[openssl-dev] [openssl.org #4323] chacha-armv4.pl bugs
Andy Polyakov via RT
rt at openssl.org
Sun Feb 21 20:27:50 UTC 2016
Hi,
> The partial-block tail code in chacha-armv4.pl also seems to have problems.
> My colleague Steven and I made an attempt to debug it, but we're not
> familiar enough with ARM to fix it.
>
> From playing with it in a debugger, it doesn't look like @t[3] contains the
> length. We suspect something is going wrong with the condition flags on
> loading or updating length.
> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=crypto/chacha/asm/chacha-armv4.pl;h=55ebc9e586475a35e313b74483eb4b8d5b6f2b03;hb=HEAD#l585
Attached is patch for chacha-armv4.pl (please verify) and a test snippet
I've put together.
> It may be worth going back and testing these cases on all of the
> implementations as well.
Besides armv4 only s390x module was failing.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4323
Please log in as guest with password guest if prompted
-------------- next part --------------
diff --git a/crypto/chacha/asm/chacha-armv4.pl b/crypto/chacha/asm/chacha-armv4.pl
index 55ebc9e..6c20755 100755
--- a/crypto/chacha/asm/chacha-armv4.pl
+++ b/crypto/chacha/asm/chacha-armv4.pl
@@ -440,9 +440,9 @@ $code.=<<___;
eorhs @x[4], at x[4], at t[0]
eorhs @x[5], at x[5], at t[1]
# ifdef __thumb2__
- it hi
+ it ne
# endif
- ldrhi @t[0],[sp,#4*(32+2)] @ re-load len
+ ldrne @t[0],[sp,#4*(32+2)] @ re-load len
# ifdef __thumb2__
itt hs
# endif
@@ -584,9 +584,9 @@ ___
}
$code.=<<___;
# ifdef __thumb2__
- it hi
+ it ne
# endif
- ldrhi @t[0],[sp,#4*(32+2)] @ re-load len
+ ldrne @t[0],[sp,#4*(32+2)] @ re-load len
# ifdef __thumb2__
it hs
# endif
@@ -598,15 +598,15 @@ $code.=<<___;
.Ltail:
ldr r12,[sp,#4*(32+1)] @ load inp
- add @t[2],sp,#4*(0)
+ add @t[1],sp,#4*(0)
ldr r14,[sp,#4*(32+0)] @ load out
.Loop_tail:
- ldrb @t[0],[@t[2]],#1 @ read buffer on stack
- ldrb @t[1],[r12],#1 @ read input
- subs @t[3], at t[3],#1
- eor @t[0], at t[0], at t[1]
- strb @t[0],[r14],#1 @ store output
+ ldrb @t[2],[@t[1]],#1 @ read buffer on stack
+ ldrb @t[3],[r12],#1 @ read input
+ subs @t[0], at t[0],#1
+ eor @t[3], at t[3], at t[2]
+ strb @t[3],[r14],#1 @ store output
bne .Loop_tail
.Ldone:
@@ -1120,7 +1120,7 @@ $code.=<<___;
# endif
stmia @t[0],{@x[0]- at x[7]}
add @t[2],sp,#4*(0)
- sub @t[3], at t[0],#64*3 @ len-=64*3
+ sub @t[3], at t[3],#64*3 @ len-=64*3
.Loop_tail_neon:
ldrb @t[0],[@t[2]],#1 @ read buffer on stack
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chacha_test.c
Type: text/x-csrc
Size: 4835 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160221/6de01714/attachment-0001.c>
More information about the openssl-dev
mailing list