f53a70ce95
So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments.
35 lines
1.3 KiB
C++
35 lines
1.3 KiB
C++
// Copyright (c) 2009-2010 Satoshi Nakamoto
|
|
// Copyright (c) 2009-2018 The Bitcoin Core developers
|
|
// Distributed under the MIT software license, see the accompanying
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
#include <support/cleanse.h>
|
|
|
|
#include <cstring>
|
|
|
|
#if defined(_MSC_VER)
|
|
#include <Windows.h> // For SecureZeroMemory.
|
|
#endif
|
|
|
|
void memory_cleanse(void *ptr, size_t len)
|
|
{
|
|
#if defined(_MSC_VER)
|
|
/* SecureZeroMemory is guaranteed not to be optimized out by MSVC. */
|
|
SecureZeroMemory(ptr, len);
|
|
#else
|
|
std::memset(ptr, 0, len);
|
|
|
|
/* Memory barrier that scares the compiler away from optimizing out the memset.
|
|
*
|
|
* Quoting Adam Langley <agl@google.com> in commit ad1907fe73334d6c696c8539646c21b11178f20f
|
|
* in BoringSSL (ISC License):
|
|
* As best as we can tell, this is sufficient to break any optimisations that
|
|
* might try to eliminate "superfluous" memsets.
|
|
* This method is used in memzero_explicit() the Linux kernel, too. Its advantage is that it
|
|
* is pretty efficient because the compiler can still implement the memset() efficiently,
|
|
* just not remove it entirely. See "Dead Store Elimination (Still) Considered Harmful" by
|
|
* Yang et al. (USENIX Security 2017) for more background.
|
|
*/
|
|
__asm__ __volatile__("" : : "r"(ptr) : "memory");
|
|
#endif
|
|
}
|