From 7658b633901112c5e2d9a1ae7112d69779d6fef1 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 11 Jan 2023 17:39:33 +0000
Subject: [PATCH] Remove volatile from diff; add explanatory comment

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/library/constant_time.c b/library/constant_time.c
index 89778d53c..7f4d509bc 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -85,9 +85,15 @@ int mbedtls_ct_memcmp(const void *a,
                       size_t n)
 {
     size_t i = 0;
+    /*
+     * `A` and `B` are cast to volatile to ensure that the compiler
+     * generates code that always fully reads both buffers.
+     * Otherwise it could generate a test to exit early if `diff` has all
+     * bits set early in the loop.
+     */
     volatile const unsigned char *A = (volatile const unsigned char *) a;
     volatile const unsigned char *B = (volatile const unsigned char *) b;
-    volatile uint32_t diff = 0;
+    uint32_t diff = 0;
 
 #if defined(MBEDTLS_EFFICIENT_UNALIGNED_VOLATILE_ACCESS)
     for (; (i + 4) <= n; i += 4) {