Date: Thu, 30 Aug 2012 19:51:13 +0100
From: David Laight <[email protected]>
FWIW which versions of memset() aren't 'constant time' ?
Apart from ones that try not to dirty pages.
The issue with memset isn't timing attacks, but rather that the C
compiler is likely to optimize away the apparently useless memset from
code that looks like this, and thereby leave keys floating about in
RAM:
{
char key[32];
fetch_key(key);
do_sekrit_stuff_with_key(key);
memset(key, 0, sizeof key);
}
Hence explicit_{bzero,memset}, not consttime_{bzero,memset}, which are
supposed to be guaranteed not to be optimized away.
