[PATCH 1/2] common/mischelp: use memset for wipememory
Jussi Kivilinna
jussi.kivilinna at iki.fi
Tue Nov 13 18:24:13 CET 2018
On 13.11.2018 17.20, Werner Koch wrote:
> On Fri, 9 Nov 2018 17:48, jussi.kivilinna at iki.fi said:
>
>> In new wipememory2 function, memset is called through volatile
>> function pointer to so that compiler won't optimize away the call.
>
> <rant>Are you sure that none of those braindead compilers removes that call
> for example when inlined? They may find yet another interpreation why
> it is allowed. But anyway, the old code would or is already target to
> such new dis-optimization.</>
Well, sufficiently braindead compiler might check if value read from volatile
function pointer is for 'memset' and do dead store elimination. In practice,
this does not happen. Access to memset through volatile pointer is discussed
here:
http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
http://www.daemonology.net/blog/2014-09-05-erratum.html
Best way to perform memory wipe would be through platform provided functions,
such as explicit_bzero, or memset_s. I'll add support those and leave
volatile function pointer approach as backup.
-Jussi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 671 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181113/6d6c781b/attachment.sig>
More information about the Gnupg-devel
mailing list