Closed thiagomacieira closed 1 year ago
I can show it's happening for the self-tests. The ciphers and hash tests appear to be fine, but something leaks from self_test_aead_gcm
.
Specifically, self_test_aead_gcm
. I can't tell which of the functions it is.
Thanks for reporting the problem! I'll prepare fix for it
Thanks, Tomász. Let me know if you have a patch you want me to test in the actual application.
init_mb_mgr_avx()
issue was caused by GCM decrypt finalize operations not preserving/restoring all required registers.
I also see xmm14
being clobbered in init_mb_mgr_avx2(). I'll look into it as well.
:+1:
On Windows, registers XMM6 to XMM15 are callee-preserve (not scratch), so they must be preserved across function calls.
If you compile the above in debug mode and run it on Windows, the assertion will trigger. It is not a valid test case for Linux, where all SSE registers are scratch, and will not work with optimisations because the compiler will move the zeroing of XMM10 to after
init_mb_mgr_avx()
.Step-debugging this application reveals that registers XMM10 and XMM13 were not preserved.