1. Patchew
  2. linux
  3. View series

[PATCH] random: vDSO: assume key is 32-bit aligned on x86_64

Jason A. Donenfeld posted 1 patch 1 year, 3 months ago 
arch/x86/entry/vdso/vgetrandom-chacha.S | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
[PATCH] random: vDSO: assume key is 32-bit aligned on x86_64
Posted by Jason A. Donenfeld 1 year, 3 months ago 
The prototype of this function ensures a u32* type for the key, and all
uses of it are using state->key, which is a u32 array. When userspace
slices up a memory region into an array of states, it does so using a
state size that also ensures the alignment. So it's safe to assume that
the key is always 32-bit aligned. That in turn means it's possible to
use movaps instead of movups for loading the key.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 arch/x86/entry/vdso/vgetrandom-chacha.S | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/entry/vdso/vgetrandom-chacha.S b/arch/x86/entry/vdso/vgetrandom-chacha.S
index bcba5639b8ee..07ae91dcdbda 100644
--- a/arch/x86/entry/vdso/vgetrandom-chacha.S
+++ b/arch/x86/entry/vdso/vgetrandom-chacha.S
@@ -43,8 +43,8 @@ SYM_FUNC_START(__arch_chacha20_blocks_nostack)
 	/* copy0 = "expand 32-byte k" */
 	movaps		CONSTANTS(%rip),copy0
 	/* copy1,copy2 = key */
-	movups		0x00(key),copy1
-	movups		0x10(key),copy2
+	movaps		0x00(key),copy1
+	movaps		0x10(key),copy2
 	/* copy3 = counter || zero nonce */
 	movq		0x00(counter),copy3
 	/* one = 1 || 0 */
-- 
2.46.0
Re: [PATCH] random: vDSO: assume key is 32-bit aligned on x86_64
Posted by Jason A. Donenfeld 1 year, 3 months ago 
On Wed, Aug 28, 2024 at 7:03 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> The prototype of this function ensures a u32* type for the key, and all
> uses of it are using state->key, which is a u32 array. When userspace
> slices up a memory region into an array of states, it does so using a
> state size that also ensures the alignment. So it's safe to assume that
> the key is always 32-bit aligned. That in turn means it's possible to
> use movaps instead of movups for loading the key.
>
> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
> ---
>  arch/x86/entry/vdso/vgetrandom-chacha.S | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/entry/vdso/vgetrandom-chacha.S b/arch/x86/entry/vdso/vgetrandom-chacha.S
> index bcba5639b8ee..07ae91dcdbda 100644
> --- a/arch/x86/entry/vdso/vgetrandom-chacha.S
> +++ b/arch/x86/entry/vdso/vgetrandom-chacha.S
> @@ -43,8 +43,8 @@ SYM_FUNC_START(__arch_chacha20_blocks_nostack)
>         /* copy0 = "expand 32-byte k" */
>         movaps          CONSTANTS(%rip),copy0
>         /* copy1,copy2 = key */
> -       movups          0x00(key),copy1
> -       movups          0x10(key),copy2
> +       movaps          0x00(key),copy1
> +       movaps          0x10(key),copy2

Zomg, no coffee today. movaps requires 128-bit alignment! So this
won't do. Forget you ever saw this.

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.