diff options
| author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-03-16 08:53:25 +0000 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-03-16 17:49:38 +0000 |
| commit | 4e18b5ebb0550543fca057989533ce127021879b (patch) | |
| tree | 9ab316b3dd28027b85d95a92d825ec22c8392073 /meta/recipes-connectivity/openssl | |
| parent | 1fd13ab7e11e7b64fefff1afb669dc2b8b47b534 (diff) | |
| download | poky-4e18b5ebb0550543fca057989533ce127021879b.tar.gz | |
openssl: Fix reproducibility issue
Fix an issue introduced in the new openssl version where an assembler file
isn't generated in a reproducible way by seeding the perl random number
generator consistently. It has no crypto impact, it is just used to
avoid function name clashes.
(From OE-Core rev: 448df3e1c02fe224d62f59a236fdcd47ea7e695f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl')
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl/fix_random_labels.patch | 22 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.1.0.bb | 1 |
2 files changed, 23 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/fix_random_labels.patch b/meta/recipes-connectivity/openssl/openssl/fix_random_labels.patch new file mode 100644 index 0000000000..78dcd81685 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/fix_random_labels.patch | |||
| @@ -0,0 +1,22 @@ | |||
| 1 | The perl script adds random suffixes to the local function names to ensure | ||
| 2 | it doesn't clash with other parts of openssl. Set the random number seed | ||
| 3 | to something predictable so the assembler files are generated consistently | ||
| 4 | and our own reproducible builds tests pass. | ||
| 5 | |||
| 6 | Upstream-Status: Pending | ||
| 7 | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
| 8 | |||
| 9 | Index: openssl-3.1.0/crypto/modes/asm/aes-gcm-avx512.pl | ||
| 10 | =================================================================== | ||
| 11 | --- openssl-3.1.0.orig/crypto/modes/asm/aes-gcm-avx512.pl | ||
| 12 | +++ openssl-3.1.0/crypto/modes/asm/aes-gcm-avx512.pl | ||
| 13 | @@ -191,6 +191,9 @@ my $CTX_OFFSET_HTable = (16 * 6); | ||
| 14 | # ;;; Helper functions | ||
| 15 | # ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | ||
| 16 | |||
| 17 | +# Ensure the local labels are reproduicble | ||
| 18 | +srand(10000); | ||
| 19 | + | ||
| 20 | # ; Generates "random" local labels | ||
| 21 | sub random_string() { | ||
| 22 | my @chars = ('a' .. 'z', 'A' .. 'Z', '0' .. '9', '_'); | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_3.1.0.bb b/meta/recipes-connectivity/openssl/openssl_3.1.0.bb index 4ae376d18a..85286a0618 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.1.0.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.1.0.bb | |||
| @@ -11,6 +11,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | |||
| 11 | file://run-ptest \ | 11 | file://run-ptest \ |
| 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ | 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ |
| 13 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 13 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
| 14 | file://fix_random_labels.patch \ | ||
| 14 | " | 15 | " |
| 15 | 16 | ||
| 16 | SRC_URI:append:class-nativesdk = " \ | 17 | SRC_URI:append:class-nativesdk = " \ |