aesni: Align all class instances to 16 byte boundaries
authorMartin Willi <martin@revosec.ch>
Tue, 31 Mar 2015 15:28:12 +0000 (17:28 +0200)
committerMartin Willi <martin@revosec.ch>
Wed, 15 Apr 2015 11:44:40 +0000 (13:44 +0200)
While the required members are aligned in the struct as required, on 32-bit
platforms the allocator aligns the structures itself to 8 bytes only. This
results in non-aligned struct members, and invalid memory accesses.

src/libstrongswan/plugins/aesni/aesni_cbc.c
src/libstrongswan/plugins/aesni/aesni_ccm.c
src/libstrongswan/plugins/aesni/aesni_cmac.c
src/libstrongswan/plugins/aesni/aesni_ctr.c
src/libstrongswan/plugins/aesni/aesni_gcm.c
src/libstrongswan/plugins/aesni/aesni_key.c
src/libstrongswan/plugins/aesni/aesni_xcbc.c

index cf18faf..f2fce0f 100644 (file)
@@ -693,7 +693,7 @@ METHOD(crypter_t, destroy, void,
 {
        DESTROY_IF(this->ekey);
        DESTROY_IF(this->dkey);
-       free(this);
+       free_align(this);
 }
 
 /**
@@ -720,7 +720,7 @@ aesni_cbc_t *aesni_cbc_create(encryption_algorithm_t algo, size_t key_size)
                        return NULL;
        }
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .crypter = {
                                .encrypt = _encrypt,
index 20f2e4f..0e4a24f 100644 (file)
@@ -902,7 +902,7 @@ METHOD(aead_t, destroy, void,
 {
        DESTROY_IF(this->key);
        this->iv_gen->destroy(this->iv_gen);
-       free(this);
+       free_align(this);
 }
 
 /**
@@ -949,7 +949,7 @@ aesni_ccm_t *aesni_ccm_create(encryption_algorithm_t algo,
                        return NULL;
        }
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .aead = {
                                .encrypt = _encrypt,
index f94960d..a35445f 100644 (file)
@@ -314,7 +314,7 @@ METHOD(mac_t, destroy, void,
        DESTROY_IF(this->k);
        memwipe(&this->k1, sizeof(this->k1));
        memwipe(&this->k2, sizeof(this->k2));
-       free(this);
+       free_align(this);
 }
 
 /*
@@ -324,7 +324,7 @@ mac_t *aesni_cmac_create(encryption_algorithm_t algo, size_t key_size)
 {
        private_mac_t *this;
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .get_mac = _get_mac,
                        .get_mac_size = _get_mac_size,
index e6830c1..e6f9b84 100644 (file)
@@ -623,7 +623,7 @@ METHOD(crypter_t, destroy, void,
        private_aesni_ctr_t *this)
 {
        DESTROY_IF(this->key);
-       free(this);
+       free_align(this);
 }
 
 /**
@@ -650,7 +650,7 @@ aesni_ctr_t *aesni_ctr_create(encryption_algorithm_t algo, size_t key_size)
                        return NULL;
        }
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .crypter = {
                                .encrypt = _crypt,
index f6bbea2..6296ad2 100644 (file)
@@ -1465,7 +1465,7 @@ METHOD(aead_t, destroy, void,
        memwipe(&this->hhh, sizeof(this->hhh));
        memwipe(&this->hhhh, sizeof(this->hhhh));
        this->iv_gen->destroy(this->iv_gen);
-       free(this);
+       free_align(this);
 }
 
 /**
@@ -1512,7 +1512,7 @@ aesni_gcm_t *aesni_gcm_create(encryption_algorithm_t algo,
                        return NULL;
        }
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .aead = {
                                .encrypt = _encrypt,
index 4d7948d..523266a 100644 (file)
@@ -244,7 +244,7 @@ METHOD(aesni_key_t, destroy, void,
        private_aesni_key_t *this)
 {
        memwipe(this, sizeof(*this) + (this->public.rounds + 1) * AES_BLOCK_SIZE);
-       free(this);
+       free_align(this);
 }
 
 /**
@@ -270,7 +270,7 @@ aesni_key_t *aesni_key_create(bool encrypt, chunk_t key)
                        return NULL;
        }
 
-       INIT_EXTRA(this, (rounds + 1) * AES_BLOCK_SIZE,
+       INIT_EXTRA_ALIGN(this, (rounds + 1) * AES_BLOCK_SIZE, sizeof(__m128i),
                .public = {
                        .destroy = _destroy,
                        .rounds = rounds,
index 13bc2cc..b2e8cd5 100644 (file)
@@ -309,7 +309,7 @@ METHOD(mac_t, destroy, void,
        DESTROY_IF(this->k1);
        memwipe(&this->k2, sizeof(this->k2));
        memwipe(&this->k3, sizeof(this->k3));
-       free(this);
+       free_align(this);
 }
 
 /*
@@ -319,7 +319,7 @@ mac_t *aesni_xcbc_create(encryption_algorithm_t algo, size_t key_size)
 {
        private_aesni_mac_t *this;
 
-       INIT(this,
+       INIT_ALIGN(this, sizeof(__m128i),
                .public = {
                        .get_mac = _get_mac,
                        .get_mac_size = _get_mac_size,