[gnutls-devel] session ticket key rotation
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Nov 15 08:26:38 CET 2016
On Tue, Nov 15, 2016 at 7:14 AM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
>> What about CPUs where writing to a memory location is not an atomic
>> operation... i.e., if on line 22, some reader instead of getting the
>> old or the new value of pool->current_key, gets some intermediate
>> value? Are these of a concern?
> So i can imagine, say, the first half of the RAM being from key N and
> the second half of the RAM being from key N+1 for that slot. In that
> case, no existing tickets for that slot (which had been issued nearly a
> full rotation cycle ago) would validate during that window. but that's
> fine, they're about to be invalidated anyway. The bigger risk would be
> if new tickets were issued during that case, but that wouldn't happen
> because we update current_key *after* the key is updated. So i still
> don't see a problem.
The thing is that there is no guarrantee from the language about the
contents of the intermediate values. For practical purposes though, I
think variables which are word-aligned should be ok to access (though
the safe C11 version is something I prefer, even if it is within
ifdefs).
> Thanks for the thoughtful review! let me know if you have any other
> concerns or suggestions about the proposal. If you think it's in decent
> shape, should i open a gitlab ticket to track it?
Makes sense.
regards,
Nikos
More information about the Gnutls-devel
mailing list