[tor-bugs] #7419 [Tor]: Choose a faster memwipe implementation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jan 3 07:08:11 UTC 2016
#7419: Choose a faster memwipe implementation
------------------------------------+------------------------------
Reporter: nickm | Owner:
Type: enhancement | Status: needs_review
Priority: Medium | Milestone: Tor: 0.2.???
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-relay, nickm-patch | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------+------------------------------
Comment (by teor):
Replying to [comment:19 logan]:
> Here's a patch that checks if the platform supports explicit_bzero().
Tested on OpenBSD.
>
> PASS: src/test/test-memwipe
Replying to [comment:19 logan]:
> Here's a patch that checks if the platform supports explicit_bzero().
Tested on OpenBSD.
>
> PASS: src/test/test-memwipe
There are multiple changes suggested in this ticket:
nickm's original branch better_memwipe attempted to avoid using
OpenSSL_cleanse for performance reasons by checking if a simple memset
worked. I was happy to see it merged, but we never did because there was
no evidence that performance was an issue.
The attached explicit_bzero has better semantics than OpenSSL_cleanse, and
is faster. Let's merge it.
As discussed on IRC, we can also use memset_s on platforms that support it
(NetBSD, OS X):
So we can do the following:
* if memset_s is supported:
* call memset_s to wipe the memory and set the bytes
* if explicit_bzero is supported:
* call explicit_bzero to wipe the memory
* call memset to set the bytes
* otherwise:
* call OpenSSL_cleanse to wipe the memory
* call memset to set the bytes
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7419#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list