Re: [PATCH] sha: prevent removal of memset as dead store in sha1_update()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Also from that document:
> 
> If you know how large the accessed memory is, you can add it as input or
> output but if this is not known, you should add memory. As an example, if
> you access ten bytes of a string, you can use a memory input like:
> 
>      {"m"( ({ struct { char x[10]; } *p = (void *)ptr ; *p; }) )}.
> 
> does this mean we could use something like:
> 
> #define SECURE_BZERO(x) do {                                            \
>         memset(x, 0, sizeof(x));                                        \
>         asm("" : :"m"( ({ struct { char __y[ARRAY_SIZE(x)]; } *__z =    \
>                                         (void *)x ; *__z; }) ));        \
> } while(0)

or rather for not just char arrays:

#define SECURE_BZERO(x) do {                                    \
        memset(x, 0, sizeof(x));                                \
        asm("" :: "m" ( ({                                      \
                        struct {                                \
                                typeof(x[0]) __y[ARRAY_SIZE(x)];\
                        } *__z = (void *)x;                     \
                        *__z;                                   \
                }) ));                                          \
} while(0)

This appears to work in my testcase:
---
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

#define SECURE 1

#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))

#define SECURE_BZERO(x) do {					\
	memset(x, 0, sizeof(x));				\
	asm("" :: "m" ( ({					\
			struct {				\
				typeof(x[0]) __y[ARRAY_SIZE(x)];\
			} *__z = (void *)x;			\
			*__z;					\
		}) ));						\
} while(0)

void foo()
{
	char password[] = "secret";
	password[0]='S';
	printf ("Don't show again: %s\n", password);
#if SECURE == 1
	SECURE_BZERO(password);
#else
	memset(password, 0, sizeof(password));
#endif
}

void foo1()
{
	int nrs[] = {1,1,2,3,4,5,6,7};
	nrs[0] = 0;
	int i = 8;
	printf ("Don't show again:\n");
	while (i--)
		printf ("%u\n", nrs[i]);
#if SECURE == 1
	SECURE_BZERO(nrs);
#else
	memset(nrs, 0, sizeof(nrs));
#endif
}

int main(int argc, char* argv[])
{

	foo();
	int i;
	char foo3[] = "";
	char* bar = &foo3[0];
	for (i = -50; i < 50; i++)
		printf ("%c.", bar[i]);
	printf("\n\n");

	foo1();
	int foo4 = 20;
	int* ber = &foo4;
	for (i = -50; i < 50; i++)
		printf ("%u_", ber[i]);
	printf("\n");
	return 0;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux