[PATCH] Add missing register clearing in to SHA-256 and SHA-512 assembly

Jussi Kivilinna jussi.kivilinna at iki.fi
Fri Dec 13 15:08:57 CET 2013 

* cipher/sha256-ssse3-amd.S: Clear used XMM/YMM registers at return.
* cipher/sha512-avx-amd.S: Ditto.
* cipher/sha512-avx2-bmi2-amd.S: Ditto.
* cipher/sha512-ssse3-amd.S: Ditto.
--

Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
 cipher/sha256-ssse3-amd64.S     |   14 ++++++++++++++
 cipher/sha512-avx-amd64.S       |   14 ++++++++++++++
 cipher/sha512-avx2-bmi2-amd64.S |   14 ++++++++++++++
 cipher/sha512-ssse3-amd64.S     |    7 +++++++
 4 files changed, 49 insertions(+)

diff --git a/cipher/sha256-ssse3-amd64.S b/cipher/sha256-ssse3-amd64.S
index 06070d1..bcf0e19 100644
--- a/cipher/sha256-ssse3-amd64.S
+++ b/cipher/sha256-ssse3-amd64.S
@@ -481,6 +481,20 @@ _gcry_sha256_transform_amd64_ssse3:
 	cmp	INP, [rsp + _INP_END]
 	jne	.Loop0
 
+	pxor	xmm0, xmm0
+	pxor	xmm1, xmm1
+	pxor	xmm2, xmm2
+	pxor	xmm3, xmm3
+	pxor	xmm4, xmm4
+	pxor	xmm5, xmm5
+	pxor	xmm6, xmm6
+	pxor	xmm7, xmm7
+	pxor	xmm8, xmm8
+	pxor	xmm9, xmm9
+	pxor	xmm10, xmm10
+	pxor	xmm11, xmm11
+	pxor	xmm12, xmm12
+
 .Ldone_hash:
 	add	rsp, STACK_SIZE
 
diff --git a/cipher/sha512-avx-amd64.S b/cipher/sha512-avx-amd64.S
index 691d771..900936e 100644
--- a/cipher/sha512-avx-amd64.S
+++ b/cipher/sha512-avx-amd64.S
@@ -267,6 +267,8 @@ _gcry_sha512_transform_amd64_avx:
 	cmp	msglen, 0
 	je	.Lnowork
 
+	vzeroupper
+
 	/* Allocate Stack Space */
 	sub	rsp, frame_size
 
@@ -346,6 +348,18 @@ _gcry_sha512_transform_amd64_avx:
 	/* Restore Stack Pointer */
 	add	rsp, frame_size
 
+	vzeroupper
+	pxor	xmm0, xmm0
+	pxor	xmm1, xmm1
+	pxor	xmm2, xmm2
+	pxor	xmm3, xmm3
+	pxor	xmm4, xmm4
+	pxor	xmm5, xmm5
+	pxor	xmm6, xmm6
+	pxor	xmm7, xmm7
+	pxor	xmm8, xmm8
+	pxor	xmm9, xmm9
+
 	/* Return stack burn depth */
 	mov	rax, frame_size
 
diff --git a/cipher/sha512-avx2-bmi2-amd64.S b/cipher/sha512-avx2-bmi2-amd64.S
index 878c41b..9ece4fd 100644
--- a/cipher/sha512-avx2-bmi2-amd64.S
+++ b/cipher/sha512-avx2-bmi2-amd64.S
@@ -604,6 +604,8 @@ _gcry_sha512_transform_amd64_avx2:
 	cmp rdx, 0
 	je .Lnowork
 
+	vzeroupper
+
 	/* Allocate Stack Space */
 	mov	rax, rsp
 	sub	rsp, frame_size
@@ -717,6 +719,18 @@ _gcry_sha512_transform_amd64_avx2:
 	/* Restore Stack Pointer */
 	mov	rsp, [rsp + frame_RSPSAVE]
 
+	vzeroupper
+	pxor	xmm0, xmm0
+	pxor	xmm1, xmm1
+	pxor	xmm2, xmm2
+	pxor	xmm3, xmm3
+	pxor	xmm4, xmm4
+	pxor	xmm5, xmm5
+	pxor	xmm6, xmm6
+	pxor	xmm7, xmm7
+	pxor	xmm8, xmm8
+	pxor	xmm9, xmm9
+
 	mov	rax, frame_size
 .Lnowork:
 	ret
diff --git a/cipher/sha512-ssse3-amd64.S b/cipher/sha512-ssse3-amd64.S
index 2a719e5..4c80baa 100644
--- a/cipher/sha512-ssse3-amd64.S
+++ b/cipher/sha512-ssse3-amd64.S
@@ -348,6 +348,13 @@ _gcry_sha512_transform_amd64_ssse3:
 	/* Restore Stack Pointer */
 	add	rsp, frame_size
 
+	pxor	xmm0, xmm0
+	pxor	xmm1, xmm1
+	pxor	xmm2, xmm2
+	pxor	xmm3, xmm3
+	pxor	xmm4, xmm4
+	pxor	xmm5, xmm5
+
 	/* Return stack burn depth */
 	mov	rax, frame_size

More information about the Gcrypt-devel mailing list