From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-180762-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 9BD631396D9
	for <garchives@archives.gentoo.org>; Mon, 13 Nov 2017 03:03:55 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4F4D9E117D;
	Mon, 13 Nov 2017 03:03:49 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id ED51BE1074
	for <gentoo-user@lists.gentoo.org>; Mon, 13 Nov 2017 03:03:48 +0000 (UTC)
Received: from [192.168.2.51] (85.253.86.194.cable.starman.ee [85.253.86.194])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: leio)
	by smtp.gentoo.org (Postfix) with ESMTPSA id D6CD834165A
	for <gentoo-user@lists.gentoo.org>; Mon, 13 Nov 2017 03:03:46 +0000 (UTC)
Message-ID: <1510542223.24203.0.camel@gentoo.org>
Subject: Re: [gentoo-user] memset_s
From: Mart Raudsepp <leio@gentoo.org>
To: gentoo-user@lists.gentoo.org
Date: Mon, 13 Nov 2017 05:03:43 +0200
In-Reply-To: <CAKpSnp+ZHX=ms+YXrJTbgoSOzDU_TAZReVuEL0mSD1DesiE+mw@mail.gmail.com>
References: 
	<CAKpSnpJ=vs36FjA6qRpFCYTZKreFdqe=bMqa9+kbZCL0FL7fDQ@mail.gmail.com>
	 <26501197.ioODuGg76y@thetick>
	 <CAKpSnpJ-FrOBttWNbOqiDxNLnQ5kTsHAbTNgZvRUSgL4hUxb=w@mail.gmail.com>
	 <CAAD4mYj8foKjO7LShWcdttm7NSPEfo8pnj1TavVjxyAZSSRmmA@mail.gmail.com>
	 <CAKpSnp+jw=Xdq7V4ZZDzdFb7GMTb+ES7Mxq2PwQH-EcVqBHhdA@mail.gmail.com>
	 <CAAD4mYg96zgLaSTEENtgjXuuNM7L1rwdmFU=rqT_0HYE5zNOYA@mail.gmail.com>
	 <CAKpSnp+ZHX=ms+YXrJTbgoSOzDU_TAZReVuEL0mSD1DesiE+mw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.18.3 
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Archives-Salt: 46688786-d022-4893-9a4b-0b8b53043ad7
X-Archives-Hash: d173463fcc6dd2e6e203e6bd57e722f0

On L, 2017-11-11 at 00:10 +0000, Jorge Almeida wrote:
> Well, most programmers probably won't care about this stuff anyway,
> and people who deal with cryptography tend to be more cautious than
> average. But I'm not really making a case for safe versions of known
> functions. After all, the usual functions do fine for most
> applications. memset() would be enough to clear RAM with sensitive
> data if we had a pragma (or equivalent) to convince the compiler to
> not ignore it (I mean a pragma to invoke on a particular function
> definition when the programmer  feels that a black box behaviour is
> undesirable). Of course, solving the problem of the compiler copying
> stuff around might be harder nut to crack.

Sounds like you want explicit_bzero from libbsd?