2 * utils_safe_memory - safe memory helpers
4 * Copyright (C) 2009-2023 Red Hat, Inc. All rights reserved.
5 * Copyright (C) 2009-2023 Milan Broz
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 #include "libcryptsetup.h"
28 struct safe_allocation {
31 char data[0] __attribute__((aligned(8)));
33 #define OVERHEAD offsetof(struct safe_allocation, data)
36 * Replacement for memset(s, 0, n) on stack that can be optimized out
37 * Also used in safe allocations for explicit memory wipe.
39 void crypt_safe_memzero(void *data, size_t size)
44 #ifdef HAVE_EXPLICIT_BZERO
45 explicit_bzero(data, size);
47 volatile uint8_t *p = (volatile uint8_t *)data;
54 /* safe allocations */
55 void *crypt_safe_alloc(size_t size)
57 struct safe_allocation *alloc;
59 if (!size || size > (SIZE_MAX - OVERHEAD))
62 alloc = malloc(size + OVERHEAD);
66 crypt_safe_memzero(alloc, size + OVERHEAD);
69 /* Ignore failure if it is over limit. */
70 if (!mlock(alloc, size + OVERHEAD))
73 /* coverity[leaked_storage] */
77 void crypt_safe_free(void *data)
79 struct safe_allocation *alloc;
86 p = (char *)data - OVERHEAD;
87 alloc = (struct safe_allocation *)p;
89 crypt_safe_memzero(data, alloc->size);
92 munlock(alloc, alloc->size + OVERHEAD);
93 alloc->locked = false;
96 s = (volatile size_t *)&alloc->size;
101 void *crypt_safe_realloc(void *data, size_t size)
103 struct safe_allocation *alloc;
107 new_data = crypt_safe_alloc(size);
109 if (new_data && data) {
111 p = (char *)data - OVERHEAD;
112 alloc = (struct safe_allocation *)p;
114 if (size > alloc->size)
117 memcpy(new_data, data, size);
120 crypt_safe_free(data);