Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 Jan 2015 23:15:09 -0500
From: Rich Felker <>
Subject: Re: thoughts on reallocarray, explicit_bzero?

On Wed, Jan 28, 2015 at 10:03:33PM -0600, Brent Cook wrote:
> >> > Linux kernel has similar functions and uses a barrier() here:
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > Is such a solution is more correct (and still portable)?
> >>
> >> I'm afraid that the only appropriate solution is to use memset_s()
> >> from C11 and the expectation that the compiler will accept it.
> >> barrier() does not give any guarantee that this function will be
> >> secure. Only compiler decides. I'm afraid that OpenBSD goes bad path
> >> with explicit_bzero(). The same applies to the linux kernel and
> >> memzero_explicit().. very stupid name...
> >
> > I see no way memset_s is technically "better". It's unable to find and
> > clear other temporary copies that have been made, and the barrier
> > method described above already reliably clears the pointed-to copy.
> Whatever method you choose, the method of testing is an interesting
> one, since seeing if the compiler optimized out a memset (because the
> memory was not read after a write) requires tricking the compiler into
> believing you aren't reading it. This test is pretty cool, IMO:
> it is described a bit more here:

The comment that pthread_attr_setstack could be used instead is
interesting and would make the test a lot simpler, I think.

> Getting around link-time optimizations required building the
> explicit_bzero function with independent compiler flags to ensure LTO
> was not enabled.

As long as there's a barrier, LTO is no problem. The asm is a black
box that's required to see the results of memset, since the address of
the object reaches the asm, and the only way to ensure that such a
black box sees the writes is for them to actually be performed.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.