Accepting request 1234531 from security:tls

OBS-URL: https://build.opensuse.org/request/show/1234531 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libnettle?expand=0&rev=50
2025-01-06 15:04:25 +00:00 · 2025-01-06 15:04:25 +00:00 · 8b36dbcf47
commit 8b36dbcf47
parent 7b701f348f 4d35556367
10 changed files with 22 additions and 255 deletions
--- a/libnettle-powerpc64-remove-m4_unquote-sha256.patch
+++ b/libnettle-powerpc64-remove-m4_unquote-sha256.patch
@ -1,75 +0,0 @@
 From 95d7ebbafaea628751e35d2ce1c4c5d2617ed5de Mon Sep 17 00:00:00 2001
 From: Eric Richter <erichte@linux.ibm.com>
 Date: Thu, 20 Jun 2024 13:43:57 -0500
 Subject: [PATCH] powerpc64: remove use of m4_unquote in the load step for
 sha256
 By passing in the constant offset value into the LOAD macro, the use of
 m4_unquote to calculate the correct constant GPR can be avoided,
 improving readability.
 Signed-off-by: Eric Richter <erichte@linux.ibm.com>
 ---
 powerpc64/p8/sha256-compress-n.asm | 36 +++++++++++++++---------------
 1 file changed, 18 insertions(+), 18 deletions(-)
 diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm
 index 4848461e..309db1fa 100644
 --- a/powerpc64/p8/sha256-compress-n.asm
 +++ b/powerpc64/p8/sha256-compress-n.asm
@@ -177,34 +177,34 @@ define(`EXTENDROUNDS', `
 ')
 define(`LOAD', `
 -	IF_BE(`lxvw4x	VSR(IV($1)), m4_unquote(TC`'eval(($1 % 4) * 4)), INPUT')
 +	IF_BE(`lxvw4x	VSR(IV($1)), $2, INPUT')
 	IF_LE(`
 -		lxvd2x	VSR(IV($1)), m4_unquote(TC`'eval(($1 % 4) * 4)), INPUT
 +		lxvd2x	VSR(IV($1)), $2, INPUT
 		vperm	IV($1), IV($1), IV($1), VT0
 	')
 ')
 define(`DOLOADS', `
 	IF_LE(`DATA_LOAD_VEC(VT0, .load_swap, T1)')
 -	LOAD(0)
 -	LOAD(1)
 -	LOAD(2)
 -	LOAD(3)
 +	LOAD(0, TC0)
 +	LOAD(1, TC4)
 +	LOAD(2, TC8)
 +	LOAD(3, TC12)
 	addi	INPUT, INPUT, 16
 -	LOAD(4)
 -	LOAD(5)
 -	LOAD(6)
 -	LOAD(7)
 +	LOAD(4, TC0)
 +	LOAD(5, TC4)
 +	LOAD(6, TC8)
 +	LOAD(7, TC12)
 	addi	INPUT, INPUT, 16
 -	LOAD(8)
 -	LOAD(9)
 -	LOAD(10)
 -	LOAD(11)
 +	LOAD(8, TC0)
 +	LOAD(9, TC4)
 +	LOAD(10, TC8)
 +	LOAD(11, TC12)
 	addi	INPUT, INPUT, 16
 -	LOAD(12)
 -	LOAD(13)
 -	LOAD(14)
 -	LOAD(15)
 +	LOAD(12, TC0)
 +	LOAD(13, TC4)
 +	LOAD(14, TC8)
 +	LOAD(15, TC12)
 	addi	INPUT, INPUT, 16
 ')
 -- 
 GitLab
--- a/libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch
+++ b/libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch
@ -1,45 +0,0 @@
 From 9d8b3e93bbfea1da668a28760540a2b25fae4a50 Mon Sep 17 00:00:00 2001
 From: Eric Richter <erichte@linux.ibm.com>
 Date: Thu, 29 Aug 2024 09:44:25 -0500
 Subject: [PATCH] powerpc64/sha256: adjust stack offset for storing
 non-volatile registers
 According to the ABI, the stack pointer is quadword aligned, so starting
 the stack storage at offset -8, may cause the return address to be
 stepped on. Adjusting to use -16 as the starting point, which also
 matches other POWER assembly code.
 Signed-off-by: Eric Richter <erichte@linux.ibm.com>
 ---
 powerpc64/p8/sha256-compress-n.asm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm
 index 309db1fa..e08ae132 100644
 --- a/powerpc64/p8/sha256-compress-n.asm
 +++ b/powerpc64/p8/sha256-compress-n.asm
@@ -216,8 +216,8 @@ PROLOGUE(_nettle_sha256_compress_n)
 	C Store non-volatile registers
 -	li	T0, -8
 -	li	T1, -24
 +	li	T0, -16
 +	li	T1, -32
 	stvx	v20, T0, SP
 	stvx	v21, T1, SP
 	subi	T0, T0, 32
@@ -321,8 +321,8 @@ PROLOGUE(_nettle_sha256_compress_n)
 	C Restore nonvolatile registers
 -	li	T0, -8
 -	li	T1, -24
 +	li	T0, -16
 +	li	T1, -32
 	lvx	v20, T0, SP
 	lvx	v21, T1, SP
 	subi	T0, T0, 32
 -- 
 GitLab
--- a/libnettle-powerpc64-sha256-fix-loading-overreads.patch
+++ b/libnettle-powerpc64-sha256-fix-loading-overreads.patch
@ -1,112 +0,0 @@
 From 89ae5b24c6d052aa4d9b14c9a50b3c62b5636d81 Mon Sep 17 00:00:00 2001
 From: Eric Richter <erichte@linux.ibm.com>
 Date: Wed, 11 Sep 2024 13:53:48 -0500
 Subject: [PATCH] powerpc64/sha256: fix loading overreads by loading less and
 shifting
 Originally, the 16 input words were loaded with 16 individual vector load
 instructions. This has a side effect where the last three loads would
 overread 1/2/3 extra words.
 Fix the overread by replacing unnecessary overlapped reads with shifts.
 As a consequence, the constant registers for 4,8,12 can be removed, and
 also gain about 1~2% in performance.
 Signed-off-by: Eric Richter <erichte@linux.ibm.com>
 ---
 powerpc64/p8/sha256-compress-n.asm | 44 +++++++++++-------------------
 1 file changed, 16 insertions(+), 28 deletions(-)
 diff --git a/powerpc64/p8/sha256-compress-n.asm b/powerpc64/p8/sha256-compress-n.asm
 index e08ae132..75666deb 100644
 --- a/powerpc64/p8/sha256-compress-n.asm
 +++ b/powerpc64/p8/sha256-compress-n.asm
@@ -44,10 +44,7 @@ define(`T1', `r8')
 define(`TK', `r9')
 define(`COUNT', `r10')
 define(`TC0', `0')	C Index instructions allow literal 0 instead of a GPR
 -define(`TC4', `r11')
 -define(`TC8', `r12')
 -define(`TC12', `r14')
 -define(`TC16', `r15')
 +define(`TC16', `r11')
 C State registers
 define(`VSA', `v0')
@@ -187,24 +184,24 @@ define(`LOAD', `
 define(`DOLOADS', `
 	IF_LE(`DATA_LOAD_VEC(VT0, .load_swap, T1)')
 	LOAD(0, TC0)
 -	LOAD(1, TC4)
 -	LOAD(2, TC8)
 -	LOAD(3, TC12)
 +	vsldoi	IV(1), IV(0), IV(0), 4
 +	vsldoi	IV(2), IV(0), IV(0), 8
 +	vsldoi	IV(3), IV(0), IV(0), 12
 	addi	INPUT, INPUT, 16
 	LOAD(4, TC0)
 -	LOAD(5, TC4)
 -	LOAD(6, TC8)
 -	LOAD(7, TC12)
 +	vsldoi	IV(5), IV(4), IV(4), 4
 +	vsldoi	IV(6), IV(4), IV(4), 8
 +	vsldoi	IV(7), IV(4), IV(4), 12
 	addi	INPUT, INPUT, 16
 	LOAD(8, TC0)
 -	LOAD(9, TC4)
 -	LOAD(10, TC8)
 -	LOAD(11, TC12)
 +	vsldoi	IV(9), IV(8), IV(8), 4
 +	vsldoi	IV(10), IV(8), IV(8), 8
 +	vsldoi	IV(11), IV(8), IV(8), 12
 	addi	INPUT, INPUT, 16
 	LOAD(12, TC0)
 -	LOAD(13, TC4)
 -	LOAD(14, TC8)
 -	LOAD(15, TC12)
 +	vsldoi	IV(13), IV(12), IV(12), 4
 +	vsldoi	IV(14), IV(12), IV(12), 8
 +	vsldoi	IV(15), IV(12), IV(12), 12
 	addi	INPUT, INPUT, 16
 ')
@@ -216,6 +213,8 @@ PROLOGUE(_nettle_sha256_compress_n)
 	C Store non-volatile registers
 +	ALIGN(16)	C Appears necessary for optimal stores
 +	li	TC16, 16
 	li	T0, -16
 	li	T1, -32
 	stvx	v20, T0, SP
@@ -240,15 +239,8 @@ PROLOGUE(_nettle_sha256_compress_n)
 	subi	T1, T1, 32
 	stvx	v30, T0, SP
 	stvx	v31, T1, SP
 -	subi	T0, T0, 32
 -	subi	T1, T1, 32
 -	stdx	r14, T0, SP
 -	stdx	r15, T1, SP
 -	li	TC4, 4
 -	li	TC8, 8
 -	li	TC12, 12
 -	li	TC16, 16
 +	ALIGN(16)	C Appears necessary for optimal loads
 	C Load state values
 	lxvw4x	VSR(VSA), 0, STATE	C VSA contains A,B,C,D
@@ -345,10 +337,6 @@ PROLOGUE(_nettle_sha256_compress_n)
 	subi	T1, T1, 32
 	lvx	v30, T0, SP
 	lvx	v31, T1, SP
 -	subi	T0, T0, 32
 -	subi	T1, T1, 32
 -	ldx	r14, T0, SP
 -	ldx	r15, T1, SP
 .done:
 	mr r3, INPUT
 -- 
 GitLab
--- a/libnettle-powerpc64-skip-AES-GCM-test.patch
+++ b/libnettle-powerpc64-skip-AES-GCM-test.patch
@ -1,13 +0,0 @@
 Index: nettle-3.10/testsuite/Makefile.in
 ===================================================================
 --- nettle-3.10.orig/testsuite/Makefile.in
 +++ nettle-3.10/testsuite/Makefile.in
@@ -28,7 +28,7 @@ TS_NETTLE_SOURCES = aes-test.c aes-keywr
 		    streebog-test.c sm3-test.c sm4-test.c \
 		    serpent-test.c twofish-test.c version-test.c \
 		    knuth-lfib-test.c \
 -		    cbc-test.c cfb-test.c ctr-test.c gcm-test.c eax-test.c ccm-test.c \
 +		    cbc-test.c cfb-test.c ctr-test.c eax-test.c ccm-test.c \
 		    cmac-test.c ocb-test.c siv-cmac-test.c siv-gcm-test.c \
 		    poly1305-test.c chacha-poly1305-test.c \
 		    hmac-test.c umac-test.c \
--- a/libnettle.changes
+++ b/libnettle.changes
@ -1,3 +1,20 @@
 -------------------------------------------------------------------
 Thu Jan  2 08:34:18 UTC 2025 - Pedro Monreal <pmonreal@suse.com>
 - Update to nettle 3.10.1:
  * Bug fixes:
    - Fix buffer overread in the new sha256 assembly for
      powerpc64, as well as a stack alignment issue.
    - Added missing nettle_mac structs for hmac-gosthash.
    - Fix configure test for valgrind, to not attempt to run
      valgrind on executables built using memory sanitizers.
  * Enable back the gcm regression test:
    - Remove libnettle-powerpc64-skip-AES-GCM-test.patch
  * Remove patches upstream:
    - libnettle-powerpc64-sha256-fix-loading-overreads.patch
    - libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch
    - libnettle-powerpc64-remove-m4_unquote-sha256.patch
 -------------------------------------------------------------------
 Tue Dec  3 08:07:16 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
--- a/libnettle.spec
+++ b/libnettle.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libnettle
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
 %define soname 8
 %define hogweed_soname 6
 Name:           libnettle
-Version:        3.10
+Version:        3.10.1
 Release:        0
 Summary:        Cryptographic Library
 License:        GPL-2.0-or-later AND LGPL-2.1-or-later
@ -30,11 +30,6 @@ Source1:        https://ftp.gnu.org/gnu/nettle/nettle-%{version}.tar.gz.sig
 Source2:        %{name}.keyring
 Source3:        baselibs.conf
 Source4:        %{name}-rpmlintrc
 # PATCH-FIX-UPSTREAM [jsc#PED-9904] ppcl64le: POWER10 performance enhancements for cryptography
 Patch1:         libnettle-powerpc64-remove-m4_unquote-sha256.patch
 Patch2:         libnettle-powerpc64-sha256-adjust-stack-offset-for-non-volatile-registers.patch
 Patch3:         libnettle-powerpc64-sha256-fix-loading-overreads.patch
 Patch4:         libnettle-powerpc64-skip-AES-GCM-test.patch
 BuildRequires:  autoconf
 BuildRequires:  fipscheck
 BuildRequires:  gmp-devel >= 6.1.0
--- a/nettle-3.10.1.tar.gz
+++ b/nettle-3.10.1.tar.gz
--- a/nettle-3.10.1.tar.gz.sig
+++ b/nettle-3.10.1.tar.gz.sig
--- a/nettle-3.10.tar.gz
+++ b/nettle-3.10.tar.gz
--- a/nettle-3.10.tar.gz.sig
+++ b/nettle-3.10.tar.gz.sig