This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.

From: Florian Weimer <fweimer at redhat dot com>
To: Rich Felker <dalias at libc dot org>, Richard Henderson <rth at twiddle dot net>
Cc: Nick Mathewson <nickm at torproject dot org>, libc-alpha at sourceware dot org
Date: Wed, 17 Dec 2014 13:32:10 +0100
Subject: Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
Authentication-results: sourceware.org; auth=none
References: <CAKDKvuzWYf3GcXYs4ED8XLyy58nzmvxRV84xwsKKZjPpVSFQug at mail dot gmail dot com> <20141215173527 dot GJ4574 at brightrain dot aerifal dot cx> <CAKDKvuyhgr4CmkkD+0LzSNqRUW=gUhpERoknAT3e3H7ooqpaDw at mail dot gmail dot com> <20141216052617 dot GL4574 at brightrain dot aerifal dot cx> <54905CB1 dot 3070000 at twiddle dot net> <20141216180126 dot GN4574 at brightrain dot aerifal dot cx>

On 12/16/2014 07:01 PM, Rich Felker wrote:

But in the case of a function like:

	int foo = 42;
	memset(&foo, 0, sizeof foo);
	__asm__ __volatile__ ( "" : : : "memory" );

after analysis based on compiler knowledge of the memset function, the
object foo is not "memory" because its address has never leaked. Since
the asm cannot see it, it can be optimized out to never exist at all
independently of handling the asm. If this weren't the case, presence
of asm with memory clobbers anywhere in the whole program would
prevent the compiler from optimizing out objects like this anywhere in
the whole program, which is obviously not correct.

Curiously, this is the case where use of memset_s would *force* thecreation of a copy of the value, just so that it can be zapped immediately:


  <https://gcc.gnu.org/ml/gcc-help/2014-10/msg00071.html>

--
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Andreas Schwab

References:
- [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Nick Mathewson
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Rich Felker
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Nick Mathewson
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Rich Felker
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Richard Henderson
- Re: [RFC] [PATCH] Support explicit_bzero, memset_s, memzero_explicit, or similar.
  - From: Rich Felker

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]