[rpms/openssl] rebase_40beta: add support for VIA Padlock on 64bit arch from upstream (#617539)

[rpms/openssl] rebase_40beta: add support for VIA Padlock on 64bit arch from upstream (#617539)

[Tomas Mraz]

            A new commit has been pushed.

            Repo   : rpms/openssl
            Branch : rebase_40beta
            Commit : 138493a921447eae25fb73d0f1b4a17a09bb480a
            Author : Tomas Mraz <tmraz@fedoraproject.org>
            Date   : 2011-04-28T21:58:56+02:00
            Stats  : +246/-1 in 3 file(s)
            URL    : https://src.fedoraproject.org/rpms/openssl/c/138493a921447eae25fb73d0f1b4a17a09bb480a?branch=rebase_40beta

            Log:
            add support for VIA Padlock on 64bit arch from upstream (#617539)
do not return bogus values from load_certs (#652286)

---
diff --git a/openssl-1.0.0a-load-certs.patch b/openssl-1.0.0a-load-certs.patch
new file mode 100644
index 0000000..4c03a44
--- /dev/null
+++ b/openssl-1.0.0a-load-certs.patch
@@ -0,0 +1,23 @@
+diff -up openssl-1.0.0a/apps/apps.c.load-certs openssl-1.0.0a/apps/apps.c
+--- openssl-1.0.0a/apps/apps.c.load-certs	2010-05-27 16:09:13.000000000 +0200
++++ openssl-1.0.0a/apps/apps.c	2011-04-28 21:24:06.000000000 +0200
+@@ -1208,7 +1208,8 @@ STACK_OF(X509) *load_certs(BIO *err, con
+ 	const char *pass, ENGINE *e, const char *desc)
+ 	{
+ 	STACK_OF(X509) *certs;
+-	load_certs_crls(err, file, format, pass, e, desc, &certs, NULL);
++	if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
++		return NULL;
+ 	return certs;
+ 	}	
+ 
+@@ -1216,7 +1217,8 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, 
+ 	const char *pass, ENGINE *e, const char *desc)
+ 	{
+ 	STACK_OF(X509_CRL) *crls;
+-	load_certs_crls(err, file, format, pass, e, desc, NULL, &crls);
++	if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
++		return NULL;
+ 	return crls;
+ 	}	
+ 

diff --git a/openssl-1.0.0d-padlock64.patch b/openssl-1.0.0d-padlock64.patch
new file mode 100644
index 0000000..11efbe8
--- /dev/null
+++ b/openssl-1.0.0d-padlock64.patch
@@ -0,0 +1,214 @@
+diff -up openssl-1.0.0d/engines/e_padlock.c.padlock64 openssl-1.0.0d/engines/e_padlock.c
+--- openssl-1.0.0d/engines/e_padlock.c.padlock64	2011-01-30 02:05:38.000000000 +0100
++++ openssl-1.0.0d/engines/e_padlock.c	2011-04-28 21:03:26.000000000 +0200
+@@ -101,10 +101,15 @@
+    compiler choice is limited to GCC and Microsoft C. */
+ #undef COMPILE_HW_PADLOCK
+ #if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
+-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
++# if (defined(__GNUC__) && __GNUC__>=2 && \
++	(defined(__i386__) || defined(__i386) || \
++	 defined(__x86_64__) || defined(__x86_64)) \
++     ) || \
+      (defined(_MSC_VER) && defined(_M_IX86))
+ #  define COMPILE_HW_PADLOCK
++#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+ static ENGINE *ENGINE_padlock (void);
++#  endif
+ # endif
+ #endif
+ 
+@@ -135,7 +140,7 @@ void ENGINE_load_padlock (void)
+ # endif
+ #elif defined(__GNUC__)
+ # ifndef alloca
+-#  define alloca(s) __builtin_alloca(s)
++#  define alloca(s) __builtin_alloca((s))
+ # endif
+ #endif
+ 
+@@ -197,6 +202,7 @@ padlock_bind_helper(ENGINE *e)
+ 	return 1;
+ }
+ 
++#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+ /* Constructor */
+ static ENGINE *
+ ENGINE_padlock(void)
+@@ -214,6 +220,7 @@ ENGINE_padlock(void)
+ 
+ 	return eng;
+ }
++#endif
+ 
+ /* Check availability of the engine */
+ static int
+@@ -298,6 +305,7 @@ static volatile struct padlock_cipher_da
+  * =======================================================
+  */
+ #if defined(__GNUC__) && __GNUC__>=2
++#if defined(__i386__) || defined(__i386)
+ /*
+  * As for excessive "push %ebx"/"pop %ebx" found all over.
+  * When generating position-independent code GCC won't let
+@@ -377,21 +385,6 @@ padlock_available(void)
+ 	return padlock_use_ace + padlock_use_rng;
+ }
+ 
+-#ifndef OPENSSL_NO_AES
+-/* Our own htonl()/ntohl() */
+-static inline void
+-padlock_bswapl(AES_KEY *ks)
+-{
+-	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
+-	unsigned int *key = ks->rd_key;
+-
+-	while (i--) {
+-		asm volatile ("bswapl %0" : "+r"(*key));
+-		key++;
+-	}
+-}
+-#endif
+-
+ /* Force key reload from memory to the CPU microcode.
+    Loading EFLAGS from the stack clears EFLAGS[30] 
+    which does the trick. */
+@@ -449,12 +442,127 @@ static inline void *name(size_t cnt,		\
+ 		: "edx", "cc", "memory");	\
+ 	return iv;				\
+ }
++#endif
++
++#elif defined(__x86_64__) || defined(__x86_64)
++
++/* Load supported features of the CPU to see if
++   the PadLock is available. */
++static int
++padlock_available(void)
++{
++	char vendor_string[16];
++	unsigned int eax, edx;
++
++	/* Are we running on the Centaur (VIA) CPU? */
++	eax = 0x00000000;
++	vendor_string[12] = 0;
++	asm volatile (
++		"cpuid\n"
++		"movl	%%ebx,(%1)\n"
++		"movl	%%edx,4(%1)\n"
++		"movl	%%ecx,8(%1)\n"
++		: "+a"(eax) : "r"(vendor_string) : "rbx", "rcx", "rdx");
++	if (strcmp(vendor_string, "CentaurHauls") != 0)
++		return 0;
++
++	/* Check for Centaur Extended Feature Flags presence */
++	eax = 0xC0000000;
++	asm volatile ("cpuid"
++		: "+a"(eax) : : "rbx", "rcx", "rdx");
++	if (eax < 0xC0000001)
++		return 0;
++
++	/* Read the Centaur Extended Feature Flags */
++	eax = 0xC0000001;
++	asm volatile ("cpuid"
++		: "+a"(eax), "=d"(edx) : : "rbx", "rcx");
++
++	/* Fill up some flags */
++	padlock_use_ace = ((edx & (0x3<<6)) == (0x3<<6));
++	padlock_use_rng = ((edx & (0x3<<2)) == (0x3<<2));
++
++	return padlock_use_ace + padlock_use_rng;
++}
+ 
++/* Force key reload from memory to the CPU microcode.
++   Loading EFLAGS from the stack clears EFLAGS[30] 
++   which does the trick. */
++static inline void
++padlock_reload_key(void)
++{
++	asm volatile ("pushfq; popfq");
++}
++
++#ifndef OPENSSL_NO_AES
++/*
++ * This is heuristic key context tracing. At first one
++ * believes that one should use atomic swap instructions,
++ * but it's not actually necessary. Point is that if
++ * padlock_saved_context was changed by another thread
++ * after we've read it and before we compare it with cdata,
++ * our key *shall* be reloaded upon thread context switch
++ * and we are therefore set in either case...
++ */
++static inline void
++padlock_verify_context(struct padlock_cipher_data *cdata)
++{
++	asm volatile (
++	"pushfq\n"
++"	btl	$30,(%%rsp)\n"
++"	jnc	1f\n"
++"	cmpq	%2,%1\n"
++"	je	1f\n"
++"	popfq\n"
++"	subq	$8,%%rsp\n"
++"1:	addq	$8,%%rsp\n"
++"	movq	%2,%0"
++	:"+m"(padlock_saved_context)
++	: "r"(padlock_saved_context), "r"(cdata) : "cc");
++}
++
++/* Template for padlock_xcrypt_* modes */
++/* BIG FAT WARNING: 
++ * 	The offsets used with 'leal' instructions
++ * 	describe items of the 'padlock_cipher_data'
++ * 	structure.
++ */
++#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)	\
++static inline void *name(size_t cnt,		\
++	struct padlock_cipher_data *cdata,	\
++	void *out, const void *inp) 		\
++{	void *iv; 				\
++	asm volatile ( "leaq	16(%0),%%rdx\n"	\
++		"	leaq	32(%0),%%rbx\n"	\
++			rep_xcrypt "\n"		\
++		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
++		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
++		: "rbx", "rdx", "cc", "memory");	\
++	return iv;				\
++}
++#endif
++
++#endif	/* cpu */
++
++#ifndef OPENSSL_NO_AES
+ /* Generate all functions with appropriate opcodes */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")	/* rep xcryptecb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")	/* rep xcryptcbc */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")	/* rep xcryptcfb */
+ PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")	/* rep xcryptofb */
++
++/* Our own htonl()/ntohl() */
++static inline void
++padlock_bswapl(AES_KEY *ks)
++{
++	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
++	unsigned int *key = ks->rd_key;
++
++	while (i--) {
++		asm volatile ("bswapl %0" : "+r"(*key));
++		key++;
++	}
++}
+ #endif
+ 
+ /* The RNG call itself */
+@@ -485,8 +593,8 @@ padlock_xstore(void *addr, unsigned int 
+ static inline unsigned char *
+ padlock_memcpy(void *dst,const void *src,size_t n)
+ {
+-	long       *d=dst;
+-	const long *s=src;
++	size_t       *d=dst;
++	const size_t *s=src;
+ 
+ 	n /= sizeof(*d);
+ 	do { *d++ = *s++; } while (--n);

diff --git a/openssl.spec b/openssl.spec
index c61818d..15da450 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0d
-Release: 2%{?dist}
+Release: 3%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-usa.tar.bz2
@@ -44,6 +44,7 @@ Patch7: openssl-1.0.0-timezone.patch
 Patch23: openssl-1.0.0-beta4-default-paths.patch
 Patch24: openssl-0.9.8j-bad-mime.patch
 Patch25: openssl-1.0.0a-manfix.patch
+Patch26: openssl-1.0.0a-load-certs.patch
 # Functionality changes
 Patch32: openssl-0.9.8g-ia64.patch
 Patch33: openssl-1.0.0-beta4-ca-dir.patch
@@ -70,6 +71,7 @@ Patch58: openssl-1.0.0c-fips-md5-allow.patch
 Patch59: openssl-1.0.0c-pkcs12-fips-default.patch
 Patch60: openssl-1.0.0d-apps-dgst.patch
 # Backported fixes including security fixes
+Patch61: openssl-1.0.0d-padlock64.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -133,6 +135,7 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch23 -p1 -b .default-paths
 %patch24 -p1 -b .bad-mime
 %patch25 -p1 -b .manfix
+%patch26 -p1 -b .load-certs
 
 %patch32 -p1 -b .ia64
 %patch33 -p1 -b .ca-dir
@@ -158,6 +161,7 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch58 -p1 -b .md5-allow
 %patch59 -p1 -b .fips-default
 %patch60 -p1 -b .dgst
+%patch61 -p1 -b .padlock64
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -407,6 +411,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Thu Apr 28 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-3
+- add support for VIA Padlock on 64bit arch from upstream (#617539)
+- do not return bogus values from load_certs (#652286)
+
 * Tue Apr  5 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-2
 - clarify apps help texts for available digest algorithms (#693858)