Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp928855pxu; Fri, 23 Oct 2020 17:41:52 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwIhC6oEWgD16T3rnwgu7VSSPYtRmN6uGa56Yn4wKyn0oR+cpZp5mgm5ppVzApfAaWnvbth X-Received: by 2002:a05:6402:b2e:: with SMTP id bo14mr4754431edb.111.1603500112080; Fri, 23 Oct 2020 17:41:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603500112; cv=none; d=google.com; s=arc-20160816; b=O9cjjCNSrBlW1bEFF4C2tvX7BlaQv2qPhqo/82Nd26Fp3lMTLKpCjadpqO8aT0DU69 k3+c8imt9vqf/EDVUnBOVjRZuDUH/nsP9D8YQHaL4HL1l3Xn+6jGOzP1aYudVkNsHFJd /xyoB2dcz7RWBkrOtf6vSgOcS8X8VBP1U/g3pBfKvsmzfFKPd4RmvSz+jm+/05K+Kdl9 pGbnEHlkkNYs4xgA77WirgYXB1tzun14+0koDb8MAyY4WRJJKjUomuF8Tj6bwSF5Pqb7 eUh4Ab982LnQKIkO3l+rfuEiA3vWcGWWYaHRu8cnRzqCRLnloc2zj9LH7CzhcFLmrQZM hrtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=U+LA12JOdNVZjrcJUP6e8ti5IMywhjshYMWleH+Jcrk=; b=0bnAXouqBWf3qOfBDnxyp1VPAdPJT9duSDiXxNfFrjw5WBRoy0BXCltKymCFKY+aHc zs72YXZl5vMArPknQVuycnUuuTfgOdgNua4JlQi4QoDncdFQWfb0LfhvDQI89vaEAm2I hKP2/bAcpvbMjvMZrktd23M6a2O4fIjkwzJXZ6Gh5bu30bEwHugoGGvAFVzP3pKamcqW mm+8UL/ij+koywAoLujDHpV/eaKsmFWST2U7Rpv/YXhGBfxrn9L8wR3Qh17IcE1vuBNJ OGGz1ycKx3RcW5ytP3KjSZ4qoAK65uWQYwsI/A5P0TW9+h1lB65LnO7Ra1W4CBmf0eVn 84yQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="xxb/GAjv"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d23si1918527edr.183.2020.10.23.17.41.28; Fri, 23 Oct 2020 17:41:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="xxb/GAjv"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757043AbgJWWL3 (ORCPT + 99 others); Fri, 23 Oct 2020 18:11:29 -0400 Received: from mail.kernel.org ([198.145.29.99]:56996 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757036AbgJWWL2 (ORCPT ); Fri, 23 Oct 2020 18:11:28 -0400 Received: from gmail.com (unknown [104.132.1.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 0AAA720724; Fri, 23 Oct 2020 22:11:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1603491088; bh=oYDdkAGeOEwqEQlJ3M1O6TGp5eWuctvbDWvQg3nFwJc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=xxb/GAjvsPxTRs76hmFkdHimX18DvXWGGDbMDdK7f2OEgLtOzJAp9fOMx79mW5KDW jrF+kplGKkYgHIb12ePKpXbDRPxWF5qKWHe+jO3D2Sf+yoFJccO/pd/9RPWaYrAw18 eywmcxbINrfrNIQN0OFWYyur+NOhGakeNv7rhJsE= Date: Fri, 23 Oct 2020 15:11:26 -0700 From: Eric Biggers To: Arvind Sankar Cc: Herbert Xu , "David S. Miller" , "linux-crypto@vger.kernel.org" , David Laight , linux-kernel@vger.kernel.org Subject: Re: [PATCH v3 2/5] crypto: lib/sha256 - Don't clear temporary variables Message-ID: <20201023221126.GB180517@gmail.com> References: <20201023192203.400040-1-nivedita@alum.mit.edu> <20201023192203.400040-3-nivedita@alum.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201023192203.400040-3-nivedita@alum.mit.edu> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Oct 23, 2020 at 03:22:00PM -0400, Arvind Sankar wrote: > The assignments to clear a through h and t1/t2 are optimized out by the > compiler because they are unused after the assignments. > > Clearing individual scalar variables is unlikely to be useful, as they > may have been assigned to registers, and even if stack spilling was > required, there may be compiler-generated temporaries that are > impossible to clear in any case. > > So drop the clearing of a through h and t1/t2. > > Signed-off-by: Arvind Sankar > --- > lib/crypto/sha256.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/lib/crypto/sha256.c b/lib/crypto/sha256.c > index d43bc39ab05e..099cd11f83c1 100644 > --- a/lib/crypto/sha256.c > +++ b/lib/crypto/sha256.c > @@ -202,7 +202,6 @@ static void sha256_transform(u32 *state, const u8 *input) > state[4] += e; state[5] += f; state[6] += g; state[7] += h; > > /* clear any sensitive info... */ > - a = b = c = d = e = f = g = h = t1 = t2 = 0; > memzero_explicit(W, 64 * sizeof(u32)); > } Looks good, Reviewed-by: Eric Biggers