Add a common function for zeroing sensitive data
Encryption keys and passwords are sensitive data and as such should be cleared
when no longer used to prevent memory attacks.
According to the "as-if" rule, the compiler is allowed to perform any changes to
the program as long as the observable behavior of the program is not
changed. Since the contents of unused memory are not considered an observable
behavior the compiler is allowed to optimize out the call to memset(). The
following solutions were considered:
- Reading the memory after overwriting it with memset(). Since reading the
memory has no observable effects it's perfectly legal for the compiler to
remove both operations.
- Using volatile asembly code to prevent optimization. It may prevent some
compilers from optimizing but there's no guarantee.
- Using volatile funtion pointer to memset. Apparently, it can be optimized as
well during LTO.
- Using memcpy_s(). The function is not widely available yet. It may be missing
so we still need a fallback solution.
- Locally disabling optimization with #pragma GCC optimize("O0"). It's GCC
specific and it's not clear whether GCC will try to optimize it with
"O0". Empirical test showed that memset() call is not removed.
This commit applies the last solution adding a new unoptimized wrapper for
memset().
Note that this commit will not prevent the processor from creating another copy
of the sensitive data in registers, on the stack, in swap or in cache memory. It
will only limit the number of places in memory where the secret data can be
found.
Change-Id: I80fe8ce8ce3d808b423858254d6fd23f491d2674