summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2015-12-07 16:55:52 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-01-14 15:18:27 +0000
commit7dcaa840ff03b4aef774b35ae4d5e64b0b540142 (patch)
treec03f9e35850642f57cf44f7bc2753b0c48994117
parent435139b2a90f765b898c074c0dfa34a0208962fa (diff)
downloadpoky-7dcaa840ff03b4aef774b35ae4d5e64b0b540142.tar.gz
openssl: fix for CVE-2015-3193
(From OE-Core rev: 4d9006b1217ee7e97108f36db19aebd93e1d9850) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch101
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.0.2d.bb1
2 files changed, 102 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
new file mode 100644
index 0000000000..125016a23a
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
@@ -0,0 +1,101 @@
1From d73cc256c8e256c32ed959456101b73ba9842f72 Mon Sep 17 00:00:00 2001
2From: Andy Polyakov <appro@openssl.org>
3Date: Tue, 1 Dec 2015 09:00:32 +0100
4Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry propagating bug
5 (CVE-2015-3193).
6
7Reviewed-by: Richard Levitte <levitte@openssl.org>
8(cherry picked from commit e7c078db57908cbf16074c68034977565ffaf107)
9
10Upstream-Status: Backport
11
12This patch was imported from
13https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72
14
15Signed-off-by: Armin Kuster <akuster@mvista.com>
16
17---
18 crypto/bn/asm/x86_64-mont5.pl | 22 +++++++++++++++++++---
19 crypto/bn/bntest.c | 18 ++++++++++++++++++
20 2 files changed, 37 insertions(+), 3 deletions(-)
21
22Index: openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl
23===================================================================
24--- openssl-1.0.2d.orig/crypto/bn/asm/x86_64-mont5.pl
25+++ openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl
26@@ -1779,6 +1779,15 @@ sqr8x_reduction:
27 .align 32
28 .L8x_tail_done:
29 add (%rdx),%r8 # can this overflow?
30+ adc \$0,%r9
31+ adc \$0,%r10
32+ adc \$0,%r11
33+ adc \$0,%r12
34+ adc \$0,%r13
35+ adc \$0,%r14
36+ adc \$0,%r15 # can't overflow, because we
37+ # started with "overhung" part
38+ # of multiplication
39 xor %rax,%rax
40
41 neg $carry
42@@ -3125,6 +3134,15 @@ sqrx8x_reduction:
43 .align 32
44 .Lsqrx8x_tail_done:
45 add 24+8(%rsp),%r8 # can this overflow?
46+ adc \$0,%r9
47+ adc \$0,%r10
48+ adc \$0,%r11
49+ adc \$0,%r12
50+ adc \$0,%r13
51+ adc \$0,%r14
52+ adc \$0,%r15 # can't overflow, because we
53+ # started with "overhung" part
54+ # of multiplication
55 mov $carry,%rax # xor %rax,%rax
56
57 sub 16+8(%rsp),$carry # mov 16(%rsp),%cf
58@@ -3168,13 +3186,11 @@ my ($rptr,$nptr)=("%rdx","%rbp");
59 my @ri=map("%r$_",(10..13));
60 my @ni=map("%r$_",(14..15));
61 $code.=<<___;
62- xor %rbx,%rbx
63+ xor %ebx,%ebx
64 sub %r15,%rsi # compare top-most words
65 adc %rbx,%rbx
66 mov %rcx,%r10 # -$num
67- .byte 0x67
68 or %rbx,%rax
69- .byte 0x67
70 mov %rcx,%r9 # -$num
71 xor \$1,%rax
72 sar \$3+2,%rcx # cf=0
73Index: openssl-1.0.2d/crypto/bn/bntest.c
74===================================================================
75--- openssl-1.0.2d.orig/crypto/bn/bntest.c
76+++ openssl-1.0.2d/crypto/bn/bntest.c
77@@ -1027,6 +1027,24 @@ int test_mod_exp_mont_consttime(BIO *bp,
78 return 0;
79 }
80 }
81+
82+ /* Regression test for carry propagation bug in sqr8x_reduction */
83+ BN_hex2bn(&a, "050505050505");
84+ BN_hex2bn(&b, "02");
85+ BN_hex2bn(&c,
86+ "4141414141414141414141274141414141414141414141414141414141414141"
87+ "4141414141414141414141414141414141414141414141414141414141414141"
88+ "4141414141414141414141800000000000000000000000000000000000000000"
89+ "0000000000000000000000000000000000000000000000000000000000000000"
90+ "0000000000000000000000000000000000000000000000000000000000000000"
91+ "0000000000000000000000000000000000000000000000000000000001");
92+ BN_mod_exp(d, a, b, c, ctx);
93+ BN_mul(e, a, a, ctx);
94+ if (BN_cmp(d, e)) {
95+ fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n");
96+ return 0;
97+ }
98+
99 BN_free(a);
100 BN_free(b);
101 BN_free(c);
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
index 659e0bd49e..b5ec133016 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
@@ -37,6 +37,7 @@ SRC_URI += "file://configure-targets.patch \
37 file://crypto_use_bigint_in_x86-64_perl.patch \ 37 file://crypto_use_bigint_in_x86-64_perl.patch \
38 file://openssl-1.0.2a-x32-asm.patch \ 38 file://openssl-1.0.2a-x32-asm.patch \
39 file://ptest_makefile_deps.patch \ 39 file://ptest_makefile_deps.patch \
40 file://CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch \
40 " 41 "
41 42
42SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a" 43SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a"