POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)

Resolves: RHEL-21151
epel8
Dmitry Belyavskiy 10 months ago
parent 6c9dd70b94
commit 3c49cf388a

@ -0,0 +1,86 @@
diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl
index 9f86134d923fb..2e601bb9c24be 100755
--- a/crypto/poly1305/asm/poly1305-ppc.pl
+++ b/crypto/poly1305/asm/poly1305-ppc.pl
@@ -744,7 +744,7 @@
my $LOCALS= 6*$SIZE_T;
my $VSXFRAME = $LOCALS + 6*$SIZE_T;
$VSXFRAME += 128; # local variables
- $VSXFRAME += 13*16; # v20-v31 offload
+ $VSXFRAME += 12*16; # v20-v31 offload
my $BIG_ENDIAN = ($flavour !~ /le/) ? 4 : 0;
@@ -919,12 +919,12 @@
addi r11,r11,32
stvx v22,r10,$sp
addi r10,r10,32
- stvx v23,r10,$sp
- addi r10,r10,32
- stvx v24,r11,$sp
+ stvx v23,r11,$sp
addi r11,r11,32
- stvx v25,r10,$sp
+ stvx v24,r10,$sp
addi r10,r10,32
+ stvx v25,r11,$sp
+ addi r11,r11,32
stvx v26,r10,$sp
addi r10,r10,32
stvx v27,r11,$sp
@@ -1153,12 +1153,12 @@
addi r11,r11,32
stvx v22,r10,$sp
addi r10,r10,32
- stvx v23,r10,$sp
- addi r10,r10,32
- stvx v24,r11,$sp
+ stvx v23,r11,$sp
addi r11,r11,32
- stvx v25,r10,$sp
+ stvx v24,r10,$sp
addi r10,r10,32
+ stvx v25,r11,$sp
+ addi r11,r11,32
stvx v26,r10,$sp
addi r10,r10,32
stvx v27,r11,$sp
@@ -1899,26 +1899,26 @@
mtspr 256,r12 # restore vrsave
lvx v20,r10,$sp
addi r10,r10,32
- lvx v21,r10,$sp
- addi r10,r10,32
- lvx v22,r11,$sp
+ lvx v21,r11,$sp
addi r11,r11,32
- lvx v23,r10,$sp
+ lvx v22,r10,$sp
addi r10,r10,32
- lvx v24,r11,$sp
+ lvx v23,r11,$sp
addi r11,r11,32
- lvx v25,r10,$sp
+ lvx v24,r10,$sp
addi r10,r10,32
- lvx v26,r11,$sp
+ lvx v25,r11,$sp
addi r11,r11,32
- lvx v27,r10,$sp
+ lvx v26,r10,$sp
addi r10,r10,32
- lvx v28,r11,$sp
+ lvx v27,r11,$sp
addi r11,r11,32
- lvx v29,r10,$sp
+ lvx v28,r10,$sp
addi r10,r10,32
- lvx v30,r11,$sp
- lvx v31,r10,$sp
+ lvx v29,r11,$sp
+ addi r11,r11,32
+ lvx v30,r10,$sp
+ lvx v31,r11,$sp
$POP r27,`$VSXFRAME-$SIZE_T*5`($sp)
$POP r28,`$VSXFRAME-$SIZE_T*4`($sp)
$POP r29,`$VSXFRAME-$SIZE_T*3`($sp)

@ -206,6 +206,8 @@ Patch129: 0129-rsa-Add-SP800-56Br2-6.4.1.2.1-3.c-check.patch
Patch130: 0130-CVE-2023-5678.patch Patch130: 0130-CVE-2023-5678.patch
# https://github.com/openssl/openssl/pull/20317 # https://github.com/openssl/openssl/pull/20317
Patch131: 0131-sslgroups-memleak.patch Patch131: 0131-sslgroups-memleak.patch
# https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35
Patch132: 0132-CVE-2023-6129.patch
License: ASL 2.0 License: ASL 2.0
URL: http://www.openssl.org/ URL: http://www.openssl.org/
@ -542,6 +544,8 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco
Resolves: RHEL-17193 Resolves: RHEL-17193
- Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context - Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context
Resolves: RHEL-19515 Resolves: RHEL-19515
- POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
Resolves: RHEL-21151
* Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25 * Mon Oct 16 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-25
- Provide relevant diagnostics when FIPS checksum is corrupted - Provide relevant diagnostics when FIPS checksum is corrupted

Loading…
Cancel
Save