projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3072444)
crypto: x86/poly1305 - Clear key material from stack in SSE2 variant
authorTommi Hirvola <[email protected]>
Tue, 19 Feb 2019 15:45:54 +0000 (17:45 +0200)
committerHerbert Xu <[email protected]>
Thu, 28 Feb 2019 06:17:59 +0000 (14:17 +0800)
1-block SSE2 variant of poly1305 stores variables s1..s4 containing key
material on the stack. This commit adds missing zeroing of the stack
memory. Benchmarks show negligible performance hit (tested on i7-3770).

Signed-off-by: Tommi Hirvola <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
arch/x86/crypto/poly1305-sse2-x86_64.S patch | blob | history

diff --git a/arch/x86/crypto/poly1305-sse2-x86_64.S b/arch/x86/crypto/poly1305-sse2-x86_64.S
index c88c670cb5fc6d4b6331ba18882fae34038400b4..e6add74d78a595b63789d419100b7c30b024e0fc 100644 (file)
--- a/arch/x86/crypto/poly1305-sse2-x86_64.S
+++ b/arch/x86/crypto/poly1305-sse2-x86_64.S
@@ -272,6 +272,10 @@ ENTRY(poly1305_block_sse2)
        dec             %rcx
        jnz             .Ldoblock
 
+       # Zeroing of key material
+       mov             %rcx,0x00(%rsp)
+       mov             %rcx,0x08(%rsp)
+
        add             $0x10,%rsp
        pop             %r12
        pop             %rbx
John Crispins staging tree