From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) by sourceware.org (Postfix) with ESMTPS id 35F733858D32 for ; Thu, 1 Dec 2022 11:34:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 35F733858D32 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-ej1-x62c.google.com with SMTP id o13so3534771ejm.1 for ; Thu, 01 Dec 2022 03:34:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eBajHKFCggSDwfbnslz0LBNuUaKuLY3cfOZRFMVsFik=; b=e0fj++GxfgXzqRZFHoNy9B5yWMcIQEym2GGCUTAHnaV9LE8ZDql8hO9M2Cbykx7LZ/ wiFKMyv4KI2hg0jeBdRx9P33IxMksms00kJs59iE9gJ7Xfz8xgBHXbPVgW+FePGroMoC UjJo61kRZqIp5ELlz5/+87TSO8jpbLP5kv6LCMpE6dHqMtYwP9EG6VIEt/v+WuUV9J8A DmC9AEUEhhWwAXSxX2nNDUKRDH1+asanAuBCOCi+Q/nfcnNvNcrSmE9mvrvQRoLEvXPg U4KmuE3Ip55tJ9eh8ulnB2kUTczVCqo19tkR1pcnJuijGzkN07bIshkMdRhJEkA2Dm/C eThw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eBajHKFCggSDwfbnslz0LBNuUaKuLY3cfOZRFMVsFik=; b=z3uSLhkkLuYjC4BW062azpmy7Z3cSWr9RS8cwjh6A9WoZOEmBXbCzIHzAvbTUKxtIP CV2q/CxbBpV+kjDCH1fsnoFP9jLQHEUnCn5nyE1YslxJUbTOT8ynW091OmDcr5YISUl8 MtbQhCUXHjNhZ+uUusoXISzw/lp3KQxKaeq8FGszQ9kF6q94vYSPyjbatZ6iUW0dcs3x B+VT0qgko2PTZ06SZOkNqyJ7NYHaj4K0VXLdx44q5NXb/0JWYHebjOSVecHrB8HZAdPA 2vgsGXOpUOpU0aKdIaX65wYL+aQKUjSzb8pWWVugE+0AlHFZaxaXR1Cqx51KEKJk+ogh M6ZA== X-Gm-Message-State: ANoB5pn0th4BpE40LU35FdxYfZj56dZa3RYWId3cmILcFGuq/21Q76RL VXE68KAApHHH2ydOtICLhtc3KAsXC4OwOPrRVYK7+9vtoqg= X-Google-Smtp-Source: AA0mqf7QGW/WCwSFCKb2+yoWnbhBtbgdzri2TjCbwQCPH0yo4kHD41fHICywhh7xgF5FCwjidfLbOQSY6bpxA3LTSFc= X-Received: by 2002:a17:907:cf84:b0:78d:4795:ff1f with SMTP id ux4-20020a170907cf8400b0078d4795ff1fmr9911169ejc.331.1669894454872; Thu, 01 Dec 2022 03:34:14 -0800 (PST) MIME-Version: 1.0 References: <4366aeb5-7fdb-6fa4-b0f5-ebe74c1d4fb2@jguk.org> <178e21a7-8e34-7240-5d53-c2783451b9a9@jguk.org> In-Reply-To: From: Jonathan Wakely Date: Thu, 1 Dec 2022 11:34:03 +0000 Message-ID: Subject: Re: Avoiding stack buffer clear being optimised out To: Jonny Grant Cc: gcc-help Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, 1 Dec 2022 at 11:31, Jonathan Wakely wrote: > > On Thu, 1 Dec 2022 at 10:44, Jonny Grant wrote: > > Thank you Jonathan and David for your replies. > > > > That "noipa" looks to have sorted this issue > > > > https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html > > > > That page also suggests "noinline" attribute which seems to suggest I'd need to add asm (""); in each wrapper of memset() > > I already used the noinline attribute in my example above. > > > I'd much rather have memset_s - Jonathan, do you think GCC could add some built-in functions for memset_s ? __builtin_memset_s() would be great. > > No. > > But C2x adds a memset_explicit function that does what you want, so > that should arrive in glibc soonish. > I thought it had been added, but was searching the C2x draft for > "memset_secure" and other incorrect names. > > https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2631.htm was the > proposal adding it. Ah, and that proposal links to an example implementation which uses glibc's explicit_bzero which already exists (since glibc 2.25, and also in some BSDs) and does what you want. https://github.com/ojeda/secure_clear/blob/master/example-implementation/secure_clear.h