Skip to content

Commit

Permalink
crypto: x86/poly1305 - Clear key material from stack in SSE2 variant
Browse files Browse the repository at this point in the history 
1-block SSE2 variant of poly1305 stores variables s1..s4 containing key
material on the stack. This commit adds missing zeroing of the stack
memory. Benchmarks show negligible performance hit (tested on i7-3770).

Signed-off-by: Tommi Hirvola <tommi@hirvola.fi>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
  • Loading branch information
Tommi Hirvola authored and Herbert Xu committed Feb 28, 2019
1 parent 3072444 commit 7748168
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions arch/x86/crypto/poly1305-sse2-x86_64.S
View file
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,10 @@ ENTRY(poly1305_block_sse2)
dec %rcx
jnz .Ldoblock

# Zeroing of key material
mov %rcx,0x00(%rsp)
mov %rcx,0x08(%rsp)

add $0x10,%rsp
pop %r12
pop %rbx
Expand Down

0 comments on commit 7748168

Please sign in to comment.