Skip to content
  1. Jul 31, 2019
  2. May 28, 2019
  3. Mar 18, 2019
    • Daniel Axtens's avatar
      PPC assembly pack: fix copy-paste error in CTR mode · 5dcfd6c5
      Daniel Axtens authored
      
      
      There are two copy-paste errors in handling CTR mode. When dealing
      with a 2 or 3 block tail, the code branches to the CBC decryption exit
      path, rather than to the CTR exit path.
      
      This can lead to data corruption: in the Linux kernel we have a copy
      of this file, and the bug leads to corruption of the IV, which leads
      to data corruption when we call the encryption function again later to
      encrypt subsequent blocks.
      
      Originally reported to the Linux kernel by Ondrej Mosnáček <omosnacek@gmail.com>
      
      CLA: trivial
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/8510)
      
      (cherry picked from commit f643deac417a3ccb27f77670bb2b136de49079d9)
      5dcfd6c5
  4. Feb 26, 2019
  5. Feb 17, 2019
    • David Benjamin's avatar
      Fix some CFI issues in x86_64 assembly · 2086edb7
      David Benjamin authored
      
      
      The add/double shortcut in ecp_nistz256-x86_64.pl left one instruction
      point that did not unwind, and the "slow" path in AES_cbc_encrypt was
      not annotated correctly. For the latter, add
      .cfi_{remember,restore}_state support to perlasm.
      
      Next, fill in a bunch of functions that are missing no-op .cfi_startproc
      and .cfi_endproc blocks. libunwind cannot unwind those stack frames
      otherwise.
      
      Finally, work around a bug in libunwind by not encoding rflags. (rflags
      isn't a callee-saved register, so there's not much need to annotate it
      anyway.)
      
      These were found as part of ABI testing work in BoringSSL.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      GH: #8109
      (cherry picked from commit c0e8e500)
      2086edb7
  6. Feb 13, 2019
  7. Sep 11, 2018
  8. Jun 25, 2018
  9. Jun 03, 2018
  10. May 29, 2018
  11. May 10, 2018
  12. Mar 20, 2018
  13. Mar 19, 2018
  14. Feb 27, 2018
    • David Benjamin's avatar
      Always use adr with __thumb2__. · 8a5d8bc4
      David Benjamin authored
      Thumb2 addresses are a bit a mess, depending on whether a label is
      interpreted as a function pointer value (for use with BX and BLX) or as
      a program counter value (for use with PC-relative addressing). Clang's
      integrated assembler mis-assembles this code. See
      https://crbug.com/124610#c54 for details.
      
      Instead, use the ADR pseudo-instruction which has clear semantics and
      should be supported by every assembler that handles the OpenSSL Thumb2
      code. (In other files, the ADR vs SUB conditionals are based on
      __thumb2__ already. For some reason, this one is based on __APPLE__, I'm
      guessing to deal with an older version of clang assembler.)
      
      It's unclear to me which of clang or binutils is "correct" or if this is
      even a well-defined notion beyond "whatever binutils does". But I will
      note that https://github.com/openssl/openssl/pull/4669
      
       suggests binutils
      has also changed behavior around this before.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/5431)
      8a5d8bc4
  15. Feb 14, 2018
    • Richard Levitte's avatar
      Harmonize the make variables across all known platforms families · 722c9762
      Richard Levitte authored
      
      
      The make variables LIB_CFLAGS, DSO_CFLAGS and so on were used in
      addition to CFLAGS and so on.  This works without problem on Unix and
      Windows, where options with different purposes (such as -D and -I) can
      appear anywhere on the command line and get accumulated as they come.
      This is not necessarely so on VMS.  For example, macros must all be
      collected and given through one /DEFINE, and the same goes for
      inclusion directories (/INCLUDE).
      
      So, to harmonize all platforms, we repurpose make variables starting
      with LIB_, DSO_ and BIN_ to be all encompassing variables that
      collects the corresponding values from CFLAGS, CPPFLAGS, DEFINES,
      INCLUDES and so on together with possible config target values
      specific for libraries DSOs and programs, and use them instead of the
      general ones everywhere.
      
      This will, for example, allow VMS to use the exact same generators for
      generated files that go through cpp as all other platforms, something
      that has been impossible to do safely before now.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/5357)
      722c9762
  16. Jan 28, 2018
  17. Jan 09, 2018
  18. Jan 07, 2018
  19. Nov 13, 2017
  20. Nov 12, 2017
  21. Nov 05, 2017
  22. Oct 30, 2017
  23. Oct 17, 2017
  24. Oct 13, 2017
  25. Jul 24, 2017
  26. Jul 21, 2017
    • Andy Polyakov's avatar
      x86_64 assembly pack: "optimize" for Knights Landing, add AVX-512 results. · 64d92d74
      Andy Polyakov authored
      
      
      "Optimize" is in quotes because it's rather a "salvage operation"
      for now. Idea is to identify processor capability flags that
      drive Knights Landing to suboptimial code paths and mask them.
      Two flags were identified, XSAVE and ADCX/ADOX. Former affects
      choice of AES-NI code path specific for Silvermont (Knights Landing
      is of Silvermont "ancestry"). And 64-bit ADCX/ADOX instructions are
      effectively mishandled at decode time. In both cases we are looking
      at ~2x improvement.
      
      AVX-512 results cover even Skylake-X :-)
      
      Hardware used for benchmarking courtesy of Atos, experiments run by
      Romain Dolbeau <romain.dolbeau@atos.net>. Kudos!
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      64d92d74
  27. Jul 03, 2017
  28. May 11, 2017
  29. Mar 29, 2017
  30. Mar 26, 2017
    • Andy Polyakov's avatar
      aes/asm/bsaes-armv7.pl: relax stack alignment requirement. · 0822d41b
      Andy Polyakov authored
      
      
      Even though Apple refers to Procedure Call Standard for ARM Architecture
      (AAPCS), they apparently adhere to custom version that doesn't follow
      stack alignment constraints in the said standard. [Why or why? If it's
      vendor lock-in thing, then it would be like worst spot ever.] And since
      bsaes-armv7 relied on standard alignment, it became problematic to
      execute the code on iOS.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      0822d41b
  31. Mar 22, 2017
  32. Mar 02, 2017
  33. Feb 28, 2017
    • Emilia Kasper's avatar
      Clean up references to FIPS · b53338cb
      Emilia Kasper authored
      
      
      This removes the fips configure option. This option is broken as the
      required FIPS code is not available.
      
      FIPS_mode() and FIPS_mode_set() are retained for compatibility, but
      FIPS_mode() always returns 0, and FIPS_mode_set() can only be used to
      turn FIPS mode off.
      
      Reviewed-by: default avatarStephen Henson <steve@openssl.org>
      b53338cb
  34. Feb 21, 2017
  35. Feb 15, 2017
  36. Feb 13, 2017
  37. Feb 06, 2017