summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
diff options
context:
space:
mode:
authorVivek Kumbhar <vkumbhar@mvista.com>2024-01-10 17:08:40 +0530
committerSteve Sakoman <steve@sakoman.com>2024-01-13 14:57:55 -1000
commitdb1c8b434e1e249cf5a12fe39cf996373513f3dc (patch)
treeed3642ab62670dfd50468808c45b27ff2a235394 /meta/recipes-connectivity
parent8e27f96c0befbbb5cf8a2f7076b7a1ffd79addb6 (diff)
downloadopenembedded-core-contrib-db1c8b434e1e249cf5a12fe39cf996373513f3dc.tar.gz
openssl: Backport fix for CVE-2023-6129
Upstream-Status: Backport [https://github.com/openssl/openssl/commit/8d847a3ffd4f0b17ee33962cf69c36224925b34f] Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-connectivity')
-rw-r--r--meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch113
-rw-r--r--meta/recipes-connectivity/openssl/openssl_3.0.12.bb1
2 files changed, 114 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
new file mode 100644
index 0000000000..c5749e1874
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
@@ -0,0 +1,113 @@
+From 8d847a3ffd4f0b17ee33962cf69c36224925b34f Mon Sep 17 00:00:00 2001
+From: Rohan McLure <rmclure@linux.ibm.com>
+Date: Thu, 4 Jan 2024 10:25:50 +0100
+Subject: [PATCH] poly1305-ppc.pl: Fix vector register clobbering
+
+Fixes CVE-2023-6129
+
+The POLY1305 MAC (message authentication code) implementation in OpenSSL for
+PowerPC CPUs saves the the contents of vector registers in different order
+than they are restored. Thus the contents of some of these vector registers
+is corrupted when returning to the caller. The vulnerable code is used only
+on newer PowerPC processors supporting the PowerISA 2.07 instructions.
+
+Reviewed-by: Matt Caswell <matt@openssl.org>
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/23200)
+
+Upstream-Status: Backport [https://github.com/openssl/openssl/commit/8d847a3ffd4f0b17ee33962cf69c36224925b34f]
+CVE: CVE-2023-6129
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ crypto/poly1305/asm/poly1305-ppc.pl | 42 ++++++++++++++---------------
+ 1 file changed, 21 insertions(+), 21 deletions(-)
+
+diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl
+index 9f86134..2e601bb 100755
+--- a/crypto/poly1305/asm/poly1305-ppc.pl
++++ b/crypto/poly1305/asm/poly1305-ppc.pl
+@@ -744,7 +744,7 @@ ___
+ my $LOCALS= 6*$SIZE_T;
+ my $VSXFRAME = $LOCALS + 6*$SIZE_T;
+ $VSXFRAME += 128; # local variables
+- $VSXFRAME += 13*16; # v20-v31 offload
++ $VSXFRAME += 12*16; # v20-v31 offload
+
+ my $BIG_ENDIAN = ($flavour !~ /le/) ? 4 : 0;
+
+@@ -919,12 +919,12 @@ __poly1305_blocks_vsx:
+ addi r11,r11,32
+ stvx v22,r10,$sp
+ addi r10,r10,32
+- stvx v23,r10,$sp
+- addi r10,r10,32
+- stvx v24,r11,$sp
++ stvx v23,r11,$sp
+ addi r11,r11,32
+- stvx v25,r10,$sp
++ stvx v24,r10,$sp
+ addi r10,r10,32
++ stvx v25,r11,$sp
++ addi r11,r11,32
+ stvx v26,r10,$sp
+ addi r10,r10,32
+ stvx v27,r11,$sp
+@@ -1153,12 +1153,12 @@ __poly1305_blocks_vsx:
+ addi r11,r11,32
+ stvx v22,r10,$sp
+ addi r10,r10,32
+- stvx v23,r10,$sp
+- addi r10,r10,32
+- stvx v24,r11,$sp
++ stvx v23,r11,$sp
+ addi r11,r11,32
+- stvx v25,r10,$sp
++ stvx v24,r10,$sp
+ addi r10,r10,32
++ stvx v25,r11,$sp
++ addi r11,r11,32
+ stvx v26,r10,$sp
+ addi r10,r10,32
+ stvx v27,r11,$sp
+@@ -1899,26 +1899,26 @@ Ldone_vsx:
+ mtspr 256,r12 # restore vrsave
+ lvx v20,r10,$sp
+ addi r10,r10,32
+- lvx v21,r10,$sp
+- addi r10,r10,32
+- lvx v22,r11,$sp
++ lvx v21,r11,$sp
+ addi r11,r11,32
+- lvx v23,r10,$sp
++ lvx v22,r10,$sp
+ addi r10,r10,32
+- lvx v24,r11,$sp
++ lvx v23,r11,$sp
+ addi r11,r11,32
+- lvx v25,r10,$sp
++ lvx v24,r10,$sp
+ addi r10,r10,32
+- lvx v26,r11,$sp
++ lvx v25,r11,$sp
+ addi r11,r11,32
+- lvx v27,r10,$sp
++ lvx v26,r10,$sp
+ addi r10,r10,32
+- lvx v28,r11,$sp
++ lvx v27,r11,$sp
+ addi r11,r11,32
+- lvx v29,r10,$sp
++ lvx v28,r10,$sp
+ addi r10,r10,32
+- lvx v30,r11,$sp
+- lvx v31,r10,$sp
++ lvx v29,r11,$sp
++ addi r11,r11,32
++ lvx v30,r10,$sp
++ lvx v31,r11,$sp
+ $POP r27,`$VSXFRAME-$SIZE_T*5`($sp)
+ $POP r28,`$VSXFRAME-$SIZE_T*4`($sp)
+ $POP r29,`$VSXFRAME-$SIZE_T*3`($sp)
+--
+2.39.3
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
index 395cace2ec..4602151d91 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
@@ -13,6 +13,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://afalg.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
file://CVE-2023-5678.patch \
+ file://CVE-2023-6129.patch \
"
SRC_URI:append:class-nativesdk = " \