undefined | Better HN

0 pointsxxs11y ago0 comments

That depends how much the compiler can optimize (away). If the next call is free(), it's quite trivial to skip the zeroing and just take the correct branch.

I am still uncertain while people want to just 'zero' it. Filling random data (just one random() call) and then using inline PRNG, then summing the result, storing it globally in volatile would reliable 'zero' the data but it's quite CPU intense.

0 comments

gizmo68611y ago

You still are not guaranteed to clear the buffer like that.

  for (int i=0; i<len; i++){
    sensitiveBuffer[i]=random();
  }
  int sum=0;
  for (int i=0; i<len; i++){
    sum+=sensitiveBuffer[i];
  }
  volitileVar=sum;

Using loop fusion, the compiler can optimize this to: int sum=0; for (int i=0; i<len; i++){ sensitiveBuffer[i]=random(); sum+=sensitiveBuffer[i]; } volitileVar=sum;

Which it can then optimize to: int sum=0; for (int i=0; i<len; i++){ sum+=random(); } volitileVar=sum;

In fact, as the article points out, the compiler can legally transform:

  reallyZeroBuffer(sensitiveBuffer);

into

  pointlesslyCopy(sensitiveBuffer);
  reallyZeroBuffer(sensitiveBuffer);

xxsOP11y ago

not like that: Not exactly like that: I didn't mean simple that way, more like hash alike. The 1st example is not optimal but shows the idea.

I disagree about "pointlessCopy". Of course it's permitted by the standard but it's not an optimization. Using such a broken compiler is beyond help.

------- volatileVar *= random(); for (int i=0;i<len;i++){ volatileVar+=buf[random()%len]+0x61c88647; buf[i]=volatileVar; } ===== static volatile uint volitileVar;

  for (int i=0; i<len; i++){
    sensitiveBuffer[i]=random();
  }

  for (int i=0; i<len; i++){
    volitileVar+=sensitiveBuffer[volatileVar%len];
  }

zAy0LfpBZLC8mAC11y ago

Why shouldn't the compiler be able to figure out that you sum a series of numbers that aren't used anywhere else, thus don't need to be spilled to RAM?

xxsOP11y ago

You write them to a global state volatile

zAy0LfpBZLC8mAC11y ago

How does that require writing the random data to RAM, apart from the volatile variable itself?

j / k navigate · click thread line to collapse

0 comments

gizmo68611y ago

You still are not guaranteed to clear the buffer like that.

  for (int i=0; i<len; i++){
    sensitiveBuffer[i]=random();
  }
  int sum=0;
  for (int i=0; i<len; i++){
    sum+=sensitiveBuffer[i];
  }
  volitileVar=sum;

Using loop fusion, the compiler can optimize this to: int sum=0; for (int i=0; i<len; i++){ sensitiveBuffer[i]=random(); sum+=sensitiveBuffer[i]; } volitileVar=sum;

Which it can then optimize to: int sum=0; for (int i=0; i<len; i++){ sum+=random(); } volitileVar=sum;

In fact, as the article points out, the compiler can legally transform:

  reallyZeroBuffer(sensitiveBuffer);

into

  pointlesslyCopy(sensitiveBuffer);
  reallyZeroBuffer(sensitiveBuffer);

xxsOP11y ago

not like that: Not exactly like that: I didn't mean simple that way, more like hash alike. The 1st example is not optimal but shows the idea.

I disagree about "pointlessCopy". Of course it's permitted by the standard but it's not an optimization. Using such a broken compiler is beyond help.

------- volatileVar *= random(); for (int i=0;i<len;i++){ volatileVar+=buf[random()%len]+0x61c88647; buf[i]=volatileVar; } ===== static volatile uint volitileVar;

  for (int i=0; i<len; i++){
    sensitiveBuffer[i]=random();
  }

  for (int i=0; i<len; i++){
    volitileVar+=sensitiveBuffer[volatileVar%len];
  }

zAy0LfpBZLC8mAC11y ago

Why shouldn't the compiler be able to figure out that you sum a series of numbers that aren't used anywhere else, thus don't need to be spilled to RAM?

xxsOP11y ago

You write them to a global state volatile

zAy0LfpBZLC8mAC11y ago

How does that require writing the random data to RAM, apart from the volatile variable itself?

j / k navigate · click thread line to collapse