infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-02-11 19:08:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

8370318: AES-GCM vector intrinsic may read out of bounds (x86_64, AVX-512)

Browse Source 
Reviewed-by: kvn, roland
This commit is contained in:
Aleksey Shipilev 2025-10-27 10:35:02 +00:00
parent 6f8d07ae21
commit 7bb490c4bf
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/hotspot/cpu/x86/stubGenerator_x86_64.hpp
View File

@ -393,6 +393,8 @@ class StubGenerator: public StubCodeGenerator {
XMMRegister xmm5, XMMRegister xmm6, XMMRegister xmm7, XMMRegister xmm8);
void ghash_last_8_avx2(Register subkeyHtbl);
void check_key_offset(Register key, int offset, int load_size);
// Load key and shuffle operation
void ev_load_key(XMMRegister xmmdst, Register key, int offset, XMMRegister xmm_shuf_mask);
void ev_load_key(XMMRegister xmmdst, Register key, int offset, Register rscratch);

20
src/hotspot/cpu/x86/stubGenerator_x86_64_aes.cpp
View File

@ -1759,25 +1759,43 @@ void StubGenerator::roundDeclast(XMMRegister xmm_reg) {
__ vaesdeclast(xmm8, xmm8, xmm_reg, Assembler::AVX_512bit);
}
// Check incoming byte offset against the int[] len. key is the pointer to the int[0].
// This check happens often, so it is important for it to be very compact.
void StubGenerator::check_key_offset(Register key, int offset, int load_size) {
#ifdef ASSERT
Address key_length(key, arrayOopDesc::length_offset_in_bytes() - arrayOopDesc::base_offset_in_bytes(T_INT));
assert((offset + load_size) % 4 == 0, "Alignment is good: %d + %d", offset, load_size);
int end_offset = (offset + load_size) / 4;
Label L_good;
__ cmpl(key_length, end_offset);
__ jccb(Assembler::greaterEqual, L_good);
__ hlt();
__ bind(L_good);
#endif
}
// Utility routine for loading a 128-bit key word in little endian format
void StubGenerator::load_key(XMMRegister xmmdst, Register key, int offset, XMMRegister xmm_shuf_mask) {
check_key_offset(key, offset, 16);
__ movdqu(xmmdst, Address(key, offset));
__ pshufb(xmmdst, xmm_shuf_mask);
}
void StubGenerator::load_key(XMMRegister xmmdst, Register key, int offset, Register rscratch) {
check_key_offset(key, offset, 16);
__ movdqu(xmmdst, Address(key, offset));
__ pshufb(xmmdst, ExternalAddress(key_shuffle_mask_addr()), rscratch);
}
void StubGenerator::ev_load_key(XMMRegister xmmdst, Register key, int offset, XMMRegister xmm_shuf_mask) {
check_key_offset(key, offset, 16);
__ movdqu(xmmdst, Address(key, offset));
__ pshufb(xmmdst, xmm_shuf_mask);
__ evshufi64x2(xmmdst, xmmdst, xmmdst, 0x0, Assembler::AVX_512bit);
}
void StubGenerator::ev_load_key(XMMRegister xmmdst, Register key, int offset, Register rscratch) {
check_key_offset(key, offset, 16);
__ movdqu(xmmdst, Address(key, offset));
__ pshufb(xmmdst, ExternalAddress(key_shuffle_mask_addr()), rscratch);
__ evshufi64x2(xmmdst, xmmdst, xmmdst, 0x0, Assembler::AVX_512bit);
@ -3205,12 +3223,12 @@ void StubGenerator::ghash16_encrypt_parallel16_avx512(Register in, Register out,
//AES round 9
roundEncode(AESKEY2, B00_03, B04_07, B08_11, B12_15);
ev_load_key(AESKEY2, key, 11 * 16, rbx);
//AES rounds up to 11 (AES192) or 13 (AES256)
//AES128 is done
__ cmpl(NROUNDS, 52);
__ jcc(Assembler::less, last_aes_rnd);
__ bind(aes_192);
ev_load_key(AESKEY2, key, 11 * 16, rbx);
roundEncode(AESKEY1, B00_03, B04_07, B08_11, B12_15);
ev_load_key(AESKEY1, key, 12 * 16, rbx);
roundEncode(AESKEY2, B00_03, B04_07, B08_11, B12_15);