bitcoin/src/support/cleanse.cpp

// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2018 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <support/cleanse.h>

#include <cstring>

#if defined(_MSC_VER)
#include <Windows.h> // For SecureZeroMemory.
#endif

void memory_cleanse(void *ptr, size_t len)
{
#if defined(_MSC_VER)
    /* SecureZeroMemory is guaranteed not to be optimized out by MSVC. */
    SecureZeroMemory(ptr, len);
#else
    std::memset(ptr, 0, len);

    /* Memory barrier that scares the compiler away from optimizing out the memset.
     *
     * Quoting Adam Langley <agl@google.com> in commit ad1907fe73334d6c696c8539646c21b11178f20f
     * in BoringSSL (ISC License):
     *    As best as we can tell, this is sufficient to break any optimisations that
     *    might try to eliminate "superfluous" memsets.
     * This method is used in memzero_explicit() the Linux kernel, too. Its advantage is that it
     * is pretty efficient because the compiler can still implement the memset() efficiently,
     * just not remove it entirely. See "Dead Store Elimination (Still) Considered Harmful" by
     * Yang et al. (USENIX Security 2017) for more background.
     */
    __asm__ __volatile__("" : : "r"(ptr) : "memory");
#endif
}
openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00			`// Copyright (c) 2009-2010 Satoshi Nakamoto`
Update copyright headers to 2018 2018-07-26 18:36:45 -04:00			`// Copyright (c) 2009-2018 The Bitcoin Core developers`
openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00			`// Distributed under the MIT software license, see the accompanying`
			`// file COPYING or http://www.opensource.org/licenses/mit-license.php.`

scripted-diff: Replace #include "" with #include <> (ryanofsky) -BEGIN VERIFY SCRIPT- for f in \ src/.cpp \ src/.h \ src/bench/.cpp \ src/bench/.h \ src/compat/.cpp \ src/compat/.h \ src/consensus/.cpp \ src/consensus/.h \ src/crypto/.cpp \ src/crypto/.h \ src/crypto/ctaes/.h \ src/policy/.cpp \ src/policy/.h \ src/primitives/.cpp \ src/primitives/.h \ src/qt/.cpp \ src/qt/.h \ src/qt/test/.cpp \ src/qt/test/.h \ src/rpc/.cpp \ src/rpc/.h \ src/script/.cpp \ src/script/.h \ src/support/.cpp \ src/support/.h \ src/support/allocators/.h \ src/test/.cpp \ src/test/.h \ src/wallet/.cpp \ src/wallet/.h \ src/wallet/test/.cpp \ src/wallet/test/.h \ src/zmq/.cpp \ src/zmq/.h do base=${f%/}/ relbase=${base#src/} sed -i "s:#include \"\(.\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT- 2017-11-09 21:57:53 -03:00			`#include <support/cleanse.h>`
openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00
Switch memory_cleanse implementation to BoringSSL's to ensure memory clearing even with link-time optimization. The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency. Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible. BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f 2017-08-30 02:26:12 -03:00			`#include <cstring>`
openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00
Minimal code changes to allow msvc compilation. 2017-11-09 17:06:49 -03:00			`#if defined(_MSC_VER)`
			`#include <Windows.h> // For SecureZeroMemory.`
			`#endif`

openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00			`void memory_cleanse(void *ptr, size_t len)`
			`{`
Clean up logic in memory_cleanse() for MSVC Commit fbf327b13868861c2877c5754caf5a9816f2603c ("Minimal code changes to allow msvc compilation.") was indeed minimal in terms of lines touched. But as a result of that minimalism it changed the logic in memory_cleanse() to first call std::memset() and then additionally the MSVC-specific SecureZeroMemory() function, and it also moved a comment to the wrong location. This commit removes the superfluous call to std::memset() on MSVC and ensures that the comment is in the right position again. 2019-06-05 16:43:28 -04:00			`#if defined(_MSC_VER)`
Improve documentation of memory_cleanse() So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments. 2019-06-05 16:44:04 -04:00			`/* SecureZeroMemory is guaranteed not to be optimized out by MSVC. */`
Clean up logic in memory_cleanse() for MSVC Commit fbf327b13868861c2877c5754caf5a9816f2603c ("Minimal code changes to allow msvc compilation.") was indeed minimal in terms of lines touched. But as a result of that minimalism it changed the logic in memory_cleanse() to first call std::memset() and then additionally the MSVC-specific SecureZeroMemory() function, and it also moved a comment to the wrong location. This commit removes the superfluous call to std::memset() on MSVC and ensures that the comment is in the right position again. 2019-06-05 16:43:28 -04:00			`SecureZeroMemory(ptr, len);`
			`#else`
Switch memory_cleanse implementation to BoringSSL's to ensure memory clearing even with link-time optimization. The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency. Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible. BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f 2017-08-30 02:26:12 -03:00			`std::memset(ptr, 0, len);`

Improve documentation of memory_cleanse() So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments. 2019-06-05 16:44:04 -04:00			`/* Memory barrier that scares the compiler away from optimizing out the memset.`
			`*`
			`* Quoting Adam Langley <agl@google.com> in commit ad1907fe73334d6c696c8539646c21b11178f20f`
			`* in BoringSSL (ISC License):`
			`* As best as we can tell, this is sufficient to break any optimisations that`
			`* might try to eliminate "superfluous" memsets.`
			`* This method is used in memzero_explicit() the Linux kernel, too. Its advantage is that it`
			`* is pretty efficient because the compiler can still implement the memset() efficiently,`
			`* just not remove it entirely. See "Dead Store Elimination (Still) Considered Harmful" by`
			`* Yang et al. (USENIX Security 2017) for more background.`
			`*/`
Switch memory_cleanse implementation to BoringSSL's to ensure memory clearing even with link-time optimization. The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency. Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible. BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f 2017-08-30 02:26:12 -03:00			`__asm__ __volatile__("" : : "r"(ptr) : "memory");`
			`#endif`
openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 21:23:25 -03:00			`}`