[openssl-dev] [openssl.org #4116] [PATCH] Reimplement non-asm OPENSSL_cleanse()
Alessandro Ghedini via RT
rt at openssl.org
Wed Nov 11 18:23:31 UTC 2015
On Wed, Nov 11, 2015 at 01:06:54PM +0000, Kurt Roeckx via RT wrote:
> On Wed, Nov 11, 2015 at 12:37:56PM +0000, Alessandro Ghedini via RT wrote:
> > On Wed, Nov 11, 2015 at 11:52:56AM +0000, Kurt Roeckx via RT wrote:
> > > On Wed, Nov 11, 2015 at 11:16:56AM +0000, Alessandro Ghedini via RT wrote:
> > > > In order to avoid having builds that silently optimize away OPENSSL_cleanse
> > > > it'd be nice to have a test case to check for that. OpenBSD/LibreSSL have
> > > > somthing along those lines [0], but it doesn't seem to work as expected (well,
> > > > at least not with OpenSSL), so alternative ideas are welcome.
> > >
> > > As you point out, the compiler can be smart enough to optimize the
> > > call away. You should at least run that test uing LTO.
> >
> > Well, yeah, I've been doing my manual tests with LTO all along. My point was
> > that on some platform/compiler/configuration, whatever implementation of
> > OPENSSL_cleanse is used, it could still be optimized away. So it would be
> > useful to have a test to detect that automatically when "make test" is run.
>
> Even the assembler version gets optimized away?
Sorry, I didn't explain myself very well. What I tried was implement an
obviously unsafe OPENSSL_cleanse (using just memset()) and then check if the
LibreSSL test correctly caught the fact that the call was optimized away. The
test worked in most scenarios, except when building with LTO. So it was only
the test that didn't behave correctly.
Cheers
More information about the openssl-dev
mailing list