forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
378 lines
12 KiB
Diff
378 lines
12 KiB
Diff
diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h
|
|
index 34e04b4..a156c97 100644
|
|
--- a/crypto/s390x_arch.h
|
|
+++ b/crypto/s390x_arch.h
|
|
@@ -26,6 +26,9 @@ void s390x_kmf(const unsigned char *in, size_t len, unsigned char *out,
|
|
unsigned int fc, void *param);
|
|
void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in,
|
|
size_t len, unsigned char *out, unsigned int fc, void *param);
|
|
+int s390x_pcc(unsigned int fc, void *param);
|
|
+int s390x_kdsa(unsigned int fc, void *param, const unsigned char *in,
|
|
+ size_t len);
|
|
|
|
/*
|
|
* The field elements of OPENSSL_s390xcap_P are the 64-bit words returned by
|
|
@@ -45,6 +48,8 @@ struct OPENSSL_s390xcap_st {
|
|
unsigned long long kmf[2];
|
|
unsigned long long prno[2];
|
|
unsigned long long kma[2];
|
|
+ unsigned long long pcc[2];
|
|
+ unsigned long long kdsa[2];
|
|
};
|
|
|
|
#if defined(__GNUC__) && defined(__linux)
|
|
@@ -72,6 +77,8 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
|
|
# define S390X_KMF 0x90
|
|
# define S390X_PRNO 0xa0
|
|
# define S390X_KMA 0xb0
|
|
+# define S390X_PCC 0xc0
|
|
+# define S390X_KDSA 0xd0
|
|
|
|
/* Facility Bit Numbers */
|
|
# define S390X_MSA 17 /* message-security-assist */
|
|
@@ -83,6 +90,7 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
|
|
# define S390X_VXD 134 /* vector packed decimal */
|
|
# define S390X_VXE 135 /* vector enhancements 1 */
|
|
# define S390X_MSA8 146 /* message-security-assist-ext. 8 */
|
|
+# define S390X_MSA9 155 /* message-security-assist-ext. 9 */
|
|
|
|
/* Function Codes */
|
|
|
|
@@ -114,10 +122,24 @@ extern struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
|
|
# define S390X_SHA_512_DRNG 3
|
|
# define S390X_TRNG 114
|
|
|
|
+/* pcc */
|
|
+# define S390X_SCALAR_MULTIPLY_P256 64
|
|
+# define S390X_SCALAR_MULTIPLY_P384 65
|
|
+# define S390X_SCALAR_MULTIPLY_P521 66
|
|
+
|
|
+/* kdsa */
|
|
+# define S390X_ECDSA_VERIFY_P256 1
|
|
+# define S390X_ECDSA_VERIFY_P384 2
|
|
+# define S390X_ECDSA_VERIFY_P521 3
|
|
+# define S390X_ECDSA_SIGN_P256 9
|
|
+# define S390X_ECDSA_SIGN_P384 10
|
|
+# define S390X_ECDSA_SIGN_P521 11
|
|
+
|
|
/* Register 0 Flags */
|
|
# define S390X_DECRYPT 0x80
|
|
# define S390X_KMA_LPC 0x100
|
|
# define S390X_KMA_LAAD 0x200
|
|
# define S390X_KMA_HS 0x400
|
|
+# define S390X_KDSA_D 0x80
|
|
|
|
#endif
|
|
diff --git a/crypto/s390xcap.c b/crypto/s390xcap.c
|
|
index da6af34..3d762fd 100644
|
|
--- a/crypto/s390xcap.c
|
|
+++ b/crypto/s390xcap.c
|
|
@@ -140,6 +140,10 @@ void OPENSSL_cpuid_setup(void)
|
|
OPENSSL_s390xcap_P.prno[1] &= cap.prno[1];
|
|
OPENSSL_s390xcap_P.kma[0] &= cap.kma[0];
|
|
OPENSSL_s390xcap_P.kma[1] &= cap.kma[1];
|
|
+ OPENSSL_s390xcap_P.pcc[0] &= cap.pcc[0];
|
|
+ OPENSSL_s390xcap_P.pcc[1] &= cap.pcc[1];
|
|
+ OPENSSL_s390xcap_P.kdsa[0] &= cap.kdsa[0];
|
|
+ OPENSSL_s390xcap_P.kdsa[1] &= cap.kdsa[1];
|
|
}
|
|
}
|
|
|
|
@@ -166,6 +170,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
.kmf = {0ULL, 0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {0ULL, 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -192,6 +198,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
.kmf = {0ULL, 0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {0ULL, 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -223,6 +231,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
.kmf = {0ULL, 0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {0ULL, 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -260,6 +270,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
.kmf = {0ULL, 0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {0ULL, 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -316,6 +328,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {S390X_CAPBIT(S390X_QUERY),
|
|
+ 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -372,6 +387,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
0ULL},
|
|
.prno = {0ULL, 0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {S390X_CAPBIT(S390X_QUERY),
|
|
+ 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -432,6 +450,9 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
| S390X_CAPBIT(S390X_SHA_512_DRNG),
|
|
0ULL},
|
|
.kma = {0ULL, 0ULL},
|
|
+ .pcc = {S390X_CAPBIT(S390X_QUERY),
|
|
+ 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
};
|
|
|
|
/*-
|
|
@@ -511,6 +532,101 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
| S390X_CAPBIT(S390X_AES_192)
|
|
| S390X_CAPBIT(S390X_AES_256),
|
|
0ULL},
|
|
+ .pcc = {S390X_CAPBIT(S390X_QUERY),
|
|
+ 0ULL},
|
|
+ .kdsa = {0ULL, 0ULL},
|
|
+ };
|
|
+
|
|
+ /*-
|
|
+ * z15 (2019) - z/Architecture POP SA22-7832-12
|
|
+ * Implements MSA and MSA1-9.
|
|
+ */
|
|
+ static const struct OPENSSL_s390xcap_st z15 = {
|
|
+ /*.stfle = */{S390X_CAPBIT(S390X_MSA)
|
|
+ | S390X_CAPBIT(S390X_STCKF)
|
|
+ | S390X_CAPBIT(S390X_MSA5),
|
|
+ S390X_CAPBIT(S390X_MSA3)
|
|
+ | S390X_CAPBIT(S390X_MSA4),
|
|
+ S390X_CAPBIT(S390X_VX)
|
|
+ | S390X_CAPBIT(S390X_VXD)
|
|
+ | S390X_CAPBIT(S390X_VXE)
|
|
+ | S390X_CAPBIT(S390X_MSA8),
|
|
+ 0ULL},
|
|
+ /*.kimd = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_SHA_1)
|
|
+ | S390X_CAPBIT(S390X_SHA_256)
|
|
+ | S390X_CAPBIT(S390X_SHA_512)
|
|
+ | S390X_CAPBIT(S390X_SHA3_224)
|
|
+ | S390X_CAPBIT(S390X_SHA3_256)
|
|
+ | S390X_CAPBIT(S390X_SHA3_384)
|
|
+ | S390X_CAPBIT(S390X_SHA3_512)
|
|
+ | S390X_CAPBIT(S390X_SHAKE_128)
|
|
+ | S390X_CAPBIT(S390X_SHAKE_256),
|
|
+ S390X_CAPBIT(S390X_GHASH)},
|
|
+ /*.klmd = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_SHA_1)
|
|
+ | S390X_CAPBIT(S390X_SHA_256)
|
|
+ | S390X_CAPBIT(S390X_SHA_512)
|
|
+ | S390X_CAPBIT(S390X_SHA3_224)
|
|
+ | S390X_CAPBIT(S390X_SHA3_256)
|
|
+ | S390X_CAPBIT(S390X_SHA3_384)
|
|
+ | S390X_CAPBIT(S390X_SHA3_512)
|
|
+ | S390X_CAPBIT(S390X_SHAKE_128)
|
|
+ | S390X_CAPBIT(S390X_SHAKE_256),
|
|
+ 0ULL},
|
|
+ /*.km = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256)
|
|
+ | S390X_CAPBIT(S390X_XTS_AES_128)
|
|
+ | S390X_CAPBIT(S390X_XTS_AES_256),
|
|
+ 0ULL},
|
|
+ /*.kmc = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.kmac = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.kmctr = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.kmo = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.kmf = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.prno = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_SHA_512_DRNG),
|
|
+ S390X_CAPBIT(S390X_TRNG)},
|
|
+ /*.kma = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_AES_128)
|
|
+ | S390X_CAPBIT(S390X_AES_192)
|
|
+ | S390X_CAPBIT(S390X_AES_256),
|
|
+ 0ULL},
|
|
+ /*.pcc = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P256)
|
|
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P384)
|
|
+ | S390X_CAPBIT(S390X_SCALAR_MULTIPLY_P521),
|
|
+ 0ULL},
|
|
+ /*.kdsa = */{S390X_CAPBIT(S390X_QUERY)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P256)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P384)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_VERIFY_P521)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P256)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P384)
|
|
+ | S390X_CAPBIT(S390X_ECDSA_SIGN_P521),
|
|
+ 0ULL},
|
|
};
|
|
|
|
char *tok_begin, *tok_end, *buff, tok[S390X_STFLE_MAX][LEN + 1];
|
|
@@ -554,6 +670,8 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
else if TOK_FUNC(kmf)
|
|
else if TOK_FUNC(prno)
|
|
else if TOK_FUNC(kma)
|
|
+ else if TOK_FUNC(pcc)
|
|
+ else if TOK_FUNC(kdsa)
|
|
|
|
/* CPU model tokens */
|
|
else if TOK_CPU(z900)
|
|
@@ -564,6 +682,7 @@ static int parse_env(struct OPENSSL_s390xcap_st *cap)
|
|
else if TOK_CPU(zEC12)
|
|
else if TOK_CPU(z13)
|
|
else if TOK_CPU(z14)
|
|
+ else if TOK_CPU(z15)
|
|
|
|
/* whitespace(ignored) or invalid tokens */
|
|
else {
|
|
diff --git a/crypto/s390xcpuid.pl b/crypto/s390xcpuid.pl
|
|
index 3602301..344f4f6 100755
|
|
--- a/crypto/s390xcpuid.pl
|
|
+++ b/crypto/s390xcpuid.pl
|
|
@@ -77,8 +77,13 @@ OPENSSL_s390x_functions:
|
|
stg %r0,S390X_PRNO+8(%r4)
|
|
stg %r0,S390X_KMA(%r4)
|
|
stg %r0,S390X_KMA+8(%r4)
|
|
+ stg %r0,S390X_PCC(%r4)
|
|
+ stg %r0,S390X_PCC+8(%r4)
|
|
+ stg %r0,S390X_KDSA(%r4)
|
|
+ stg %r0,S390X_KDSA+8(%r4)
|
|
|
|
lmg %r2,%r3,S390X_STFLE(%r4)
|
|
+
|
|
tmhl %r2,0x4000 # check for message-security-assist
|
|
jz .Lret
|
|
|
|
@@ -102,6 +107,13 @@ OPENSSL_s390x_functions:
|
|
la %r1,S390X_KMAC(%r4)
|
|
.long 0xb91e0042 # kmac %r4,%r2
|
|
|
|
+ tmhh %r3,0x0003 # check for message-security-assist-3
|
|
+ jz .Lret
|
|
+
|
|
+ lghi %r0,S390X_QUERY # query pcc capability vector
|
|
+ la %r1,S390X_PCC(%r4)
|
|
+ .long 0xb92c0000 # pcc
|
|
+
|
|
tmhh %r3,0x0004 # check for message-security-assist-4
|
|
jz .Lret
|
|
|
|
@@ -125,6 +137,7 @@ OPENSSL_s390x_functions:
|
|
.long 0xb93c0042 # prno %r4,%r2
|
|
|
|
lg %r2,S390X_STFLE+16(%r4)
|
|
+
|
|
tmhl %r2,0x2000 # check for message-security-assist-8
|
|
jz .Lret
|
|
|
|
@@ -132,6 +145,13 @@ OPENSSL_s390x_functions:
|
|
la %r1,S390X_KMA(%r4)
|
|
.long 0xb9294022 # kma %r2,%r4,%r2
|
|
|
|
+ tmhl %r2,0x0010 # check for message-security-assist-9
|
|
+ jz .Lret
|
|
+
|
|
+ lghi %r0,S390X_QUERY # query kdsa capability vector
|
|
+ la %r1,S390X_KDSA(%r4)
|
|
+ .long 0xb93a0002 # kdsa %r0,%r2
|
|
+
|
|
.Lret:
|
|
br $ra
|
|
.size OPENSSL_s390x_functions,.-OPENSSL_s390x_functions
|
|
@@ -422,6 +442,57 @@ s390x_kma:
|
|
___
|
|
}
|
|
|
|
+################
|
|
+# void s390x_pcc(unsigned int fc, void *param)
|
|
+{
|
|
+my ($fc,$param) = map("%r$_",(2..3));
|
|
+$code.=<<___;
|
|
+.globl s390x_pcc
|
|
+.type s390x_pcc,\@function
|
|
+.align 16
|
|
+s390x_pcc:
|
|
+ lr %r0,$fc
|
|
+ l${g}r %r1,$param
|
|
+ lhi %r2,0
|
|
+
|
|
+ .long 0xb92c0000 # pcc
|
|
+ brc 1,.-4 # pay attention to "partial completion"
|
|
+ brc 7,.Lpcc_err # if CC==0 return 0, else return 1
|
|
+.Lpcc_out:
|
|
+ br $ra
|
|
+.Lpcc_err:
|
|
+ lhi %r2,1
|
|
+ j .Lpcc_out
|
|
+.size s390x_pcc,.-s390x_pcc
|
|
+___
|
|
+}
|
|
+
|
|
+################
|
|
+# void s390x_kdsa(unsigned int fc, void *param,
|
|
+# const unsigned char *in, size_t len)
|
|
+{
|
|
+my ($fc,$param,$in,$len) = map("%r$_",(2..5));
|
|
+$code.=<<___;
|
|
+.globl s390x_kdsa
|
|
+.type s390x_kdsa,\@function
|
|
+.align 16
|
|
+s390x_kdsa:
|
|
+ lr %r0,$fc
|
|
+ l${g}r %r1,$param
|
|
+ lhi %r2,0
|
|
+
|
|
+ .long 0xb93a0004 # kdsa %r0,$in
|
|
+ brc 1,.-4 # pay attention to "partial completion"
|
|
+ brc 7,.Lkdsa_err # if CC==0 return 0, else return 1
|
|
+.Lkdsa_out:
|
|
+ br $ra
|
|
+.Lkdsa_err:
|
|
+ lhi %r2,1
|
|
+ j .Lkdsa_out
|
|
+.size s390x_kdsa,.-s390x_kdsa
|
|
+___
|
|
+}
|
|
+
|
|
$code.=<<___;
|
|
.section .init
|
|
brasl $ra,OPENSSL_cpuid_setup
|