mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-08 05:09:24 +00:00
Code Issues Projects Releases Wiki Activity

openssl: mark assembler sections as call targets for PAC/BTI support on aarch64

Browse Source 
The assembler sections in OpenSSL were not marked as valid call targets,
so branch protection could not be enabled for libcrypto.so.

(From OE-Core rev: 4bf06bc5487da05e6b4a4895e5ca2da65cdc25d8)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2023-12-13 16:14:21 +00:00
committed by Richard Purdie
parent 198d891baa
commit 92fd81b7de
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-connectivity/openssl/openssl/aarch64-bti.patch
+35
View File
@@ -0,0 +1,35 @@
From ad347c9ff0fd93bdd2fa2085611c65b88e94829f Mon Sep 17 00:00:00 2001
From: "fangming.fang" <fangming.fang@arm.com>
Date: Thu, 7 Dec 2023 06:17:51 +0000
Subject: [PATCH] Enable BTI feature for md5 on aarch64
Fixes: #22959
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22971)
Upstream-Status: Backport
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
crypto/md5/asm/md5-aarch64.pl | 3 +++
1 file changed, 3 insertions(+)
diff --git a/crypto/md5/asm/md5-aarch64.pl b/crypto/md5/asm/md5-aarch64.pl
index 3200a0fa9bff0..5a8608069691d 100755
--- a/crypto/md5/asm/md5-aarch64.pl
+++ b/crypto/md5/asm/md5-aarch64.pl
@@ -28,10 +28,13 @@
*STDOUT=*OUT;
$code .= <<EOF;
+#include "arm_arch.h"
+
.text
.globl ossl_md5_block_asm_data_order
.type ossl_md5_block_asm_data_order,\@function
ossl_md5_block_asm_data_order:
+ AARCH64_VALID_CALL_TARGET
// Save all callee-saved registers
stp x19,x20,[sp,#-80]!
stp x21,x22,[sp,#16]
meta/recipes-connectivity/openssl/openssl_3.2.0.bb
+1
View File
@@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
file://0001-Added-handshake-history-reporting-when-test-fails.patch \
file://aarch64-bti.patch \
"
SRC_URI:append:class-nativesdk = " \