From 48de9684b95e9aad03473fa1a00b640bbf428d12 Mon Sep 17 00:00:00 2001
From: kosaki <kosaki@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 1 Dec 2015 21:52:02 +0000
Subject: * missing/explicit_bzero.c: add ruby_explicit_bzero_hook_unused   for
 preventing optimization. Inspired from OpenBSD.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52839 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog                |  5 +++
 configure.in             |  4 +++
 missing/explicit_bzero.c | 80 +++++++++++++++++++++++++++++++-----------------
 3 files changed, 61 insertions(+), 28 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 4b6179ea78..86860d7192 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Wed Dec  2 06:47:25 2015  KOSAKI Motohiro  <kosaki.motohiro@gmail.com>
+
+	* missing/explicit_bzero.c: add ruby_explicit_bzero_hook_unused
+	  for preventing optimization. Inspired from OpenBSD.
+
 Tue Dec  1 23:36:39 2015  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* thread.c (rb_thread_setname): allow to reset thread name.
diff --git a/configure.in b/configure.in
index 2f8d4af02e..0f42782f55 100644
--- a/configure.in
+++ b/configure.in
@@ -1752,6 +1752,10 @@ RUBY_FUNC_ATTRIBUTE(deprecated, DEPRECATED)
 RUBY_FUNC_ATTRIBUTE(deprecated("by "@%:@n), DEPRECATED_BY(n,x), rb_cv_func_deprecated_by)
 RUBY_TYPE_ATTRIBUTE(deprecated mesg, DEPRECATED_TYPE(mesg,x), rb_cv_type_deprecated)
 RUBY_FUNC_ATTRIBUTE(noinline, NOINLINE)
+RUBY_FUNC_ATTRIBUTE(weak, WEAK, rb_cv_func_weak)
+if test "$rb_cv_func_weak" != x; then
+   AC_DEFINE(HAVE_FUNC_WEAK)
+fi
 
 if_i386=${universal_binary+[defined __i386__]}
 RUBY_FUNC_ATTRIBUTE(stdcall,  [], [], ${if_i386})
diff --git a/missing/explicit_bzero.c b/missing/explicit_bzero.c
index 99b2e2758c..061e72f800 100644
--- a/missing/explicit_bzero.c
+++ b/missing/explicit_bzero.c
@@ -5,11 +5,14 @@
 #include <windows.h>
 #endif
 
-/*
- *BSD have explicit_bzero().
- Windows, OS-X have memset_s().
- Linux has none. *Sigh*
-*/
+/* Similar to bzero(), but have a guarantee not to be eliminated from compiler
+   optimization. */
+
+/* OS support note:
+ * BSD have explicit_bzero().
+ * Windows, OS-X have memset_s().
+ * Linux has none. *Sigh*
+ */
 
 /*
  * Following URL explain why memset_s is added to the standard.
@@ -21,35 +24,56 @@
 #endif
 
 #ifndef HAVE_EXPLICIT_BZERO
-/* Similar to bzero(), but have a guarantee not to be eliminated from compiler
-   optimization. */
+ #ifdef HAVE_MEMSET_S
+void
+explicit_bzero(void *b, size_t len)
+{
+    memset_s(b, len, 0, len);
+}
+ #elif defined SecureZeroMemory
+void
+explicit_bzero(void *b, size_t len)
+{
+    SecureZeroMemory(b, len);
+}
+
+ #elif defined HAVE_FUNC_WEAK
+
+/* A weak function never be optimization away. Even if nobody use it. */
+WEAK(void ruby_explicit_bzero_hook_unused(void *buf, size_t len));
+void
+ruby_explicit_bzero_hook_unused(void *buf, size_t len)
+{
+}
+
+void
+explicit_bzero(void *b, size_t len)
+{
+    memset(b, len);
+    ruby_explicit_bzero_hook_unused(b, len);
+}
+
+ #else /* Your OS have no capability. Sigh. */
 
-#ifndef HAVE_MEMSET_S
 FUNC_UNOPTIMIZED(void explicit_bzero(void *b, size_t len));
-#endif
 #undef explicit_bzero
 
 void
 explicit_bzero(void *b, size_t len)
 {
-#ifdef HAVE_MEMSET_S
-    memset_s(b, len, 0, len);
-#elif defined SecureZeroMemory
-    SecureZeroMemory(b, len);
-#else
-    {
-	/*
-	 * TODO: volatile is not enough if compiler have a LTO (link time
-	 * optimization)
-	 */
-	volatile char* p = (volatile char*)b;
-
-	while(len) {
-	    *p = 0;
-	    p++;
-	    len--;
-	}
+    /*
+     * volatile is not enough if compiler have a LTO (link time
+     * optimization). At least, the standard provide no guarantee.
+     * However, gcc and major other compiler never optimization a volatile
+     * variable away. So, using volatile is practically ok.
+     */
+    volatile char* p = (volatile char*)b;
+
+    while(len) {
+	*p = 0;
+	p++;
+	len--;
     }
-#endif
 }
-#endif
+ #endif
+#endif /* HAVE_EXPLICIT_BZERO */
-- 
cgit v1.2.3