add a memwipe function

It's meant to avoid being optimized out

memory_cleanse lifted from bitcoin
This commit is contained in:
moneromooo-monero 2017-10-26 10:16:48 +01:00
parent 8a8c918dc3
commit 000666ff78
No known key found for this signature in database
GPG Key ID: 686F07454D6CEFC3
6 changed files with 228 additions and 0 deletions

View File

@ -768,3 +768,11 @@ option(BUILD_GUI_DEPS "Build GUI dependencies." OFF)
option(INSTALL_VENDORED_LIBUNBOUND "Install libunbound binary built from source vendored with this repo." OFF)
include(CheckCCompilerFlag)
CHECK_C_COMPILER_FLAG(-std=c11 HAVE_C11)
include(CheckLibraryExists)
check_library_exists(c memset_s "string.h" HAVE_MEMSET_S)
check_library_exists(c explicit_bzero "strings.h" HAVE_EXPLICIT_BZERO)

View File

@ -35,6 +35,7 @@ set(common_sources
download.cpp
util.cpp
i18n.cpp
memwipe.c
password.cpp
perf_timer.cpp
threadpool.cpp
@ -63,6 +64,7 @@ set(common_private_headers
util.h
varint.h
i18n.h
memwipe.h
password.h
perf_timer.h
stack_trace.h
@ -90,5 +92,9 @@ target_link_libraries(common
${OPENSSL_LIBRARIES}
${EXTRA_LIBRARIES})
if(HAVE_C11)
SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11)
endif()
#monero_install_headers(common
# ${common_headers})

106
src/common/memwipe.c Normal file
View File

@ -0,0 +1,106 @@
// Copyright (c) 2017, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
// Parts of this file Copyright (c) 2009-2015 The Bitcoin Core developers
#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
#include <stdlib.h>
#ifdef HAVE_EXPLICIT_BZERO
#include <strings.h>
#endif
#include "memwipe.h"
#if defined(_MSC_VER)
#define SCARECROW \
__asm;
#else
#define SCARECROW \
__asm__ __volatile__("" : : "r"(ptr) : "memory");
#endif
#ifdef HAVE_MEMSET_S
void *memwipe(void *ptr, size_t n)
{
if (memset_s(ptr, n, 0, n))
{
abort();
}
SCARECROW // might as well...
return ptr;
}
#elif defined HAVE_EXPLICIT_BZERO
void *memwipe(void *ptr, size_t n)
{
explicit_bzero(ptr, n);
SCARECROW
return ptr;
}
#else
/* The memory_cleanse implementation is taken from Bitcoin */
/* Compilers have a bad habit of removing "superfluous" memset calls that
* are trying to zero memory. For example, when memset()ing a buffer and
* then free()ing it, the compiler might decide that the memset is
* unobservable and thus can be removed.
*
* Previously we used OpenSSL which tried to stop this by a) implementing
* memset in assembly on x86 and b) putting the function in its own file
* for other platforms.
*
* This change removes those tricks in favour of using asm directives to
* scare the compiler away. As best as our compiler folks can tell, this is
* sufficient and will continue to be so.
*
* Adam Langley <agl@google.com>
* Commit: ad1907fe73334d6c696c8539646c21b11178f20f
* BoringSSL (LICENSE: ISC)
*/
static void memory_cleanse(void *ptr, size_t len)
{
memset(ptr, 0, len);
/* As best as we can tell, this is sufficient to break any optimisations that
might try to eliminate "superfluous" memsets. If there's an easy way to
detect memset_s, it would be better to use that. */
SCARECROW
}
void *memwipe(void *ptr, size_t n)
{
memory_cleanse(ptr, n);
SCARECROW
return ptr;
}
#endif

41
src/common/memwipe.h Normal file
View File

@ -0,0 +1,41 @@
// Copyright (c) 2017, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
void *memwipe(void *src, size_t n);
#ifdef __cplusplus
}
#endif

View File

@ -49,6 +49,7 @@ set(unit_tests_sources
hashchain.cpp
http.cpp
main.cpp
memwipe.cpp
mnemonics.cpp
mul_div.cpp
parse_amount.cpp
@ -100,6 +101,8 @@ if (NOT MSVC)
COMPILE_FLAGS " -Wno-undef -Wno-sign-compare")
endif ()
SET_PROPERTY(SOURCE memwipe.cpp PROPERTY COMPILE_FLAGS -Ofast)
add_test(
NAME unit_tests
COMMAND unit_tests --data-dir "${TEST_DATA_DIR}")

View File

@ -0,0 +1,64 @@
// Copyright (c) 2017, The Monero Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "gtest/gtest.h"
#include <stdint.h>
#include "misc_log_ex.h"
#include "common/memwipe.h"
// Probably won't catch the optimized out case, but at least we test
// it works in the normal case
static void test(bool wipe)
{
char *foo = (char*)malloc(4);
ASSERT_TRUE(foo != NULL);
intptr_t foop = (intptr_t)foo;
strcpy(foo, "bar");
void *bar = wipe ? memwipe(foo, 3) : memset(foo, 0, 3);
ASSERT_EQ(foo, bar);
free(foo);
char *quux = (char*)malloc(4); // same size, just after free, so we're likely to get the same, depending on the allocator
if ((intptr_t)quux == foop)
{
MDEBUG(std::hex << std::setw(8) << std::setfill('0') << *(uint32_t*)quux);
if (wipe) ASSERT_TRUE(!memcmp(quux, "\0\0\0", 3));
}
else MWARNING("We did not get the same location, cannot check");
free(quux);
}
TEST(memwipe, control)
{
test(false);
}
TEST(memwipe, works)
{
test(true);
}