zeroize: instead of zeroize, can I write 0xff to the buffer?

[dingelish]

Hi there,

I'm working on a firmware where the key needs to be wiped out. However the linux kernel checks if it is all zero. I want to bypass that check. The way I'm using is to overwrite the buffer with 0xFF. Can I do it with the current zeroize crate? Thanks!

[tarcieri]

The only thing in the public API that would allow for this is impl'ing a Default of [0xff; N] and using DefaultIsZeroes, though that seems a bit suboptimal.

Otherwise you could do a two-pass approach where you first use zeroize to zero memory, then write 0xff over it, though it's possible the latter could be elided.

Or you could just copy the internal zeroize strategy rather than using it directly, and do a volatile write of 0xff to all of the bytes.

[newpavlov]

On a slightly relevant note, once I had to deal with requirement to do erasure of sensitive data with pseudorandom data. I know it's a somewhat stupid requirement, but I had no choice but to do it.

[dingelish]

Thanks for the advices! They're pretty useful. I decide to add one more line after zeroize() to fill it up with 0xFF. If it's elided, the guest driver doesn't work and we can quickly identify that during testing. Problem solved!