From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 8C47145CFC;
	Thu, 14 Nov 2024 02:11:47 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 89B2740ECF;
	Thu, 14 Nov 2024 02:11:43 +0100 (CET)
Received: from mail-pg1-f176.google.com (mail-pg1-f176.google.com
 [209.85.215.176])
 by mails.dpdk.org (Postfix) with ESMTP id ED3384025F
 for <dev@dpdk.org>; Thu, 14 Nov 2024 02:11:41 +0100 (CET)
Received: by mail-pg1-f176.google.com with SMTP id
 41be03b00d2f7-7eda47b7343so28947a12.0
 for <dev@dpdk.org>; Wed, 13 Nov 2024 17:11:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1731546701;
 x=1732151501; darn=dpdk.org; 
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=bW8HBO7gLfsolAq2tzIlG0iAIBalsxh39ciuZwHMQ9k=;
 b=yh+gPHzGPZiZdnD05rvW381B8zWv6uSsHV4zRcv7NzDmMft2v6+WMwlTVBChMdhAqI
 ljGJ06ZQHGgTzFKw+9DohkoOkXzXbAD2EZGuoridy8ArdPqo20ySjThKt698VIwhfYU7
 PhfQgMQn98FRFrxn05NNLg2Si1v55nKnUPWQokzC1tDyxMf4+jfHKKvj3VBOmLqJYaV0
 quGJc25Q17jiWtU57hr9gr4C+wwB/oIxxaYEElfuqKR6IVsG4JHhaoQ7oRjxipIiF8+W
 RkXFst0gDkFGLuV3bB0W17TsIrMtGxMdN5p7EUcUgATxSe0kuZAvMdAeBTr5hBONykbN
 RYZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1731546701; x=1732151501;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=bW8HBO7gLfsolAq2tzIlG0iAIBalsxh39ciuZwHMQ9k=;
 b=tmib+ciuqi/wr+gTX30JbOmIw++XYkbOCrNdpB2XvW009TohwmTodCsZ/VnLWItMCz
 JufQE1lUxZf7GEJWQRBi2Q2FYTecd99nDgHd2hBZuNa1BUm6oX1HWILCSC1P/mf2gdi5
 9mh4x2p0QBChatVpOl4Hr+KL7Sz2ACPUYzAm/ISk3OSfLs96RugON6XnbXA/E9h3gDt4
 Zi80p08XLbmsgjLHL6spNn7GNn/f65eBsTmw5GH4zsuOtIg/OpBCCXDLXrXcrLAeU06E
 hRpIICv5UeOjf2NwHq311eEh3S20McWcJHJpak27oV5FrCrYNVs3yrRwsFa+qS3eR8aj
 t0fg==
X-Gm-Message-State: AOJu0Yyw/Hu7Z6AQlQ2DJ9deZjBs7PBWJ+LNbZQE5E9kc4tIQItcTwqf
 ImdIiBiVtmUMIiZSfv6ZXsjVv4OZ+bpopMjuReUeNPxVUw7hV+StCrlNjO6IWZoQKq3d2KP97Q3
 N
X-Google-Smtp-Source: AGHT+IGRSMrU+iGI26u2Vy9K28mpbJ74pCHSZtpVWycIEjiLCc39WSnBkSreaJTthqvE22RkbS4nAg==
X-Received: by 2002:a05:6a20:6f9c:b0:1db:f601:f921 with SMTP id
 adf61e73a8af0-1dc22b97a51mr28049645637.45.1731546700972; 
 Wed, 13 Nov 2024 17:11:40 -0800 (PST)
Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226])
 by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7246a9a8102sm60950b3a.125.2024.11.13.17.11.40
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 13 Nov 2024 17:11:40 -0800 (PST)
From: Stephen Hemminger <stephen@networkplumber.org>
To: dev@dpdk.org
Cc: Stephen Hemminger <stephen@networkplumber.org>,
 Tyler Retzlaff <roretzla@linux.microsoft.com>
Subject: [PATCH 1/3] eal: introduce rte_memset_sensative
Date: Wed, 13 Nov 2024 17:10:16 -0800
Message-ID: <20241114011129.451243-2-stephen@networkplumber.org>
X-Mailer: git-send-email 2.45.2
In-Reply-To: <20241114011129.451243-1-stephen@networkplumber.org>
References: <20241114011129.451243-1-stephen@networkplumber.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

When memset() is used before a release function such as free,
the compiler if allowed to optimize the memset away under
the as-if rules. This is normally ok, but in certain cases such
as passwords or security keys it is problematic.

Introduce a DPDK wrapper which is equivalent to the C++ memset_s
function.  Naming chosen to be similar to kernel.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 lib/eal/include/rte_string_fns.h | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/lib/eal/include/rte_string_fns.h b/lib/eal/include/rte_string_fns.h
index 702bd81251..6f7dd85cbf 100644
--- a/lib/eal/include/rte_string_fns.h
+++ b/lib/eal/include/rte_string_fns.h
@@ -15,6 +15,7 @@
 #include <stdio.h>
 #include <string.h>
 
+#include <rte_atomic.h>
 #include <rte_common.h>
 #include <rte_compat.h>
 
@@ -149,6 +150,32 @@ rte_str_skip_leading_spaces(const char *src)
 	return p;
 }
 
+/**
+ * @warning
+ * @b EXPERIMENTAL: this API may change without prior notice.
+ *
+ * Fill memory with constant byte but can not be optimized away.
+ * Use as a replacement for memset() for sensitive information.
+ *
+ * @param dst
+ *   target buffer
+ * @param ch
+ *   byte to fill
+ * @param
+ *   number of bytes to fill
+ *
+ * @return
+ *  like memset() returns a pointer th the memory area dst.
+ */
+__rte_experimental
+static inline void *
+rte_memset_sensative(void *dst, int ch, size_t sz)
+{
+	void *ret = memset(dst, ch, sz);
+	rte_compiler_barrier();
+	return ret;
+}
+
 #ifdef __cplusplus
 }
 #endif
-- 
2.45.2