Re: Is kernel optimized with dead store removal?

Roel Kluin writes: According to http://cwe.mitre.org/data/slices/2000.html#14 due to optimization A call to memset() can be removed as a dead store when the buffer is not used after its value is overwritten. Does this optimization also occur during compilation of the Linux kernel? Then

Re: [PATCH] sha: prevent removal of memset as dead store in sha1_update()

On Thu, Feb 25, 2010 at 5:56 PM, Mikael Pettersson mi...@it.uu.se wrote: I fear that the only portable (across compiler versions) and safe solution is to invoke an assembly-coded dummy function with prototype        void use(void *p); and rewrite the code above as        {                

Re: [PATCH] sha: prevent removal of memset as dead store in sha1_update()

Pekka Enberg writes: On Thu, Feb 25, 2010 at 5:56 PM, Mikael Pettersson mi...@it.uu.se wrote: I fear that the only portable (across compiler versions) and safe solution is to invoke an assembly-coded dummy function with prototype        void use(void *p); and rewrite the code

Re: [PATCH] sha: prevent removal of memset as dead store in sha1_update()

On Thu, Feb 25, 2010 at 10:56 AM, Mikael Pettersson mi...@it.uu.se wrote: Roel Kluin writes:   Due to optimization A call to memset() may be removed as a dead store when   the buffer is not used after its value is overwritten.     Signed-off-by: Roel Kluin roel.kl...@gmail.com   ---   see

Re: Is kernel optimized with dead store removal?

Mikael Pettersson wrote: It's only vulnerable if the data leaks to a less trusted domain. There is no domain crossing in your user-space example. In the kernel case, the domain crossing would be as I wrote: leaking recycled and uninitialized memory to user-space (and those leaks of

Re: [PATCH] sha: prevent removal of memset as dead store in sha1_update()

Also from that document: If you know how large the accessed memory is, you can add it as input or output but if this is not known, you should add memory. As an example, if you access ten bytes of a string, you can use a memory input like: {m( ({ struct { char x[10]; } *p = (void

Re: Is kernel optimized with dead store removal?

On Thu, 25 Feb 2010, Mikael Pettersson wrote: In the sha1_update() case I don't know whether the stack is recycled and leaked - it may be dependent on the calling function, but isn't it vulnerable? It's only vulnerable if the data leaks to a less trusted domain. If it is anything you

Crypto Update for 2.6.34

Hi Linus: Here is the crypto update for 2.6.34: * New pcrypt module to spread crypto work across CPUs. * Added RFC4543 GCM support. * Added nomadik RNG driver. * MD5 export/import support. * Random fixes. Please pull from git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git