On Tue, Feb 19, 2019 at 05:45:54PM +0200, Tommi Hirvola wrote: > 1-block SSE2 variant of poly1305 stores variables s1..s4 containing key > material on the stack. This commit adds missing zeroing of the stack > memory. Benchmarks show negligible performance hit (tested on i7-3770). > > Signed-off-by: Tommi Hirvola <tommi@xxxxxxxxxx> > --- > Similarly, poly1305_blocks() in crypto/poly1305_generic.c stores s1..s4 > as well as r0..r4 to local variables which may be stored in the stack by > the compiler. Fixing that is less trivial and left for another patch. > > Tests were run with poly1305_simd_blocks() patched to call only 1-block > SSE2 poly1305 function. > --- > arch/x86/crypto/poly1305-sse2-x86_64.S | 4 ++++ > 1 file changed, 4 insertions(+) Patch applied. Thanks. -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
