WireGuard Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] device: in setZero, keep arr alive after being written to
@ 2019-07-31 13:36 nsajko
  2019-08-27 22:54 ` Jason A. Donenfeld
  0 siblings, 1 reply; 3+ messages in thread
From: nsajko @ 2019-07-31 13:36 UTC (permalink / raw)
  To: wireguard

[-- Attachment #1.1: Type: text/plain, Size: 979 bytes --]

This is to prevent dead store elimination.

See the discussion at
golang/go#33325 .

diff --git a/device/noise-helpers.go b/device/noise-helpers.go
index f5e4b4b..29430da 100644
--- a/device/noise-helpers.go
+++ b/device/noise-helpers.go
@@ -10,6 +10,7 @@ import (
 	"crypto/rand"
 	"crypto/subtle"
 	"hash"
+	"runtime"

 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/curve25519"
@@ -69,11 +70,16 @@ func isZero(val []byte) bool {
 	return acc == 1
 }

-/* This function is not used as pervasively as it should because this is mostly impossible in Go at the moment */
+/* This function is not used as pervasively as it should */
 func setZero(arr []byte) {
 	for i := range arr {
 		arr[i] = 0
 	}
+
+	// This should keep arr's backing array live and thus prevent dead store
+	// elimination, according to discussion at
+	// https://github.com/golang/go/issues/33325 .
+	runtime.KeepAlive(arr)
 }

 func (sk *NoisePrivateKey) clamp() {

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] device: in setZero, keep arr alive after being written to
  2019-07-31 13:36 [PATCH] device: in setZero, keep arr alive after being written to nsajko
@ 2019-08-27 22:54 ` Jason A. Donenfeld
  2019-08-27 23:02   ` Neven Sajko
  0 siblings, 1 reply; 3+ messages in thread
From: Jason A. Donenfeld @ 2019-08-27 22:54 UTC (permalink / raw)
  To: nsajko; +Cc: WireGuard mailing list

But this doesn't prevent the runtime from copying things to places we
can't control, right?
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] device: in setZero, keep arr alive after being written to
  2019-08-27 22:54 ` Jason A. Donenfeld
@ 2019-08-27 23:02   ` Neven Sajko
  0 siblings, 0 replies; 3+ messages in thread
From: Neven Sajko @ 2019-08-27 23:02 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

> But this doesn't prevent the runtime from copying things to places we
> can't control, right?

Correct.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, back to index

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-31 13:36 [PATCH] device: in setZero, keep arr alive after being written to nsajko
2019-08-27 22:54 ` Jason A. Donenfeld
2019-08-27 23:02   ` Neven Sajko

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git