[mdlug] Disk encryption

Fri Feb 22 14:23:52 EST 2008

> From: David Lane

> It is good programming practice to zero memory resources 
> before you release them.

 In my "Ostiary" program, I handled the memory that holds password values
carefully. First, there's a syscall named mlock() that locks pages of memory
into RAM, preventing them from being swapped to disk; this ensures that examining
the swap partition or whatever won't find passwords.

 Second, you can zero-out memory before freeing it, but an optimizing compiler
might 'notice' that you don't use that memory after setting it to zero, and
'helpfully' eliminate those calls to improve the speed of the program. Fortunately,
in C, there's a way to tell the compiler "Yes, I really know what I'm doing, don't
optimize this away." Here's the call I use for wiping out such memory:

void *forced_memset(void *v, int c, size_t n)
{
  volatile char *p=v;
  while (n--) {
    *p++=c;
  }
  return v;
}

 It's the "volatile" keyword that does the magic. That tells the compiler that
it's memory-access algorithms don't apply to that variable.

 The full source code is at http://ingles.homeunix.net/software/ost/

 Sincerely,

 Ray Ingles                                    (313) 227-2317

 "A true leader now would tell Americans the unpopular truth:
   that we use too much energy, that we are spoiled children
   whose appetite for oil is making us weak and vulnerable."
  - Bill Maher, "When You Ride Alone You Ride With bin Laden"
The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.