Accepting request 1321597 from security:tls

OBS-URL: https://build.opensuse.org/request/show/1321597
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/leancrypto?expand=0&rev=8

fe9751f2.patch

@@ -0,0 +1,49 @@
+From fe9751f2b13581e938f25b82f3e725372223af81 Mon Sep 17 00:00:00 2001
+From: Stephan Mueller <smueller@chronox.de>
+Date: Wed, 5 Nov 2025 10:01:06 +0100
+Subject: [PATCH] ARM64: Add GCS support in assembly code
+
+The GCS support is properly enabled as seen with the following command:
+
+$ readelf -n build/libleancrypto.so
+
+Displaying notes found in: .note.gnu.property
+  Owner                Data size        Description
+  GNU                  0x00000010       NT_GNU_PROPERTY_TYPE_0
+      Properties: AArch64 feature: BTI, PAC, GCS
+
+Signed-off-by: Stephan Mueller <smueller@chronox.de>
+[EDIT: drop the diff of CHANGES.md]
+---
+ CHANGES.md                       |  2 ++
+ internal/api/assembler_support.h | 14 ++++++++++++--
+ 2 files changed, 14 insertions(+), 2 deletions(-)
+
+diff --git a/internal/api/assembler_support.h b/internal/api/assembler_support.h
+index be6afb00..bc89efb2 100644
+--- a/internal/api/assembler_support.h
++++ b/internal/api/assembler_support.h
+@@ -73,11 +73,21 @@
+ #  define GNU_PROPERTY_AARCH64_POINTER_AUTH 0
+ # endif
+ 
++# if defined(__ARM_FEATURE_GCS_DEFAULT) && __ARM_FEATURE_GCS_DEFAULT == 1
++#  define GNU_PROPERTY_AARCH64_GCS (1<<2)
++# else
++#  define GNU_PROPERTY_AARCH64_GCS 0 /* No GCS */
++# endif
++
+ /* Add the BTI / PAC support to GNU Notes section */
+-# if GNU_PROPERTY_AARCH64_BTI != 0 || GNU_PROPERTY_AARCH64_POINTER_AUTH != 0
++# if GNU_PROPERTY_AARCH64_BTI != 0 ||                                          \
++     GNU_PROPERTY_AARCH64_POINTER_AUTH != 0 ||                                 \
++     GNU_PROPERTY_AARCH64_GCS != 0
+ #  define LC_GNU_PROPERTY_ALIGN 3 /* 2 on 32 bit systems, which we do not cover here */
+ #  define LC_GNU_PROPERTY_TYPE 0xc0000000
+-#  define LC_GNU_PROPERTY_DATA (GNU_PROPERTY_AARCH64_BTI|GNU_PROPERTY_AARCH64_POINTER_AUTH)
++#  define LC_GNU_PROPERTY_DATA (GNU_PROPERTY_AARCH64_BTI |                     \
++                                GNU_PROPERTY_AARCH64_POINTER_AUTH |            \
++                                GNU_PROPERTY_AARCH64_GCS)
+ # endif
+ #endif
+ 

leancrypto-1.5.1.tar.xz.asc

@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iHUEABMIAB0WIQQ0LE46OepfGZCb44quXQ2j/QkjUwUCaHAHCgAKCRCuXQ2j/Qkj
-U7i7APsEupkQPQDWXTenun19XN7VYm32CD5aOiYvBDCq5g6DVwD/cXehqPj50SmN
-CDrZEeB4M/GoWSuhAJXjTFowxUH0dNA=
-=1mME
------END PGP SIGNATURE-----

leancrypto-1.6.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:496188ea1652c83b54963bebb7b6a441564e7f75e5867ee9d3a29710ebc43421
+size 40197212

leancrypto-1.6.0.tar.xz.asc

@@ -0,0 +1,8 @@
+-----BEGIN PGP SIGNATURE-----
+
+iJEEABMIADkWIQQ0LE46OepfGZCb44quXQ2j/QkjUwUCaPMjfBsUgAAAAAAEAA5t
+YW51MiwyLjUrMS4xMSwzLDIACgkQrl0No/0JI1P3/QD7BnDVzb1nJCpy7f72K0F3
+uckN8MldQi4MD4PD3OGsg6wA/35z7loXAH7F9VYAXa6ualSDtuovA52qywisI+O5
+uhfr
+=qvfM
+-----END PGP SIGNATURE-----

leancrypto.changes

@@ -1,3 +1,62 @@
+-------------------------------------------------------------------
+Wed Dec  3 09:19:47 UTC 2025 - Angel Yankov <angel.yankov@suse.com>
+
+- Fix bsc#1254370, bsc#1253654 - AVX detection is wrong on older intel CPUs
+  * Add leancrypto_avx_detect1.patch
+  * Add leancrypto_avx_detect2.patch
+
+-------------------------------------------------------------------
+Wed Nov  5 09:28:31 UTC 2025 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add upstream patch to fix GCS on aarch64:
+  * fe9751f2.patch
+
+-------------------------------------------------------------------
+Thu Oct 23 13:22:46 UTC 2025 - Lucas Mulling <lucas.mulling@suse.com>
+
+- Update to 1.6.0:
+  * ASN.1: use stack for small generator for small use cases
+  * X.509: Updates required to support the shim boot loader
+  * X.509: add lc_gmtime to convert Epoch to time format
+  * ASN.1: added to Linux kernel (for 64 bit systems only)
+  * Added AES-GCM and AES-XTS
+  * Availability: remove assert() calls throughout the code - in case of a self
+    test error, disable the algorithm. Instead of using assert, apply a centrally
+    managed test manager that stores the test status. This implies that some
+    initalization APIs like lc_hash_init, lc_sym_init, lc_hmac_init are changed
+    such that they return an error code if self tests failed. Thus, the version
+    is now changed as this is considered to be an ABI change. Although this
+    sounds heavy, the test manager is relatively small and the runtime state
+    should be smaller than the old approach considering the old approach uses one
+    global 32 bit integer per self test to maintain the state. This is now
+    replaced with a set of 32 bit atomic integers that hold a 3-bit field for
+    each algorithm. This change also adds the API call of lc_rerun_one_selftest
+    which allows triggering the reruning of a self test for one given algorithm.
+  * FIPS: Rearchitect integrity test control value generator: The build process now
+    uses the host’s objcopy to extract the ELF sections of interest into a separate
+    file, use a build_machine compiled version of sha3-256sum to generate the
+    digest of it and reinsert it into the leancrypto-fips.so. This now allows
+    cross-compilation with FIPS integrity test support. There is no functional
+    change to leancrypto though.
+  * Significant reduction of compilation units by almost half by not having
+    global, but per-test compiled C files.
+  * Linux kernel: add /proc/leancrypto
+  * FIPS: Add negative testing support
+  * Add SHAKE-512 and XDRBG-512 support
+  * FIPS: Add FIPS indicator which implies that libleancrypto.so has the same
+    functionality as libleancrypto-fips.so with the exception that the latter
+    performs an integrity test.
+  * ARMv9: fix BTI for ML-DSA
+- Remove patch:
+  * leancrypto-fix-aarch64-BTI.patch
+- Don't strip debug symbols
+
+-------------------------------------------------------------------
+Tue Oct 14 07:48:02 UTC 2025 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add patch to fix BTI on aarch64:
+  * leancrypto-fix-aarch64-BTI.patch
+
 -------------------------------------------------------------------
 Fri Jul 18 13:12:24 UTC 2025 - Lucas Mulling <lucas.mulling@suse.com>
 
@@ -60,7 +119,7 @@ Thu Apr 10 08:11:26 UTC 2025 - Marcus Meissner <meissner@suse.com>
 - updated to 1.3.0
   * Allow CPU entropy sources to be used as seed sources with meson option "seedsource=cpu"
   * Ensure full clean run on vintage system without AVX2 (thanks to "David C. Rankin" <drankinatty@gmail.com>)
-  * EFI: compilation support on AARCH64 
+  * EFI: compilation support on AARCH64
   * Meson: reduce number of object files to speed up compilation process
   * Intel assembler: add endbr[64|32] to every function and ensure IBT is enabled
   * ARMv8 assembler / ELF: add BTI and PAC support
@@ -259,7 +318,7 @@ Sun Feb  5 20:56:14 UTC 2023 - Stephan Mueller <smueller@chronox.de>
 -------------------------------------------------------------------
 Sun Jan  8 16:22:33 UTC 2023 - Stephan Mueller <smueller@chronox.de>
 
-- leancrypto version 0.5.1 
+- leancrypto version 0.5.1
 
 -------------------------------------------------------------------
 Fri Nov 25 08:18:22 UTC 2022 - Stephan Mueller <smueller@chronox.de>
@@ -269,7 +328,7 @@ Fri Nov 25 08:18:22 UTC 2022 - Stephan Mueller <smueller@chronox.de>
 -------------------------------------------------------------------
 Fri Nov 25 07:56:44 UTC 2022 - Stephan Mueller <smueller@chronox.de>
 
-- Add Linux kernel module spec file 
+- Add Linux kernel module spec file
 
 -------------------------------------------------------------------
 Fri Nov 25 07:29:26 UTC 2022 - Stephan Mueller <smueller@chronox.de>

leancrypto.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package leancrypto
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 # Copyright (c) 2022 - 2025 Stephan Mueller <smueller@chronox.de
 #
 # All modifications and additions to the file contributed by third parties
@@ -16,6 +16,7 @@
 # Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
+
 %global flavor @BUILD_FLAVOR@%{nil}
 %if "%{flavor}" == "kmp"
 %define psuffix -kmp
@@ -28,22 +29,30 @@
 %define pkgname leancrypto
 %define libname lib%{pkgname}
 Name:           %{pkgname}%{psuffix}
-Version:        1.5.1
-Release:        1.1
+Version:        1.6.0
+Release:        0
+%if %{with kmp}
+Summary:        leancrypto Kernel Module Package
+%else
 Summary:        Cryptographic library with stack-only support and PQC-safe algorithms
+%endif
 License:        BSD-3-Clause OR GPL-2.0-only
 URL:            https://www.leancrypto.org
 Source0:        https://www.leancrypto.org/%{pkgname}/releases/%{pkgname}-%{version}/%{pkgname}-%{version}.tar.xz
 Source1:        https://www.leancrypto.org/%{pkgname}/releases/%{pkgname}-%{version}/%{pkgname}-%{version}.tar.xz.asc
 Source2:        https://leancrypto.org/about/smuellerDD-2024.asc#/leancrypto.keyring
 Source3:        baselibs.conf
-BuildRequires:  meson
+# PATCH-FIX-UPSTREAM - https://github.com/smuellerDD/leancrypto/commit/fe9751f2b
+Patch1:         fe9751f2.patch
+# PATCH-FIX-UPSTREAM https://github.com/smuellerDD/leancrypto/commit/38bb12a185b2d3aa4ff3656d743b33b3ae25bac7
+# bsc#1253654, bsc#1254370 - fix AVX detection in older intel CPUs
+Patch2:		leancrypto_avx_detect1.patch
+Patch3:		leancrypto_avx_detect2.patch
 BuildRequires:  clang
+BuildRequires:  meson
 %if %{with kmp}
 BuildRequires:  %kernel_module_package_buildreqs
-
 %kernel_module_package -n %{pkgname}
-
 %endif
 
 %description
@@ -52,7 +61,6 @@ algorithms. Further it only has POSIX dependencies, and allows all algorithms
 to be used on stack as well as on heap. Accelerated algorithms are transparently
 enabled if possible.
 
-
 %if %{without kmp}
 %package -n %{libname}1
 Summary:        Cryptographic library with stack-only support and PQC-safe algorithms
@@ -65,8 +73,8 @@ enabled if possible.
 
 %package devel
 Summary:        Development files for leancrypto, a cryptographic library
-Requires:       glibc-devel
 Requires:       %{libname}1 = %{version}
+Requires:       glibc-devel
 
 %description devel
 Leancrypto provides a general-purpose cryptographic library with PQC-safe
@@ -111,23 +119,24 @@ to be used on stack as well as on heap. Accelerated algorithms are transparently
 enabled if possible.
 
 This subpackage holds the tools provided by the library, such as sha*sum.
-
 %else
 
 %package KMP
-Summary:        Cryptographic library with stack-only support and PQC-safe algorithms
-Group: System/Kernel
+Summary:        leancrypto Kernel Module Package
+Group:          System/Kernel
 
 %description KMP
-Leancrypto provides a general-purpose cryptographic library with PQC-safe
-algorithms. Further it only has POSIX dependencies, and allows all algorithms
-to be used on stack as well as on heap. Accelerated algorithms are transparently
-enabled if possible.
+Leancrypto for the Linux Kernel. The leancrypto library is intended to provide
+the identical services for user space as well as Linux kernel space. This shall
+allow developers to only have one crypto provider which they need to maintain
+and learn to develop with.
 
+The user space and kernel space versions of leancrypto are fully independent of
+each other. Neither requires the presence of the other for full operation.
 %endif
 
 %prep
-%setup -q -n %{pkgname}-%{version}
+%autosetup -p1 -n %{pkgname}-%{version}
 
 %if %{with kmp}
 set -- *
@@ -139,17 +148,17 @@ mkdir obj
 %endif
 
 %build
-%meson -Dseedsource=esdm
+%meson -Dseedsource=esdm -Dstrip=false
 # Only build the lib when we need it, if building the kernel module, just build
 # the kernel module.
 %if %{without kmp}
 %meson_build
 %else
 for flavor in %flavors_to_build; do
-	KERNELRELEASE=`make -s -C /%{_prefix}/src/linux-obj/%{_target_cpu}/$flavor kernelrelease`
+	KERNELRELEASE=`make -j${RPM_BUILD_NCPUS} -s -C /%{_prefix}/src/linux-obj/%{_target_cpu}/$flavor kernelrelease`
 	rm -rf obj/$flavor
 	cp -r source obj/$flavor
-	make -C $PWD/obj/$flavor/linux_kernel KERNELRELEASE=$KERNELRELEASE
+	make -j${RPM_BUILD_NCPUS} -C $PWD/obj/$flavor/linux_kernel KERNELRELEASE=$KERNELRELEASE
 done
 %endif
 
@@ -203,6 +212,8 @@ done
 %{_libexecdir}/%{name}/sha3-384sum
 %{_libexecdir}/%{name}/sha3-512sum
 %{_libexecdir}/%{name}/ascon256-sum
+%{_bindir}/lc_pkcs7_generator
+%{_bindir}/lc_x509_generator
 %endif
 
 %changelog

leancrypto_avx_detect1.patch

@@ -0,0 +1,76 @@
+commit 38bb12a185b2d3aa4ff3656d743b33b3ae25bac7
+Author: Stephan Mueller <smueller@chronox.de>
+Date:   Tue Nov 25 22:40:25 2025 +0100
+
+    AVX2/512: properly detect support
+    
+    Intel defines a specific check approach to detect AVX2/512 support.
+    
+    This fixes when booting Linux with noxsave where AVX2/512 is not
+    available.
+    
+    Reported-by: Alexander Sosedkin
+    Signed-off-by: Stephan Mueller <smueller@chronox.de>
+
+Index: leancrypto-1.6.0/internal/src/cpufeatures_x86.c
+===================================================================
+--- leancrypto-1.6.0.orig/internal/src/cpufeatures_x86.c
++++ leancrypto-1.6.0/internal/src/cpufeatures_x86.c
+@@ -37,12 +37,22 @@
+ /* Leaf 1 */
+ #define LC_INTEL_AESNI_ECX (1 << 25)
+ #define LC_INTEL_AVX_ECX (1 << 28)
++#define LC_INTEL_FMA_ECX (1 << 12)
++#define LC_INTEL_MOVBE_ECX (1 << 22)
++#define LC_INTEL_OSXSAVE (1 << 27)
++#define LC_INTEL_AVX_PREREQ1                                                   \
++	(LC_INTEL_FMA_ECX | LC_INTEL_MOVBE_ECX | LC_INTEL_OSXSAVE)
+ /* Leaf 7, subleaf 0 of CPUID */
+ #define LC_INTEL_AVX2_EBX (1 << 5)
++#define LC_INTEL_BMI1_EBX (1 << 3)
++#define LC_INTEL_BMI2_EBX (1 << 8)
++#define LC_INTEL_AVX2_PREREQ2                                                  \
++	(LC_INTEL_AVX2_EBX | LC_INTEL_BMI1_EBX | LC_INTEL_BMI2_EBX)
+ #define LC_INTEL_AVX512F_EBX (1 << 16)
+ #define LC_INTEL_VPCLMUL_ECX (1 << 10)
+ #define LC_INTEL_PCLMUL_ECX (1 << 1)
+ #define LC_INTEL_SHANI_EBX (1 << 29)
++#define LC_INTEL_SHANI_EBX (1 << 29)
+ #define LC_INTEL_SHANI512_EAX (1 << 0)
+ 
+ /* This is required by aes_aesni_x86_64.S */
+@@ -111,11 +121,30 @@ LC_INTERFACE_FUNCTION(enum lc_cpu_featur
+ 
+ 	/* read advanced features eax = 7, ecx = 0 */
+ 	cpuid_eax_ecx(7, 0, eax, ebx, ecx, edx);
+-	if (ebx & LC_INTEL_AVX2_EBX)
+-		feat |= LC_CPU_FEATURE_INTEL_AVX2;
+ 
+-	if (ebx & LC_INTEL_AVX512F_EBX)
+-		feat |= LC_CPU_FEATURE_INTEL_AVX512;
++	/*
++	 * Check AVX2 support according to Intel document "How to detect New
++	 * Instruction support in the 4th generation Intel® Core™ processor
++	 * family"
++	 */
++	if ((x86_64_cpuid[2] & LC_INTEL_AVX_PREREQ1) == LC_INTEL_AVX_PREREQ1) {
++		uint32_t xcr0;
++
++#if defined(_MSC_VER) && !defined(__clang__)
++		xcr0 = _xgetbv(0);
++#else
++		__asm__ ("xgetbv" : "=a" (xcr0) : "c" (0) : "%edx");
++#endif
++		/* Check if xmm and ymm state are enabled in XCR0. */
++		if ((xcr0 & 6) == 6) {
++			if ((ebx & LC_INTEL_AVX2_PREREQ2) ==
++			     LC_INTEL_AVX2_PREREQ2)
++				feat |= LC_CPU_FEATURE_INTEL_AVX2;
++
++			if (ebx & LC_INTEL_AVX512F_EBX)
++				feat |= LC_CPU_FEATURE_INTEL_AVX512;
++		}
++	}
+ 
+ 	if (ecx & LC_INTEL_VPCLMUL_ECX)
+ 		feat |= LC_CPU_FEATURE_INTEL_VPCLMUL;

leancrypto_avx_detect2.patch

@@ -0,0 +1,34 @@
+commit 70ffec99fc4463c1a639b5c63941352728a182d9
+Author: Stephan Mueller <smueller@chronox.de>
+Date:   Thu Nov 27 23:39:10 2025 +0100
+
+    Report GF accelerations separately
+    
+    Signed-off-by: Stephan Mueller <smueller@chronox.de>
+
+Index: leancrypto-1.6.0/internal/src/status.c
+===================================================================
+--- leancrypto-1.6.0.orig/internal/src/status.c
++++ leancrypto-1.6.0/internal/src/status.c
+@@ -144,6 +144,7 @@ LC_INTERFACE_FUNCTION(int, lc_status, ch
+ #ifdef LC_CURVE448
+ 		 " Curve448: %s\n"
+ #endif
++		" GF: %s%s\n"
+ 		 ,
+ 		 fips140_mode_enabled() ? "yes" : "no"
+ 
+@@ -306,6 +307,13 @@ LC_INTERFACE_FUNCTION(int, lc_status, ch
+ 			 "AVX2" :
+ 			 ""
+ #endif /* LC_CURVE448 */
++
++	/* GF */
++		,
++		(lc_cpu_feature_available() & LC_CPU_FEATURE_INTEL_PCLMUL) ?
++			"PCLMULQDQ " : "",
++		(lc_cpu_feature_available() & LC_CPU_FEATURE_INTEL_VPCLMUL) ?
++			"VPCLMULQDQ " : ""
+ 	);
+ 
+ #ifdef __clang__