mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-23 20:15:19 -07:00
Remove memory shielding
That was a great idea to protect against information leak through speculative loads. Realistically, nobody is going to use this.
This commit is contained in:
parent
bf2238bbc4
commit
67a9e79655
@ -609,9 +609,7 @@ _sodium_mlock 0 0
|
||||
_sodium_mprotect_noaccess 0 0
|
||||
_sodium_mprotect_readonly 0 0
|
||||
_sodium_mprotect_readwrite 0 0
|
||||
_sodium_mshield 1 1
|
||||
_sodium_munlock 0 0
|
||||
_sodium_munshield 1 1
|
||||
_sodium_pad 1 1
|
||||
_sodium_runtime_has_aesni 0 0
|
||||
_sodium_runtime_has_armcrypto 0 0
|
||||
|
File diff suppressed because one or more lines are too long
@ -158,12 +158,6 @@ int sodium_mprotect_readonly(void *ptr) __attribute__ ((nonnull));
|
||||
SODIUM_EXPORT
|
||||
int sodium_mprotect_readwrite(void *ptr) __attribute__ ((nonnull));
|
||||
|
||||
SODIUM_EXPORT
|
||||
int sodium_mshield(void *ptr) __attribute__ ((nonnull));
|
||||
|
||||
SODIUM_EXPORT
|
||||
int sodium_munshield(void *ptr) __attribute__ ((nonnull));
|
||||
|
||||
SODIUM_EXPORT
|
||||
int sodium_pad(size_t *padded_buflen_p, unsigned char *buf,
|
||||
size_t unpadded_buflen, size_t blocksize, size_t max_buflen)
|
||||
|
@ -61,8 +61,6 @@ void *alloca (size_t);
|
||||
#define CANARY_SIZE 16U
|
||||
#define GARBAGE_VALUE 0xdb
|
||||
|
||||
#define SHIELDING_PREKEY_SIZE 16384U
|
||||
|
||||
#ifndef MAP_NOCORE
|
||||
# ifdef MAP_CONCEAL
|
||||
# define MAP_NOCORE MAP_CONCEAL
|
||||
@ -100,7 +98,6 @@ void *alloca (size_t);
|
||||
|
||||
static size_t page_size = DEFAULT_PAGE_SIZE;
|
||||
static unsigned char canary[CANARY_SIZE];
|
||||
static unsigned char shielding_prekey[SHIELDING_PREKEY_SIZE];
|
||||
|
||||
/* LCOV_EXCL_START */
|
||||
#ifdef HAVE_WEAK_SYMBOLS
|
||||
@ -418,11 +415,7 @@ _sodium_alloc_init(void)
|
||||
sodium_misuse(); /* LCOV_EXCL_LINE */
|
||||
}
|
||||
#endif
|
||||
COMPILER_ASSERT(sizeof shielding_prekey >= randombytes_SEEDBYTES);
|
||||
randombytes_buf(shielding_prekey, randombytes_SEEDBYTES);
|
||||
randombytes_buf_deterministic(canary, sizeof canary, shielding_prekey);
|
||||
shielding_prekey[0] ^= 0x01;
|
||||
randombytes_buf_deterministic(shielding_prekey, sizeof shielding_prekey, shielding_prekey);
|
||||
randombytes_buf(canary, CANARY_SIZE);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -735,48 +728,6 @@ sodium_mprotect_readwrite(void *ptr)
|
||||
return _sodium_mprotect(ptr, _mprotect_readwrite);
|
||||
}
|
||||
|
||||
#ifndef HAVE_PAGE_PROTECTION
|
||||
int
|
||||
sodium_mshield(void *ptr)
|
||||
{
|
||||
(void) ptr;
|
||||
errno = ENOSYS;
|
||||
return -1;
|
||||
}
|
||||
#else
|
||||
int
|
||||
sodium_mshield(void *ptr)
|
||||
{
|
||||
unsigned char shielding_key[crypto_stream_KEYBYTES];
|
||||
unsigned char nonce[crypto_stream_NONCEBYTES];
|
||||
unsigned char *base_ptr;
|
||||
unsigned char *unprotected_ptr;
|
||||
size_t unprotected_size;
|
||||
|
||||
unprotected_ptr = _unprotected_ptr_from_user_ptr(ptr);
|
||||
base_ptr = unprotected_ptr - page_size * 2U;
|
||||
memcpy(&unprotected_size, base_ptr, sizeof unprotected_size);
|
||||
|
||||
crypto_generichash(shielding_key, sizeof shielding_key,
|
||||
shielding_prekey, sizeof shielding_prekey, NULL, 0);
|
||||
COMPILER_ASSERT(sizeof nonce >= (sizeof unprotected_ptr) + (sizeof unprotected_size));
|
||||
memset(nonce, 0, sizeof nonce);
|
||||
memcpy(nonce, &unprotected_ptr, sizeof unprotected_ptr);
|
||||
memcpy(nonce + sizeof unprotected_ptr, &unprotected_size, sizeof unprotected_size);
|
||||
crypto_stream_xor(unprotected_ptr, unprotected_ptr, unprotected_size, nonce, shielding_key);
|
||||
sodium_memzero(shielding_key, sizeof shielding_key);
|
||||
sodium_memzero(nonce, sizeof nonce);
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
int
|
||||
sodium_munshield(void *ptr)
|
||||
{
|
||||
return sodium_mshield(ptr);
|
||||
}
|
||||
|
||||
int
|
||||
sodium_pad(size_t *padded_buflen_p, unsigned char *buf,
|
||||
size_t unpadded_buflen, size_t blocksize, size_t max_buflen)
|
||||
|
@ -41,32 +41,9 @@ int
|
||||
main(void)
|
||||
{
|
||||
void *buf;
|
||||
void *buf2;
|
||||
size_t size;
|
||||
unsigned int i;
|
||||
|
||||
size = randombytes_uniform(100U);
|
||||
if ((buf = sodium_malloc(size)) == NULL ||
|
||||
(buf2 = sodium_malloc(size)) == NULL) {
|
||||
return 1;
|
||||
}
|
||||
randombytes_buf(buf, size);
|
||||
memcpy(buf2, buf, size);
|
||||
errno = EINVAL;
|
||||
if (sodium_mshield(buf) != 0) {
|
||||
assert(errno == ENOSYS);
|
||||
} else {
|
||||
assert(size == 0U || memcmp(buf, buf2, size) != 0);
|
||||
}
|
||||
errno = EINVAL;
|
||||
if (sodium_munshield(buf) != 0) {
|
||||
assert(errno == ENOSYS);
|
||||
} else {
|
||||
assert(size == 0U || memcmp(buf, buf2, size) == 0);
|
||||
}
|
||||
sodium_free(buf2);
|
||||
sodium_free(buf);
|
||||
|
||||
if (sodium_malloc(SIZE_MAX - 1U) != NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
@ -685,9 +685,7 @@ sodium_mlock
|
||||
sodium_mprotect_noaccess
|
||||
sodium_mprotect_readonly
|
||||
sodium_mprotect_readwrite
|
||||
sodium_mshield
|
||||
sodium_munlock
|
||||
sodium_munshield
|
||||
sodium_pad
|
||||
sodium_runtime_has_aesni
|
||||
sodium_runtime_has_armcrypto
|
||||
|
Loading…
Reference in New Issue
Block a user