diff options
author | Ross Burton <ross.burton@arm.com> | 2024-03-27 11:15:07 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-03-30 22:20:28 +0000 |
commit | 438a390e8e1811bc2d3820c1cd2b8e099e70064a (patch) | |
tree | c4468c64b14c650791bfd62d7278f5334e028f6c /meta/recipes-connectivity | |
parent | cad5d53e13093ac2fc6f5ba1d0e26fb16e3d88f7 (diff) | |
download | openembedded-core-438a390e8e1811bc2d3820c1cd2b8e099e70064a.tar.gz |
openssl: fix crash on aarch64 if BTI is enabled but no Crypto instructions
On aarch64, if the processor doesn't have the Crypto instructions then
OpenSSL will fall back onto the "bit-sliced" assembler routines. When
branch protection (BTI) was enabled in OpenSSL these routines were
missed, so if BTI is available libssl will immediately abort when it
enters this assembler.
Backport a patch submitted upstream to add the required call target
annotations so that BTI doesn't believe the code is being exploited.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/bti.patch | 58 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.2.1.bb | 1 |
2 files changed, 59 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/bti.patch b/meta/recipes-connectivity/openssl/openssl/bti.patch new file mode 100644 index 0000000000..748576c30c --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/bti.patch @@ -0,0 +1,58 @@ +From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 +From: Tom Cosgrove <tom.cosgrove@arm.com> +Date: Tue, 26 Mar 2024 13:18:00 +0000 +Subject: [PATCH] aarch64: fix BTI in bsaes assembly code + +In Arm systems where BTI is enabled but the Crypto extensions are not (more +likely in FVPs than in real hardware), the bit-sliced assembler code will +be used. However, this wasn't annotated with BTI instructions when BTI was +enabled, so the moment libssl jumps into this code it (correctly) aborts. + +Solve this by adding the missing BTI landing pads. + +Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + crypto/aes/asm/bsaes-armv8.pl | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl +index b3c97e439f..c3c5ff3e05 100644 +--- a/crypto/aes/asm/bsaes-armv8.pl ++++ b/crypto/aes/asm/bsaes-armv8.pl +@@ -1018,6 +1018,7 @@ _bsaes_key_convert: + // Initialisation vector overwritten with last quadword of ciphertext + // No output registers, usual AAPCS64 register preservation + ossl_bsaes_cbc_encrypt: ++ AARCH64_VALID_CALL_TARGET + cmp x2, #128 + bhs .Lcbc_do_bsaes + b AES_cbc_encrypt +@@ -1270,7 +1271,7 @@ ossl_bsaes_cbc_encrypt: + // Output text filled in + // No output registers, usual AAPCS64 register preservation + ossl_bsaes_ctr32_encrypt_blocks: +- ++ AARCH64_VALID_CALL_TARGET + cmp x2, #8 // use plain AES for + blo .Lctr_enc_short // small sizes + +@@ -1476,6 +1477,7 @@ ossl_bsaes_ctr32_encrypt_blocks: + // Output ciphertext filled in + // No output registers, usual AAPCS64 register preservation + ossl_bsaes_xts_encrypt: ++ AARCH64_VALID_CALL_TARGET + // Stack layout: + // sp -> + // nrounds*128-96 bytes: key schedule +@@ -1921,6 +1923,7 @@ ossl_bsaes_xts_encrypt: + // Output plaintext filled in + // No output registers, usual AAPCS64 register preservation + ossl_bsaes_xts_decrypt: ++ AARCH64_VALID_CALL_TARGET + // Stack layout: + // sp -> + // nrounds*128-96 bytes: key schedule +-- +2.34.1 + diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb index 1682b6f8cc..c7134c54db 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.2.1.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.2.1.bb @@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://0001-Configure-do-not-tweak-mips-cflags.patch \ file://0001-Added-handshake-history-reporting-when-test-fails.patch \ + file://bti.patch \ " SRC_URI:append:class-nativesdk = " \ |