From ba8a599395f8b770c76316b5f5b0f3838567014f Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Tue, 26 Mar 2024 13:18:00 +0000 Subject: [PATCH] aarch64: fix BTI in bsaes assembly code In Arm systems where BTI is enabled but the Crypto extensions are not (more likely in FVPs than in real hardware), the bit-sliced assembler code will be used. However, this wasn't annotated with BTI instructions when BTI was enabled, so the moment libssl jumps into this code it (correctly) aborts. Solve this by adding the missing BTI landing pads. Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/23982] Signed-off-by: Ross Burton --- crypto/aes/asm/bsaes-armv8.pl | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crypto/aes/asm/bsaes-armv8.pl b/crypto/aes/asm/bsaes-armv8.pl index b3c97e439f..c3c5ff3e05 100644 --- a/crypto/aes/asm/bsaes-armv8.pl +++ b/crypto/aes/asm/bsaes-armv8.pl @@ -1018,6 +1018,7 @@ _bsaes_key_convert: // Initialisation vector overwritten with last quadword of ciphertext // No output registers, usual AAPCS64 register preservation ossl_bsaes_cbc_encrypt: + AARCH64_VALID_CALL_TARGET cmp x2, #128 bhs .Lcbc_do_bsaes b AES_cbc_encrypt @@ -1270,7 +1271,7 @@ ossl_bsaes_cbc_encrypt: // Output text filled in // No output registers, usual AAPCS64 register preservation ossl_bsaes_ctr32_encrypt_blocks: - + AARCH64_VALID_CALL_TARGET cmp x2, #8 // use plain AES for blo .Lctr_enc_short // small sizes @@ -1476,6 +1477,7 @@ ossl_bsaes_ctr32_encrypt_blocks: // Output ciphertext filled in // No output registers, usual AAPCS64 register preservation ossl_bsaes_xts_encrypt: + AARCH64_VALID_CALL_TARGET // Stack layout: // sp -> // nrounds*128-96 bytes: key schedule @@ -1921,6 +1923,7 @@ ossl_bsaes_xts_encrypt: // Output plaintext filled in // No output registers, usual AAPCS64 register preservation ossl_bsaes_xts_decrypt: + AARCH64_VALID_CALL_TARGET // Stack layout: // sp -> // nrounds*128-96 bytes: key schedule -- 2.34.1