[illumos-Developer] Proposal: Add memory clearing allocator to libnvpair
Samuel Younge
Samuel.Younge at HolyRoyal.com
Wed Jan 26 16:52:36 PST 2011
It seems a bit troubling that nvlist_xalloc is accepting nvl as a reference rather than a value, but I cannot access my code base at the moment to be sure of this. What are your thoughts? Although, I like your intention of not leaving passwords pins key etc. hanging about.
On Jan 26, 2011, at 13:42, Jason King <jason.brian.king at gmail.com> wrote:
> Something that's hopefully minor and not controversial. I was
> planning to do this for the work I'm doing with the IKEv2 support, but
> figured it's probably generally enough useful to live outside of it.
>
> The libnvpair library (userland) normally uses the malloc/free
> commands for its memory requirements. It also specifies a pluggable
> allocator interface for use with the nvlist_xalloc(3nvpair) and
> nvlist_xdup(3nvpair) function. I would like to propose to add to
> libnvpair an allocator that zeros out the memory when allocated and
> freed. This would be useful in situations where nvlists may contain
> sensitive information such as passwords/pins/keys/etc.
>
> Specifically, add to libnvpair.h
>
> extern nv_alloc_t *nv_alloc_zero;
>
> Programs can then use (return codes elided for clarity):
>
> nvlist_t *nvl;
> int flags = ...; /* NV_UNIQUE_NAME, NV_UNIQUE_NAME_TYPE or 0 */
>
> nvlist_xalloc(&nvl, flags, nv_alloc_zero);
> ...
> add/remove data from nvlist
> ...
> nvlist_free(nvl);
>
> And the memory used will be zeroed out before being returned to the
> system via free(3c).
>
> _______________________________________________
> Developer mailing list
> Developer at lists.illumos.org
> http://lists.illumos.org/m/listinfo/developer
More information about the Developer
mailing list