|
 |
b9c414 |
From a76310b53fbb117e620f2c37350b68dd267f1088 Mon Sep 17 00:00:00 2001
|
|
|
b9c414 |
From: Milan Broz <gmazyland@gmail.com>
|
|
|
b9c414 |
Date: Mon, 20 Sep 2021 17:42:20 +0200
|
|
|
b9c414 |
Subject: [PATCH] Do not try to set compiler optimization flag if wipe is
|
|
|
b9c414 |
implemented in libc.
|
|
|
b9c414 |
|
|
|
b9c414 |
If zeroing memory is implemented through libc call (like memset_bzero),
|
|
|
b9c414 |
compiler should never remove such call. It is not needed to set O0
|
|
|
b9c414 |
optimization flag explicitly.
|
|
|
b9c414 |
|
|
|
b9c414 |
Various checkers like annocheck causes problems with these flags,
|
|
|
b9c414 |
just remove it where it makes no sense.
|
|
|
b9c414 |
|
|
|
b9c414 |
(Moreover, we use the same pattern without compiler magic
|
|
|
b9c414 |
in crypt_backend_memzero() already.)
|
|
|
b9c414 |
---
|
|
|
b9c414 |
lib/crypto_backend/argon2/core.c | 10 ++++++++--
|
|
|
b9c414 |
1 file changed, 8 insertions(+), 2 deletions(-)
|
|
|
b9c414 |
|
|
|
b9c414 |
diff --git a/lib/crypto_backend/argon2/core.c b/lib/crypto_backend/argon2/core.c
|
|
|
b9c414 |
index b204ba98..db9a7741 100644
|
|
|
b9c414 |
--- a/lib/crypto_backend/argon2/core.c
|
|
|
b9c414 |
+++ b/lib/crypto_backend/argon2/core.c
|
|
|
b9c414 |
@@ -120,18 +120,24 @@ void free_memory(const argon2_context *context, uint8_t *memory,
|
|
|
b9c414 |
}
|
|
|
b9c414 |
}
|
|
|
b9c414 |
|
|
|
b9c414 |
-void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
|
|
|
b9c414 |
#if defined(_MSC_VER) && VC_GE_2005(_MSC_VER)
|
|
|
b9c414 |
+void secure_wipe_memory(void *v, size_t n) {
|
|
|
b9c414 |
SecureZeroMemory(v, n);
|
|
|
b9c414 |
+}
|
|
|
b9c414 |
#elif defined memset_s
|
|
|
b9c414 |
+void secure_wipe_memory(void *v, size_t n) {
|
|
|
b9c414 |
memset_s(v, n, 0, n);
|
|
|
b9c414 |
+}
|
|
|
b9c414 |
#elif defined(HAVE_EXPLICIT_BZERO)
|
|
|
b9c414 |
+void secure_wipe_memory(void *v, size_t n) {
|
|
|
b9c414 |
explicit_bzero(v, n);
|
|
|
b9c414 |
+}
|
|
|
b9c414 |
#else
|
|
|
b9c414 |
+void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
|
|
|
b9c414 |
static void *(*const volatile memset_sec)(void *, int, size_t) = &memset;
|
|
|
b9c414 |
memset_sec(v, 0, n);
|
|
|
b9c414 |
-#endif
|
|
|
b9c414 |
}
|
|
|
b9c414 |
+#endif
|
|
|
b9c414 |
|
|
|
b9c414 |
/* Memory clear flag defaults to true. */
|
|
|
b9c414 |
int FLAG_clear_internal_memory = 1;
|
|
|
b9c414 |
--
|
|
|
b9c414 |
2.27.0
|
|
|
b9c414 |
|