zeroize: mark optimization_barrier as public#1261
Conversation
|
Marking this function public allows to implement zeroization more efficiently. For example: https://rust.godbolt.org/z/neEn8s1ze Additionally, it allows to implement erasure for (plain) external types which haven't implemented zeroization support for some reason: struct Foo {
a: ExternalType,
b: u32,
}
impl Default for Foo {
fn drop(&mut self) {
self.a = Default::default();
self.b = 0;
zeroize::optimization_barrier(self);
}
}It could be a bit fragile (e.g. if type uses |
|
Okay, interesting, if we leave the volatile writes as-is, but make |
|
Unless there is a practical demonstration of As I wrote previously, I think that we misuse volatile writes in But we can leave this discussion for a separate issue or PR. |
|
The documentation has been edited in the past to make Without Making this function public seems like a reasonable enough middle ground between actually removing any of the primitives that provide actual guarantees. |
|
Ideally, we would just use Maybe we could propose addition of a |
## Added - `Zeroizing` is now `repr(transparent)` ([#1253]) - `optimization_barrier` function ([#1261]) - `Zeroizing` now supports `?Sized` ([#1318]) - `zeroize_stack` function ([#1331]) ## Changed - Edition changed to 2024 and MSRV bumped to 1.85 ([#1149]) - Replace `atomic_fence` with `optimization_barrier` ([#1252]) - Bump `zeroize_derive` to v1.5 ([#1492]) - Always enable AVX-512 support ([#1493]) [#1149]: #1149 [#1252]: #1252 [#1253]: #1253 [#1261]: #1261 [#1318]: #1318 [#1331]: #1331 [#1492]: #1492 [#1493]: #1493
The function was added in #1252.