[tor-bugs] #7419 [Tor]: Choose a faster memwipe implementation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Oct 18 05:43:34 UTC 2014
#7419: Choose a faster memwipe implementation
-----------------------------+------------------------------------
Reporter: nickm | Owner:
Type: enhancement | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay, nickm-patch
Actual Points: | Parent ID:
Points: |
-----------------------------+------------------------------------
Comment (by teor):
Re: the patch itself - test-memwipe.c
I think the buffers could all be declared volatile:
* if char buf[2048] (secret) is declared volatile, this means that the
compiler cannot predict the value of sum, and therefore isn't allowed to
precompute it (I can imagine a series of optimisation steps: optimise
memcpy to static initialisation, optimise sum based on static
initialisation, notice code similarity and use same value for all three
sums, avoid compiling most of the program...)
* if char buf[1024] (check) is declared volatile, it is no longer
"uninitialised" memory - it is externally modifiable memory, that the
compiler can never predict the value of.
* using volatile also avoids all caching of values from these buffers,
making sure the data is really written to and read from memory, not just
cached in a large L3 cache somewhere.
volatile is a way of telling the compiler: "I know what I'm doing here."
If we were really paranoid, we could test with and without volatile on
char buf[2048] (secret).
Also, should we test heap allocations as well as stack allocations?
They could have very different behaviours, and therefore security
characteristics.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7419#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list