diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2022-11-27 20:52:04 -0800 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2022-11-28 22:03:58 -0800 |
| commit | e4603ee9bab4d34a3617bbde474ae9041997ec9a (patch) | |
| tree | a9b44023a8bd50ef6863dac331eb9e4d770a1735 /doc/posix-functions | |
| parent | adadac58193206f7ad9c9d66ea0a7c18d5a06158 (diff) | |
| download | gnulib-e4603ee9bab4d34a3617bbde474ae9041997ec9a.tar.gz | |
memset_explicit: new module
* doc/posix-functions/memset_explicit.texi, lib/memset_explicit.c:
* m4/memset_explicit.m4, modules/memset_explicit:
* modules/memset_explicit-tests, tests/test-memset_explicit.c:
New files.
* lib/string.in.h (memset_explict): New decl.
* m4/string_h.m4 (gl_STRING_H, gl_STRING_H_REQUIRE_DEFAULTS)
(gl_STRING_H_DEFAULTS):
* modules/string (string.h):
Support memset_explicit.
Diffstat (limited to 'doc/posix-functions')
| -rw-r--r-- | doc/posix-functions/memset_explicit.texi | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/doc/posix-functions/memset_explicit.texi b/doc/posix-functions/memset_explicit.texi new file mode 100644 index 0000000000..528cee4e2b --- /dev/null +++ b/doc/posix-functions/memset_explicit.texi @@ -0,0 +1,43 @@ +@node memset_explicit +@subsection @code{memset_explicit} +@findex memset_explicit + +Documentation: +@itemize +@item +@ifinfo +@ref{Erasing Sensitive Data,,Erasing Sensitive Data,libc}, +@end ifinfo +@ifnotinfo +@url{https://www.gnu.org/software/libc/manual/html_node/Erasing-Sensitive-Data.html}, +@end ifnotinfo +@c Not yet present: +@c @item +@c @uref{https://www.kernel.org/doc/man-pages/online/pages/man3/memset_explicit.3.html,,man memset_explicit}. +@end itemize + +Gnulib module: memset_explicit + +The @code{memset_explicit} function is an approximation to what is +needed, and does not suffice in general to erase information. +Although calling @code{memset_explicit} should clear the memory in +question, the information that was in memory may still be available +elsewhere on the machine. Proper implementation of information +erasure requires support from levels below C code. + +Portability problems fixed by Gnulib: +@itemize +@item +This function is missing on some platforms: +glibc 2.36, FreeBSD 13.1, NetBSD 9.3, OpenBSD 7.2, macOS 13, Solaris 11.4, Android 13, +and many other systems. +@end itemize + +Portability problems not fixed by Gnulib: +@itemize +@item +Although the module's implementation should set the memory on +platforms compatible with GCC and on platforms using traditional +linkers, it may not set the memory on non-GCC platforms that use +whole-program optimization. +@end itemize |