dynamic memory automatically zero'd
rnicholsNOSPAM at comcast.net
Sat Aug 7 13:59:22 UTC 2010
On 08/07/2010 03:44 AM, Stefan Schulze Frielinghaus wrote:
> On Fr, 2010-08-06 at 09:37 -0700, Rick Stevens wrote:
>> On 08/06/2010 07:44 AM, Stefan Schulze Frielinghaus wrote:
>>> Hi all,
>>> if you allocate memory, e.g. via malloc(3), then it is automatically set
>>> to zero. This is actually a security feature quite common nowadays. I
>>> would like to know when this feature has made it into Fedora or in RHEL.
>>> Is this a mandatory feature of some security policy as e.g. the Common
>>> Criteria? I couldn't find much information about this. Therefore, any
>>> pointers, hints and so on are welcomed!
>> calloc() is the call you want to make. The ANSI standard makes no
>> guarantees about the contents of the memory you get with malloc(). In
>> fact, calloc() was created for that precise reason.
> No this is not what I meant. Of course if I want to make sure that the
> memory is zerod, then I will use calloc.
> I want to know if the question of my initial post is enforced by some
> security policy or if it is just common nowadays. If my mind does not
> play tricks on me, then this is enforced by eal4+ or something similar.
> But I couldn't find anything about this. Therefore, I asked here.
> Again: I know that I have to use calloc if I want to be sure that the
> memory is zerod. But this is not what I care about at the moment. I
> simple would like to know if the memory is zerod because of some
> security policy.
Pages newly allocated by the kernel will be zeroed. They begin life as
a copy-on-write mmap() of /dev/zero. Once you have used and freed
memory from those pages, however, that memory will not be re-zeroed.
If a subsequent malloc() happens to grab that same memory you will see
the old contents. It will, however, be data written there by the
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
More information about the users