Michal Ludvig told me that: > Michal Ludvig told me that: > >>Andy Polyakov told me that: >> >> >>>>Attached is "commit candidate," which is prepared for future >>>>processor steppings (*_cipher_omnivorous), optimized for small input >>>>(alloca instead of fixed realign buffer size), as well as "ported" to >>>>Windows. Could you verify that it works? >> >>As far as I can tell it works - I have built it in 0.9.7 tree and am >>using it system-wide (e.g. for ssh/sshd). So far no problems :-) > > Wait ... sometimes it fails. Interactive SSH sessions typically run > well, but in some cases I get a segfault:
Sometimes you have cleared too much stack space: always PADLOCK_CHUNK instead of the really alloca()'ted bytes. This led to a nice segfault. Attached interdiff hopefully fixes it (at least it seems to work in my testcases). Full patchsets on my homepage are already updated. Michal
Index: crypto/engine/hw_padlock.c
===================================================================
--- crypto/engine/hw_padlock.c.orig
+++ crypto/engine/hw_padlock.c
@@ -824,7 +824,7 @@
const void *inp;
void *out, *iv;
int inp_misaligned, out_misaligned, realign_in_loop;
- size_t chunk;
+ size_t chunk, allocated;
if (nbytes == 0)
return 1;
@@ -857,10 +857,11 @@
if (out_misaligned) {
/* optmize for small input */
+ allocated = (chunk<nbytes?PADLOCK_CHUNK:nbytes);
#ifdef _MSC_VER
- out = _alloca(0x10 + (chunk<nbytes?PADLOCK_CHUNK:nbytes));
+ out = _alloca(0x10 + allocated);
#else
- out = alloca(0x10 + (chunk<nbytes?PADLOCK_CHUNK:nbytes));
+ out = alloca(0x10 + allocated);
#endif
out += (0x10 - ((size_t)out & 0x0F)) & 0x0F;
}
@@ -970,7 +971,7 @@
/* Clean the realign buffer if it was used */
if (out_misaligned) {
volatile unsigned long *p=out;
- size_t n=PADLOCK_CHUNK/sizeof(*p);
+ size_t n = allocated/sizeof(*p);
while (n--) *p++=0;
}
signature.asc
Description: OpenPGP digital signature
