From: Daniel P. Berrangé <berrange@redhat.com>
Date: Mon, 12 Dec 2022 10:20:36 +0000 (-0500)
Subject: util: implement secure erase with explicit_bzero
X-Git-Tag: v9.0.0-rc1~166
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=77b9617cd7a00bb7ea542a73259bba22967c7038;p=thirdparty%2Flibvirt.git

util: implement secure erase with explicit_bzero

This is available on at least FreeBSD and GLibc >= 2.25.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/meson.build b/meson.build
index 1a13148c51..0f8ef079b1 100644
--- a/meson.build
+++ b/meson.build
@@ -537,6 +537,7 @@ libvirt_export_dynamic = cc.first_supported_link_argument([
 
 functions = [
   'elf_aux_info',
+  'explicit_bzero',
   'fallocate',
   'getauxval',
   'getegid',
diff --git a/src/util/virsecureerase.c b/src/util/virsecureerase.c
index ead12803da..00542da99d 100644
--- a/src/util/virsecureerase.c
+++ b/src/util/virsecureerase.c
@@ -19,6 +19,8 @@
 
 #include <config.h>
 
+#include <string.h>
+
 #include "virsecureerase.h"
 
 /**
@@ -40,7 +42,11 @@ virSecureErase(void *ptr,
     if (!ptr || size == 0)
         return;
 
+#ifdef WITH_EXPLICIT_BZERO
+    explicit_bzero(ptr, size);
+#else
     memset(ptr, 0, size);
+#endif
 }
 
 /**