Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp8135pxx; Mon, 26 Oct 2020 01:44:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyOXBgNcn8q3QW3BZx8TxpMUdJWH7djMjEpJh6GSXFEDVEQKkCmK+JaDBFyP/N0MYPTdQao X-Received: by 2002:a05:6402:1482:: with SMTP id e2mr15071602edv.36.1603701869658; Mon, 26 Oct 2020 01:44:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603701869; cv=none; d=google.com; s=arc-20160816; b=XOOoCwUZ41XEbihbyBCnYahBlUNqSfzlQr5Ct/TRZDIa6DZC9Ued48Bu++SO4x3sol ImpAzTJbwcBopeg3i26Hs+i1pSY39h6jpJ1iIMZRUu/TQtd7ReHtUHK2bcNzxWnaH0Ma NErX8ePCgSjXSWl0xHOyyt2VP7W0xMrdWRWcR0r4KJZ76FYuNkqbIMpRCoj7/WkS0w/k WHg0QpDL+shNDccaRErsFo6eZenQ2KCAO0ebrYJtR1WgwPO/Voyh0qeNoRS+7YCw+S+j jZOVjRST4oC9r/x6b6c8ax2tPN6cWrcCdy5Fqg9rreVpvuVeLmF+oxgmvZ09c02t18LH c9iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=C9JYus3uUuOWiGivv7mQy4ogkvP1yMvEe/v6b/JHgLA=; b=Q98KvkSljjwYikfy3swEVZFqWc/F2+D8KqmPYYxZJE/oN4aqZpjFWETJPjj6SkE2Dg tJARFctAo9neFaKFudIyBTqXb6enx22FPjAVaJiFC3Q5f6qnow9nZ5m6LhVWMaA47FuM 6gVBtWa5Um2Lum0tzzywO3SxUb5mAjfwIzeuBX/63MPVLWVwUQaiZ88JGERVu6lqlv/b 5ZXN9JzAVdxuX+xjY6XXJcVilZZNOkFzqoMSiCTkvonsKGRHynzmx7vxVdSbnPkvDQX8 2Qf0VGyqf3h7WfWCj+kfLyGfo7mHCYQjmFjLjkBZDLADr9F1r5MAqNalgpZdqMknTuPd EUTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Z53RwD0Z; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s5si6506925edr.440.2020.10.26.01.44.06; Mon, 26 Oct 2020 01:44:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Z53RwD0Z; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1771096AbgJZH7t (ORCPT + 99 others); Mon, 26 Oct 2020 03:59:49 -0400 Received: from mail.kernel.org ([198.145.29.99]:60230 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1771094AbgJZH7t (ORCPT ); Mon, 26 Oct 2020 03:59:49 -0400 Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 812A9223FD; Mon, 26 Oct 2020 07:59:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1603699188; bh=jYdIdsNjmje85/OahkfgmIoyvbe7j1NvJRrBjFN21iY=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=Z53RwD0Z6csnVO5i7SxS2CqeGr/oh4P9GOxJ9u7fYuvL393DCMgdh57PsGab9s/7y jf8URi7JZMrVrk1NRNRC0qUronTeRiU8Bh+fpHGHMQ38hKFMywW0PNcsQQ4MQ9uUMJ bvJKlboiwWozqGVRjudaJziKOIVLtff2vk9KrHSs= Received: by mail-ot1-f42.google.com with SMTP id 32so7239660otm.3; Mon, 26 Oct 2020 00:59:48 -0700 (PDT) X-Gm-Message-State: AOAM532FMR4deOmLUh3jeX1oEF0Uw0KWBm04EbyUcBtzM6N8LqL65qHQ jzjoTRNtBnpY0BPZvFN924gMrD1RQIrwlDILt80= X-Received: by 2002:a05:6830:4028:: with SMTP id i8mr10154207ots.90.1603699187814; Mon, 26 Oct 2020 00:59:47 -0700 (PDT) MIME-Version: 1.0 References: <20201025143119.1054168-1-nivedita@alum.mit.edu> <20201025143119.1054168-4-nivedita@alum.mit.edu> In-Reply-To: <20201025143119.1054168-4-nivedita@alum.mit.edu> From: Ard Biesheuvel Date: Mon, 26 Oct 2020 08:59:37 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v4 3/6] crypto: lib/sha256 - Don't clear temporary variables To: Arvind Sankar Cc: Herbert Xu , "David S. Miller" , "linux-crypto@vger.kernel.org" , Eric Biggers , David Laight , Linux Kernel Mailing List , Eric Biggers Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Sun, 25 Oct 2020 at 15:31, Arvind Sankar wrote: > > The assignments to clear a through h and t1/t2 are optimized out by the > compiler because they are unused after the assignments. > > Clearing individual scalar variables is unlikely to be useful, as they > may have been assigned to registers, and even if stack spilling was > required, there may be compiler-generated temporaries that are > impossible to clear in any case. > > So drop the clearing of a through h and t1/t2. > > Signed-off-by: Arvind Sankar > Reviewed-by: Eric Biggers Acked-by: Ard Biesheuvel > --- > lib/crypto/sha256.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/lib/crypto/sha256.c b/lib/crypto/sha256.c > index d43bc39ab05e..099cd11f83c1 100644 > --- a/lib/crypto/sha256.c > +++ b/lib/crypto/sha256.c > @@ -202,7 +202,6 @@ static void sha256_transform(u32 *state, const u8 *input) > state[4] += e; state[5] += f; state[6] += g; state[7] += h; > > /* clear any sensitive info... */ > - a = b = c = d = e = f = g = h = t1 = t2 = 0; > memzero_explicit(W, 64 * sizeof(u32)); > } > > -- > 2.26.2 >