rpm/gnutls
SHA256
1
0
Fork 0
forked from pool/gnutls
Code Pull Requests Activity
ec623dec0c
gnutls/0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch
Sascha Peilicke ec623dec0c Accepting request 79281 from Base:System 
- Update to version 3.0.0. many fixes see NEWS for details This
  changelog only describes important package changes or features.
* Main reason for update is to support Intel AES-NI CPU extensions.
* Bump sonames in the library package accordingly
* C++ apps must now buildrequire libgnutls++-devel
* Software using the openssl emulation must buildrequire 
  libgnutls-openssl-devel or better use openssl directly.
* Upstream no longer uses libgcrypt but libnettle.
* Upstream now requires the use of p11-kit
* Add post-release upstream patches critical for improving AES-NI
  support. (forwarded request 79252 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/79281
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=31
2011-08-24 11:44:12 +00:00

91 lines
2.8 KiB
Diff
Raw Blame History

From 96c632161c8f25ecc1aa55d01c6d5e8aec450792 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 11 Aug 2011 18:48:44 +0200
Subject: [PATCH 3/6] Force alignment for AES-NI to the runtime rather than on the structures.
Corrects issue on some systems (reported by Andreas Radke).
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Cristian Rodríguez <crrodriguez@opensuse.org>
---
lib/accelerated/intel/aes-x86.c | 11 +++++++----
lib/accelerated/intel/aes-x86.h | 11 +++--------
2 files changed, 10 insertions(+), 12 deletions(-)
diff --git a/lib/accelerated/intel/aes-x86.c b/lib/accelerated/intel/aes-x86.c
index 53b3bde..970e613 100644
--- a/lib/accelerated/intel/aes-x86.c
+++ b/lib/accelerated/intel/aes-x86.c
@@ -39,6 +39,9 @@ struct aes_ctx
uint8_t iv[16];
};
+#define ALIGN16(x) \
+ ((void *)(((unsigned long)(x)+0x0f)&~(0x0f)))
+
static int
aes_cipher_init (gnutls_cipher_algorithm_t algorithm, void **_ctx)
{
@@ -68,11 +71,11 @@ aes_cipher_setkey (void *_ctx, const void *userkey, size_t keysize)
struct aes_ctx *ctx = _ctx;
int ret;
- ret = aesni_set_encrypt_key (userkey, keysize * 8, &ctx->expanded_key);
+ ret = aesni_set_encrypt_key (userkey, keysize * 8, ALIGN16(&ctx->expanded_key));
if (ret != 0)
return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
- ret = aesni_set_decrypt_key (userkey, keysize * 8, &ctx->expanded_key_dec);
+ ret = aesni_set_decrypt_key (userkey, keysize * 8, ALIGN16(&ctx->expanded_key_dec));
if (ret != 0)
return gnutls_assert_val (GNUTLS_E_ENCRYPTION_FAILED);
@@ -94,7 +97,7 @@ aes_encrypt (void *_ctx, const void *src, size_t src_size,
{
struct aes_ctx *ctx = _ctx;
- aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key, ctx->iv, 1);
+ aesni_cbc_encrypt (src, dst, src_size, ALIGN16(&ctx->expanded_key), ctx->iv, 1);
return 0;
}
@@ -104,7 +107,7 @@ aes_decrypt (void *_ctx, const void *src, size_t src_size,
{
struct aes_ctx *ctx = _ctx;
- aesni_cbc_encrypt (src, dst, src_size, &ctx->expanded_key_dec, ctx->iv, 0);
+ aesni_cbc_encrypt (src, dst, src_size, ALIGN16(&ctx->expanded_key_dec), ctx->iv, 0);
return 0;
}
diff --git a/lib/accelerated/intel/aes-x86.h b/lib/accelerated/intel/aes-x86.h
index 8f49ff3..a4cac1d 100644
--- a/lib/accelerated/intel/aes-x86.h
+++ b/lib/accelerated/intel/aes-x86.h
@@ -5,17 +5,12 @@
void register_x86_crypto (void);
-#ifdef __GNUC__
-# define ALIGN16 __attribute__ ((aligned (16)))
-#else
-# define ALIGN16
-#endif
-
+#define AES_KEY_ALIGN_SIZE 4
#define AES_MAXNR 14
typedef struct
{
- uint32_t ALIGN16 rd_key[4 * (AES_MAXNR + 1)];
- int rounds;
+ uint32_t rd_key[4 * (AES_MAXNR + 1)+AES_KEY_ALIGN_SIZE];
+ int rounds; /* unused... */
} AES_KEY;
void aesni_ecb_encrypt (const unsigned char *in, unsigned char *out,
--
1.7.4.1
View Git Blame Copy Permalink