24416635 SPARC T4 assembly pack: treat zero input length in CBC
23639834 HW crypto acceleration is broken due mix of 32/64 bits asm instructions and args
--- a/components/openssl/openssl-1.0.1/Makefile Wed Aug 31 14:13:07 2016 -0700
+++ b/components/openssl/openssl-1.0.1/Makefile Fri Sep 02 10:15:32 2016 -0700
@@ -172,15 +172,19 @@
# the files to the right directories.
# Same holds for wanboot-stubs.c, which stubs out several functions, that are
# not available in the stand-alone environment of wanboot.
-COMPONENT_PRE_BUILD_ACTION = \
+#
+# We generally use symbolic links for the Solaris-specific files added below.
+# But 45-use-srln.patch patches dest4-sparcv9.pl and sparcv9_modes.pl and 11.3's
+# version of 'patch' does not patch symlinks. So we copy these 2 files instead.
+COMPONENT_POST_UNPACK_ACTION = \
( echo "Cloning engines..."; \
$(LN) -fs $(COMPONENT_DIR)/engines/pkcs11/*.[ch] $(@D)/engines; \
$(LN) -fs $(COMPONENT_DIR)/wanboot-openssl/wanboot-stubs.c $(@D)/crypto; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/sparc_arch.h $(@D)/crypto/; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/md5-sparcv9.pl $(@D)/crypto/md5/asm; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/aest4-sparcv9.pl $(@D)/crypto/aes/asm; \
- $(LN) -fs $(COMPONENT_DIR)/inline-t4/dest4-sparcv9.pl $(@D)/crypto/des/asm; \
- $(LN) -fs $(COMPONENT_DIR)/inline-t4/sparcv9_modes.pl $(@D)/crypto/perlasm; \
+ $(CP) $(COMPONENT_DIR)/inline-t4/dest4-sparcv9.pl $(@D)/crypto/des/asm; \
+ $(CP) $(COMPONENT_DIR)/inline-t4/sparcv9_modes.pl $(@D)/crypto/perlasm; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/vis3-mont.pl $(@D)/crypto/bn/asm; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/sparcv9-gf2m.pl $(@D)/crypto/bn/asm; \
$(LN) -fs $(COMPONENT_DIR)/inline-t4/sparct4-mont.pl $(@D)/crypto/bn/asm; )
--- a/components/openssl/openssl-1.0.1/inline-t4/dest4-sparcv9.pl Wed Aug 31 14:13:07 2016 -0700
+++ b/components/openssl/openssl-1.0.1/inline-t4/dest4-sparcv9.pl Fri Sep 02 10:15:32 2016 -0700
@@ -94,6 +94,9 @@
.globl des_t4_cbc_encrypt
.align 32
des_t4_cbc_encrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+ nop
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
@@ -165,6 +168,9 @@
st %f0, [$ivec + 0] ! write out ivec
retl
st %f1, [$ivec + 4]
+.Lcbc_abort:
+ retl
+ nop
.align 16
2: ldxa [$inp]0x82, %g4 ! avoid read-after-write hazard
@@ -189,6 +195,9 @@
.globl des_t4_cbc_decrypt
.align 32
des_t4_cbc_decrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+ nop
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3
@@ -294,6 +303,9 @@
.globl des_t4_ede3_cbc_encrypt
.align 32
des_t4_ede3_cbc_encrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+ nop
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
@@ -443,6 +455,9 @@
.globl des_t4_ede3_cbc_decrypt
.align 32
des_t4_ede3_cbc_decrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+ nop
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3
--- a/components/openssl/openssl-1.0.1/inline-t4/sparcv9_modes.pl Wed Aug 31 14:13:07 2016 -0700
+++ b/components/openssl/openssl-1.0.1/inline-t4/sparcv9_modes.pl Fri Sep 02 10:15:32 2016 -0700
@@ -35,6 +35,8 @@
.align 32
${alg}${bits}_t4_cbc_encrypt:
save %sp, -$::frame, %sp
+ cmp $len, 0
+ be,pn $::size_t_cc, .L${bits}_cbc_enc_abort
sub $inp, $out, $blk_init ! $inp!=$out
___
$::code.=<<___ if (!$::evp);
@@ -123,6 +125,7 @@
std %f2, [$ivec + 8]
___
$::code.=<<___;
+.L${bits}_cbc_enc_abort:
ret
restore
@@ -249,6 +252,8 @@
.align 32
${alg}${bits}_t4_cbc_decrypt:
save %sp, -$::frame, %sp
+ cmp $len, 0
+ be,pn $::size_t_cc, .L${bits}_cbc_dec_abort
sub $inp, $out, $blk_init ! $inp!=$out
___
$::code.=<<___ if (!$::evp);
@@ -341,6 +346,7 @@
std %f14, [$ivec + 8]
___
$::code.=<<___;
+.L${bits}_cbc_dec_abort:
ret
restore
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-1.0.1/patches/45-use-srln.patch Fri Sep 02 10:15:32 2016 -0700
@@ -0,0 +1,75 @@
+# This patch fixes the invalid use of 64-bit instruction (srlx) by 32-bit
+# applications. This patch is from the following commit in the upstream:
+# https://github.com/openssl/openssl/commit/f198cc43a0eca4bf1a8e7f60c51af560f4346dc8
+--- a/crypto/des/asm/dest4-sparcv9.pl 2016-08-04 14:20:26.610683970 -0700
++++ b/crypto/des/asm/dest4-sparcv9.pl 2016-08-04 14:22:33.339076315 -0700
+@@ -96,7 +96,7 @@
+ des_t4_cbc_encrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+- nop
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ ld [$ivec + 0], %f0 ! load ivec
+ ld [$ivec + 4], %f1
+
+@@ -197,7 +197,7 @@
+ des_t4_cbc_decrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+- nop
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ ld [$ivec + 0], %f2 ! load ivec
+ ld [$ivec + 4], %f3
+
+@@ -305,7 +305,7 @@
+ des_t4_ede3_cbc_encrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+- nop
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ ld [$ivec + 0], %f0 ! load ivec
+ ld [$ivec + 4], %f1
+
+@@ -457,7 +457,7 @@
+ des_t4_ede3_cbc_decrypt:
+ cmp $len, 0
+ be,pn $::size_t_cc, .Lcbc_abort
+- nop
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ ld [$ivec + 0], %f2 ! load ivec
+ ld [$ivec + 4], %f3
+
+--- a/crypto/perlasm/sparcv9_modes.pl 2016-08-04 14:24:29.877624460 -0700
++++ b/crypto/perlasm/sparcv9_modes.pl 2016-08-04 14:27:18.552931245 -0700
+@@ -37,6 +37,7 @@
+ save %sp, -$::frame, %sp
+ cmp $len, 0
+ be,pn $::size_t_cc, .L${bits}_cbc_enc_abort
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ sub $inp, $out, $blk_init ! $inp!=$out
+ ___
+ $::code.=<<___ if (!$::evp);
+@@ -254,6 +255,7 @@
+ save %sp, -$::frame, %sp
+ cmp $len, 0
+ be,pn $::size_t_cc, .L${bits}_cbc_dec_abort
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+ sub $inp, $out, $blk_init ! $inp!=$out
+ ___
+ $::code.=<<___ if (!$::evp);
+@@ -613,6 +615,7 @@
+ .align 32
+ ${alg}${bits}_t4_ctr32_encrypt:
+ save %sp, -$::frame, %sp
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+
+ prefetch [$inp], 20
+ prefetch [$inp + 63], 20
+@@ -916,6 +919,7 @@
+ .align 32
+ ${alg}${bits}_t4_xts_${dir}crypt:
+ save %sp, -$::frame-16, %sp
++ srln $len, 0, $len ! needed on v8+, "nop" on v9
+
+ mov $ivec, %o0
+ add %fp, $::bias-16, %o1