[openssl-dev] Why is `volatile` used in MOD_EXP_CTIME_COPY_FROM_PREBUF?
Andy Polyakov
appro at openssl.org
Thu May 26 19:18:48 UTC 2016
> See
> https://github.com/openssl/openssl/commit/d6482a82bc2228327aa4ba98aeeecd9979542a31#diff-3aca3afd18ad75a8f6a09a9860bc6ef5R631
>
> + volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
>
> Why is `volatile` used here? Is it to work around the effective type
> (strict aliasing) violations or for some other reason?
Isn't it obvious? Volatile is there to discourage compiler from
reordering loads from the the table. I mean concern is that if reordered
in specific manner loads might give away the information we are trying
to conceal.
> I think it would
> be good to document this, or better, find a way to avoid needing to use
> `volatile` in the first place.
Well, the only guaranteed way is to implement it in assembly. Note that
on most popular/relevant platform it *is* implemented in assembly.
More information about the openssl-dev
mailing list