| #
1.8 |
|
24-Feb-2024 |
tb |
Add a few missing endbr64 to libcrypto
gcm_{gmult,ghash}_4bit(), aesni_ccm64_decrypt_blocks(), aes_cbc_encrypt(),
and aesni_xts_{en,de}crypt() were overlooked in previous passes.
Found with a diff for ld.lld by kettenis
ok kettenis
|
| #
1.7 |
|
24-Feb-2024 |
tb |
Replace uses of endbr64 with _CET_ENDBR from cet.h
cet.h is needed for other platforms to emit the relevant .gnu.properties
sections that are necessary for them to enable IBT. It also avoids issues
with older toolchains on macOS that explode on encountering endbr64.
based on a diff by kettenis
ok beck kettenis
|
| #
1.6 |
|
24-Jan-2024 |
jsing |
Avoid a four byte overread in gcm_ghash_4bit() on amd64.
The assembly code for gcm_ghash_4bit() reads one too many times from Xi,
resulting in a four byte overread. Prevent this by not loading the next
value in the final iteration of the loop. If another full iteration is
required the next Xi value will be loaded at the top of the outer_loop.
Many thanks to Douglas Gliner <Douglas.Gliner at sony dot com> for finding
and reporting this issue, along with a detailed reproducer.
Same diff from deraadt@
ok tb@
|
|
Revision tags: OPENBSD_7_4_BASE
|
|
| #
1.5 |
|
25-Apr-2023 |
deraadt |
Add endbr64 where needed by inspection. Passes regresson tests.
ok jsing, and kind of tb an earlier version
|
|
Revision tags: OPENBSD_7_3_BASE
|
|
| #
1.4 |
|
23-Feb-2023 |
tb |
Use explicit .text instead of .previous to please Windows/MinGW on amd64
ok miod
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.8 |
|
24-Feb-2024 |
tb |
Add a few missing endbr64 to libcrypto
gcm_{gmult,ghash}_4bit(), aesni_ccm64_decrypt_blocks(), aes_cbc_encrypt(),
and aesni_xts_{en,de}crypt() were overlooked in previous passes.
Found with a diff for ld.lld by kettenis
ok kettenis
|
| #
1.7 |
|
24-Feb-2024 |
tb |
Replace uses of endbr64 with _CET_ENDBR from cet.h
cet.h is needed for other platforms to emit the relevant .gnu.properties
sections that are necessary for them to enable IBT. It also avoids issues
with older toolchains on macOS that explode on encountering endbr64.
based on a diff by kettenis
ok beck kettenis
|
| #
1.6 |
|
24-Jan-2024 |
jsing |
Avoid a four byte overread in gcm_ghash_4bit() on amd64.
The assembly code for gcm_ghash_4bit() reads one too many times from Xi,
resulting in a four byte overread. Prevent this by not loading the next
value in the final iteration of the loop. If another full iteration is
required the next Xi value will be loaded at the top of the outer_loop.
Many thanks to Douglas Gliner <Douglas.Gliner at sony dot com> for finding
and reporting this issue, along with a detailed reproducer.
Same diff from deraadt@
ok tb@
|
|
Revision tags: OPENBSD_7_4_BASE
|
|
| #
1.5 |
|
25-Apr-2023 |
deraadt |
Add endbr64 where needed by inspection. Passes regresson tests.
ok jsing, and kind of tb an earlier version
|
|
Revision tags: OPENBSD_7_3_BASE
|
|
| #
1.4 |
|
23-Feb-2023 |
tb |
Use explicit .text instead of .previous to please Windows/MinGW on amd64
ok miod
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.6 |
|
24-Jan-2024 |
jsing |
Avoid a four byte overread in gcm_ghash_4bit() on amd64.
The assembly code for gcm_ghash_4bit() reads one too many times from Xi,
resulting in a four byte overread. Prevent this by not loading the next
value in the final iteration of the loop. If another full iteration is
required the next Xi value will be loaded at the top of the outer_loop.
Many thanks to Douglas Gliner <Douglas.Gliner at sony dot com> for finding
and reporting this issue, along with a detailed reproducer.
Same diff from deraadt@
ok tb@
|
|
Revision tags: OPENBSD_7_4_BASE
|
|
| #
1.5 |
|
25-Apr-2023 |
deraadt |
Add endbr64 where needed by inspection. Passes regresson tests.
ok jsing, and kind of tb an earlier version
|
|
Revision tags: OPENBSD_7_3_BASE
|
|
| #
1.4 |
|
23-Feb-2023 |
tb |
Use explicit .text instead of .previous to please Windows/MinGW on amd64
ok miod
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.5 |
|
25-Apr-2023 |
deraadt |
Add endbr64 where needed by inspection. Passes regresson tests.
ok jsing, and kind of tb an earlier version
|
|
Revision tags: OPENBSD_7_3_BASE
|
|
| #
1.4 |
|
23-Feb-2023 |
tb |
Use explicit .text instead of .previous to please Windows/MinGW on amd64
ok miod
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.4 |
|
23-Feb-2023 |
tb |
Use explicit .text instead of .previous to please Windows/MinGW on amd64
ok miod
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.3 |
|
09-Feb-2023 |
tb |
Use .section .rodata instead of a plain .rodata
At least gcc 12 on Fedora is very unhappy about a plain .rodata and throws
Error: unknown pseudo-op: `.rodata'. So add a .section in front of it to
make it happy.
ok deraadt miod
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
| #
1.2 |
|
14-Jan-2023 |
deraadt |
Move constants out of text segment into rodata to prepare for xonly support
on amd64. no pic handling is neccessary since amd64 has full reach.
ok kettenis
|
| #
1.1 |
|
13-Oct-2012 |
djm |
branches: 1.1.1;
Initial revision
|
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
|
| #
1.1.1.2 |
|
13-Apr-2014 |
miod |
Import OpenSSL 1.0.1g
|
| #
1.1.1.1 |
|
13-Oct-2012 |
djm |
import OpenSSL-1.0.1c
|