On Tue, Feb 19, 2019 at 05:45:54PM +0200, Tommi Hirvola wrote:
> 1-block SSE2 variant of poly1305 stores variables s1..s4 containing key
> material on the stack. This commit adds missing zeroing of the stack
> memory. Benchmarks show negligible performance hit (tested on i7-3770).
> 
> Signed-off-by: Tommi Hirvola <to...@hirvola.fi>
> ---
> Similarly, poly1305_blocks() in crypto/poly1305_generic.c stores s1..s4
> as well as r0..r4 to local variables which may be stored in the stack by
> the compiler. Fixing that is less trivial and left for another patch.
> 
> Tests were run with poly1305_simd_blocks() patched to call only 1-block
> SSE2 poly1305 function.
> ---
>  arch/x86/crypto/poly1305-sse2-x86_64.S | 4 ++++
>  1 file changed, 4 insertions(+)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herb...@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply via email to