secmem-alloc 0.2.0

Custom allocators for secret memory
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

use super::*;

fn test_b127_zeroizer<Z: MemZeroizer>(z: Z) {
    let mut array: [u8; 127] = [0xAF; 127];
    let ptr: *mut u8 = (&mut array[..]).as_mut_ptr();
    unsafe {
        z.zeroize_mem(ptr, 127);
    }
    assert_eq!(array, [0u8; 127]);
}

fn test_b239_lowalign_zeroizer<Z: MemZeroizer>(z: Z) {
    // ensure we get 8 byte aligned memory
    let mut array: [u64; 30] = [0x_AFAFAFAF_AFAFAFAF; 30];

    // zeroize everything but the first byte, so the pointer to the memory will have
    // an alignment of 1 byte

    let array_ptr: *mut u64 = (&mut array[..]).as_mut_ptr();
    // 1 byte aligned; SAFETY: resulting `ptr` still pointing in array
    let ptr: *mut u8 = unsafe { array_ptr.cast::<u8>().add(1) };
    // this should still be safe
    unsafe { z.zeroize_mem(ptr, 30 * 8 - 1) };

    let mut expected: [u64; 30] = [0; 30];
    expected[0] = u64::from_ne_bytes([0x_AF, 0, 0, 0, 0, 0, 0, 0]);
    assert_eq!(&array[..], &expected[..]);
}

#[cfg(feature = "nightly_core_intrinsics")]
#[test]
fn test_b127_volatile_memset_zeroizer() {
    test_b127_zeroizer(VolatileMemsetZeroizer);
}

#[cfg(any(
    target_os = "freebsd",
    target_os = "dragonfly",
    target_os = "openbsd",
    target_os = "netbsd",
    target_os = "macos",
    target_os = "ios",
    target_env = "gnu",
    target_env = "musl"
))]
#[test]
#[cfg_attr(miri, ignore)] // ffi
fn test_b127_libc_zeroizer() {
    test_b127_zeroizer(LibcZeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "ermsb"))]
#[test]
#[cfg_attr(miri, ignore)] // ffi, asm
fn test_b127_asm_rep_stos_zeroizer() {
    test_b127_zeroizer(AsmRepStosZeroizer);
}

#[test]
fn test_b127_volatile_write_zeroizer() {
    test_b127_zeroizer(VolatileWriteZeroizer);
}

#[test]
fn test_b127_volatile_write8_zeroizer() {
    test_b127_zeroizer(VolatileWrite8Zeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "avx"))]
#[test]
fn test_b127_x86_64_avx_zeroizer() {
    test_b127_zeroizer(X86_64AvxZeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "sse2"))]
#[test]
fn test_b127_x86_64_sse2_zeroizer() {
    test_b127_zeroizer(X86_64Sse2Zeroizer);
}

#[cfg(feature = "nightly_core_intrinsics")]
#[test]
fn test_b239_lowalign_volatile_memset_zeroizer() {
    test_b239_lowalign_zeroizer(VolatileMemsetZeroizer);
}

#[cfg(any(
    target_os = "freebsd",
    target_os = "dragonfly",
    target_os = "openbsd",
    target_os = "netbsd",
    target_os = "macos",
    target_os = "ios",
    target_env = "gnu",
    target_env = "musl"
))]
#[test]
#[cfg_attr(miri, ignore)] // ffi
fn test_b239_lowalign_libc_zeroizer() {
    test_b239_lowalign_zeroizer(LibcZeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "ermsb"))]
#[test]
#[cfg_attr(miri, ignore)] // ffi, asm
fn test_b239_lowalign_asm_rep_stos_zeroizer() {
    test_b239_lowalign_zeroizer(AsmRepStosZeroizer);
}

#[test]
fn test_b239_lowalign_volatile_write_zeroizer() {
    test_b239_lowalign_zeroizer(VolatileWriteZeroizer);
}

#[test]
fn test_b239_lowalign_volatile_write8_zeroizer() {
    test_b239_lowalign_zeroizer(VolatileWrite8Zeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "avx"))]
#[test]
fn test_b239_lowalign_x86_64_avx_zeroizer() {
    test_b239_lowalign_zeroizer(X86_64AvxZeroizer);
}

#[cfg(all(target_arch = "x86_64", target_feature = "sse2"))]
#[test]
fn test_b239_lowalign_x86_64_sse2_zeroizer() {
    test_b239_lowalign_zeroizer(X86_64Sse2Zeroizer);
}