Mailing List Archive | ports@openbsd.org

> Date: Sat, 24 Feb 2024 17:33:10 +0100 > From: Theo Buehler <tb@theobuehler.org> > > This adds missing endbr64 to the padlock engine in openssl/1.1: > > ld: warning: padlock_capability: missing endbr64 > ld: warning: padlock_key_bswap: missing endbr64 > ld: warning: padlock_verify_context: missing endbr64 > ld: warning: padlock_reload_key: missing endbr64 > ld: warning: padlock_aes_block: missing endbr64 > ld: warning: padlock_xstore: missing endbr64 > ld: warning: padlock_sha1_oneshot: missing endbr64 > ld: warning: padlock_sha1_blocks: missing endbr64 > ld: warning: padlock_sha256_oneshot: missing endbr64 > ld: warning: padlock_sha256_blocks: missing endbr64 > ld: warning: padlock_sha512_blocks: missing endbr64 > ld: warning: padlock_ecb_encrypt: missing endbr64 > ld: warning: padlock_cbc_encrypt: missing endbr64 > ld: warning: padlock_cfb_encrypt: missing endbr64 > ld: warning: padlock_ofb_encrypt: missing endbr64 > ld: warning: padlock_ctr32_encrypt: missing endbr64 Not opposed to fixing these, but I doubt we'll ever see a CPU that has both the VIA PadLock instructions and IBT ;). (Sorry, didn't realize this until after I sent out that diff) ok kettenis@ (but also fine if you decide to drop this) Is this code still there in openssl 3.x? > Index: Makefile > =================================================================== > RCS file: /cvs/ports/security/openssl/1.1/Makefile,v > diff -u -p -r1.67 Makefile > --- Makefile 18 Feb 2024 22:36:59 -0000 1.67 > +++ Makefile 24 Feb 2024 16:29:35 -0000 > @@ -8,7 +8,7 @@ PORTROACH= limit:^1\.1\.[0-9][a-z] skipb > V= 1.1.1w > PKGSPEC= openssl->=1.1.0v0,<1.2v0 > EPOCH= 0 > -REVISION= 1 > +REVISION= 2 > > SHLIBVER= 11.6 > SHARED_LIBS= crypto ${SHLIBVER} \ > Index: patches/patch-engines_asm_e_padlock-x86_64_pl > =================================================================== > RCS file: patches/patch-engines_asm_e_padlock-x86_64_pl > diff -N patches/patch-engines_asm_e_padlock-x86_64_pl > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-engines_asm_e_padlock-x86_64_pl 24 Feb 2024 16:23:50 -0000 > @@ -0,0 +1,99 @@ > +Index: engines/asm/e_padlock-x86_64.pl > +--- engines/asm/e_padlock-x86_64.pl.orig > ++++ engines/asm/e_padlock-x86_64.pl > +@@ -52,6 +52,7 @@ $code.=<<___; > + .type padlock_capability,\@abi-omnipotent > + .align 16 > + padlock_capability: > ++ endbranch; > + mov %rbx,%r8 > + xor %eax,%eax > + cpuid > +@@ -91,6 +92,7 @@ padlock_capability: > + .type padlock_key_bswap,\@abi-omnipotent,0 > + .align 16 > + padlock_key_bswap: > ++ endbranch; > + mov 240($arg1),%edx > + inc %edx > + shl \$2,%edx > +@@ -108,6 +110,7 @@ padlock_key_bswap: > + .type padlock_verify_context,\@abi-omnipotent > + .align 16 > + padlock_verify_context: > ++ endbranch; > + mov $arg1,$ctx > + pushf > + lea .Lpadlock_saved_context(%rip),%rax > +@@ -135,6 +138,7 @@ _padlock_verify_ctx: > + .type padlock_reload_key,\@abi-omnipotent > + .align 16 > + padlock_reload_key: > ++ endbranch; > + pushf > + popf > + ret > +@@ -144,6 +148,7 @@ padlock_reload_key: > + .type padlock_aes_block,\@function,3 > + .align 16 > + padlock_aes_block: > ++ endbranch; > + mov %rbx,%r8 > + mov \$1,$len > + lea 32($ctx),%rbx # key > +@@ -157,6 +162,7 @@ padlock_aes_block: > + .type padlock_xstore,\@function,2 > + .align 16 > + padlock_xstore: > ++ endbranch; > + mov %esi,%edx > + .byte 0x0f,0xa7,0xc0 # xstore > + ret > +@@ -166,6 +172,7 @@ padlock_xstore: > + .type padlock_sha1_oneshot,\@function,3 > + .align 16 > + padlock_sha1_oneshot: > ++ endbranch; > + mov %rdx,%rcx > + mov %rdi,%rdx # put aside %rdi > + movups (%rdi),%xmm0 # copy-in context > +@@ -188,6 +195,7 @@ padlock_sha1_oneshot: > + .type padlock_sha1_blocks,\@function,3 > + .align 16 > + padlock_sha1_blocks: > ++ endbranch; > + mov %rdx,%rcx > + mov %rdi,%rdx # put aside %rdi > + movups (%rdi),%xmm0 # copy-in context > +@@ -210,6 +218,7 @@ padlock_sha1_blocks: > + .type padlock_sha256_oneshot,\@function,3 > + .align 16 > + padlock_sha256_oneshot: > ++ endbranch; > + mov %rdx,%rcx > + mov %rdi,%rdx # put aside %rdi > + movups (%rdi),%xmm0 # copy-in context > +@@ -232,6 +241,7 @@ padlock_sha256_oneshot: > + .type padlock_sha256_blocks,\@function,3 > + .align 16 > + padlock_sha256_blocks: > ++ endbranch; > + mov %rdx,%rcx > + mov %rdi,%rdx # put aside %rdi > + movups (%rdi),%xmm0 # copy-in context > +@@ -254,6 +264,7 @@ padlock_sha256_blocks: > + .type padlock_sha512_blocks,\@function,3 > + .align 16 > + padlock_sha512_blocks: > ++ endbranch; > + mov %rdx,%rcx > + mov %rdi,%rdx # put aside %rdi > + movups (%rdi),%xmm0 # copy-in context > +@@ -289,6 +300,7 @@ $code.=<<___; > + .type padlock_${mode}_encrypt,\@function,4 > + .align 16 > + padlock_${mode}_encrypt: > ++ endbranch; > + push %rbp > + push %rbx > + >

2024-02-24 16:33 Theo Buehler:
openssl/1.1: missing endbr64 for padlock engine
- 2024-02-24 16:39 Mark Kettenis:
  openssl/1.1: missing endbr64 for padlock engine
- - 2024-02-24 16:47 Theo Buehler:
    openssl/1.1: missing endbr64 for padlock engine