Oddbean new post about | logout
mleku | 10 days ago (raw) | root | parent | reply | flag 
 and yeah, i sorta have an idea about this... in Go, it caches tests with deterministic results, but tests that read from the crypto/rand library never do, neither do the ones even from pseudorandom generators like luke champine's frand, which uses chacha12/20 hash chains and seeds
ChipTuner | 10 days ago (raw) | root | parent | reply | flag 
 Yeah many people write CSRNG data instead of zeroing. It's an option. Don't know the results of it's effectiveness. I've considered it in some instances.
mleku | 10 days ago (raw) | root | parent | reply | flag 
 it bypasses the problem of optimization
mleku | 10 days ago (raw) | root | parent | reply | flag 
 it also mitigates against flash memory shadows
ChipTuner | 10 days ago (raw) | root | parent | reply | flag 
 I'm not sure it will do that. Depends on the controller I guess. Some flash controllers can randomize writes and mark an old block as stale for wear leveling
mleku | 10 days ago (raw) | root | parent | reply | flag 
 well, really the chances of a key falling into swap are nearly insignificant if the signing is being done frequently

but even stilll, i've put 8 rewrites on it, even if it optimizes out to only one actual write it's still effective
ChipTuner | 10 days ago (raw) | root | parent | reply | flag 
 Yes and if it's that important you can always use mlock() or VirtualLock()
mleku | 10 days ago (raw) | root | parent | reply | flag 
 oh yeah i am always forgetting... with Go there is always cgo for this kind of thing or maybe it can be done with assembler, assembler is preferable because it doesn't complicate the build workflow

not sure about such kernel specific calls and build workflow but probably it's something you can just dump into the symbol tabel and voila