When memset() is used before a release function such as free,
the compiler if allowed to optimize the memset away under
the as-if rules. This is normally ok, but in certain cases such
as passwords or security keys it is problematic.
Introduce a DPDK wrapper which is equivalent to the C++ memset_s
function. Naming chosen to be similar to kernel.
Signed-off-by: Stephen Hemminger <step...@networkplumber.org>
---
lib/eal/include/rte_string_fns.h | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/lib/eal/include/rte_string_fns.h b/lib/eal/include/rte_string_fns.h
index 702bd81251..6f7dd85cbf 100644
--- a/lib/eal/include/rte_string_fns.h
+++ b/lib/eal/include/rte_string_fns.h
@@ -15,6 +15,7 @@
#include <stdio.h>
#include <string.h>
+#include <rte_atomic.h>
#include <rte_common.h>
#include <rte_compat.h>
@@ -149,6 +150,32 @@ rte_str_skip_leading_spaces(const char *src)
return p;
}
+/**
+ * @warning
+ * @b EXPERIMENTAL: this API may change without prior notice.
+ *
+ * Fill memory with constant byte but can not be optimized away.
+ * Use as a replacement for memset() for sensitive information.
+ *
+ * @param dst
+ * target buffer
+ * @param ch
+ * byte to fill
+ * @param
+ * number of bytes to fill
+ *
+ * @return
+ * like memset() returns a pointer th the memory area dst.
+ */
+__rte_experimental
+static inline void *
+rte_memset_sensative(void *dst, int ch, size_t sz)
+{
+ void *ret = memset(dst, ch, sz);
+ rte_compiler_barrier();
+ return ret;
+}
+
#ifdef __cplusplus
}
#endif
--
2.45.2
