From: Eric Biggers <ebiggers3@gmail.com>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: linux-crypto@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S . Miller" <davem@davemloft.net>,
x86@kernel.org, linux-kernel@vger.kernel.org,
Eric Biggers <ebiggers@google.com>
Subject: Re: [PATCH] crypto: x86/aes - Don't use %rbp as temporary register
Date: Wed, 17 May 2017 15:21:41 -0700 [thread overview]
Message-ID: <20170517222141.GA60476@gmail.com> (raw)
In-Reply-To: <20170517204427.lwvzonoa26paoitk@treble>
On Wed, May 17, 2017 at 03:44:27PM -0500, Josh Poimboeuf wrote:
> On Tue, May 16, 2017 at 09:03:08PM -0700, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> >
> > When using the "aes-asm" implementation of AES (*not* the AES-NI
> > implementation) on an x86_64, v4.12-rc1 kernel with lockdep enabled, the
> > following warning was reported, along with a long unwinder dump:
> >
> > WARNING: kernel stack regs at ffffc90000643558 in kworker/u4:2:155 has bad 'bp' value 000000000000001c
> >
> > The problem is that aes_enc_block() and aes_dec_block() use %rbp as a
> > temporary register, which breaks stack traces if an interrupt occurs.
> >
> > Fix this by replacing %rbp with %r9, which was being used to hold the
> > saved value of %rbp. This required rearranging the AES round macro
> > slightly since %r9d cannot be used as the target of a move from %ah-%dh.
> >
> > Performance is essentially unchanged --- actually about 0.2% faster than
> > before. Interestingly, I also measured aes-generic as being nearly 7%
> > faster than aes-asm, so perhaps aes-asm has outlived its usefulness...
> >
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
>
> Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
>
Hmm, it looks like a number of other algorithms in arch/x86/crypto/ use %rbp (or
%ebp), e.g. blowfish, camellia, cast5, and aes-i586. Presumably they have the
same problem. I'm a little confused: do these all need to be fixed, and
when/why did this start being considered broken?
Eric
next prev parent reply other threads:[~2017-05-17 22:21 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-17 4:03 [PATCH] crypto: x86/aes - Don't use %rbp as temporary register Eric Biggers
2017-05-17 20:44 ` Josh Poimboeuf
2017-05-17 22:21 ` Eric Biggers [this message]
2017-05-19 1:56 ` Josh Poimboeuf
2017-05-19 2:50 ` Eric Biggers
2017-05-23 5:01 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170517222141.GA60476@gmail.com \
--to=ebiggers3@gmail.com \
--cc=davem@davemloft.net \
--cc=ebiggers@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=jpoimboe@redhat.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.