diff options
Diffstat (limited to 'meta/recipes-connectivity/openssl')
-rw-r--r-- | meta/recipes-connectivity/openssl/files/environment.d-openssl.sh | 1 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch | 43 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/bti.patch | 58 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.3.1.bb (renamed from meta/recipes-connectivity/openssl/openssl_3.3.0.bb) | 10 |
4 files changed, 47 insertions, 65 deletions
diff --git a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh index 6f23490c87..f90088aab7 100644 --- a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh +++ b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh | |||
@@ -3,3 +3,4 @@ export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/certs" | |||
3 | export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/certs/ca-certificates.crt" | 3 | export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl/certs/ca-certificates.crt" |
4 | export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/" | 4 | export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/" |
5 | export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3" | 5 | export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3" |
6 | export BB_ENV_PASSTHROUGH_ADDITIONS="$BB_ENV_PASSTHROUGH_ADDITIONS SSL_CERT_DIR SSL_CERT_FILE OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES" | ||
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch b/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch new file mode 100644 index 0000000000..e398d1074a --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-Implement-riscv_vlen_asm-for-riscv32.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 725b1530456545e8511adc9cbdd265309dffad53 Mon Sep 17 00:00:00 2001 | ||
2 | From: Hongren Zheng <i@zenithal.me> | ||
3 | Date: Fri, 26 Apr 2024 06:03:43 +0000 | ||
4 | Subject: [PATCH] Implement riscv_vlen_asm for riscv32 | ||
5 | |||
6 | riscvcap.c: undefined reference to 'riscv_vlen_asm' | ||
7 | |||
8 | Upstream-Status: Backport [https://github.com/openssl/openssl/pull/24270] | ||
9 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
10 | --- | ||
11 | crypto/riscv32cpuid.pl | 17 +++++++++++++++++ | ||
12 | 1 file changed, 17 insertions(+) | ||
13 | |||
14 | diff --git a/crypto/riscv32cpuid.pl b/crypto/riscv32cpuid.pl | ||
15 | index 20694e7..ac1c043 100644 | ||
16 | --- a/crypto/riscv32cpuid.pl | ||
17 | +++ b/crypto/riscv32cpuid.pl | ||
18 | @@ -84,5 +84,22 @@ OPENSSL_cleanse: | ||
19 | ___ | ||
20 | } | ||
21 | |||
22 | +{ | ||
23 | +my ($ret) = ('a0'); | ||
24 | +$code .= <<___; | ||
25 | +################################################################################ | ||
26 | +# size_t riscv_vlen_asm(void) | ||
27 | +# Return VLEN (i.e. the length of a vector register in bits). | ||
28 | +.p2align 3 | ||
29 | +.globl riscv_vlen_asm | ||
30 | +.type riscv_vlen_asm,\@function | ||
31 | +riscv_vlen_asm: | ||
32 | + csrr $ret, vlenb | ||
33 | + slli $ret, $ret, 3 | ||
34 | + ret | ||
35 | +.size riscv_vlen_asm,.-riscv_vlen_asm | ||
36 | +___ | ||
37 | +} | ||
38 | + | ||
39 | print $code; | ||
40 | close STDOUT or die "error closing STDOUT: $!"; | ||
41 | -- | ||
42 | 2.45.0 | ||
43 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl/bti.patch b/meta/recipes-connectivity/openssl/openssl/bti.patch deleted file mode 100644 index 748576c30c..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/bti.patch +++ /dev/null | |||
@@ -1,58 +0,0 @@ | |||
1 | From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 | ||
2 | From: Tom Cosgrove <tom.cosgrove@arm.com> | ||
3 | Date: Tue, 26 Mar 2024 13:18:00 +0000 | ||
4 | Subject: [PATCH] aarch64: fix BTI in bsaes assembly code | ||
5 | |||
6 | In Arm systems where BTI is enabled but the Crypto extensions are not (more | ||
7 | likely in FVPs than in real hardware), the bit-sliced assembler code will | ||
8 | be used. However, this wasn't annotated with BTI instructions when BTI was | ||
9 | enabled, so the moment libssl jumps into this code it (correctly) aborts. | ||
10 | |||
11 | Solve this by adding the missing BTI landing pads. | ||
12 | |||
13 | Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] | ||
14 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
15 | --- | ||
16 | crypto/aes/asm/bsaes-armv8.pl | 5 ++++- | ||
17 | 1 file changed, 4 insertions(+), 1 deletion(-) | ||
18 | |||
19 | diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl | ||
20 | index b3c97e439f..c3c5ff3e05 100644 | ||
21 | --- a/crypto/aes/asm/bsaes-armv8.pl | ||
22 | +++ b/crypto/aes/asm/bsaes-armv8.pl | ||
23 | @@ -1018,6 +1018,7 @@ _bsaes_key_convert: | ||
24 | // Initialisation vector overwritten with last quadword of ciphertext | ||
25 | // No output registers, usual AAPCS64 register preservation | ||
26 | ossl_bsaes_cbc_encrypt: | ||
27 | + AARCH64_VALID_CALL_TARGET | ||
28 | cmp x2, #128 | ||
29 | bhs .Lcbc_do_bsaes | ||
30 | b AES_cbc_encrypt | ||
31 | @@ -1270,7 +1271,7 @@ ossl_bsaes_cbc_encrypt: | ||
32 | // Output text filled in | ||
33 | // No output registers, usual AAPCS64 register preservation | ||
34 | ossl_bsaes_ctr32_encrypt_blocks: | ||
35 | - | ||
36 | + AARCH64_VALID_CALL_TARGET | ||
37 | cmp x2, #8 // use plain AES for | ||
38 | blo .Lctr_enc_short // small sizes | ||
39 | |||
40 | @@ -1476,6 +1477,7 @@ ossl_bsaes_ctr32_encrypt_blocks: | ||
41 | // Output ciphertext filled in | ||
42 | // No output registers, usual AAPCS64 register preservation | ||
43 | ossl_bsaes_xts_encrypt: | ||
44 | + AARCH64_VALID_CALL_TARGET | ||
45 | // Stack layout: | ||
46 | // sp -> | ||
47 | // nrounds*128-96 bytes: key schedule | ||
48 | @@ -1921,6 +1923,7 @@ ossl_bsaes_xts_encrypt: | ||
49 | // Output plaintext filled in | ||
50 | // No output registers, usual AAPCS64 register preservation | ||
51 | ossl_bsaes_xts_decrypt: | ||
52 | + AARCH64_VALID_CALL_TARGET | ||
53 | // Stack layout: | ||
54 | // sp -> | ||
55 | // nrounds*128-96 bytes: key schedule | ||
56 | -- | ||
57 | 2.34.1 | ||
58 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl_3.3.0.bb b/meta/recipes-connectivity/openssl/openssl_3.3.1.bb index 66cb361baa..a8746842b2 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.3.0.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.3.1.bb | |||
@@ -12,14 +12,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | |||
12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ | 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ |
13 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 13 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
14 | file://0001-Added-handshake-history-reporting-when-test-fails.patch \ | 14 | file://0001-Added-handshake-history-reporting-when-test-fails.patch \ |
15 | file://bti.patch \ | 15 | file://0001-Implement-riscv_vlen_asm-for-riscv32.patch \ |
16 | " | 16 | " |
17 | 17 | ||
18 | SRC_URI:append:class-nativesdk = " \ | 18 | SRC_URI:append:class-nativesdk = " \ |
19 | file://environment.d-openssl.sh \ | 19 | file://environment.d-openssl.sh \ |
20 | " | 20 | " |
21 | 21 | ||
22 | SRC_URI[sha256sum] = "53e66b043322a606abf0087e7699a0e033a37fa13feb9742df35c3a33b18fb02" | 22 | SRC_URI[sha256sum] = "777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e" |
23 | 23 | ||
24 | inherit lib_package multilib_header multilib_script ptest perlnative manpages | 24 | inherit lib_package multilib_header multilib_script ptest perlnative manpages |
25 | MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" | 25 | MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" |
@@ -136,16 +136,12 @@ do_configure () { | |||
136 | ;; | 136 | ;; |
137 | esac | 137 | esac |
138 | 138 | ||
139 | useprefix=${prefix} | ||
140 | if [ "x$useprefix" = "x" ]; then | ||
141 | useprefix=/ | ||
142 | fi | ||
143 | # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the | 139 | # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the |
144 | # environment variables set by bitbake. Adjust the environment variables instead. | 140 | # environment variables set by bitbake. Adjust the environment variables instead. |
145 | PERLEXTERNAL="$(realpath ${S}/external/perl/Text-Template-*/lib)" | 141 | PERLEXTERNAL="$(realpath ${S}/external/perl/Text-Template-*/lib)" |
146 | test -d "$PERLEXTERNAL" || bberror "PERLEXTERNAL '$PERLEXTERNAL' not found!" | 142 | test -d "$PERLEXTERNAL" || bberror "PERLEXTERNAL '$PERLEXTERNAL' not found!" |
147 | HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="$PERLEXTERNAL" \ | 143 | HASHBANGPERL="/usr/bin/env perl" PERL=perl PERL5LIB="$PERLEXTERNAL" \ |
148 | perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} ${DEPRECATED_CRYPTO_FLAGS} --prefix=$useprefix --openssldir=${libdir}/ssl-3 --libdir=${libdir} $target | 144 | perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} ${DEPRECATED_CRYPTO_FLAGS} --prefix=${prefix} --openssldir=${libdir}/ssl-3 --libdir=${baselib} $target |
149 | perl ${B}/configdata.pm --dump | 145 | perl ${B}/configdata.pm --dump |
150 | } | 146 | } |
151 | 147 | ||