Pedro Monreal Gonzalez
8c598ed63d
* Add openssl-3-disable-hmac-hw-acceleration-with-engine-digest.patch
* Add openssl-3-fix-hmac-digest-detection-s390x.patch
* Add openssl-3-fix-memleak-s390x_HMAC_CTX_copy.patch
- Add hardware acceleration for full AES-XTS jsc#PED-10273
* Add openssl-3-hw-acceleration-aes-xts-s390x.patch
- Support MSA 12 SHA3 on s390x jsc#PED-10280
* Add openssl-3-add_EVP_DigestSqueeze_api.patch
* Add openssl-3-support-multiple-sha3_squeeze_s390x.patch
* Add openssl-3-add-xof-state-handling-s3_absorb.patch
* Add openssl-3-fix-state-handling-sha3_absorb_s390x.patch
* Add openssl-3-fix-state-handling-sha3_final_s390x.patch
* Add openssl-3-fix-state-handling-shake_final_s390x.patch
* Add openssl-3-fix-state-handling-keccak_final_s390x.patch
* Add openssl-3-support-EVP_DigestSqueeze-in-digest-prov-s390x.patch
* Add openssl-3-add-defines-CPACF-funcs.patch
* Add openssl-3-add-hw-acceleration-hmac.patch
* Add openssl-3-support-CPACF-sha3-shake-perf-improvement.patch
* Add openssl-3-fix-s390x_sha3_absorb.patch
* Add openssl-3-fix-s390x_shake_squeeze.patch
- Update to 3.2.3:
* Changes between 3.2.2 and 3.2.3:
- Fixed possible denial of service in X.509 name checks. [CVE-2024-6119]
- Fixed possible buffer overread in SSL_select_next_proto(). [CVE-2024-5535]
* Changes between 3.2.1 and 3.2.2:
- Fixed potential use after free after SSL_free_buffers() is called. [CVE-2024-4741]
- Fixed an issue where checking excessively long DSA keys or parameters may
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=121
97 lines
2.1 KiB
Diff
97 lines
2.1 KiB
Diff
From 50f8b936b00dc18ce1f622a7a6aa46daf03da48b Mon Sep 17 00:00:00 2001
|
|
From: Rohan McLure <rohanmclure@linux.ibm.com>
|
|
Date: Wed, 16 Aug 2023 16:52:47 +1000
|
|
Subject: [PATCH] powerpc: ecc: Fix stack allocation secp384r1 asm
|
|
|
|
Assembly acceleration secp384r1 opts to not use any callee-save VSRs, as
|
|
VSX enabled systems make extensive use of renaming, and so writebacks in
|
|
felem_{mul,square}() can be reordered for best cache effects.
|
|
|
|
Remove stack allocations. This in turn fixes unmatched push/pops in
|
|
felem_{mul,square}().
|
|
|
|
Signed-off-by: Rohan McLure <rohan.mclure@linux.ibm.com>
|
|
|
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
|
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
|
Reviewed-by: Hugo Landau <hlandau@openssl.org>
|
|
(Merged from https://github.com/openssl/openssl/pull/21749)
|
|
---
|
|
crypto/ec/asm/ecp_nistp384-ppc64.pl | 49 -----------------------------
|
|
1 file changed, 49 deletions(-)
|
|
|
|
diff --git a/crypto/ec/asm/ecp_nistp384-ppc64.pl b/crypto/ec/asm/ecp_nistp384-ppc64.pl
|
|
index 3f86b391af69..28f4168e5218 100755
|
|
--- a/crypto/ec/asm/ecp_nistp384-ppc64.pl
|
|
+++ b/crypto/ec/asm/ecp_nistp384-ppc64.pl
|
|
@@ -62,51 +62,6 @@ ($)
|
|
___
|
|
}
|
|
|
|
-
|
|
-sub push_vrs($$)
|
|
-{
|
|
- my ($min, $max) = @_;
|
|
-
|
|
- my $count = $max - $min + 1;
|
|
-
|
|
- $code.=<<___;
|
|
- mr $savesp,$sp
|
|
- stdu $sp,-16*`$count+1`($sp)
|
|
-
|
|
-___
|
|
- for (my $i = $min; $i <= $max; $i++) {
|
|
- my $mult = $max - $i + 1;
|
|
- $code.=<<___;
|
|
- stxv $i,-16*$mult($savesp)
|
|
-___
|
|
-
|
|
- }
|
|
-
|
|
- $code.=<<___;
|
|
-
|
|
-___
|
|
-}
|
|
-
|
|
-sub pop_vrs($$)
|
|
-{
|
|
- my ($min, $max) = @_;
|
|
-
|
|
- $code.=<<___;
|
|
- ld $savesp,0($sp)
|
|
-___
|
|
- for (my $i = $min; $i <= $max; $i++) {
|
|
- my $mult = $max - $i + 1;
|
|
- $code.=<<___;
|
|
- lxv $i,-16*$mult($savesp)
|
|
-___
|
|
- }
|
|
-
|
|
- $code.=<<___;
|
|
- mr $sp,$savesp
|
|
-
|
|
-___
|
|
-}
|
|
-
|
|
sub load_vrs($$)
|
|
{
|
|
my ($pointer, $reg_list) = @_;
|
|
@@ -162,8 +117,6 @@ ($$)
|
|
|
|
startproc("p384_felem_mul");
|
|
|
|
- push_vrs(52, 63);
|
|
-
|
|
$code.=<<___;
|
|
vspltisw $vzero,0
|
|
|
|
@@ -268,8 +221,6 @@ ($$)
|
|
|
|
startproc("p384_felem_square");
|
|
|
|
- push_vrs(52, 63);
|
|
-
|
|
$code.=<<___;
|
|
vspltisw $vzero,0
|
|
|