On Thu, Feb 25, 2010 at 5:16 PM, Pekka Enberg <penberg@xxxxxxxxxxxxxx> wrote:
> On Thu, Feb 25, 2010 at 5:56 PM, Mikael Pettersson <mikpe@xxxxxxxx> wrote:
>> I fear that the only portable (across compiler versions) and safe
>> solution is to invoke an assembly-coded dummy function with prototype
>>
>> void use(void *p);
>>
>> and rewrite the code above as
>>
>> {
>> u32 temp[...];
>> ...
>> memset(temp, 0, sizeof temp);
>> use(temp);
>> }
>>
>> This forces the compiler to consider the buffer live after the
>> memset, so the memset cannot be eliminated.
>
> So is there some "do not optimize" GCC magic that we could use for a
> memzero_secret() helper function?
>
> Pekka
>
*(volatile char *)p = *(volatile char *)p;
appears to work when called after the memset:
---
inline void ensure_memset(void* p)
{
*(volatile char *)p = *(volatile char *)p;
}
void foo()
{
char password[] = "secret";
password[0]='S';
printf ("Don't show again: %s\n", password);
memset(password, 0, sizeof(password));
ensure_memset(password);
}
int main(int argc, char* argv[])
{
foo();
int i;
char foo3[] = "";
char* bar = &foo3[0];
for (i = -50; i < 50; i++)
printf ("%c.", bar[i]);
printf("\n");
return 0;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
