glibc/include
Zack Weinberg ea1bd74def New string function explicit_bzero (from OpenBSD).
explicit_bzero(s, n) is the same as memset(s, 0, n), except that the
compiler is not allowed to delete a call to explicit_bzero even if the
memory pointed to by 's' is dead after the call.  Right now, this effect
is achieved externally by having explicit_bzero be a function whose
semantics are unknown to the compiler, and internally, with a no-op
asm statement that clobbers memory.  This does mean that small
explicit_bzero operations cannot be expanded inline as small memset
operations can, but on the other hand, small memset operations do get
deleted by the compiler.  Hopefully full compiler support for
explicit_bzero will happen relatively soon.

There are two new tests: test-explicit_bzero.c verifies the
visible semantics in the same way as the existing test-bzero.c,
and tst-xbzero-opt.c verifies the not-being-optimized-out property.
The latter is conceptually based on a test written by Matthew Dempsky
for the OpenBSD regression suite.

The crypt() implementation has an immediate use for this new feature.
We avoid having to add a GLIBC_PRIVATE alias for explicit_bzero
by running all of libcrypt's calls through the fortified variant,
__explicit_bzero_chk, which is in the impl namespace anyway.  Currently
I'm not aware of anything in libc proper that needs this, but the
glue is all in place if it does become necessary.  The legacy DES
implementation wasn't bothering to clear its buffers, so I added that,
mostly for consistency's sake.

	* string/explicit_bzero.c: New routine.
	* string/test-explicit_bzero.c, string/tst-xbzero-opt.c: New tests.
	* string/Makefile (routines, strop-tests, tests): Add them.
	* string/test-memset.c: Add ifdeffage for testing explicit_bzero.
	* string/string.h [__USE_MISC]: Declare explicit_bzero.

	* debug/explicit_bzero_chk.c: New routine.
	* debug/Makefile (routines): Add it.
	* debug/tst-chk1.c: Test fortification of explicit_bzero.
	* string/bits/string3.h: Fortify explicit_bzero.

	* manual/string.texi: Document explicit_bzero.
	* NEWS: Mention addition of explicit_bzero.

	* crypt/crypt-entry.c (__crypt_r): Clear key-dependent intermediate
	data before returning, using explicit_bzero.
	* crypt/md5-crypt.c (__md5_crypt_r): Likewise.
	* crypt/sha256-crypt.c (__sha256_crypt_r): Likewise.
	* crypt/sha512-crypt.c (__sha512_crypt_r): Likewise.

	* include/string.h: Redirect internal uses of explicit_bzero
	to __explicit_bzero_chk[_internal].
	* string/Versions [GLIBC_2.25]: Add explicit_bzero.
	* debug/Versions [GLIBC_2.25]: Add __explicit_bzero_chk.
	* sysdeps/arm/nacl/libc.abilist
	* sysdeps/unix/sysv/linux/aarch64/libc.abilist
	* sysdeps/unix/sysv/linux/alpha/libc.abilist
	* sysdeps/unix/sysv/linux/arm/libc.abilist
	* sysdeps/unix/sysv/linux/hppa/libc.abilist
	* sysdeps/unix/sysv/linux/i386/libc.abilist
	* sysdeps/unix/sysv/linux/ia64/libc.abilist
	* sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist
	* sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist
	* sysdeps/unix/sysv/linux/microblaze/libc.abilist
	* sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist
	* sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist
	* sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist
	* sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist
	* sysdeps/unix/sysv/linux/nios2/libc.abilist
	* sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist
	* sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist
	* sysdeps/unix/sysv/linux/powerpc/powerpc64/libc-le.abilist
	* sysdeps/unix/sysv/linux/powerpc/powerpc64/libc.abilist
	* sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist
	* sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist
	* sysdeps/unix/sysv/linux/sh/libc.abilist
	* sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist
	* sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist
	* sysdeps/unix/sysv/linux/tile/tilegx/tilegx32/libc.abilist
	* sysdeps/unix/sysv/linux/tile/tilegx/tilegx64/libc.abilist
	* sysdeps/unix/sysv/linux/tile/tilepro/libc.abilist
	* sysdeps/unix/sysv/linux/x86_64/64/libc.abilist
	* sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist:
	Add entries for explicit_bzero and __explicit_bzero_chk.
2016-12-16 16:21:54 -05:00
..
arpa Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
bits Installed-header hygiene (BZ#20366): time.h types. 2016-09-23 08:43:56 -04:00
gnu Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
net Fix resolver if_* namespace (bug 17717). 2014-12-16 18:18:49 +00:00
netinet Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
programs Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
protocols (abmon): Remove spaces. 1998-11-12 18:03:43 +00:00
rpc Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
rpcsvc Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
sys Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
aio.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
aliases.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
alloca.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
argp.h Update. 2000-12-28 15:08:51 +00:00
argz.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
assert.h Remove NOT_IN_libc 2014-11-24 15:03:45 +05:30
atomic.h Use C11-like atomics instead of plain memory accesses in x86 lock elision. 2016-12-05 16:19:43 +01:00
byteswap.h Update. 1998-04-10 10:52:25 +00:00
caller.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
complex.h conformtest: Fix namespace testing. 2013-09-04 20:47:21 +00:00
cpio.h Add more headers to include/ for conform tests. 2014-12-11 21:41:30 +00:00
crypt.h Add include/crypt.h. 2016-10-28 22:40:16 -04:00
ctype.h Rename bits/libc-tsd.h to libc-tsd.h (bug 14912). 2015-09-03 20:33:46 +00:00
des.h Update. 1998-03-24 10:39:42 +00:00
dirent.h Mark internal dirent functions hidden 2015-10-15 14:15:41 -07:00
dlfcn.h Mark _dl_catch_error hidden 2015-10-15 14:13:50 -07:00
elf.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
endian.h Update. 2001-03-30 05:34:59 +00:00
envz.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
err.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
errno.h Remove NOT_IN_libc 2014-11-24 15:03:45 +05:30
error.h Update. 1997-06-21 02:59:26 +00:00
execinfo.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
fcntl.h hurd: Do not hide rtld symbols which need to be preempted 2016-03-20 19:51:42 +01:00
features.h Make _REENTRANT and _THREAD_SAFE aliases for _POSIX_C_SOURCE=199506L. 2016-12-08 15:45:33 -05:00
fenv.h Mark fegetround pure (bug 16296). 2015-09-15 20:36:50 +00:00
fmtmsg.h Add more headers to include/ for conform tests. 2014-12-11 21:41:30 +00:00
fnmatch.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
fpu_control.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
ftw.h Update. 1997-06-21 02:59:26 +00:00
gconv.h Update. 1997-11-18 02:50:07 +00:00
getopt_int.h Update. 2004-03-09 10:36:53 +00:00
getopt.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
glob.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
gmp.h * include/gmp.h: Include/gmp-mparam.h. * stdlib/strtod.c: Include gmp-mparam.h before gmp.h and gmp-impl.h. 2003-03-14 05:48:18 +00:00
gnu-versions.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
grp-merge.h NSS: Implement group merging support. 2016-04-29 22:18:21 -04:00
grp.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
gshadow.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
iconv.h Update. 1999-08-21 00:38:15 +00:00
ifaddrs.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
ifunc-impl-list.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
inline-hashtab.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
langinfo.h Add first fixes for conformtest for POSIX2008 2012-02-26 21:32:56 -05:00
libc-internal.h Bug 20729: Fix building with -Os. 2016-10-29 23:50:56 -04:00
libc-symbols.h Make _REENTRANT and _THREAD_SAFE aliases for _POSIX_C_SOURCE=199506L. 2016-12-08 15:45:33 -05:00
libgen.h Update. 1997-06-21 02:59:26 +00:00
libintl.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
libio.h Rename bits/stdio-lock.h to stdio-lock.h (bug 14912). 2015-09-04 16:21:14 +00:00
limits.h Fix LONG_WIDTH, ULONG_WIDTH include ordering issue. 2016-10-04 16:17:59 +00:00
link.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
list.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
locale.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
malloc.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
math.h Fix lgamma setting signgam for ISO C (bug 15421). 2015-11-20 22:49:59 +00:00
mcheck.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
memory.h Update. 1997-06-21 02:59:26 +00:00
mntent.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
monetary.h Add first fixes for conformtest for POSIX2008 2012-02-26 21:32:56 -05:00
mqueue.h Fix mq_receive, mq_send mq_timed* namespace (bug 18545). 2015-06-17 20:19:04 +00:00
netdb.h Fix h_errno namespace (bug 18520). 2015-06-12 10:10:18 +00:00
netgroup.h Update. 1997-06-21 02:59:26 +00:00
nl_types.h Update. 1997-12-22 20:53:38 +00:00
nss.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
nsswitch.h Update. 1997-06-21 02:59:26 +00:00
obstack.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
poll.h Update. 2000-08-21 16:02:48 +00:00
printf.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
pthread.h Fix mq_notify pthread_barrier_* namespace (bug 18544). 2015-06-17 20:16:56 +00:00
pty.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
pwd.h Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724] 2015-10-02 11:34:13 +02:00
regex.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
resolv.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
rounding-mode.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
sched.h posix: New Linux posix_spawn{p} implementation 2016-03-07 11:53:47 +07:00
scratch_buffer.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
search.h Fix sem_* tdelete, tfind, tsearch, twalk namespace (bug 18536). 2015-06-17 20:11:58 +00:00
set-hooks.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
setjmp.h Mark internal setjmp functions hidden 2015-10-15 14:22:25 -07:00
sgtty.h Update. 1997-06-21 02:59:26 +00:00
shadow.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
shlib-compat.h Add support for referencing specific symbol versions 2016-08-02 17:18:08 +02:00
signal.h Mark ld.so internel sigaction functions hidden 2015-10-15 14:23:31 -07:00
spawn.h Update. 2000-10-01 19:15:29 +00:00
stab.h Update. 1997-06-21 02:59:26 +00:00
stackinfo.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
stap-probe.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
stdc-predef.h Revert __malloc_initialize_hook symbol poisoning 2016-06-20 11:11:29 +02:00
stdio_ext.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
stdio.h Fix crypt snprintf namespace (bug 20829). 2016-11-16 22:46:48 +00:00
stdlib.h Refactor strtod parsing of NaN payloads. 2015-11-24 22:24:52 +00:00
string.h New string function explicit_bzero (from OpenBSD). 2016-12-16 16:21:54 -05:00
strings.h Update. 1997-06-21 02:59:26 +00:00
stropts.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
stubs-prologue.h * sysdeps/generic/bits/libc-tsd.h [USE___THREAD]: Conditional 2002-10-11 10:52:20 +00:00
syscall.h Update. 1997-06-21 02:59:26 +00:00
sysexits.h Update. 1997-06-21 02:59:26 +00:00
syslog.h Update. 1997-06-21 02:59:26 +00:00
tar.h Update. 1997-06-21 02:59:26 +00:00
termios.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
tgmath.h Update. 1998-09-06 23:45:24 +00:00
time.h Installed-header hygiene (BZ#20366): time.h types. 2016-09-23 08:43:56 -04:00
ttyent.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
uchar.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
ucontext.h Update. 1999-10-12 18:17:41 +00:00
ulimit.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
unistd.h Fix hurd __access_noerrno implementation. 2016-11-18 16:49:08 -02:00
utime.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
utmp.h Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
values.h Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
wchar.h Use __typeof instead of typeof 2016-06-04 09:19:09 +02:00
wctype.h Fix regex wctype namespace (bug 18495). 2015-06-05 20:04:47 +00:00
wordexp.h First steps to get conformtest fully working 2012-02-25 23:18:39 -05:00
xlocale.h Update. 1997-06-21 02:59:26 +00:00