| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141201152047.GG12140@twin.jikos.cz> Date: Mon, 1 Dec 2014 16:20:48 +0100 From: David Sterba <dsterba@...e.cz> To: Julia Lawall <Julia.Lawall@...6.fr> Cc: Thomas Gleixner <tglx@...utronix.de>, dborkman@...hat.com, herbert@...dor.apana.org.au, kernel-janitors@...r.kernel.org, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org, linux-kernel@...r.kernel.org, Julia Lawall <julia@...u.dk> Subject: Re: [PATCH 1/8] purgatory/sha256: replace memset by memzero_explicit On Sun, Nov 30, 2014 at 05:59:27PM +0100, Julia Lawall wrote: > @@ -205,7 +205,7 @@ static void sha256_transform(u32 *state, const u8 *input) > > /* clear any sensitive info... */ > a = b = c = d = e = f = g = h = t1 = t2 = 0; All of these get optimized away. How to clear them effectively is another question. Setting them one by one casting to volatile would generate 10 instructions. Although this might be quick as there are no dependencies, the function sha256_transform is called repeatedly and the small overhead may add up. Other attempts to fix it require restructuring the code so all the variables are eg. stored in an array that gets cleared in one go. Here the indirect access could be hidden into the macros (e0, e1, s0, s1). > - memset(W, 0, 64 * sizeof(u32)); > + memzero_explicit(W, 64 * sizeof(u32)); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists