From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/6929
Path: news.gmane.org!not-for-mail
From: =?UTF-8?Q?Daniel_Cegie=C5=82ka?= <daniel.cegielka@gmail.com>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: thoughts on reallocarray, explicit_bzero?
Date: Thu, 29 Jan 2015 10:30:40 +0100
Message-ID: <CAPLrYEQDw-afOSS+o4Z82LsZRaUyJn+x18d_qVO5BO13aV-GgA@mail.gmail.com>
References: <20140519153130.GA519@muslin> <CAPLrYESpEg_yvyn0odnnr9=0Fg3Ussg7cHH=om1G_yvb8zsQ8Q@mail.gmail.com>
 <20140519161654.GO507@brightrain.aerifal.cx> <CAPLrYERjMhKWP4pQ6-b7SsNFXcQPaJkRHvspzvtUw3ezuj2ABw@mail.gmail.com>
 <CAPLrYETk3dT8EnCbqts1u3FYO=iPP7SBop2J_wixk87isR7PPQ@mail.gmail.com>
 <20150129021919.GM4574@brightrain.aerifal.cx> <CAPDERwo886JY55T9hokUeNiV9dHBxTmZaSTq82WBQun+pLqouw@mail.gmail.com>
 <20150129041509.GN4574@brightrain.aerifal.cx>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Trace: ger.gmane.org 1422523880 16272 80.91.229.3 (29 Jan 2015 09:31:20 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Thu, 29 Jan 2015 09:31:20 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-6942-gllmg-musl=m.gmane.org@lists.openwall.com Thu Jan 29 10:31:17 2015
Return-path: <musl-return-6942-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@m.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-6942-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1YGlRT-0002JY-Ea
	for gllmg-musl@m.gmane.org; Thu, 29 Jan 2015 10:31:15 +0100
Original-Received: (qmail 3099 invoked by uid 550); 29 Jan 2015 09:31:13 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 3091 invoked from network); 29 Jan 2015 09:31:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=/tJcfr1cNGmjrIfHkwDKgyPpd0vkroFxj3rBRnNBAWg=;
        b=JoWFJOe5GLIm72XcYXZYj43dn77T0VfOolQFhMEMEKJ6spm504DzKC5lkYwzew6tZe
         EgVFWcOqU9MXdAxynOj4NXmXLsHXJONXiBfIWbT82M+BgWq87jQRVhH7VziVlDXQeWuu
         bBZjBl1O4KjjI96a2r2cbRoIWnb/o6/0G9eGtgR+mrj99RaFLZfS5O8sp96sbsA7NRmN
         R4VGJygyWCGxoFJEhQ+8NdLbs+widiZJ2qa90CWPLokQlEehTnX5CETpD1w8/rxlWF9C
         Z4I0ycC2kjl7fR/3uf+B2dVYNQj37De8JXu89KkyVyZcHtJ4Hw0W4biNxFvMa2OHnCI+
         OtTQ==
X-Received: by 10.182.191.6 with SMTP id gu6mr5034960obc.36.1422523861122;
 Thu, 29 Jan 2015 01:31:01 -0800 (PST)
In-Reply-To: <20150129041509.GN4574@brightrain.aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:6929
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/6929>

The concept of safe memory cleaning was mostly promoted by
cryptographic libraries - eg. secure_memzero(). Unfortunately, we have
currently too many interfaces for the same functionality: memset_s(),
secure_memzero(), explicit_bzero(), memzero_explicit(). This is why I
believe that OpenBSD (and linux developers) goes bad path, introducing
yet another secure_memzero(). A better solution would be to promote a
single standard (eg. memset_s()) and the expectation that the compiler
will respect it.

summing up: we have several options:

* volatile based, but fails with LTO
http://openwall.com/lists/musl/2014/05/19/5

* weak symbols based (from Matthew Dempsky):
https://plus.google.com/+MatthewDempsky/posts/KQHFBouxurX
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/string/explicit_bzero.c?rev=1.3&content-type=text/x-cvsweb-markup

* barrier based, but with asm inline:
http://openwall.com/lists/musl/2015/01/28/34

Is the musl will support this feature to improve compatibility with BSD?

Daniel