From 6ed66302c1e8ad838631812f793c88b24929dfd8b6826ef152416950c13b0db9 Mon Sep 17 00:00:00 2001
From: Otto Hollmann <otto.hollmann@suse.com>
Date: Thu, 9 May 2024 13:24:04 +0000
Subject: [PATCH] Accepting request 1172786 from
 home:gbelinassi:branches:security:tls

- Enable livepatching support (bsc#1223428)

OBS-URL: https://build.opensuse.org/request/show/1172786
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=98
---
 openssl-3.changes |  5 +++++
 openssl-3.spec    | 13 +++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/openssl-3.changes b/openssl-3.changes
index ca3988a..da0677b 100644
--- a/openssl-3.changes
+++ b/openssl-3.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue May  7 13:35:31 UTC 2024 - Giuliano Belinassi <giuliano.belinassi@suse.com>
+
+- Enable livepatching support (bsc#1223428)
+
 -------------------------------------------------------------------
 Tue May  7 11:51:38 UTC 2024 - Otto Hollmann <otto.hollmann@suse.com>
 
diff --git a/openssl-3.spec b/openssl-3.spec
index e5528c9..33a64b2 100644
--- a/openssl-3.spec
+++ b/openssl-3.spec
@@ -22,6 +22,10 @@
 %define man_suffix 3ssl
 %global sslengcnf %{ssletcdir}/engines%{sover}.d
 %global sslengdef %{ssletcdir}/engdef%{sover}.d
+
+# Enable userspace livepatching.
+%define livepatchable 1
+
 Name:           openssl-3
 # Don't forget to update the version in the "openssl" meta-package!
 Version:        3.1.4
@@ -86,6 +90,13 @@ Patch27:        openssl-CVE-2024-0727.patch
 # PATCH-FIX-UPSTREAM: bsc#1222548 CVE-2024-2511: Unbounded memory growth with session handling in TLSv1.3
 Patch28:        openssl-CVE-2024-2511.patch
 BuildRequires:  pkgconfig
+%if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550
+BuildRequires:  ulp-macros
+%else
+# Define ulp-macros macros as empty
+%define cflags_livepatching ""
+%define pack_ipa_dumps      echo "Livepatching is disabled in this build"
+%endif
 BuildRequires:  pkgconfig(zlib)
 Requires:       libopenssl3 = %{version}-%{release}
 Requires:       openssl
@@ -188,6 +199,7 @@ export MACHINE=armv6l
     --libdir=%{_lib} \
     --openssldir=%{ssletcdir} \
     %{optflags} \
+    %{cflags_livepatching} \
     -Wa,--noexecstack \
     -Wl,-z,relro,-z,now \
     -fno-common \
@@ -252,6 +264,7 @@ gcc -o showciphers %{optflags} -I%{buildroot}%{_includedir} %{SOURCE5} -L%{build
 LD_LIBRARY_PATH=%{buildroot}%{_libdir} ./showciphers
 
 %install
+%{pack_ipa_dumps}
 %make_install %{?_smp_mflags} MANSUFFIX=%{man_suffix}
 
 rename so.%{sover} so.%{version} %{buildroot}%{_libdir}/*.so.%{sover}