diff options
author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-08-17 10:48:36 +0300 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2013-08-17 10:48:36 +0300 |
commit | 79895b9459b9bf8c60cb7abf09d5bf16ed0cf6e3 (patch) | |
tree | 0035dd3032367dbfe389ad60d36214a29a2bb57c /src/misc.c | |
parent | cafadc1e4fb97581262b0081ba251e05613d4394 (diff) | |
download | libgcrypt-79895b9459b9bf8c60cb7abf09d5bf16ed0cf6e3.tar.gz |
Remove burn_stack optimization
* src/misc.c (_gcry_burn_stack): Remove SIZEOF_UNSIGNED_LONG == 4 or 8
optimization.
--
At least GCC 4.6 on Debian Wheezy (armhf) generates wrong code for burn_stack,
causing recursive structure to be transformed in to iterative without updating
stack pointer between iterations. Therefore only first 64 bytes of stack get
zeroed. This appears to be fixed in GCC 4.7, but lets play this safe and
remove this optimization.
Better approach would probably be to add architecture specific assembly
routine(s) that replace this generic function.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'src/misc.c')
-rw-r--r-- | src/misc.c | 27 |
1 files changed, 1 insertions, 26 deletions
@@ -290,35 +290,10 @@ _gcry_log_printhex (const char *text, const void *buffer, size_t length) void _gcry_burn_stack (int bytes) { -#if SIZEOF_UNSIGNED_LONG == 4 || SIZEOF_UNSIGNED_LONG == 8 - /* Optimized burn_stack for 32-bit and 64-bit architectures. In addition - to loop unrolling, compiler sees that writes are within 'buf' and - generation of stack-protection code is avoided. */ - volatile unsigned long buf[64 / SIZEOF_UNSIGNED_LONG]; - - buf[0] = 0; - buf[1] = 0; - buf[2] = 0; - buf[3] = 0; - buf[4] = 0; - buf[5] = 0; - buf[6] = 0; - buf[7] = 0; -# if SIZEOF_UNSIGNED_LONG == 4 - buf[8] = 0; - buf[9] = 0; - buf[10] = 0; - buf[11] = 0; - buf[12] = 0; - buf[13] = 0; - buf[14] = 0; - buf[15] = 0; -# endif -#else char buf[64]; wipememory (buf, sizeof buf); -#endif + bytes -= sizeof buf; if (bytes > 0) _gcry_burn_stack (bytes); |