-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P2
-
Affects Version/s: 18, 19
-
Component/s: security-libs
-
b27
With the addition of the AVX512 intrinsic that combined gctr and ghash operations, caused a check for in-place operations to require a new buffer for decryption to avoid complications with tag mismatches. This below mail thread and test showed that TLS, who uses in-place byte[] or heap bytebuffers can drive up memory usage when the system. Direct ByteBuffers are unaffected as the intrinsic does not call them directly.
https://mail.openjdk.org/pipermail/security-dev/2022-October/032723.html
https://mail.openjdk.org/pipermail/security-dev/2022-November/032757.html
https://mail.openjdk.org/pipermail/security-dev/2022-October/032723.html
https://mail.openjdk.org/pipermail/security-dev/2022-November/032757.html
- relates to
-
JDK-8267125 AES Galois CounterMode (GCM) interleaved implementation using AVX512 + VAES instructions
-
- Resolved
-
- links to
-
Commit
openjdk/jdk/b4da0ee7
-
Review(master)
openjdk/jdk/11121