Re: CVS commit: src

To: David Laight <david%l8s.co.uk@localhost>
Subject: Re: CVS commit: src
From: Taylor R Campbell <campbell+netbsd-source-changes-d%mumble.net@localhost>
Date: Thu, 30 Aug 2012 19:03:43 +0000

   Date: Thu, 30 Aug 2012 19:51:13 +0100
   From: David Laight <david%l8s.co.uk@localhost>

   FWIW which versions of memset() aren't 'constant time' ?
   Apart from ones that try not to dirty pages.

The issue with memset isn't timing attacks, but rather that the C
compiler is likely to optimize away the apparently useless memset from
code that looks like this, and thereby leave keys floating about in
RAM:

{
        char key[32];

        fetch_key(key);
        do_sekrit_stuff_with_key(key);
        memset(key, 0, sizeof key);
}

Hence explicit_{bzero,memset}, not consttime_{bzero,memset}, which are
supposed to be guaranteed not to be optimized away.

Follow-Ups:
- Re: CVS commit: src
  - From: David Laight

References:
- Re: CVS commit: src
  - From: David Laight

Prev by Date: Re: CVS commit: src
Next by Date: Re: CVS commit: src
Previous by Thread: Re: CVS commit: src
Next by Thread: Re: CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index