aesni: Ensure that key schedules are aligned
Rather than depending on malloc() returning 16-byte aligned chunks, allocate some extra pad bytes and ensure that key schedules are appropriately aligned. Reviewed by: kib MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC (Netgate) Differential Revision: https://reviews.freebsd.org/D28157
This commit is contained in:
parent
5bdb8b273a
commit
098c902b52
@ -560,8 +560,15 @@ aesni_cipher_setup(struct aesni_session *ses,
|
|||||||
const struct crypto_session_params *csp)
|
const struct crypto_session_params *csp)
|
||||||
{
|
{
|
||||||
struct fpu_kern_ctx *ctx;
|
struct fpu_kern_ctx *ctx;
|
||||||
|
uint8_t *schedbase;
|
||||||
int kt, ctxidx, error;
|
int kt, ctxidx, error;
|
||||||
|
|
||||||
|
schedbase = (uint8_t *)roundup2((uintptr_t)ses->schedules,
|
||||||
|
AES_SCHED_ALIGN);
|
||||||
|
ses->enc_schedule = schedbase;
|
||||||
|
ses->dec_schedule = schedbase + AES_SCHED_LEN;
|
||||||
|
ses->xts_schedule = schedbase + AES_SCHED_LEN * 2;
|
||||||
|
|
||||||
switch (csp->csp_auth_alg) {
|
switch (csp->csp_auth_alg) {
|
||||||
case CRYPTO_SHA1_HMAC:
|
case CRYPTO_SHA1_HMAC:
|
||||||
ses->hmac = true;
|
ses->hmac = true;
|
||||||
|
@ -47,11 +47,13 @@
|
|||||||
#define AES192_ROUNDS 12
|
#define AES192_ROUNDS 12
|
||||||
#define AES256_ROUNDS 14
|
#define AES256_ROUNDS 14
|
||||||
#define AES_SCHED_LEN ((AES256_ROUNDS + 1) * AES_BLOCK_LEN)
|
#define AES_SCHED_LEN ((AES256_ROUNDS + 1) * AES_BLOCK_LEN)
|
||||||
|
#define AES_SCHED_ALIGN 16
|
||||||
|
|
||||||
struct aesni_session {
|
struct aesni_session {
|
||||||
uint8_t enc_schedule[AES_SCHED_LEN] __aligned(16);
|
uint8_t schedules[3 * AES_SCHED_LEN + AES_SCHED_ALIGN];
|
||||||
uint8_t dec_schedule[AES_SCHED_LEN] __aligned(16);
|
uint8_t *enc_schedule;
|
||||||
uint8_t xts_schedule[AES_SCHED_LEN] __aligned(16);
|
uint8_t *dec_schedule;
|
||||||
|
uint8_t *xts_schedule;
|
||||||
int rounds;
|
int rounds;
|
||||||
/* uint8_t *ses_ictx; */
|
/* uint8_t *ses_ictx; */
|
||||||
/* uint8_t *ses_octx; */
|
/* uint8_t *ses_octx; */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user