Page MenuHomePhabricator

Switch memory_cleanse implementation to BoringSSL's
ClosedPublic

Authored by Fabien on May 19 2020, 12:33.

Details

Summary

...to ensure memory clearing even with link-time optimization.

The implementation we currently use from OpenSSL prevents the compiler
from optimizing away clensing operations on blocks of memory that are
about to be released, but this protection is not extended to link-time
optimization. This commit copies the solution cooked up by Google
compiler engineers which uses inline assembly directives to instruct the
compiler not to optimize out the call under any circumstances. As the
code is in-lined, this has the added advantage of removing one more
OpenSSL dependency.

Regarding license compatibility, Google's contributions to BoringSSL
library, including this code, is made available under the ISC license,
which is MIT compatible.

BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f

Backport of core PR11196.

Test Plan
ninja all check

Run the windows Gitian build.

Event Timeline

Fabien requested review of this revision.May 19 2020, 12:33

[Bot Message]
One or more PR numbers were detected in the summary.
Links to those PRs have been inserted into the summary for reference.

deadalnix added a subscriber: deadalnix.
deadalnix added inline comments.
src/support/cleanse.cpp
10 ↗(On Diff #20260)

two stars

31 ↗(On Diff #20260)

dito

This revision is now accepted and ready to land.May 19 2020, 12:41