From 138493a921447eae25fb73d0f1b4a17a09bb480a Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 28 Apr 2011 21:58:56 +0200 Subject: [PATCH] add support for VIA Padlock on 64bit arch from upstream (#617539) do not return bogus values from load_certs (#652286) --- openssl-1.0.0a-load-certs.patch | 23 ++++ openssl-1.0.0d-padlock64.patch | 214 ++++++++++++++++++++++++++++++++ openssl.spec | 10 +- 3 files changed, 246 insertions(+), 1 deletion(-) create mode 100644 openssl-1.0.0a-load-certs.patch create mode 100644 openssl-1.0.0d-padlock64.patch diff --git a/openssl-1.0.0a-load-certs.patch b/openssl-1.0.0a-load-certs.patch new file mode 100644 index 0000000..4c03a44 --- /dev/null +++ b/openssl-1.0.0a-load-certs.patch @@ -0,0 +1,23 @@ +diff -up openssl-1.0.0a/apps/apps.c.load-certs openssl-1.0.0a/apps/apps.c +--- openssl-1.0.0a/apps/apps.c.load-certs 2010-05-27 16:09:13.000000000 +0200 ++++ openssl-1.0.0a/apps/apps.c 2011-04-28 21:24:06.000000000 +0200 +@@ -1208,7 +1208,8 @@ STACK_OF(X509) *load_certs(BIO *err, con + const char *pass, ENGINE *e, const char *desc) + { + STACK_OF(X509) *certs; +- load_certs_crls(err, file, format, pass, e, desc, &certs, NULL); ++ if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL)) ++ return NULL; + return certs; + } + +@@ -1216,7 +1217,8 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, + const char *pass, ENGINE *e, const char *desc) + { + STACK_OF(X509_CRL) *crls; +- load_certs_crls(err, file, format, pass, e, desc, NULL, &crls); ++ if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls)) ++ return NULL; + return crls; + } + diff --git a/openssl-1.0.0d-padlock64.patch b/openssl-1.0.0d-padlock64.patch new file mode 100644 index 0000000..11efbe8 --- /dev/null +++ b/openssl-1.0.0d-padlock64.patch @@ -0,0 +1,214 @@ +diff -up openssl-1.0.0d/engines/e_padlock.c.padlock64 openssl-1.0.0d/engines/e_padlock.c +--- openssl-1.0.0d/engines/e_padlock.c.padlock64 2011-01-30 02:05:38.000000000 +0100 ++++ openssl-1.0.0d/engines/e_padlock.c 2011-04-28 21:03:26.000000000 +0200 +@@ -101,10 +101,15 @@ + compiler choice is limited to GCC and Microsoft C. */ + #undef COMPILE_HW_PADLOCK + #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM) +-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \ ++# if (defined(__GNUC__) && __GNUC__>=2 && \ ++ (defined(__i386__) || defined(__i386) || \ ++ defined(__x86_64__) || defined(__x86_64)) \ ++ ) || \ + (defined(_MSC_VER) && defined(_M_IX86)) + # define COMPILE_HW_PADLOCK ++# ifdef OPENSSL_NO_DYNAMIC_ENGINE + static ENGINE *ENGINE_padlock (void); ++# endif + # endif + #endif + +@@ -135,7 +140,7 @@ void ENGINE_load_padlock (void) + # endif + #elif defined(__GNUC__) + # ifndef alloca +-# define alloca(s) __builtin_alloca(s) ++# define alloca(s) __builtin_alloca((s)) + # endif + #endif + +@@ -197,6 +202,7 @@ padlock_bind_helper(ENGINE *e) + return 1; + } + ++#ifdef OPENSSL_NO_DYNAMIC_ENGINE + /* Constructor */ + static ENGINE * + ENGINE_padlock(void) +@@ -214,6 +220,7 @@ ENGINE_padlock(void) + + return eng; + } ++#endif + + /* Check availability of the engine */ + static int +@@ -298,6 +305,7 @@ static volatile struct padlock_cipher_da + * ======================================================= + */ + #if defined(__GNUC__) && __GNUC__>=2 ++#if defined(__i386__) || defined(__i386) + /* + * As for excessive "push %ebx"/"pop %ebx" found all over. + * When generating position-independent code GCC won't let +@@ -377,21 +385,6 @@ padlock_available(void) + return padlock_use_ace + padlock_use_rng; + } + +-#ifndef OPENSSL_NO_AES +-/* Our own htonl()/ntohl() */ +-static inline void +-padlock_bswapl(AES_KEY *ks) +-{ +- size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); +- unsigned int *key = ks->rd_key; +- +- while (i--) { +- asm volatile ("bswapl %0" : "+r"(*key)); +- key++; +- } +-} +-#endif +- + /* Force key reload from memory to the CPU microcode. + Loading EFLAGS from the stack clears EFLAGS[30] + which does the trick. */ +@@ -449,12 +442,127 @@ static inline void *name(size_t cnt, \ + : "edx", "cc", "memory"); \ + return iv; \ + } ++#endif ++ ++#elif defined(__x86_64__) || defined(__x86_64) ++ ++/* Load supported features of the CPU to see if ++ the PadLock is available. */ ++static int ++padlock_available(void) ++{ ++ char vendor_string[16]; ++ unsigned int eax, edx; ++ ++ /* Are we running on the Centaur (VIA) CPU? */ ++ eax = 0x00000000; ++ vendor_string[12] = 0; ++ asm volatile ( ++ "cpuid\n" ++ "movl %%ebx,(%1)\n" ++ "movl %%edx,4(%1)\n" ++ "movl %%ecx,8(%1)\n" ++ : "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx"); ++ if (strcmp(vendor_string, "CentaurHauls") != 0) ++ return 0; ++ ++ /* Check for Centaur Extended Feature Flags presence */ ++ eax = 0xC0000000; ++ asm volatile ("cpuid" ++ : "+a"(eax) : : "rbx", "rcx", "rdx"); ++ if (eax < 0xC0000001) ++ return 0; ++ ++ /* Read the Centaur Extended Feature Flags */ ++ eax = 0xC0000001; ++ asm volatile ("cpuid" ++ : "+a"(eax), "=d"(edx) : : "rbx", "rcx"); ++ ++ /* Fill up some flags */ ++ padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6)); ++ padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2)); ++ ++ return padlock_use_ace + padlock_use_rng; ++} + ++/* Force key reload from memory to the CPU microcode. ++ Loading EFLAGS from the stack clears EFLAGS[30] ++ which does the trick. */ ++static inline void ++padlock_reload_key(void) ++{ ++ asm volatile ("pushfq; popfq"); ++} ++ ++#ifndef OPENSSL_NO_AES ++/* ++ * This is heuristic key context tracing. At first one ++ * believes that one should use atomic swap instructions, ++ * but it's not actually necessary. Point is that if ++ * padlock_saved_context was changed by another thread ++ * after we've read it and before we compare it with cdata, ++ * our key *shall* be reloaded upon thread context switch ++ * and we are therefore set in either case... ++ */ ++static inline void ++padlock_verify_context(struct padlock_cipher_data *cdata) ++{ ++ asm volatile ( ++ "pushfq\n" ++" btl $30,(%%rsp)\n" ++" jnc 1f\n" ++" cmpq %2,%1\n" ++" je 1f\n" ++" popfq\n" ++" subq $8,%%rsp\n" ++"1: addq $8,%%rsp\n" ++" movq %2,%0" ++ :"+m"(padlock_saved_context) ++ : "r"(padlock_saved_context), "r"(cdata) : "cc"); ++} ++ ++/* Template for padlock_xcrypt_* modes */ ++/* BIG FAT WARNING: ++ * The offsets used with 'leal' instructions ++ * describe items of the 'padlock_cipher_data' ++ * structure. ++ */ ++#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt) \ ++static inline void *name(size_t cnt, \ ++ struct padlock_cipher_data *cdata, \ ++ void *out, const void *inp) \ ++{ void *iv; \ ++ asm volatile ( "leaq 16(%0),%%rdx\n" \ ++ " leaq 32(%0),%%rbx\n" \ ++ rep_xcrypt "\n" \ ++ : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \ ++ : "0"(cdata), "1"(cnt), "2"(out), "3"(inp) \ ++ : "rbx", "rdx", "cc", "memory"); \ ++ return iv; \ ++} ++#endif ++ ++#endif /* cpu */ ++ ++#ifndef OPENSSL_NO_AES + /* Generate all functions with appropriate opcodes */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8") /* rep xcryptecb */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0") /* rep xcryptcbc */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0") /* rep xcryptcfb */ + PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8") /* rep xcryptofb */ ++ ++/* Our own htonl()/ntohl() */ ++static inline void ++padlock_bswapl(AES_KEY *ks) ++{ ++ size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]); ++ unsigned int *key = ks->rd_key; ++ ++ while (i--) { ++ asm volatile ("bswapl %0" : "+r"(*key)); ++ key++; ++ } ++} + #endif + + /* The RNG call itself */ +@@ -485,8 +593,8 @@ padlock_xstore(void *addr, unsigned int + static inline unsigned char * + padlock_memcpy(void *dst,const void *src,size_t n) + { +- long *d=dst; +- const long *s=src; ++ size_t *d=dst; ++ const size_t *s=src; + + n /= sizeof(*d); + do { *d++ = *s++; } while (--n); diff --git a/openssl.spec b/openssl.spec index c61818d..15da450 100644 --- a/openssl.spec +++ b/openssl.spec @@ -21,7 +21,7 @@ Summary: A general purpose cryptography library with TLS implementation Name: openssl Version: 1.0.0d -Release: 2%{?dist} +Release: 3%{?dist} # We remove certain patented algorithms from the openssl source tarball # with the hobble-openssl script which is included below. Source: openssl-%{version}-usa.tar.bz2 @@ -44,6 +44,7 @@ Patch7: openssl-1.0.0-timezone.patch Patch23: openssl-1.0.0-beta4-default-paths.patch Patch24: openssl-0.9.8j-bad-mime.patch Patch25: openssl-1.0.0a-manfix.patch +Patch26: openssl-1.0.0a-load-certs.patch # Functionality changes Patch32: openssl-0.9.8g-ia64.patch Patch33: openssl-1.0.0-beta4-ca-dir.patch @@ -70,6 +71,7 @@ Patch58: openssl-1.0.0c-fips-md5-allow.patch Patch59: openssl-1.0.0c-pkcs12-fips-default.patch Patch60: openssl-1.0.0d-apps-dgst.patch # Backported fixes including security fixes +Patch61: openssl-1.0.0d-padlock64.patch License: OpenSSL Group: System Environment/Libraries @@ -133,6 +135,7 @@ from other formats to the formats used by the OpenSSL toolkit. %patch23 -p1 -b .default-paths %patch24 -p1 -b .bad-mime %patch25 -p1 -b .manfix +%patch26 -p1 -b .load-certs %patch32 -p1 -b .ia64 %patch33 -p1 -b .ca-dir @@ -158,6 +161,7 @@ from other formats to the formats used by the OpenSSL toolkit. %patch58 -p1 -b .md5-allow %patch59 -p1 -b .fips-default %patch60 -p1 -b .dgst +%patch61 -p1 -b .padlock64 # Modify the various perl scripts to reference perl in the right location. perl util/perlpath.pl `dirname %{__perl}` @@ -407,6 +411,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.* %postun -p /sbin/ldconfig %changelog +* Thu Apr 28 2011 Tomas Mraz 1.0.0d-3 +- add support for VIA Padlock on 64bit arch from upstream (#617539) +- do not return bogus values from load_certs (#652286) + * Tue Apr 5 2011 Tomas Mraz 1.0.0d-2 - clarify apps help texts for available digest algorithms (#693858)