmove.c memset.c \
 	stpcpy.c stpncpy.c strcasecmp.c \
diff --git a/lib/libc/string/Symbol.map b/lib/libc/string/Symbol.map
index 8e80165..c876e76 100644
--- a/lib/libc/string/Symbol.map
+++ b/lib/libc/string/Symbol.map
@@ -92,6 +92,7 @@ FBSD_1.1 {
 };
 
 FBSD_1.3 {
+	explicit_bzero;
 	strcasecmp_l;
 	strcasestr_l;
 	strchrnul;
diff --git a/lib/libc/string/bzero.3 b/lib/libc/string/bzero.3
index 029644a..ea572be 100644
--- a/lib/libc/string/bzero.3
+++ b/lib/libc/string/bzero.3
@@ -35,7 +35,8 @@
 .Dt BZERO 3
 .Os
 .Sh NAME
-.Nm bzero
+.Nm bzero ,
+.Nm explicit_bzero
 .Nd write zeroes to a byte string
 .Sh LIBRARY
 .Lb libc
@@ -43,6 +44,8 @@
 .In strings.h
 .Ft void
 .Fn bzero "void *b" "size_t len"
+.Ft void
+.Fn explicit_bzero "void *b" "size_t len"
 .Sh DESCRIPTION
 The
 .Fn bzero
@@ -56,6 +59,12 @@ If
 is zero,
 .Fn bzero
 does nothing.
+.Pp
+The
+.Fn explicit_bzero
+variant behaves the same, but will not be removed by a compiler's dead store
+optimization pass, making it useful for clearing sensitive memory such as a
+password.
 .Sh SEE ALSO
 .Xr memset 3 ,
 .Xr swab 3
@@ -72,3 +81,10 @@ before it was moved to
 for
 .St -p1003.1-2001
 compliance.
+.Pp
+The
+.Fn explicit_bzero
+function first appeared in
+.Ox 5.5
+and
+.Fx 11.0 .
diff --git a/lib/libc/string/explicit_bzero.c b/lib/libc/string/explicit_bzero.c
new file mode 100644
index 0000000..a7811b0
--- /dev/null
+++ b/lib/libc/string/explicit_bzero.c
@@ -0,0 +1,22 @@
+/*	$OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */
+/*
+ * Public domain.
+ * Written by Matthew Dempsky.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <string.h>
+
+__attribute__((weak)) void
+__explicit_bzero_hook(void *buf, size_t len)
+{
+}
+
+void
+explicit_bzero(void *buf, size_t len)
+{
+	memset(buf, 0, len);
+	__explicit_bzero_hook(buf, len);
+}
diff --git a/sys/conf/files b/sys/conf/files
index 1ed363b..fc3a093 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -3266,6 +3266,7 @@ libkern/asprintf.c		standard
 libkern/bcd.c			standard
 libkern/bsearch.c		standard
 libkern/crc32.c			standard
+libkern/explicit_bzero.c	standard
 libkern/flsll.c                 standard
 libkern/fnmatch.c		standard
 libkern/iconv.c			optional libiconv
diff --git a/sys/libkern/explicit_bzero.c b/sys/libkern/explicit_bzero.c
new file mode 100644
index 0000000..2468c55
--- /dev/null
+++ b/sys/libkern/explicit_bzero.c
@@ -0,0 +1,24 @@
+/*	$OpenBSD: explicit_bzero.c,v 1.3 2014/06/21 02:34:26 matthew Exp $ */
+/*
+ * Public domain.
+ * Written by Matthew Dempsky.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/libkern.h>
+
+__attribute__((weak)) void __explicit_bzero_hook(void *, size_t);
+
+__attribute__((weak)) void
+__explicit_bzero_hook(void *buf, size_t len)
+{
+}
+
+void
+explicit_bzero(void *buf, size_t len)
+{
+	memset(buf, 0, len);
+	__explicit_bzero_hook(buf, len);
+}
diff --git a/sys/sys/systm.h b/sys/sys/systm.h
index cb83ba4..83e4f12 100644
--- a/sys/sys/systm.h
+++ b/sys/sys/systm.h
@@ -238,6 +238,7 @@ void	hexdump(const void *ptr, int length, const char *hdr, int flags);
 #define ovbcopy(f, t, l) bcopy((f), (t), (l))
 void	bcopy(const void *from, void *to, size_t len) __nonnull(1) __nonnull(2);
 void	bzero(void *buf, size_t len) __nonnull(1);
+void	explicit_bzero(void *, size_t) __nonnull(1);;
 
 void	*memcpy(void *to, const void *from, size_t len) __nonnull(1) __nonnull(2);
 void	*memmove(void *dest, const void *src, size_t n) __nonnull(1) __nonnull(2);
author	Luiz Otavio O Souza <luiz@netgate.com>	2015-09-15 13:41:59 -0500
committer	Luiz Otavio O Souza <luiz@netgate.com>	2015-10-20 11:52:44 -0500
commit	9b291aa4649f2230d48a12c9089e526ef2182abf (patch)
tree	9033aaffbe687fc2e95ac22e7c994e4c1e857cf3
parent	695f7c561490cfa30431266c02d4194ea59ef443 (diff)
download	FreeBSD-src-9b291aa4649f2230d48a12c9089e526ef2182abf.zip FreeBSD-src-9b291aa4649f2230d48a12c9089e526ef2182abf.tar.gz