| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 May 2022 13:10:03 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Stafford Horne <shorne@...il.com>
Cc: "Jason A. Donenfeld" <Jason@...c4.com>,
Andy Shevchenko <andriy.shevchenko@...el.com>,
Mikulas Patocka <mpatocka@...hat.com>,
Andy Shevchenko <andy@...nel.org>,
device-mapper development <dm-devel@...hat.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Mike Snitzer <msnitzer@...hat.com>,
Mimi Zohar <zohar@...ux.ibm.com>,
Milan Broz <gmazyland@...il.com>
Subject: Re: [PATCH v2] hex2bin: make the function hex_to_bin constant-time
On Wed, May 4, 2022 at 12:58 PM Stafford Horne <shorne@...il.com> wrote:
>
> I have uploaded a diff I created here:
> https://gist.github.com/54334556f2907104cd12374872a0597c
>
> It shows the same output.
In hex_to_bin itself it seems to only be a difference due to some
register allocation (r19 and r3 switched around).
But then it gets inlined into hex2bin and there changes there seem to
be about instruction and basic block scheduling, so it's a lot harder
to see what's going on.
And a lot of constant changes, which honestly look just like code code
moved around by 16 bytes and offsets changed due to that.
So I doubt it's hex_to_bin() that is causing problems, I think it's
purely code movement. Which explains why adding a nop or a fake printk
fixes things.
Some alignment assumption that got broken?
Linus
Powered by blists - more mailing lists