lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 28 Feb 2010 19:36:07 -0500
From:	Bill Davidsen <davidsen@....com>
To:	linux-kernel@...r.kernel.org
Cc:	linux-crypto@...r.kernel.org
Subject: Re: [PATCH v1] compiler: prevent dead store elimination

Andi Kleen wrote:
>> Every byte in the [p,p+n[ range must be used. If you only use the
>> first byte, via e.g. asm("" :: "m"(*(char*)p)), then the compiler
>> _will_ skip scrubbing bytes beyond the first. This works with
>> gcc-3.2.3 up to gcc-4.4.3.
> 
> You forgot to credit Mikael who did all the hard work figuring
> this out?
> 
>>  /*
>> + * Dead store elimination (DSE) is an optimization that may remove a write to
>> + * a buffer that is not used anymore. Use ARRAY_PREVENT_DSE after a write when
>> + * the scrub is required for security reasons.
>> + */
>> +#define ARRAY_PREVENT_DSE(p, n)				\
> 
> Maybe it's just me, but the name is ugly.
> 
>> +	do {						\
>> +		struct __scrub { char c[n]; };		\
> 
> 
> Better typeof(*p)[n]
> 
>> +++ b/include/linux/compiler-intel.h
>> @@ -14,9 +14,11 @@
>>   * It uses intrinsics to do the equivalent things.
>>   */
>>  #undef barrier
>> +#undef ARRAY_PREVENT_DSE
>>  #undef RELOC_HIDE
>>  
>>  #define barrier() __memory_barrier()
>> +#define ARRAY_PREVENT_DSE(p, n)
> 
> Who says the Intel compiler doesn't need this?
> 
> I'm sure it does dead store elimination too and it understands
> gcc asm syntax.
> 
According to the Intel forum, it not only doesn't, but a request for this as a 
feature was rejected, so it won't. Or am I misreading this?

http://software.intel.com/en-us/forums/showthread.php?t=46770

-- 
Bill Davidsen <davidsen@....com>
   "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists