On Wed, Mar 02, 2011 at 02:56:58PM +0000, Konstantin Belousov wrote: > Author: kib > Date: Wed Mar 2 14:56:58 2011 > New Revision: 219178 > URL: http://svn.freebsd.org/changeset/base/219178 > > Log: > Fix a bug in the result of manual assembly. > > Reported by: Stefan Grundmann <sg2342 googlemail com> > PR: kern/155118 > MFC after: 3 days The end result of this bug should affect only AES256 variants, causing wrong keyschedule calculation. If you have a geli partition with 256bit key that worked with previous version of aesni(4), best strategy is backup, reinitialize geli volume with the new driver, then restore.
Sorry. > > Modified: > head/sys/crypto/aesni/aeskeys_amd64.S > head/sys/crypto/aesni/aeskeys_i386.S > > Modified: head/sys/crypto/aesni/aeskeys_amd64.S > ============================================================================== > --- head/sys/crypto/aesni/aeskeys_amd64.S Wed Mar 2 14:39:26 2011 > (r219177) > +++ head/sys/crypto/aesni/aeskeys_amd64.S Wed Mar 2 14:56:58 2011 > (r219178) > @@ -162,7 +162,7 @@ ENTRY(aesni_set_enckey) > .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 > call _key_expansion_256b > // aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 > - .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 > + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40 > call _key_expansion_256a > retq > .Lenc_key192: > > Modified: head/sys/crypto/aesni/aeskeys_i386.S > ============================================================================== > --- head/sys/crypto/aesni/aeskeys_i386.S Wed Mar 2 14:39:26 2011 > (r219177) > +++ head/sys/crypto/aesni/aeskeys_i386.S Wed Mar 2 14:56:58 2011 > (r219178) > @@ -167,7 +167,7 @@ ENTRY(aesni_set_enckey) > .byte 0x66,0x0f,0x3a,0xdf,0xc8,0x20 > call _key_expansion_256b > // aeskeygenassist $0x40,%xmm2,%xmm1 # round 7 > - .byte 0x66,0x0f,0x3a,0xdf,0xca,0x20 > + .byte 0x66,0x0f,0x3a,0xdf,0xca,0x40 > call _key_expansion_256a > .cfi_adjust_cfa_offset -4 > leave
pgpOzcvoWU4UT.pgp
Description: PGP signature
