Add more protection to mbedtls_platform_zeroize Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

commit: ac3cf7c20b7df97293de6f1286e1dce4e181ef58 [log] [tgz]
author: Dave Rodgman <dave.rodgman@arm.com> Thu Aug 31 15:19:38 2023 +0100
committer: Dave Rodgman <dave.rodgman@arm.com> Fri Sep 01 10:09:31 2023 +0100
tree: 4283dc87318b8a08580c9364a24b8a598b4f1a98
parent: 6147511bc00d409ba350d5741ca6d4c6bd369239 [diff] [blame]
diff --git a/library/platform_util.c b/library/platform_util.c
index 63b7c41..d4574f4 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c

@@ -126,6 +126,15 @@
 #else
         memset_func(buf, 0, len);
 #endif
+
+#if defined(__GNUC__)
+        /* For clang and gcc, pretend that we have some assembly that reads the
+         * zero'd memory as an additional protection against being optimised away. */
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wvla"
+        asm volatile ("" : : "m" (*(char (*)[len]) buf) : );
+#pragma clang diagnostic pop
+#endif
     }
 }
 #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */
commit	ac3cf7c20b7df97293de6f1286e1dce4e181ef58	[log] [tgz]
author	Dave Rodgman <dave.rodgman@arm.com>	Thu Aug 31 15:19:38 2023 +0100
committer	Dave Rodgman <dave.rodgman@arm.com>	Fri Sep 01 10:09:31 2023 +0100
tree	4283dc87318b8a08580c9364a24b8a598b4f1a98
parent	6147511bc00d409ba350d5741ca6d4c6bd369239 [diff] [blame]