Remove volatile from diff; add explanatory comment

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-11 17:39:33 +00:00 · 2023-01-11 17:39:33 +00:00 · 7658b63390
commit 7658b63390
parent fa96026a0e
1 changed files with 7 additions and 1 deletions
--- a/library/constant_time.c
+++ b/library/constant_time.c
@ -85,9 +85,15 @@ int mbedtls_ct_memcmp(const void *a,
                      size_t n)
 {
    size_t i = 0;
+    /*
+     * `A` and `B` are cast to volatile to ensure that the compiler
+     * generates code that always fully reads both buffers.
+     * Otherwise it could generate a test to exit early if `diff` has all
+     * bits set early in the loop.
+     */
    volatile const unsigned char *A = (volatile const unsigned char *) a;
    volatile const unsigned char *B = (volatile const unsigned char *) b;
-    volatile uint32_t diff = 0;
+    uint32_t diff = 0;

 #if defined(MBEDTLS_EFFICIENT_UNALIGNED_VOLATILE_ACCESS)
    for (; (i + 4) <= n; i += 4) {