diff options
author | Radu Moisan <radu.moisan@intel.com> | 2013-04-09 10:06:27 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-04-09 13:16:53 +0100 |
commit | f720f8f3d24fe914aaa2e7f6db190118769abf63 (patch) | |
tree | 1145f63be04aafa0b6532c184a47df46ab3f9dfe /meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch | |
parent | fb37dd6822578fced05fa4ab66b56341a46b3bbc (diff) | |
download | poky-f720f8f3d24fe914aaa2e7f6db190118769abf63.tar.gz |
openssl: Upgrade to v1.0.1e
Dropped obolete patches and pulled updates for debian patches.
Addresses CVEs:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2686
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0166
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169
[YOCTO #3965]
(From OE-Core rev: 0470edd01c0aebaa78db137e365a7e22bfb199e9)
Signed-off-by: Radu Moisan <radu.moisan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch | 177 |
1 files changed, 177 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch b/meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch new file mode 100644 index 0000000000..bfda3888bf --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl-1.0.1e/debian/pic.patch | |||
@@ -0,0 +1,177 @@ | |||
1 | Upstream-Status: Backport [debian] | ||
2 | |||
3 | Index: openssl-1.0.1c/crypto/des/asm/desboth.pl | ||
4 | =================================================================== | ||
5 | --- openssl-1.0.1c.orig/crypto/des/asm/desboth.pl 2001-10-24 23:20:56.000000000 +0200 | ||
6 | +++ openssl-1.0.1c/crypto/des/asm/desboth.pl 2012-07-29 14:15:26.000000000 +0200 | ||
7 | @@ -16,6 +16,11 @@ | ||
8 | |||
9 | &push("edi"); | ||
10 | |||
11 | + &call (&label("pic_point0")); | ||
12 | + &set_label("pic_point0"); | ||
13 | + &blindpop("ebp"); | ||
14 | + &add ("ebp", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); | ||
15 | + | ||
16 | &comment(""); | ||
17 | &comment("Load the data words"); | ||
18 | &mov($L,&DWP(0,"ebx","",0)); | ||
19 | @@ -47,15 +52,21 @@ | ||
20 | &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); | ||
21 | &mov(&swtmp(1), "eax"); | ||
22 | &mov(&swtmp(0), "ebx"); | ||
23 | - &call("DES_encrypt2"); | ||
24 | + &exch("ebx", "ebp"); | ||
25 | + &call("DES_encrypt2\@PLT"); | ||
26 | + &exch("ebx", "ebp"); | ||
27 | &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); | ||
28 | &mov(&swtmp(1), "edi"); | ||
29 | &mov(&swtmp(0), "ebx"); | ||
30 | - &call("DES_encrypt2"); | ||
31 | + &exch("ebx", "ebp"); | ||
32 | + &call("DES_encrypt2\@PLT"); | ||
33 | + &exch("ebx", "ebp"); | ||
34 | &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); | ||
35 | &mov(&swtmp(1), "esi"); | ||
36 | &mov(&swtmp(0), "ebx"); | ||
37 | - &call("DES_encrypt2"); | ||
38 | + &exch("ebx", "ebp"); | ||
39 | + &call("DES_encrypt2\@PLT"); | ||
40 | + &exch("ebx", "ebp"); | ||
41 | |||
42 | &stack_pop(3); | ||
43 | &mov($L,&DWP(0,"ebx","",0)); | ||
44 | Index: openssl-1.0.1c/crypto/perlasm/cbc.pl | ||
45 | =================================================================== | ||
46 | --- openssl-1.0.1c.orig/crypto/perlasm/cbc.pl 2011-07-13 08:22:46.000000000 +0200 | ||
47 | +++ openssl-1.0.1c/crypto/perlasm/cbc.pl 2012-07-29 14:15:26.000000000 +0200 | ||
48 | @@ -122,7 +122,11 @@ | ||
49 | &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call | ||
50 | &mov(&DWP($data_off+4,"esp","",0), "ebx"); # | ||
51 | |||
52 | - &call($enc_func); | ||
53 | + &call (&label("pic_point0")); | ||
54 | + &set_label("pic_point0"); | ||
55 | + &blindpop("ebx"); | ||
56 | + &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point0") . "]"); | ||
57 | + &call("$enc_func\@PLT"); | ||
58 | |||
59 | &mov("eax", &DWP($data_off,"esp","",0)); | ||
60 | &mov("ebx", &DWP($data_off+4,"esp","",0)); | ||
61 | @@ -185,7 +189,11 @@ | ||
62 | &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call | ||
63 | &mov(&DWP($data_off+4,"esp","",0), "ebx"); # | ||
64 | |||
65 | - &call($enc_func); | ||
66 | + &call (&label("pic_point1")); | ||
67 | + &set_label("pic_point1"); | ||
68 | + &blindpop("ebx"); | ||
69 | + &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point1") . "]"); | ||
70 | + &call("$enc_func\@PLT"); | ||
71 | |||
72 | &mov("eax", &DWP($data_off,"esp","",0)); | ||
73 | &mov("ebx", &DWP($data_off+4,"esp","",0)); | ||
74 | @@ -218,7 +226,11 @@ | ||
75 | &mov(&DWP($data_off,"esp","",0), "eax"); # put back | ||
76 | &mov(&DWP($data_off+4,"esp","",0), "ebx"); # | ||
77 | |||
78 | - &call($dec_func); | ||
79 | + &call (&label("pic_point2")); | ||
80 | + &set_label("pic_point2"); | ||
81 | + &blindpop("ebx"); | ||
82 | + &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point2") . "]"); | ||
83 | + &call("$dec_func\@PLT"); | ||
84 | |||
85 | &mov("eax", &DWP($data_off,"esp","",0)); # get return | ||
86 | &mov("ebx", &DWP($data_off+4,"esp","",0)); # | ||
87 | @@ -261,7 +273,11 @@ | ||
88 | &mov(&DWP($data_off,"esp","",0), "eax"); # put back | ||
89 | &mov(&DWP($data_off+4,"esp","",0), "ebx"); # | ||
90 | |||
91 | - &call($dec_func); | ||
92 | + &call (&label("pic_point3")); | ||
93 | + &set_label("pic_point3"); | ||
94 | + &blindpop("ebx"); | ||
95 | + &add ("ebx", "\$_GLOBAL_OFFSET_TABLE_+[.-" . &label("pic_point3") . "]"); | ||
96 | + &call("$dec_func\@PLT"); | ||
97 | |||
98 | &mov("eax", &DWP($data_off,"esp","",0)); # get return | ||
99 | &mov("ebx", &DWP($data_off+4,"esp","",0)); # | ||
100 | Index: openssl-1.0.1c/crypto/perlasm/x86gas.pl | ||
101 | =================================================================== | ||
102 | --- openssl-1.0.1c.orig/crypto/perlasm/x86gas.pl 2011-12-09 20:16:35.000000000 +0100 | ||
103 | +++ openssl-1.0.1c/crypto/perlasm/x86gas.pl 2012-07-29 14:15:26.000000000 +0200 | ||
104 | @@ -161,6 +161,7 @@ | ||
105 | if ($::macosx) { push (@out,"$tmp,2\n"); } | ||
106 | elsif ($::elf) { push (@out,"$tmp,4\n"); } | ||
107 | else { push (@out,"$tmp\n"); } | ||
108 | + if ($::elf) { push (@out,".hidden\tOPENSSL_ia32cap_P\n"); } | ||
109 | } | ||
110 | push(@out,$initseg) if ($initseg); | ||
111 | } | ||
112 | @@ -218,8 +219,23 @@ | ||
113 | elsif ($::elf) | ||
114 | { $initseg.=<<___; | ||
115 | .section .init | ||
116 | +___ | ||
117 | + if ($::pic) | ||
118 | + { $initseg.=<<___; | ||
119 | + pushl %ebx | ||
120 | + call .pic_point0 | ||
121 | +.pic_point0: | ||
122 | + popl %ebx | ||
123 | + addl \$_GLOBAL_OFFSET_TABLE_+[.-.pic_point0],%ebx | ||
124 | + call $f\@PLT | ||
125 | + popl %ebx | ||
126 | +___ | ||
127 | + } | ||
128 | + else | ||
129 | + { $initseg.=<<___; | ||
130 | call $f | ||
131 | ___ | ||
132 | + } | ||
133 | } | ||
134 | elsif ($::coff) | ||
135 | { $initseg.=<<___; # applies to both Cygwin and Mingw | ||
136 | Index: openssl-1.0.1c/crypto/x86cpuid.pl | ||
137 | =================================================================== | ||
138 | --- openssl-1.0.1c.orig/crypto/x86cpuid.pl 2012-02-28 15:20:34.000000000 +0100 | ||
139 | +++ openssl-1.0.1c/crypto/x86cpuid.pl 2012-07-29 14:15:26.000000000 +0200 | ||
140 | @@ -8,6 +8,8 @@ | ||
141 | |||
142 | for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } | ||
143 | |||
144 | +push(@out, ".hidden OPENSSL_ia32cap_P\n"); | ||
145 | + | ||
146 | &function_begin("OPENSSL_ia32_cpuid"); | ||
147 | &xor ("edx","edx"); | ||
148 | &pushf (); | ||
149 | @@ -139,9 +141,7 @@ | ||
150 | &set_label("nocpuid"); | ||
151 | &function_end("OPENSSL_ia32_cpuid"); | ||
152 | |||
153 | -&external_label("OPENSSL_ia32cap_P"); | ||
154 | - | ||
155 | -&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); | ||
156 | +&function_begin_B("OPENSSL_rdtsc"); | ||
157 | &xor ("eax","eax"); | ||
158 | &xor ("edx","edx"); | ||
159 | &picmeup("ecx","OPENSSL_ia32cap_P"); | ||
160 | @@ -155,7 +155,7 @@ | ||
161 | # This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host], | ||
162 | # but it's safe to call it on any [supported] 32-bit platform... | ||
163 | # Just check for [non-]zero return value... | ||
164 | -&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); | ||
165 | +&function_begin_B("OPENSSL_instrument_halt"); | ||
166 | &picmeup("ecx","OPENSSL_ia32cap_P"); | ||
167 | &bt (&DWP(0,"ecx"),4); | ||
168 | &jnc (&label("nohalt")); # no TSC | ||
169 | @@ -222,7 +222,7 @@ | ||
170 | &ret (); | ||
171 | &function_end_B("OPENSSL_far_spin"); | ||
172 | |||
173 | -&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD"); | ||
174 | +&function_begin_B("OPENSSL_wipe_cpu"); | ||
175 | &xor ("eax","eax"); | ||
176 | &xor ("edx","edx"); | ||
177 | &picmeup("ecx","OPENSSL_ia32cap_P"); | ||