Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Zeroize Registers #1404

Closed
wants to merge 1 commit into from
Closed

Zeroize Registers #1404

wants to merge 1 commit into from

Conversation

ghost
Copy link

@ghost ghost commented Aug 19, 2024

References:

sodium_memzero.s

	.arch armv8-a
	.file	"sodium_memzero.c"
	.text
	.align	2
	.global	sodium_memzero
	.type	sodium_memzero, %function
sodium_memzero:
.LFB0:
	.cfi_startproc
	sub	sp, sp, #32
	.cfi_def_cfa_offset 32
	str	x0, [sp, 8]
	str	x1, [sp]
	ldr	x0, [sp, 8]
	str	x0, [sp, 16]
	str	xzr, [sp, 24]
	b	.L2
.L3:
	ldr	x1, [sp, 16]
	ldr	x0, [sp, 24]
	add	x2, x0, 1
	str	x2, [sp, 24]
	add	x0, x1, x0
	strb	wzr, [x0]
.L2:
	ldr	x1, [sp, 24]
	ldr	x0, [sp]
	cmp	x1, x0
	bcc	.L3
	nop
	nop
	add	sp, sp, 32
	.cfi_def_cfa_offset 0
	mov	x0, 0
	mov	x1, 0
	mov	x2, 0
	mov	x3, 0
	mov	x4, 0
	mov	x5, 0
	mov	x6, 0
	mov	x7, 0
	mov	x8, 0
	mov	x9, 0
	mov	x10, 0
	mov	x11, 0
	mov	x12, 0
	mov	x13, 0
	mov	x14, 0
	mov	x15, 0
	mov	x16, 0
	mov	x17, 0
	mov	x18, 0
	movi	v0.2d, #0
	movi	v1.2d, #0
	movi	v2.2d, #0
	movi	v3.2d, #0
	movi	v4.2d, #0
	movi	v5.2d, #0
	movi	v6.2d, #0
	movi	v7.2d, #0
	movi	v16.2d, #0
	movi	v17.2d, #0
	movi	v18.2d, #0
	movi	v19.2d, #0
	movi	v20.2d, #0
	movi	v21.2d, #0
	movi	v22.2d, #0
	movi	v23.2d, #0
	movi	v24.2d, #0
	movi	v25.2d, #0
	movi	v26.2d, #0
	movi	v27.2d, #0
	movi	v28.2d, #0
	movi	v29.2d, #0
	movi	v30.2d, #0
	movi	v31.2d, #0
	ret
	.cfi_endproc
.LFE0:
	.size	sodium_memzero, .-sodium_memzero
	.ident	"GCC: (Debian 12.2.0-14) 12.2.0"
	.section	.note.GNU-stack,"",@progbits

@jedisct1
Copy link
Owner

The sodium_stackzero() function would make more sense for zeroing registers.

This feature is not implemented on all architectures, and there may be discrepancies between what architectures gcc and clang implement. Patched compiler versions such as OpenBD's. may also behave differently.

So, it should probably be checked by autoconf and defined in the build.zig file prior to being used.

@jedisct1 jedisct1 marked this pull request as draft August 25, 2024 21:58
@ghost
Copy link
Author

ghost commented Aug 26, 2024

Okay, what about a dedicated function?

#ifdef HAVE_ZERO_CALL_USED_REGS
__attribute__((zero_call_used_regs("all")))
#endif
void sodium_regszero(void) { return; }
	.arch armv8-a
	.file	"sodium_regszero.c"
	.text
	.align	2
	.global	sodium_regszero
	.type	sodium_regszero, %function
sodium_regszero:
.LFB0:
	.cfi_startproc
	nop
	mov	x0, 0
	mov	x1, 0
	mov	x2, 0
	mov	x3, 0
	mov	x4, 0
	mov	x5, 0
	mov	x6, 0
	mov	x7, 0
	mov	x8, 0
	mov	x9, 0
	mov	x10, 0
	mov	x11, 0
	mov	x12, 0
	mov	x13, 0
	mov	x14, 0
	mov	x15, 0
	mov	x16, 0
	mov	x17, 0
	mov	x18, 0
	movi	v0.2d, #0
	movi	v1.2d, #0
	movi	v2.2d, #0
	movi	v3.2d, #0
	movi	v4.2d, #0
	movi	v5.2d, #0
	movi	v6.2d, #0
	movi	v7.2d, #0
	movi	v16.2d, #0
	movi	v17.2d, #0
	movi	v18.2d, #0
	movi	v19.2d, #0
	movi	v20.2d, #0
	movi	v21.2d, #0
	movi	v22.2d, #0
	movi	v23.2d, #0
	movi	v24.2d, #0
	movi	v25.2d, #0
	movi	v26.2d, #0
	movi	v27.2d, #0
	movi	v28.2d, #0
	movi	v29.2d, #0
	movi	v30.2d, #0
	movi	v31.2d, #0
	ret
	.cfi_endproc
.LFE0:
	.size	sodium_regszero, .-sodium_regszero
	.ident	"GCC: (Debian 12.2.0-14) 12.2.0"
	.section	.note.GNU-stack,"",@progbits

@ghost ghost changed the title Also zeroize registers on sodium_memzero Zeroize Registers Aug 26, 2024
@jedisct1
Copy link
Owner

Okay, what about a dedicated function?

That would be too painful to use.

@jedisct1
Copy link
Owner

Also, this compiler feature is only going to zero registers for a given CPU class.

If we compile for baseline x86_64, it's not going to zero any of the AVX2 or AVX512 registers.

So, we can do it as an undocumented bonus in stackzero() but having a dedicated function would be a bit of a lie.

@jedisct1 jedisct1 closed this Sep 18, 2024
Repository owner locked and limited conversation to collaborators Dec 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant