crypto: x86/poly1305 - Clear key material from stack in SSE2 variant

1-block SSE2 variant of poly1305 stores variables s1..s4 containing key material on the stack. This commit adds missing zeroing of the stack memory. Benchmarks show negligible performance hit (tested on i7-3770). Signed-off-by: Tommi Hirvola <tommi@hirvola.fi> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Tommi Hirvola <tommi@hirvola.fi> 2019-02-19 18:45:54 +0300
committer: Herbert Xu <herbert@gondor.apana.org.au> 2019-02-28 09:17:59 +0300
commit: 7748168c66404a3ee732972a3a55b5332245eb25 (patch)
tree: 6dbd1154dd29a4464d2e0aa24b6640b8b1094a3b
parent: 307244452d3de657744712f1208ae89a75707cbc (diff)
download: linux-7748168c66404a3ee732972a3a55b5332245eb25.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/arch/x86/crypto/poly1305-sse2-x86_64.S b/arch/x86/crypto/poly1305-sse2-x86_64.S
index c88c670cb5fc..e6add74d78a5 100644
--- a/arch/x86/crypto/poly1305-sse2-x86_64.S
+++ b/arch/x86/crypto/poly1305-sse2-x86_64.S
@@ -272,6 +272,10 @@ ENTRY(poly1305_block_sse2)
 	dec		%rcx
 	jnz		.Ldoblock
 
+	# Zeroing of key material
+	mov		%rcx,0x00(%rsp)
+	mov		%rcx,0x08(%rsp)
+
 	add		$0x10,%rsp
 	pop		%r12
 	pop		%rbx
author	Tommi Hirvola <tommi@hirvola.fi>	2019-02-19 18:45:54 +0300
committer	Herbert Xu <herbert@gondor.apana.org.au>	2019-02-28 09:17:59 +0300
commit	7748168c66404a3ee732972a3a55b5332245eb25 (patch)
tree	6dbd1154dd29a4464d2e0aa24b6640b8b1094a3b
parent	307244452d3de657744712f1208ae89a75707cbc (diff)
download	linux-7748168c66404a3ee732972a3a55b5332245eb25.tar.xz