[src/trunk]: src/sys/kern memset() -> explicit_memset() for sensitive data.

[tls <tls%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/f4aadd83cbc4
branches:  trunk
changeset: 342859:f4aadd83cbc4
user:      tls <tls%NetBSD.org@localhost>
date:      Mon Jan 11 14:55:52 2016 +0000

description:
memset() -> explicit_memset() for sensitive data.

diffstat:

 sys/kern/kern_rndq.c |  14 +++++++-------
 1 files changed, 7 insertions(+), 7 deletions(-)

diffs (63 lines):

diff -r 4a996d956390 -r f4aadd83cbc4 sys/kern/kern_rndq.c
--- a/sys/kern/kern_rndq.c      Mon Jan 11 08:40:52 2016 +0000
+++ b/sys/kern/kern_rndq.c      Mon Jan 11 14:55:52 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_rndq.c,v 1.74 2016/01/01 16:09:00 tls Exp $       */
+/*     $NetBSD: kern_rndq.c,v 1.75 2016/01/11 14:55:52 tls Exp $       */
 
 /*-
  * Copyright (c) 1997-2013 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.74 2016/01/01 16:09:00 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.75 2016/01/11 14:55:52 tls Exp $");
 
 #include <sys/param.h>
 #include <sys/atomic.h>
@@ -572,7 +572,7 @@
                mutex_spin_exit(&rnd_global.lock);
                rnd_printf("rnd: seeded with %d bits\n",
                    MIN(boot_rsp->entropy, RND_POOLBITS / 2));
-               memset(boot_rsp, 0, sizeof(*boot_rsp));
+               explicit_memset(boot_rsp, 0, sizeof(*boot_rsp));
        }
        rnd_attach_source(&rnd_printf_source, "printf", RND_TYPE_UNKNOWN,
                          RND_FLAG_NO_ESTIMATE);
@@ -621,7 +621,7 @@
 rnd_sample_free(rnd_sample_t *c)
 {
 
-       memset(c, 0, sizeof(*c));
+       explicit_memset(c, 0, sizeof(*c));
        pool_cache_put(rnd_mempc, c);
 }
 
@@ -996,7 +996,7 @@
                        return 1;
                }
                source->test_cnt = -1;
-               memset(source->test, 0, sizeof(*source->test));
+               explicit_memset(source->test, 0, sizeof(*source->test));
        }
        return 0;
 }
@@ -1201,7 +1201,7 @@
                            "STATISTICAL TEST!\n");
                        continue;
                }
-               memset(&rnd_rt, 0, sizeof(rnd_rt));
+               explicit_memset(&rnd_rt, 0, sizeof(rnd_rt));
                rndpool_add_data(&rnd_global.pool, rnd_testbits,
                    sizeof(rnd_testbits), entropy_count);
                memset(rnd_testbits, 0, sizeof(rnd_testbits));
@@ -1319,7 +1319,7 @@
                rndpool_add_data(&rnd_global.pool, boot_rsp->data,
                    sizeof(boot_rsp->data),
                    MIN(boot_rsp->entropy, RND_POOLBITS / 2));
-               memset(boot_rsp, 0, sizeof(*boot_rsp));
+               explicit_memset(boot_rsp, 0, sizeof(*boot_rsp));
                mutex_spin_exit(&rnd_global.lock);
        } else {
                rnd_printf_verbose("rnd: not ready, deferring seed feed.\n");