summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRanjitsinh Rathod <ranjitsinh.rathod@kpit.com>2022-02-11 19:22:45 +0530
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-03-02 00:21:36 +0000
commitbb6b6f5a557ba34152198d53c7edab25e6601a5b (patch)
tree113b7dbc0f36d08066a4154deb8c4e224dd4e618
parentc8987e7bca6ab22a166ca13c5d2fe8e02fbb6e23 (diff)
downloadpoky-bb6b6f5a557ba34152198d53c7edab25e6601a5b.tar.gz
openssl: Add fix for CVE-2021-4160
Add a patch to fix CVE-2021-4160 The issue only affects OpenSSL on MIPS platforms. Link: https://security-tracker.debian.org/tracker/CVE-2021-4160 (From OE-Core rev: 5216986fc6dfd06562efa5937581dc6fa77ad276) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/openssl/openssl/CVE-2021-4160.patch145
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.1.1l.bb1
2 files changed, 146 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2021-4160.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2021-4160.patch
new file mode 100644
index 0000000000..ff1e807157
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2021-4160.patch
@@ -0,0 +1,145 @@
1From e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb Mon Sep 17 00:00:00 2001
2From: Bernd Edlinger <bernd.edlinger@hotmail.de>
3Date: Sat, 11 Dec 2021 20:28:11 +0100
4Subject: [PATCH] Fix a carry overflow bug in bn_sqr_comba4/8 for mips 32-bit
5 targets
6
7bn_sqr_comba8 does for instance compute a wrong result for the value:
8a=0x4aaac919 62056c84 fba7334e 1a6be678 022181ba fd3aa878 899b2346 ee210f45
9
10The correct result is:
11r=0x15c72e32 605a3061 d11b1012 3c187483 6df96999 bd0c22ba d3e7d437 4724a82f
12 912c5e61 6a187efe 8f7c47fc f6945fe5 75be8e3d 97ed17d4 7950b465 3cb32899
13
14but the actual result was:
15r=0x15c72e32 605a3061 d11b1012 3c187483 6df96999 bd0c22ba d3e7d437 4724a82f
16 912c5e61 6a187efe 8f7c47fc f6945fe5 75be8e3c 97ed17d4 7950b465 3cb32899
17
18so the forth word of the result was 0x75be8e3c but should have been
190x75be8e3d instead.
20
21Likewise bn_sqr_comba4 has an identical bug for the same value as well:
22a=0x022181ba fd3aa878 899b2346 ee210f45
23
24correct result:
25r=0x00048a69 9fe82f8b 62bd2ed1 88781335 75be8e3d 97ed17d4 7950b465 3cb32899
26
27wrong result:
28r=0x00048a69 9fe82f8b 62bd2ed1 88781335 75be8e3c 97ed17d4 7950b465 3cb32899
29
30Fortunately the bn_mul_comba4/8 code paths are not affected.
31
32Also the mips64 target does in fact not handle the carry propagation
33correctly.
34
35Example:
36a=0x4aaac91900000000 62056c8400000000 fba7334e00000000 1a6be67800000000
37 022181ba00000000 fd3aa87800000000 899b234635dad283 ee210f4500000001
38
39correct result:
40r=0x15c72e32272c4471 392debf018c679c8 b85496496bf8254c d0204f36611e2be1
41 0cdb3db8f3c081d8 c94ba0e1bacc5061 191b83d47ff929f6 5be0aebfc13ae68d
42 3eea7a7fdf2f5758 42f7ec656cab3cb5 6a28095be34756f2 64f24687bf37de06
43 2822309cd1d292f9 6fa698c972372f09 771e97d3a868cda0 dc421e8a00000001
44
45wrong result:
46r=0x15c72e32272c4471 392debf018c679c8 b85496496bf8254c d0204f36611e2be1
47 0cdb3db8f3c081d8 c94ba0e1bacc5061 191b83d47ff929f6 5be0aebfc13ae68d
48 3eea7a7fdf2f5758 42f7ec656cab3cb5 6a28095be34756f2 64f24687bf37de06
49 2822309cd1d292f8 6fa698c972372f09 771e97d3a868cda0 dc421e8a00000001
50
51Reviewed-by: Paul Dale <pauli@openssl.org>
52(Merged from https://github.com/openssl/openssl/pull/17258)
53
54(cherry picked from commit 336923c0c8d705cb8af5216b29a205662db0d590)
55
56Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb]
57CVE: CVE-2021-4160
58Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
59
60---
61 crypto/bn/asm/mips.pl | 4 ++++
62 test/bntest.c | 45 +++++++++++++++++++++++++++++++++++++++++++
63 2 files changed, 49 insertions(+)
64
65diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl
66index 8ad715bda4..74101030f2 100644
67--- a/crypto/bn/asm/mips.pl
68+++ b/crypto/bn/asm/mips.pl
69@@ -1984,6 +1984,8 @@ $code.=<<___;
70 sltu $at,$c_2,$t_1
71 $ADDU $c_3,$t_2,$at
72 $ST $c_2,$BNSZ($a0)
73+ sltu $at,$c_3,$t_2
74+ $ADDU $c_1,$at
75 mflo ($t_1,$a_2,$a_0)
76 mfhi ($t_2,$a_2,$a_0)
77 ___
78@@ -2194,6 +2196,8 @@ $code.=<<___;
79 sltu $at,$c_2,$t_1
80 $ADDU $c_3,$t_2,$at
81 $ST $c_2,$BNSZ($a0)
82+ sltu $at,$c_3,$t_2
83+ $ADDU $c_1,$at
84 mflo ($t_1,$a_2,$a_0)
85 mfhi ($t_2,$a_2,$a_0)
86 ___
87diff --git a/test/bntest.c b/test/bntest.c
88index b58028a301..bab34ba54b 100644
89--- a/test/bntest.c
90+++ b/test/bntest.c
91@@ -627,6 +627,51 @@ static int test_modexp_mont5(void)
92 if (!TEST_BN_eq(c, d))
93 goto err;
94
95+ /*
96+ * Regression test for overflow bug in bn_sqr_comba4/8 for
97+ * mips-linux-gnu and mipsel-linux-gnu 32bit targets.
98+ */
99+ {
100+ static const char *ehex[] = {
101+ "95564994a96c45954227b845a1e99cb939d5a1da99ee91acc962396ae999a9ee",
102+ "38603790448f2f7694c242a875f0cad0aae658eba085f312d2febbbd128dd2b5",
103+ "8f7d1149f03724215d704344d0d62c587ae3c5939cba4b9b5f3dc5e8e911ef9a",
104+ "5ce1a5a749a4989d0d8368f6e1f8cdf3a362a6c97fb02047ff152b480a4ad985",
105+ "2d45efdf0770542992afca6a0590d52930434bba96017afbc9f99e112950a8b1",
106+ "a359473ec376f329bdae6a19f503be6d4be7393c4e43468831234e27e3838680",
107+ "b949390d2e416a3f9759e5349ab4c253f6f29f819a6fe4cbfd27ada34903300e",
108+ "da021f62839f5878a36f1bc3085375b00fd5fa3e68d316c0fdace87a97558465",
109+ NULL};
110+ static const char *phex[] = {
111+ "f95dc0f980fbd22e90caa5a387cc4a369f3f830d50dd321c40db8c09a7e1a241",
112+ "a536e096622d3280c0c1ba849c1f4a79bf490f60006d081e8cf69960189f0d31",
113+ "2cd9e17073a3fba7881b21474a13b334116cb2f5dbf3189a6de3515d0840f053",
114+ "c776d3982d391b6d04d642dda5cc6d1640174c09875addb70595658f89efb439",
115+ "dc6fbd55f903aadd307982d3f659207f265e1ec6271b274521b7a5e28e8fd7a5",
116+ "5df089292820477802a43cf5b6b94e999e8c9944ddebb0d0e95a60f88cb7e813",
117+ "ba110d20e1024774107dd02949031864923b3cb8c3f7250d6d1287b0a40db6a4",
118+ "7bd5a469518eb65aa207ddc47d8c6e5fc8e0c105be8fc1d4b57b2e27540471d5",
119+ NULL};
120+ static const char *mhex[] = {
121+ "fef15d5ce4625f1bccfbba49fc8439c72bf8202af039a2259678941b60bb4a8f",
122+ "2987e965d58fd8cf86a856674d519763d0e1211cc9f8596971050d56d9b35db3",
123+ "785866cfbca17cfdbed6060be3629d894f924a89fdc1efc624f80d41a22f1900",
124+ "9503fcc3824ef62ccb9208430c26f2d8ceb2c63488ec4c07437aa4c96c43dd8b",
125+ "9289ed00a712ff66ee195dc71f5e4ead02172b63c543d69baf495f5fd63ba7bc",
126+ "c633bd309c016e37736da92129d0b053d4ab28d21ad7d8b6fab2a8bbdc8ee647",
127+ "d2fbcf2cf426cf892e6f5639e0252993965dfb73ccd277407014ea784aaa280c",
128+ "b7b03972bc8b0baa72360bdb44b82415b86b2f260f877791cd33ba8f2d65229b",
129+ NULL};
130+
131+ if (!TEST_true(parse_bigBN(&e, ehex))
132+ || !TEST_true(parse_bigBN(&p, phex))
133+ || !TEST_true(parse_bigBN(&m, mhex))
134+ || !TEST_true(BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
135+ || !TEST_true(BN_mod_exp_simple(a, e, p, m, ctx))
136+ || !TEST_BN_eq(a, d))
137+ goto err;
138+ }
139+
140 /* Zero input */
141 if (!TEST_true(BN_bntest_rand(p, 1024, 0, 0)))
142 goto err;
143--
1442.25.1
145
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
index bf7cd6527e..24466e11b1 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb
@@ -18,6 +18,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
18 file://afalg.patch \ 18 file://afalg.patch \
19 file://reproducible.patch \ 19 file://reproducible.patch \
20 file://reproducibility.patch \ 20 file://reproducibility.patch \
21 file://CVE-2021-4160.patch \
21 " 22 "
22 23
23SRC_URI_append_class-nativesdk = " \ 24SRC_URI_append_class-nativesdk = " \