Improve memory_cleanse documentation

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
2020-05-01 11:00:49 +12:00 · 2020-05-01 11:00:49 +12:00 · 8ea2f467cd
parent 6a4ff45e8a
commit 8ea2f467cd
1 changed files with 5 additions and 2 deletions
--- a/src/support/cleanse.cpp
+++ b/src/support/cleanse.cpp
@ -19,13 +19,16 @@ void memory_cleanse(void *ptr, size_t len)
 #else
    std::memset(ptr, 0, len);

-    /* Memory barrier that scares the compiler away from optimizing out the memset.
+    /* In order to prevent the compiler from optimizing out the memset, this uses an
+     * unremovable (see https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html#Volatile )
+     * asm block that the compiler must assume could access arbitary memory, including
+     * the zero bytes written by std::memset.
     *
     * Quoting Adam Langley <agl@google.com> in commit ad1907fe73334d6c696c8539646c21b11178f20f
     * in BoringSSL (ISC License):
     *    As best as we can tell, this is sufficient to break any optimisations that
     *    might try to eliminate "superfluous" memsets.
-     * This method is used in memzero_explicit() the Linux kernel, too. Its advantage is that it
+     * This method is used by memzero_explicit() in the Linux kernel, too. Its advantage is that it
     * is pretty efficient because the compiler can still implement the memset() efficiently,
     * just not remove it entirely. See "Dead Store Elimination (Still) Considered Harmful" by
     * Yang et al. (USENIX Security 2017) for more background.