If we're going to have a virSecureErase function, we
might as well make it do secure erasure with currently
available explicit_bzero in FreeBSD/Linux.

While we're here, we should use it from the RPC code.

The remaining hole in the RPC code is xdr_free which
does not securely erase buffers. That's not easily
fixed without dropping the RPC impl in favour of a
custom one.

Daniel P. Berrangé (3):
  util: implement secure erase with explicit_bzero
  rpc: fix buffer offset updates after decoding payload
  rpc: securely erase the message buffers

 meson.build               | 1 +
 src/rpc/virnetmessage.c   | 4 +++-
 src/util/virsecureerase.c | 6 ++++++
 3 files changed, 10 insertions(+), 1 deletion(-)

-- 
2.38.1

On a Monday in 2022, Daniel P. Berrangé wrote:
>If we're going to have a virSecureErase function, we
>might as well make it do secure erasure with currently
>available explicit_bzero in FreeBSD/Linux.
>
>While we're here, we should use it from the RPC code.
>
>The remaining hole in the RPC code is xdr_free which
>does not securely erase buffers. That's not easily
>fixed without dropping the RPC impl in favour of a
>custom one.
>
>Daniel P. Berrangé (3):
>  util: implement secure erase with explicit_bzero
>  rpc: fix buffer offset updates after decoding payload
>  rpc: securely erase the message buffers
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano