From owner-svn-src-vendor@freebsd.org Tue May 28 20:08:19 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D0B2E15AAAD5; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 698AE8F690; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3CA701F2FB; Tue, 28 May 2019 20:08:18 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SK8Ixo057440; Tue, 28 May 2019 20:08:18 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SK8H1h057437; Tue, 28 May 2019 20:08:17 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282008.x4SK8H1h057437@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 20:08:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348333 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/bio crypto/blake2 crypto/bn crypto/bn/asm crypto/chacha crypto/conf crypto/dh crypto/dsa crypto/dso crypto/e... X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/bio crypto/blake2 crypto/bn crypto/bn/asm crypto/chacha crypto/conf crypto/dh crypto/dsa crypto/dso crypto/ec crypto/ec/curve448 cryp... X-SVN-Commit-Revision: 348333 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 698AE8F690 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.964,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 20:08:19 -0000 Author: jkim Date: Tue May 28 20:08:17 2019 New Revision: 348333 URL: https://svnweb.freebsd.org/changeset/base/348333 Log: Import OpenSSL 1.1.1c. Modified: vendor-crypto/openssl/dist/CHANGES vendor-crypto/openssl/dist/Configure vendor-crypto/openssl/dist/INSTALL vendor-crypto/openssl/dist/NEWS vendor-crypto/openssl/dist/NOTES.PERL vendor-crypto/openssl/dist/README vendor-crypto/openssl/dist/apps/asn1pars.c vendor-crypto/openssl/dist/apps/cms.c vendor-crypto/openssl/dist/apps/enc.c vendor-crypto/openssl/dist/apps/ocsp.c vendor-crypto/openssl/dist/apps/s_cb.c vendor-crypto/openssl/dist/apps/s_client.c vendor-crypto/openssl/dist/apps/speed.c vendor-crypto/openssl/dist/crypto/aes/asm/aesp8-ppc.pl vendor-crypto/openssl/dist/crypto/bio/b_addr.c vendor-crypto/openssl/dist/crypto/bio/bss_mem.c vendor-crypto/openssl/dist/crypto/blake2/blake2b.c vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl vendor-crypto/openssl/dist/crypto/bn/asm/ppc.pl vendor-crypto/openssl/dist/crypto/bn/bn_ctx.c vendor-crypto/openssl/dist/crypto/bn/bn_lib.c vendor-crypto/openssl/dist/crypto/bn/bn_prime.c vendor-crypto/openssl/dist/crypto/chacha/build.info vendor-crypto/openssl/dist/crypto/conf/conf_sap.c vendor-crypto/openssl/dist/crypto/dh/dh_check.c vendor-crypto/openssl/dist/crypto/dh/dh_gen.c vendor-crypto/openssl/dist/crypto/dh/dh_key.c vendor-crypto/openssl/dist/crypto/dh/dh_pmeth.c vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c vendor-crypto/openssl/dist/crypto/dsa/dsa_pmeth.c vendor-crypto/openssl/dist/crypto/dso/dso_openssl.c vendor-crypto/openssl/dist/crypto/ec/curve25519.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448_tables.c vendor-crypto/openssl/dist/crypto/ec/curve448/curve448utils.h vendor-crypto/openssl/dist/crypto/ec/curve448/f_generic.c vendor-crypto/openssl/dist/crypto/ec/curve448/scalar.c vendor-crypto/openssl/dist/crypto/ec/ec2_oct.c vendor-crypto/openssl/dist/crypto/ec/ec2_smpl.c vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c vendor-crypto/openssl/dist/crypto/ec/ec_lib.c vendor-crypto/openssl/dist/crypto/ec/ec_mult.c vendor-crypto/openssl/dist/crypto/ec/ec_pmeth.c vendor-crypto/openssl/dist/crypto/ec/ecdh_ossl.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistz256.c vendor-crypto/openssl/dist/crypto/ec/ecp_smpl.c vendor-crypto/openssl/dist/crypto/err/err.c vendor-crypto/openssl/dist/crypto/evp/digest.c vendor-crypto/openssl/dist/crypto/evp/e_aes.c vendor-crypto/openssl/dist/crypto/evp/e_aria.c vendor-crypto/openssl/dist/crypto/evp/e_chacha20_poly1305.c vendor-crypto/openssl/dist/crypto/evp/p_lib.c vendor-crypto/openssl/dist/crypto/evp/p_open.c vendor-crypto/openssl/dist/crypto/hmac/hmac.c vendor-crypto/openssl/dist/crypto/include/internal/dso_conf.h.in vendor-crypto/openssl/dist/crypto/init.c vendor-crypto/openssl/dist/crypto/mips_arch.h vendor-crypto/openssl/dist/crypto/modes/asm/ghash-x86_64.pl vendor-crypto/openssl/dist/crypto/modes/ccm128.c vendor-crypto/openssl/dist/crypto/o_str.c vendor-crypto/openssl/dist/crypto/objects/obj_dat.h vendor-crypto/openssl/dist/crypto/objects/objects.txt vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ext.c vendor-crypto/openssl/dist/crypto/ocsp/ocsp_lib.c vendor-crypto/openssl/dist/crypto/pem/pem_sign.c vendor-crypto/openssl/dist/crypto/poly1305/build.info vendor-crypto/openssl/dist/crypto/ppccap.c vendor-crypto/openssl/dist/crypto/rand/drbg_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_unix.c vendor-crypto/openssl/dist/crypto/rand/randfile.c vendor-crypto/openssl/dist/crypto/rc4/build.info vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c vendor-crypto/openssl/dist/crypto/rsa/rsa_gen.c vendor-crypto/openssl/dist/crypto/rsa/rsa_oaep.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ossl.c vendor-crypto/openssl/dist/crypto/rsa/rsa_pk1.c vendor-crypto/openssl/dist/crypto/rsa/rsa_pmeth.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ssl.c vendor-crypto/openssl/dist/crypto/rsa/rsa_x931g.c vendor-crypto/openssl/dist/crypto/sha/keccak1600.c vendor-crypto/openssl/dist/crypto/x509/x509_lu.c vendor-crypto/openssl/dist/crypto/x509v3/v3_genn.c vendor-crypto/openssl/dist/doc/man1/genpkey.pod vendor-crypto/openssl/dist/doc/man1/pkeyutl.pod vendor-crypto/openssl/dist/doc/man1/s_client.pod vendor-crypto/openssl/dist/doc/man1/s_server.pod vendor-crypto/openssl/dist/doc/man1/s_time.pod vendor-crypto/openssl/dist/doc/man1/ts.pod vendor-crypto/openssl/dist/doc/man3/ASN1_TIME_set.pod vendor-crypto/openssl/dist/doc/man3/ASN1_generate_nconf.pod vendor-crypto/openssl/dist/doc/man3/BIO_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_push.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_file.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_mem.pod vendor-crypto/openssl/dist/doc/man3/BN_CTX_start.pod vendor-crypto/openssl/dist/doc/man3/BN_new.pod vendor-crypto/openssl/dist/doc/man3/BN_rand.pod vendor-crypto/openssl/dist/doc/man3/BN_security_bits.pod vendor-crypto/openssl/dist/doc/man3/CMS_verify.pod vendor-crypto/openssl/dist/doc/man3/CONF_modules_load_file.pod vendor-crypto/openssl/dist/doc/man3/DES_random_key.pod vendor-crypto/openssl/dist/doc/man3/ECDSA_SIG_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestVerifyInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_EncryptInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_meth_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_set1_RSA.pod vendor-crypto/openssl/dist/doc/man3/EVP_chacha20.pod vendor-crypto/openssl/dist/doc/man3/HMAC.pod vendor-crypto/openssl/dist/doc/man3/OBJ_nid2obj.pod vendor-crypto/openssl/dist/doc/man3/OCSP_cert_to_id.pod vendor-crypto/openssl/dist/doc/man3/PEM_read_bio_PrivateKey.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_generate.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_get0_master.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_new.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_reseed.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_set_callbacks.pod vendor-crypto/openssl/dist/doc/man3/RAND_add.pod vendor-crypto/openssl/dist/doc/man3/RAND_bytes.pod vendor-crypto/openssl/dist/doc/man3/RAND_cleanup.pod vendor-crypto/openssl/dist/doc/man3/RSA_padding_add_PKCS1_type_1.pod vendor-crypto/openssl/dist/doc/man3/RSA_public_encrypt.pod vendor-crypto/openssl/dist/doc/man3/SSL_CIPHER_get_name.pod vendor-crypto/openssl/dist/doc/man3/SSL_CONF_cmd.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_load_verify_locations.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set1_sigalgs.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_client_hello_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_default_passwd_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_generate_session_id.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_min_proto_version.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_read_ahead.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_split_send_fragment.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_tmp_dh_callback.pod vendor-crypto/openssl/dist/doc/man3/SSL_get_error.pod vendor-crypto/openssl/dist/doc/man3/SSL_load_client_CA_file.pod vendor-crypto/openssl/dist/doc/man3/SSL_read.pod vendor-crypto/openssl/dist/doc/man3/SSL_session_reused.pod vendor-crypto/openssl/dist/doc/man3/SSL_shutdown.pod vendor-crypto/openssl/dist/doc/man3/SSL_write.pod vendor-crypto/openssl/dist/doc/man3/X509_LOOKUP_meth_new.pod vendor-crypto/openssl/dist/doc/man3/X509_NAME_add_entry_by_txt.pod vendor-crypto/openssl/dist/doc/man3/X509_NAME_get_index_by_NID.pod vendor-crypto/openssl/dist/doc/man3/X509_get_subject_name.pod vendor-crypto/openssl/dist/doc/man3/d2i_X509.pod vendor-crypto/openssl/dist/e_os.h vendor-crypto/openssl/dist/engines/e_padlock.c vendor-crypto/openssl/dist/include/internal/dsoerr.h vendor-crypto/openssl/dist/include/internal/refcount.h vendor-crypto/openssl/dist/include/internal/tsan_assist.h vendor-crypto/openssl/dist/include/openssl/err.h vendor-crypto/openssl/dist/include/openssl/evp.h vendor-crypto/openssl/dist/include/openssl/obj_mac.h vendor-crypto/openssl/dist/include/openssl/ocsp.h vendor-crypto/openssl/dist/include/openssl/opensslv.h vendor-crypto/openssl/dist/include/openssl/ssl.h vendor-crypto/openssl/dist/include/openssl/x509v3.h vendor-crypto/openssl/dist/ssl/ssl_lib.c vendor-crypto/openssl/dist/ssl/ssl_locl.h vendor-crypto/openssl/dist/ssl/statem/extensions.c vendor-crypto/openssl/dist/ssl/statem/extensions_clnt.c vendor-crypto/openssl/dist/ssl/statem/extensions_srvr.c vendor-crypto/openssl/dist/ssl/statem/statem_clnt.c vendor-crypto/openssl/dist/ssl/statem/statem_srvr.c Modified: vendor-crypto/openssl/dist/CHANGES ============================================================================== --- vendor-crypto/openssl/dist/CHANGES Tue May 28 18:32:04 2019 (r348332) +++ vendor-crypto/openssl/dist/CHANGES Tue May 28 20:08:17 2019 (r348333) @@ -7,6 +7,77 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1b and 1.1.1c [28 May 2019] + + *) Add build tests for C++. These are generated files that only do one + thing, to include one public OpenSSL head file each. This tests that + the public header files can be usefully included in a C++ application. + + This test isn't enabled by default. It can be enabled with the option + 'enable-buildtest-c++'. + [Richard Levitte] + + *) Enable SHA3 pre-hashing for ECDSA and DSA. + [Patrick Steuer] + + *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024. + This changes the size when using the genpkey app when no size is given. It + fixes an omission in earlier changes that changed all RSA, DSA and DH + generation apps to use 2048 bits by default. + [Kurt Roeckx] + + *) Reorganize the manual pages to consistently have RETURN VALUES, + EXAMPLES, SEE ALSO and HISTORY come in that order, and adjust + util/fix-doc-nits accordingly. + [Paul Yang, Joshua Lock] + + *) Add the missing accessor EVP_PKEY_get0_engine() + [Matt Caswell] + + *) Have apps like 's_client' and 's_server' output the signature scheme + along with other cipher suite parameters when debugging. + [Lorinczy Zsigmond] + + *) Make OPENSSL_config() error agnostic again. + [Richard Levitte] + + *) Do the error handling in RSA decryption constant time. + [Bernd Edlinger] + + *) Prevent over long nonces in ChaCha20-Poly1305. + + ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input + for every encryption operation. RFC 7539 specifies that the nonce value + (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length + and front pads the nonce with 0 bytes if it is less than 12 + bytes. However it also incorrectly allows a nonce to be set of up to 16 + bytes. In this case only the last 12 bytes are significant and any + additional leading bytes are ignored. + + It is a requirement of using this cipher that nonce values are + unique. Messages encrypted using a reused nonce value are susceptible to + serious confidentiality and integrity attacks. If an application changes + the default nonce length to be longer than 12 bytes and then makes a + change to the leading bytes of the nonce expecting the new value to be a + new unique nonce then such an application could inadvertently encrypt + messages with a reused nonce. + + Additionally the ignored bytes in a long nonce are not covered by the + integrity guarantee of this cipher. Any application that relies on the + integrity of these ignored leading bytes of a long nonce may be further + affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, + is safe because no such use sets such a long nonce value. However user + applications that use this cipher directly and set a non-default nonce + length to be longer than 12 bytes may be vulnerable. + + This issue was reported to OpenSSL on 16th of March 2019 by Joran Dirk + Greef of Ronomon. + (CVE-2019-1543) + [Matt Caswell] + + *) Ensure that SM2 only uses SM3 as digest algorithm + [Paul Yang] + Changes between 1.1.1a and 1.1.1b [26 Feb 2019] *) Added SCA hardening for modular field inversion in EC_GROUP through Modified: vendor-crypto/openssl/dist/Configure ============================================================================== --- vendor-crypto/openssl/dist/Configure Tue May 28 18:32:04 2019 (r348332) +++ vendor-crypto/openssl/dist/Configure Tue May 28 20:08:17 2019 (r348333) @@ -24,7 +24,7 @@ use OpenSSL::Glob; my $orig_death_handler = $SIG{__DIE__}; $SIG{__DIE__} = \&death_handler; -my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; +my $usage="Usage: Configure [no- ...] [enable- ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-egd] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--config=FILE] os/compiler[:flags]\n"; # Options: # @@ -54,16 +54,14 @@ my $usage="Usage: Configure [no- ...] [enable- # [no-]threads [don't] try to create a library that is suitable for # multithreaded applications (default is "threads" if we # know how to do it) -# [no-]shared [don't] try to create shared libraries when supported. +# [no-]shared [don't] try to create shared libraries when supported. # [no-]pic [don't] try to build position independent code when supported. # If disabled, it also disables shared and dynamic-engine. # no-asm do not use assembler -# no-dso do not compile in any native shared-library methods. This -# will ensure that all methods just return NULL. # no-egd do not compile support for the entropy-gathering daemon APIs # [no-]zlib [don't] compile support for zlib compression. -# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared -# library and will be loaded in run-time by the OpenSSL library. +# zlib-dynamic Like "zlib", but the zlib library is expected to be a shared +# library and will be loaded in run-time by the OpenSSL library. # sctp include SCTP support # enable-weak-ssl-ciphers # Enable weak ciphers that are disabled by default. @@ -75,7 +73,7 @@ my $usage="Usage: Configure [no- ...] [enable- # -static while -static is also a pass-through compiler option (and # as such is limited to environments where it's actually # meaningful), it triggers a number configuration options, -# namely no-dso, no-pic, no-shared and no-threads. It is +# namely no-pic, no-shared and no-threads. It is # argued that the only reason to produce statically linked # binaries (and in context it means executables linked with # -static flag, and not just executables linked with static @@ -90,21 +88,22 @@ my $usage="Usage: Configure [no- ...] [enable- # production quality. # # DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items -# provided to stack calls. Generates unique stack functions for -# each possible stack type. -# BN_LLONG use the type 'long long' in crypto/bn/bn.h -# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h +# provided to stack calls. Generates unique stack functions for +# each possible stack type. +# BN_LLONG use the type 'long long' in crypto/bn/bn.h +# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script # -# MD5_ASM use some extra md5 assembler, -# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 -# RMD160_ASM use some extra ripemd160 assembler, -# SHA256_ASM sha256_block is implemented in assembler -# SHA512_ASM sha512_block is implemented in assembler -# AES_ASM AES_[en|de]crypt is implemented in assembler +# MD5_ASM use some extra md5 assembler, +# SHA1_ASM use some extra sha1 assembler, must define L_ENDIAN for x86 +# RMD160_ASM use some extra ripemd160 assembler, +# SHA256_ASM sha256_block is implemented in assembler +# SHA512_ASM sha512_block is implemented in assembler +# AES_ASM AES_[en|de]crypt is implemented in assembler -# Minimum warning options... any contributions to OpenSSL should at least get -# past these. +# Minimum warning options... any contributions to OpenSSL should at least +# get past these. Note that we only use these with C compilers, not with +# C++ compilers. # DEBUG_UNUSED enables __owur (warn unused result) checks. # -DPEDANTIC complements -pedantic and is meant to mask code that @@ -119,22 +118,23 @@ my $usage="Usage: Configure [no- ...] [enable- # code, so we just tell compiler to be pedantic about everything # but 'long long' type. -my $gcc_devteam_warn = "-DDEBUG_UNUSED" - . " -DPEDANTIC -pedantic -Wno-long-long" - . " -Wall" - . " -Wextra" - . " -Wno-unused-parameter" - . " -Wno-missing-field-initializers" - . " -Wswitch" - . " -Wsign-compare" - . " -Wmissing-prototypes" - . " -Wstrict-prototypes" - . " -Wshadow" - . " -Wformat" - . " -Wtype-limits" - . " -Wundef" - . " -Werror" - ; +my @gcc_devteam_warn = qw( + -DDEBUG_UNUSED + -DPEDANTIC -pedantic -Wno-long-long + -Wall + -Wextra + -Wno-unused-parameter + -Wno-missing-field-initializers + -Wswitch + -Wsign-compare + -Wshadow + -Wformat + -Wtype-limits + -Wundef + -Werror + -Wmissing-prototypes + -Wstrict-prototypes +); # These are used in addition to $gcc_devteam_warn when the compiler is clang. # TODO(openssl-team): fix problems and investigate if (at least) the @@ -144,19 +144,16 @@ my $gcc_devteam_warn = "-DDEBUG_UNUSED" # -Wlanguage-extension-token -- no, we use asm() # -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc # -Wextended-offsetof -- no, needed in CMS ASN1 code -# -Wunused-function -- no, it forces header use of safestack et al -# DEFINE macros -my $clang_devteam_warn = "" - . " -Wswitch-default" - . " -Wno-parentheses-equality" - . " -Wno-language-extension-token" - . " -Wno-extended-offsetof" - . " -Wconditional-uninitialized" - . " -Wincompatible-pointer-types-discards-qualifiers" - . " -Wmissing-variable-declarations" - . " -Wno-unknown-warning-option" - . " -Wno-unused-function" - ; +my @clang_devteam_warn = qw( + -Wswitch-default + -Wno-parentheses-equality + -Wno-language-extension-token + -Wno-extended-offsetof + -Wconditional-uninitialized + -Wincompatible-pointer-types-discards-qualifiers + -Wno-unknown-warning-option + -Wmissing-variable-declarations +); # This adds backtrace information to the memory leak info. Is only used # when crypto-mdebug-backtrace is enabled. @@ -225,20 +222,20 @@ if (grep /^reconf(igure)?$/, @argvcopy) { die "reconfiguring with other arguments present isn't supported" if scalar @argvcopy > 1; if (-f "./configdata.pm") { - my $file = "./configdata.pm"; - unless (my $return = do $file) { - die "couldn't parse $file: $@" if $@; + my $file = "./configdata.pm"; + unless (my $return = do $file) { + die "couldn't parse $file: $@" if $@; die "couldn't do $file: $!" unless defined $return; die "couldn't run $file" unless $return; - } + } - @argvcopy = defined($configdata::config{perlargv}) ? - @{$configdata::config{perlargv}} : (); - die "Incorrect data to reconfigure, please do a normal configuration\n" - if (grep(/^reconf/,@argvcopy)); - $config{perlenv} = $configdata::config{perlenv} // {}; + @argvcopy = defined($configdata::config{perlargv}) ? + @{$configdata::config{perlargv}} : (); + die "Incorrect data to reconfigure, please do a normal configuration\n" + if (grep(/^reconf/,@argvcopy)); + $config{perlenv} = $configdata::config{perlenv} // {}; } else { - die "Insufficient data to reconfigure, please do a normal configuration\n"; + die "Insufficient data to reconfigure, please do a normal configuration\n"; } } @@ -253,8 +250,8 @@ $config{shlib_version_history} = "unknown"; collect_information( collect_from_file(catfile($srcdir,'include/openssl/opensslv.h')), qr/OPENSSL.VERSION.TEXT.*OpenSSL (\S+) / => sub { $config{version} = $1; }, - qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 }, - qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 }, + qr/OPENSSL.VERSION.NUMBER.*(0x\S+)/ => sub { $config{version_num}=$1 }, + qr/SHLIB_VERSION_NUMBER *"([^"]+)"/ => sub { $config{shlib_version_number}=$1 }, qr/SHLIB_VERSION_HISTORY *"([^"]*)"/ => sub { $config{shlib_version_history}=$1 } ); if ($config{shlib_version_history} ne "") { $config{shlib_version_history} .= ":"; } @@ -266,7 +263,7 @@ if ($config{shlib_version_history} ne "") { $config{sh die "erroneous version information in opensslv.h: ", "$config{major}, $config{minor}, $config{shlib_major}, $config{shlib_minor}\n" if ($config{major} eq "" || $config{minor} eq "" - || $config{shlib_major} eq "" || $config{shlib_minor} eq ""); + || $config{shlib_major} eq "" || $config{shlib_minor} eq ""); # Collect target configurations @@ -335,6 +332,7 @@ my @disablables = ( "autoload-config", "bf", "blake2", + "buildtest-c\\+\\+", "camellia", "capieng", "cast", @@ -351,7 +349,6 @@ my @disablables = ( "dgram", "dh", "dsa", - "dso", "dtls", "dynamic-engine", "ec", @@ -419,71 +416,70 @@ my @disablables = ( "zlib-dynamic", ); foreach my $proto ((@tls, @dtls)) - { - push(@disablables, $proto); - push(@disablables, "$proto-method") unless $proto eq "tls1_3"; - } + { + push(@disablables, $proto); + push(@disablables, "$proto-method") unless $proto eq "tls1_3"; + } my %deprecated_disablables = ( "ssl2" => undef, "buf-freelists" => undef, "ripemd" => "rmd160", "ui" => "ui-console", + "dso" => "", # Empty string means we're silent about it ); # All of the following are disabled by default: our %disabled = ( # "what" => "comment" - "asan" => "default", - "crypto-mdebug" => "default", - "crypto-mdebug-backtrace" => "default", - "devcryptoeng" => "default", - "ec_nistp_64_gcc_128" => "default", - "egd" => "default", - "external-tests" => "default", - "fuzz-libfuzzer" => "default", - "fuzz-afl" => "default", - "heartbeats" => "default", - "md2" => "default", + "asan" => "default", + "buildtest-c++" => "default", + "crypto-mdebug" => "default", + "crypto-mdebug-backtrace" => "default", + "devcryptoeng" => "default", + "ec_nistp_64_gcc_128" => "default", + "egd" => "default", + "external-tests" => "default", + "fuzz-libfuzzer" => "default", + "fuzz-afl" => "default", + "heartbeats" => "default", + "md2" => "default", "msan" => "default", - "rc5" => "default", - "sctp" => "default", - "ssl-trace" => "default", - "ssl3" => "default", - "ssl3-method" => "default", - "ubsan" => "default", - "unit-test" => "default", - "weak-ssl-ciphers" => "default", - "zlib" => "default", - "zlib-dynamic" => "default", - ); + "rc5" => "default", + "sctp" => "default", + "ssl-trace" => "default", + "ssl3" => "default", + "ssl3-method" => "default", + "ubsan" => "default", + "unit-test" => "default", + "weak-ssl-ciphers" => "default", + "zlib" => "default", + "zlib-dynamic" => "default", + ); # Note: => pair form used for aesthetics, not to truly make a hash table my @disable_cascades = ( - # "what" => [ "cascade", ... ] + # "what" => [ "cascade", ... ] sub { $config{processor} eq "386" } - => [ "sse2" ], - "ssl" => [ "ssl3" ], - "ssl3-method" => [ "ssl3" ], - "zlib" => [ "zlib-dynamic" ], - "des" => [ "mdc2" ], - "ec" => [ "ecdsa", "ecdh" ], + => [ "sse2" ], + "ssl" => [ "ssl3" ], + "ssl3-method" => [ "ssl3" ], + "zlib" => [ "zlib-dynamic" ], + "des" => [ "mdc2" ], + "ec" => [ "ecdsa", "ecdh" ], - "dgram" => [ "dtls", "sctp" ], - "sock" => [ "dgram" ], - "dtls" => [ @dtls ], + "dgram" => [ "dtls", "sctp" ], + "sock" => [ "dgram" ], + "dtls" => [ @dtls ], sub { 0 == scalar grep { !$disabled{$_} } @dtls } - => [ "dtls" ], + => [ "dtls" ], - "tls" => [ @tls ], + "tls" => [ @tls ], sub { 0 == scalar grep { !$disabled{$_} } @tls } - => [ "tls" ], + => [ "tls" ], "crypto-mdebug" => [ "crypto-mdebug-backtrace" ], - # Without DSO, we can't load dynamic engines, so don't build them dynamic - "dso" => [ "dynamic-engine" ], - # Without position independent code, there can be no shared libraries or DSOs "pic" => [ "shared" ], "shared" => [ "dynamic-engine" ], @@ -510,14 +506,14 @@ my @list = (reverse @tls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } - => [ @list ] ); + => [ @list ] ); unshift @list, $second; } my @list = (reverse @dtls); while ((my $first, my $second) = (shift @list, shift @list)) { last unless @list; push @disable_cascades, ( sub { !$disabled{$first} && $disabled{$second} } - => [ @list ] ); + => [ @list ] ); unshift @list, $second; } @@ -544,24 +540,24 @@ my %user = ( AS => undef, ASFLAGS => [], CC => env('CC'), - CFLAGS => [], + CFLAGS => [ env('CFLAGS') || () ], CXX => env('CXX'), - CXXFLAGS => [], + CXXFLAGS => [ env('CXXFLAGS') || () ], CPP => undef, - CPPFLAGS => [], # -D, -I, -Wp, + CPPFLAGS => [ env('CPPFLAGS') || () ], # -D, -I, -Wp, CPPDEFINES => [], # Alternative for -D CPPINCLUDES => [], # Alternative for -I CROSS_COMPILE => env('CROSS_COMPILE'), HASHBANGPERL=> env('HASHBANGPERL') || env('PERL'), LD => undef, - LDFLAGS => [], # -L, -Wl, - LDLIBS => [], # -l + LDFLAGS => [ env('LDFLAGS') || () ], # -L, -Wl, + LDLIBS => [ env('LDLIBS') || () ], # -l MT => undef, MTFLAGS => [], PERL => env('PERL') || ($^O ne "VMS" ? $^X : "perl"), RANLIB => env('RANLIB'), RC => env('RC') || env('WINDRES'), - RCFLAGS => [], + RCFLAGS => [ env('RCFLAGS') || () ], RM => undef, ); # Info about what "make variables" may be prefixed with the cross compiler @@ -578,6 +574,7 @@ my %useradd = ( CXXFLAGS => [], LDFLAGS => [], LDLIBS => [], + RCFLAGS => [], ); my %user_synonyms = ( @@ -625,43 +622,43 @@ my %deprecated_options = (); my @known_seed_sources = qw(getrandom devrandom os egd none rdcpu librandom); my @seed_sources = (); while (@argvcopy) - { - $_ = shift @argvcopy; + { + $_ = shift @argvcopy; - # Support env variable assignments among the options - if (m|^(\w+)=(.+)?$|) - { - $cmdvars{$1} = $2; - # Every time a variable is given as a configuration argument, - # it acts as a reset if the variable. - if (exists $user{$1}) - { - $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef; - } - #if (exists $useradd{$1}) - # { - # $useradd{$1} = []; - # } - next; - } + # Support env variable assignments among the options + if (m|^(\w+)=(.+)?$|) + { + $cmdvars{$1} = $2; + # Every time a variable is given as a configuration argument, + # it acts as a reset if the variable. + if (exists $user{$1}) + { + $user{$1} = ref $user{$1} eq "ARRAY" ? [] : undef; + } + #if (exists $useradd{$1}) + # { + # $useradd{$1} = []; + # } + next; + } - # VMS is a case insensitive environment, and depending on settings - # out of our control, we may receive options uppercased. Let's - # downcase at least the part before any equal sign. - if ($^O eq "VMS") - { - s/^([^=]*)/lc($1)/e; - } + # VMS is a case insensitive environment, and depending on settings + # out of our control, we may receive options uppercased. Let's + # downcase at least the part before any equal sign. + if ($^O eq "VMS") + { + s/^([^=]*)/lc($1)/e; + } - # some people just can't read the instructions, clang people have to... - s/^-no-(?!integrated-as)/no-/; + # some people just can't read the instructions, clang people have to... + s/^-no-(?!integrated-as)/no-/; - # rewrite some options in "enable-..." form - s /^-?-?shared$/enable-shared/; - s /^sctp$/enable-sctp/; - s /^threads$/enable-threads/; - s /^zlib$/enable-zlib/; - s /^zlib-dynamic$/enable-zlib-dynamic/; + # rewrite some options in "enable-..." form + s /^-?-?shared$/enable-shared/; + s /^sctp$/enable-sctp/; + s /^threads$/enable-threads/; + s /^zlib$/enable-zlib/; + s /^zlib-dynamic$/enable-zlib-dynamic/; if (/^(no|disable|enable)-(.+)$/) { @@ -715,21 +712,24 @@ while (@argvcopy) } elsif (exists $deprecated_disablables{$1}) { - $deprecated_options{$_} = 1; - if (defined $deprecated_disablables{$1}) + if ($deprecated_disablables{$1} ne "") { - $disabled{$deprecated_disablables{$1}} = "option"; + $deprecated_options{$_} = 1; + if (defined $deprecated_disablables{$1}) + { + $disabled{$deprecated_disablables{$1}} = "option"; + } } } else { $disabled{$1} = "option"; } - # No longer an automatic choice - $auto_threads = 0 if ($1 eq "threads"); - } - elsif (/^enable-(.+)$/) - { + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); + } + elsif (/^enable-(.+)$/) + { if ($1 eq "static-engine") { $disabled{"dynamic-engine"} = "option"; @@ -742,173 +742,172 @@ while (@argvcopy) { delete $disabled{"zlib"}; } - my $algo = $1; - delete $disabled{$algo}; + my $algo = $1; + delete $disabled{$algo}; - # No longer an automatic choice - $auto_threads = 0 if ($1 eq "threads"); - } - elsif (/^--strict-warnings$/) - { - $strict_warnings = 1; - } - elsif (/^--debug$/) - { - $config{build_type} = "debug"; - } - elsif (/^--release$/) - { - $config{build_type} = "release"; - } - elsif (/^386$/) - { $config{processor}=386; } - elsif (/^fips$/) - { - die "FIPS mode not supported\n"; - } - elsif (/^rsaref$/) - { - # No RSAref support any more since it's not needed. - # The check for the option is there so scripts aren't - # broken - } - elsif (/^nofipscanistercheck$/) - { - die "FIPS mode not supported\n"; - } - elsif (/^[-+]/) - { - if (/^--prefix=(.*)$/) - { - $config{prefix}=$1; - die "Directory given with --prefix MUST be absolute\n" - unless file_name_is_absolute($config{prefix}); - } - elsif (/^--api=(.*)$/) - { - $config{api}=$1; - } - elsif (/^--libdir=(.*)$/) - { - $config{libdir}=$1; - } - elsif (/^--openssldir=(.*)$/) - { - $config{openssldir}=$1; - } - elsif (/^--with-zlib-lib=(.*)$/) - { - $withargs{zlib_lib}=$1; - } - elsif (/^--with-zlib-include=(.*)$/) - { - $withargs{zlib_include}=$1; - } - elsif (/^--with-fuzzer-lib=(.*)$/) - { - $withargs{fuzzer_lib}=$1; - } - elsif (/^--with-fuzzer-include=(.*)$/) - { - $withargs{fuzzer_include}=$1; - } - elsif (/^--with-rand-seed=(.*)$/) - { - foreach my $x (split(m|,|, $1)) - { - die "Unknown --with-rand-seed choice $x\n" - if ! grep { $x eq $_ } @known_seed_sources; - push @seed_sources, $x; - } + # No longer an automatic choice + $auto_threads = 0 if ($1 eq "threads"); + } + elsif (/^--strict-warnings$/) + { + # Pretend that our strict flags is a C flag, and replace it + # with the proper flags later on + push @{$useradd{CFLAGS}}, '--ossl-strict-warnings'; + $strict_warnings=1; + } + elsif (/^--debug$/) + { + $config{build_type} = "debug"; + } + elsif (/^--release$/) + { + $config{build_type} = "release"; + } + elsif (/^386$/) + { $config{processor}=386; } + elsif (/^fips$/) + { + die "FIPS mode not supported\n"; + } + elsif (/^rsaref$/) + { + # No RSAref support any more since it's not needed. + # The check for the option is there so scripts aren't + # broken + } + elsif (/^nofipscanistercheck$/) + { + die "FIPS mode not supported\n"; + } + elsif (/^[-+]/) + { + if (/^--prefix=(.*)$/) + { + $config{prefix}=$1; + die "Directory given with --prefix MUST be absolute\n" + unless file_name_is_absolute($config{prefix}); } - elsif (/^--cross-compile-prefix=(.*)$/) - { - $user{CROSS_COMPILE}=$1; - } - elsif (/^--config=(.*)$/) - { - read_config $1; - } - elsif (/^-l(.*)$/) - { - push @{$useradd{LDLIBS}}, $_; - } - elsif (/^-framework$/) - { - push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); - } - elsif (/^-L(.*)$/ or /^-Wl,/) - { - push @{$useradd{LDFLAGS}}, $_; - } - elsif (/^-rpath$/ or /^-R$/) - # -rpath is the OSF1 rpath flag - # -R is the old Solaris rpath flag - { - my $rpath = shift(@argvcopy) || ""; - $rpath .= " " if $rpath ne ""; - push @{$useradd{LDFLAGS}}, $_, $rpath; - } - elsif (/^-static$/) - { - push @{$useradd{LDFLAGS}}, $_; - $disabled{"dso"} = "forced"; - $disabled{"pic"} = "forced"; - $disabled{"shared"} = "forced"; - $disabled{"threads"} = "forced"; - } - elsif (/^-D(.*)$/) - { - push @{$useradd{CPPDEFINES}}, $1; - } - elsif (/^-I(.*)$/) - { - push @{$useradd{CPPINCLUDES}}, $1; - } - elsif (/^-Wp,$/) - { - push @{$useradd{CPPFLAGS}}, $1; - } - else # common if (/^[-+]/), just pass down... - { - $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; - push @{$useradd{CFLAGS}}, $_; - push @{$useradd{CXXFLAGS}}, $_; - } - } - else - { - die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); - $target=$_; - } - unless ($_ eq $target || /^no-/ || /^disable-/) - { - # "no-..." follows later after implied deactivations - # have been derived. (Don't take this too seriously, - # we really only write OPTIONS to the Makefile out of - # nostalgia.) + elsif (/^--api=(.*)$/) + { + $config{api}=$1; + } + elsif (/^--libdir=(.*)$/) + { + $config{libdir}=$1; + } + elsif (/^--openssldir=(.*)$/) + { + $config{openssldir}=$1; + } + elsif (/^--with-zlib-lib=(.*)$/) + { + $withargs{zlib_lib}=$1; + } + elsif (/^--with-zlib-include=(.*)$/) + { + $withargs{zlib_include}=$1; + } + elsif (/^--with-fuzzer-lib=(.*)$/) + { + $withargs{fuzzer_lib}=$1; + } + elsif (/^--with-fuzzer-include=(.*)$/) + { + $withargs{fuzzer_include}=$1; + } + elsif (/^--with-rand-seed=(.*)$/) + { + foreach my $x (split(m|,|, $1)) + { + die "Unknown --with-rand-seed choice $x\n" + if ! grep { $x eq $_ } @known_seed_sources; + push @seed_sources, $x; + } + } + elsif (/^--cross-compile-prefix=(.*)$/) + { + $user{CROSS_COMPILE}=$1; + } + elsif (/^--config=(.*)$/) + { + read_config $1; + } + elsif (/^-l(.*)$/) + { + push @{$useradd{LDLIBS}}, $_; + } + elsif (/^-framework$/) + { + push @{$useradd{LDLIBS}}, $_, shift(@argvcopy); + } + elsif (/^-L(.*)$/ or /^-Wl,/) + { + push @{$useradd{LDFLAGS}}, $_; + } + elsif (/^-rpath$/ or /^-R$/) + # -rpath is the OSF1 rpath flag + # -R is the old Solaris rpath flag + { + my $rpath = shift(@argvcopy) || ""; + $rpath .= " " if $rpath ne ""; + push @{$useradd{LDFLAGS}}, $_, $rpath; + } + elsif (/^-static$/) + { + push @{$useradd{LDFLAGS}}, $_; + } + elsif (/^-D(.*)$/) + { + push @{$useradd{CPPDEFINES}}, $1; + } + elsif (/^-I(.*)$/) + { + push @{$useradd{CPPINCLUDES}}, $1; + } + elsif (/^-Wp,$/) + { + push @{$useradd{CPPFLAGS}}, $1; + } + else # common if (/^[-+]/), just pass down... + { + $_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei; + push @{$useradd{CFLAGS}}, $_; + push @{$useradd{CXXFLAGS}}, $_; + } + } + else + { + die "target already defined - $target (offending arg: $_)\n" if ($target ne ""); + $target=$_; + } + unless ($_ eq $target || /^no-/ || /^disable-/) + { + # "no-..." follows later after implied deactivations + # have been derived. (Don't take this too seriously, + # we really only write OPTIONS to the Makefile out of + # nostalgia.) - if ($config{options} eq "") - { $config{options} = $_; } - else - { $config{options} .= " ".$_; } - } - } + if ($config{options} eq "") + { $config{options} = $_; } + else + { $config{options} .= " ".$_; } + } + } if (defined($config{api}) && !exists $apitable->{$config{api}}) { - die "***** Unsupported api compatibility level: $config{api}\n", + die "***** Unsupported api compatibility level: $config{api}\n", } if (keys %deprecated_options) - { - warn "***** Deprecated options: ", - join(", ", keys %deprecated_options), "\n"; - } + { + warn "***** Deprecated options: ", + join(", ", keys %deprecated_options), "\n"; + } if (keys %unsupported_options) - { - die "***** Unsupported options: ", - join(", ", keys %unsupported_options), "\n"; - } + { + die "***** Unsupported options: ", + join(", ", keys %unsupported_options), "\n"; + } # If any %useradd entry has been set, we must check that the "make # variables" haven't been set. We start by checking of any %useradd entry @@ -964,36 +963,46 @@ if (grep { /-rpath\b/ } ($user{LDFLAGS} ? @{$user{LDFL && !$disabled{shared} && !($disabled{asan} && $disabled{msan} && $disabled{ubsan})) { die "***** Cannot simultaneously use -rpath, shared libraries, and\n", - "***** any of asan, msan or ubsan\n"; + "***** any of asan, msan or ubsan\n"; } -my @tocheckfor = (keys %disabled); -while (@tocheckfor) { - my %new_tocheckfor = (); - my @cascade_copy = (@disable_cascades); - while (@cascade_copy) { - my ($test, $descendents) = (shift @cascade_copy, shift @cascade_copy); - if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { - foreach(grep { !defined($disabled{$_}) } @$descendents) { - $new_tocheckfor{$_} = 1; $disabled{$_} = "forced"; - } - } +sub disable { + my $disable_type = shift; + + for (@_) { + $disabled{$_} = $disable_type; } - @tocheckfor = (keys %new_tocheckfor); + + my @tocheckfor = (@_ ? @_ : keys %disabled); + while (@tocheckfor) { + my %new_tocheckfor = (); + my @cascade_copy = (@disable_cascades); + while (@cascade_copy) { + my ($test, $descendents) = + (shift @cascade_copy, shift @cascade_copy); + if (ref($test) eq "CODE" ? $test->() : defined($disabled{$test})) { + foreach (grep { !defined($disabled{$_}) } @$descendents) { + $new_tocheckfor{$_} = 1; $disabled{$_} = "cascade"; + } + } + } + @tocheckfor = (keys %new_tocheckfor); + } } +disable(); # First cascade run our $die = sub { die @_; }; if ($target eq "TABLE") { local $die = sub { warn @_; }; foreach (sort keys %table) { - print_table_entry($_, "TABLE"); + print_table_entry($_, "TABLE"); } exit 0; } if ($target eq "LIST") { foreach (sort keys %table) { - print $_,"\n" unless $table{$_}->{template}; + print $_,"\n" unless $table{$_}->{template}; } exit 0; } @@ -1002,7 +1011,7 @@ if ($target eq "HASH") { local $die = sub { warn @_; }; print "%table = (\n"; foreach (sort keys %table) { - print_table_entry($_, "HASH"); + print_table_entry($_, "HASH"); } exit 0; } @@ -1033,7 +1042,7 @@ _____ } push @{$config{openssl_other_defines}}, map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" } - @seed_sources; + @seed_sources; # Backward compatibility? if ($target =~ m/^CygWin32(-.*)$/) { @@ -1047,7 +1056,7 @@ if ($d) { # If we do not find debug-foo in the table, the target is set to foo. if (!$table{$target}) { - $target = $t; + $target = $t; } } @@ -1064,47 +1073,11 @@ foreach (keys %target_attr_translate) { %target = ( %{$table{DEFAULTS}}, %target ); -# Make the flags to build DSOs the same as for shared libraries unless they -# are already defined -$target{module_cflags} = $target{shared_cflag} unless defined $target{module_cflags}; -$target{module_cxxflags} = $target{shared_cxxflag} unless defined $target{module_cxxflags}; -$target{module_ldflags} = $target{shared_ldflag} unless defined $target{module_ldflags}; *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@freebsd.org Tue May 28 20:08:43 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48E0415AAB03; Tue, 28 May 2019 20:08:43 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E4CFF8F7A9; Tue, 28 May 2019 20:08:42 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A72161F2FC; Tue, 28 May 2019 20:08:42 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SK8gqc057507; Tue, 28 May 2019 20:08:42 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SK8gkj057506; Tue, 28 May 2019 20:08:42 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282008.x4SK8gkj057506@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 20:08:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348334 - vendor-crypto/openssl/1.1.1c X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: vendor-crypto/openssl/1.1.1c X-SVN-Commit-Revision: 348334 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: E4CFF8F7A9 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.95)[-0.954,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 20:08:43 -0000 Author: jkim Date: Tue May 28 20:08:42 2019 New Revision: 348334 URL: https://svnweb.freebsd.org/changeset/base/348334 Log: Tag OpenSSL 1.1.1c. Added: vendor-crypto/openssl/1.1.1c/ - copied from r348333, vendor-crypto/openssl/dist/ From owner-svn-src-vendor@freebsd.org Tue May 28 20:13:59 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8E2BC15AAF22; Tue, 28 May 2019 20:13:59 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3C8738FD87; Tue, 28 May 2019 20:13:59 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0EE871F49E; Tue, 28 May 2019 20:13:59 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SKDxg0062577; Tue, 28 May 2019 20:13:59 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SKDsNU062550; Tue, 28 May 2019 20:13:54 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282013.x4SKDsNU062550@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 20:13:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348335 - in vendor-crypto/openssl/dist-1.0.2: . apps crypto crypto/dh crypto/dsa crypto/ec crypto/ecdh crypto/err crypto/rsa doc/apps ssl X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: in vendor-crypto/openssl/dist-1.0.2: . apps crypto crypto/dh crypto/dsa crypto/ec crypto/ecdh crypto/err crypto/rsa doc/apps ssl X-SVN-Commit-Revision: 348335 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3C8738FD87 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.964,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 20:14:00 -0000 Author: jkim Date: Tue May 28 20:13:54 2019 New Revision: 348335 URL: https://svnweb.freebsd.org/changeset/base/348335 Log: Import OpenSSL 1.0.2s. Modified: vendor-crypto/openssl/dist-1.0.2/CHANGES vendor-crypto/openssl/dist-1.0.2/Configure vendor-crypto/openssl/dist-1.0.2/FREEBSD-upgrade vendor-crypto/openssl/dist-1.0.2/Makefile vendor-crypto/openssl/dist-1.0.2/README vendor-crypto/openssl/dist-1.0.2/apps/CA.pl vendor-crypto/openssl/dist-1.0.2/config vendor-crypto/openssl/dist-1.0.2/crypto/dh/dh_pmeth.c vendor-crypto/openssl/dist-1.0.2/crypto/dsa/dsa_pmeth.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec2_oct.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_lib.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_mult.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_nistp521.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_oct.c vendor-crypto/openssl/dist-1.0.2/crypto/ec/ectest.c vendor-crypto/openssl/dist-1.0.2/crypto/ecdh/ech_ossl.c vendor-crypto/openssl/dist-1.0.2/crypto/err/err.c vendor-crypto/openssl/dist-1.0.2/crypto/err/err.h vendor-crypto/openssl/dist-1.0.2/crypto/opensslv.h vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_eay.c vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_oaep.c vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pk1.c vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pmeth.c vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_ssl.c vendor-crypto/openssl/dist-1.0.2/doc/apps/genpkey.pod vendor-crypto/openssl/dist-1.0.2/ssl/d1_pkt.c vendor-crypto/openssl/dist-1.0.2/ssl/s3_pkt.c Modified: vendor-crypto/openssl/dist-1.0.2/CHANGES ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/CHANGES Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/CHANGES Tue May 28 20:13:54 2019 (r348335) @@ -7,6 +7,23 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.0.2r and 1.0.2s [28 May 2019] + + *) Change the default RSA, DSA and DH size to 2048 bit instead of 1024. + This changes the size when using the genpkey app when no size is given. It + fixes an omission in earlier changes that changed all RSA, DSA and DH + generation apps to use 2048 bits by default. + [Kurt Roeckx] + + *) Add FIPS support for Android Arm 64-bit + + Support for Android Arm 64-bit was added to the OpenSSL FIPS Object + Module in Version 2.0.10. For some reason, the corresponding target + 'android64-aarch64' was missing OpenSSL 1.0.2, whence it could not be + built with FIPS support on Android Arm 64-bit. This omission has been + fixed. + [Matthias St. Pierre] + Changes between 1.0.2q and 1.0.2r [26 Feb 2019] *) 0-byte record padding oracle Modified: vendor-crypto/openssl/dist-1.0.2/Configure ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/Configure Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/Configure Tue May 28 20:13:54 2019 (r348335) @@ -475,6 +475,7 @@ my %table=( "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"android64-aarch64","gcc:-mandroid -fPIC -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-pie%-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### *BSD [do see comment about ${BSDthreads} above!] "BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", Modified: vendor-crypto/openssl/dist-1.0.2/FREEBSD-upgrade ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/FREEBSD-upgrade Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/FREEBSD-upgrade Tue May 28 20:13:54 2019 (r348335) @@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/SubversionPrimer/V # Xlist setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist setenv FSVN "svn+ssh://repo.freebsd.org/base" -setenv OSSLVER 1.0.2r -# OSSLTAG format: v1_0_2r +setenv OSSLVER 1.0.2s +# OSSLTAG format: v1_0_2s ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _` Modified: vendor-crypto/openssl/dist-1.0.2/Makefile ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/Makefile Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/Makefile Tue May 28 20:13:54 2019 (r348335) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.2r +VERSION=1.0.2s MAJOR=1 MINOR=0.2 SHLIB_VERSION_NUMBER=1.0.0 @@ -70,7 +70,7 @@ AR= ar $(ARFLAGS) r RANLIB= /usr/bin/ranlib RC= windres NM= nm -PERL= /usr/bin/perl +PERL= /usr/local/bin/perl TAR= tar TARFLAGS= --no-recursion MAKEDEPPROG= gcc Modified: vendor-crypto/openssl/dist-1.0.2/README ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/README Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/README Tue May 28 20:13:54 2019 (r348335) @@ -1,7 +1,7 @@ - OpenSSL 1.0.2r 26 Feb 2019 + OpenSSL 1.0.2s 28 May 2019 - Copyright (c) 1998-2018 The OpenSSL Project + Copyright (c) 1998-2019 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. Modified: vendor-crypto/openssl/dist-1.0.2/apps/CA.pl ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/apps/CA.pl Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/apps/CA.pl Tue May 28 20:13:54 2019 (r348335) @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/local/bin/perl # # CA - wrapper around ca to make it easier to use ... basically ca requires # some setup stuff to be done before you can use it and this makes Modified: vendor-crypto/openssl/dist-1.0.2/config ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/config Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/config Tue May 28 20:13:54 2019 (r348335) @@ -871,6 +871,7 @@ case "$GUESSOS" in *-*-qnx6) OUT="QNX6" ;; x86-*-android|i?86-*-android) OUT="android-x86" ;; armv[7-9]*-*-android) OUT="android-armv7" ;; + aarch64-*-android) OUT="android64-aarch64" ;; *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;; esac Modified: vendor-crypto/openssl/dist-1.0.2/crypto/dh/dh_pmeth.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/dh/dh_pmeth.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/dh/dh_pmeth.c Tue May 28 20:13:54 2019 (r348335) @@ -3,7 +3,7 @@ * 2006. */ /* ==================================================================== - * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -101,7 +101,7 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx) dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX)); if (!dctx) return 0; - dctx->prime_len = 1024; + dctx->prime_len = 2048; dctx->subprime_len = -1; dctx->generator = 2; dctx->use_dsa = 0; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/dsa/dsa_pmeth.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/dsa/dsa_pmeth.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/dsa/dsa_pmeth.c Tue May 28 20:13:54 2019 (r348335) @@ -3,7 +3,7 @@ * 2006. */ /* ==================================================================== - * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -69,8 +69,8 @@ typedef struct { /* Parameter gen parameters */ - int nbits; /* size of p in bits (default: 1024) */ - int qbits; /* size of q in bits (default: 160) */ + int nbits; /* size of p in bits (default: 2048) */ + int qbits; /* size of q in bits (default: 224) */ const EVP_MD *pmd; /* MD for parameter generation */ /* Keygen callback info */ int gentmp[2]; @@ -84,8 +84,8 @@ static int pkey_dsa_init(EVP_PKEY_CTX *ctx) dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX)); if (!dctx) return 0; - dctx->nbits = 1024; - dctx->qbits = 160; + dctx->nbits = 2048; + dctx->qbits = 224; dctx->pmd = NULL; dctx->md = NULL; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec2_oct.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec2_oct.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec2_oct.c Tue May 28 20:13:54 2019 (r348335) @@ -14,7 +14,7 @@ * */ /* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -299,7 +299,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC BN_CTX *ctx) { point_conversion_form_t form; - int y_bit; + int y_bit, m; BN_CTX *new_ctx = NULL; BIGNUM *x, *y, *yxi; size_t field_len, enc_len; @@ -332,7 +332,8 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC return EC_POINT_set_to_infinity(group, point); } - field_len = (EC_GROUP_get_degree(group) + 7) / 8; + m = EC_GROUP_get_degree(group); + field_len = (m + 7) / 8; enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; @@ -357,7 +358,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC if (!BN_bin2bn(buf + 1, field_len, x)) goto err; - if (BN_ucmp(x, &group->field) >= 0) { + if (BN_num_bits(x) > m) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } @@ -369,7 +370,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC } else { if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err; - if (BN_ucmp(y, &group->field) >= 0) { + if (BN_num_bits(y) > m) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } @@ -382,14 +383,12 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC } } + /* + * EC_POINT_set_affine_coordinates_GF2m is responsible for checking that + * the point is on the curve. + */ if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; - } - - /* test required by X9.62 */ - if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { - ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); - goto err; } ret = 1; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_lib.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_lib.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_lib.c Tue May 28 20:13:54 2019 (r348335) @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -872,7 +872,15 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); + if (!group->meth->point_set_affine_coordinates(group, point, x, y, ctx)) + return 0; + + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { + ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, + EC_R_POINT_IS_NOT_ON_CURVE); + return 0; + } + return 1; } #ifndef OPENSSL_NO_EC2M @@ -890,7 +898,15 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROU EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); + if (!group->meth->point_set_affine_coordinates(group, point, x, y, ctx)) + return 0; + + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { + ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, + EC_R_POINT_IS_NOT_ON_CURVE); + return 0; + } + return 1; } #endif Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_mult.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_mult.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ec_mult.c Tue May 28 20:13:54 2019 (r348335) @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -519,7 +519,7 @@ static int ec_mul_consttime(const EC_GROUP *group, EC_ ret = 1; err: - EC_POINT_free(s); + EC_POINT_clear_free(s); BN_CTX_end(ctx); BN_CTX_free(new_ctx); Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_nistp521.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_nistp521.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_nistp521.c Tue May 28 20:13:54 2019 (r348335) @@ -356,10 +356,15 @@ static void felem_diff64(felem out, const felem in) static void felem_diff_128_64(largefelem out, const felem in) { /* - * In order to prevent underflow, we add 0 mod p before subtracting. + * In order to prevent underflow, we add 64p mod p (which is equivalent + * to 0 mod p) before subtracting. p is 2^521 - 1, i.e. in binary a 521 + * digit number with all bits set to 1. See "The representation of field + * elements" comment above for a description of how limbs are used to + * represent a number. 64p is represented with 8 limbs containing a number + * with 58 bits set and one limb with a number with 57 bits set. */ - static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5); - static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4); + static const limb two63m6 = (((limb) 1) << 63) - (((limb) 1) << 6); + static const limb two63m5 = (((limb) 1) << 63) - (((limb) 1) << 5); out[0] += two63m6 - in[0]; out[1] += two63m5 - in[1]; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_oct.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_oct.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ecp_oct.c Tue May 28 20:13:54 2019 (r348335) @@ -5,7 +5,7 @@ * OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -408,14 +408,12 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_ } } + /* + * EC_POINT_set_affine_coordinates_GFp is responsible for checking that + * the point is on the curve. + */ if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err; - } - - /* test required by X9.62 */ - if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { - ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); - goto err; } ret = 1; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ec/ectest.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ec/ectest.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ec/ectest.c Tue May 28 20:13:54 2019 (r348335) @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -325,7 +325,7 @@ static void prime_field_tests(void) EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z; + BIGNUM *x, *y, *z, *yplusone; unsigned char buf[100]; size_t i, len; int k; @@ -405,7 +405,8 @@ static void prime_field_tests(void) x = BN_new(); y = BN_new(); z = BN_new(); - if (!x || !y || !z) + yplusone = BN_new(); + if (x == NULL || y == NULL || z == NULL || yplusone == NULL) ABORT; if (!BN_hex2bn(&x, "D")) @@ -542,6 +543,14 @@ static void prime_field_tests(void) ABORT; if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; if (EC_POINT_is_on_curve(group, P, ctx) <= 0) @@ -613,6 +622,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 192) ABORT; @@ -668,6 +686,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 224) ABORT; @@ -728,6 +755,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 256) ABORT; @@ -783,6 +819,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 384) ABORT; @@ -844,6 +889,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 521) ABORT; @@ -858,6 +912,10 @@ static void prime_field_tests(void) /* more tests using the last curve */ + /* Restore the point that got mangled in the (x, y + 1) test. */ + if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) + ABORT; + if (!EC_POINT_copy(Q, P)) ABORT; if (EC_POINT_is_at_infinity(group, Q)) @@ -987,6 +1045,7 @@ static void prime_field_tests(void) BN_free(x); BN_free(y); BN_free(z); + BN_free(yplusone); if (P_160) EC_GROUP_free(P_160); @@ -1007,6 +1066,13 @@ static void prime_field_tests(void) # ifdef OPENSSL_EC_BIN_PT_COMP # define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ + /* \ + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ + * and therefore setting the coordinates should fail. \ + */ \ + if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ @@ -1025,6 +1091,12 @@ static void prime_field_tests(void) # define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ if (!BN_hex2bn(&x, _x)) ABORT; \ if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ + /* \ + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ + * and therefore setting the coordinates should fail. \ + */ \ + if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ @@ -1062,7 +1134,7 @@ static void char2_field_tests(void) EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z, *cof; + BIGNUM *x, *y, *z, *cof, *yplusone; unsigned char buf[100]; size_t i, len; int k; @@ -1076,7 +1148,7 @@ static void char2_field_tests(void) p = BN_new(); a = BN_new(); b = BN_new(); - if (!p || !a || !b) + if (p == NULL || a == NULL || b == NULL) ABORT; if (!BN_hex2bn(&p, "13")) @@ -1142,7 +1214,8 @@ static void char2_field_tests(void) y = BN_new(); z = BN_new(); cof = BN_new(); - if (!x || !y || !z || !cof) + yplusone = BN_new(); + if (x == NULL || y == NULL || z == NULL || cof == NULL || yplusone == NULL) ABORT; if (!BN_hex2bn(&x, "6")) @@ -1504,6 +1577,7 @@ static void char2_field_tests(void) BN_free(y); BN_free(z); BN_free(cof); + BN_free(yplusone); if (C2_K163) EC_GROUP_free(C2_K163); @@ -1672,7 +1746,7 @@ static const struct nistp_test_params nistp_tests_para static void nistp_single_test(const struct nistp_test_params *test) { BN_CTX *ctx; - BIGNUM *p, *a, *b, *x, *y, *n, *m, *order; + BIGNUM *p, *a, *b, *x, *y, *n, *m, *order, *yplusone; EC_GROUP *NISTP; EC_POINT *G, *P, *Q, *Q_CHECK; @@ -1687,6 +1761,7 @@ static void nistp_single_test(const struct nistp_test_ m = BN_new(); n = BN_new(); order = BN_new(); + yplusone = BN_new(); NISTP = EC_GROUP_new(test->meth()); if (!NISTP) @@ -1709,6 +1784,14 @@ static void nistp_single_test(const struct nistp_test_ ABORT; if (!BN_hex2bn(&y, test->Qy)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, yplusone, ctx)) + ABORT; if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT; if (!BN_hex2bn(&x, test->Gx)) @@ -1811,6 +1894,7 @@ static void nistp_single_test(const struct nistp_test_ BN_free(x); BN_free(y); BN_free(order); + BN_free(yplusone); BN_CTX_free(ctx); } Modified: vendor-crypto/openssl/dist-1.0.2/crypto/ecdh/ech_ossl.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/ecdh/ech_ossl.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/ecdh/ech_ossl.c Tue May 28 20:13:54 2019 (r348335) @@ -14,7 +14,7 @@ * */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -207,7 +207,7 @@ static int ecdh_compute_key(void *out, size_t outlen, err: if (tmp) - EC_POINT_free(tmp); + EC_POINT_clear_free(tmp); if (ctx) BN_CTX_end(ctx); if (ctx) Modified: vendor-crypto/openssl/dist-1.0.2/crypto/err/err.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/err/err.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/err/err.c Tue May 28 20:13:54 2019 (r348335) @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -827,8 +827,24 @@ static unsigned long get_error_values(int inc, int top return ERR_R_INTERNAL_ERROR; } + while (es->bottom != es->top) { + if (es->err_flags[es->top] & ERR_FLAG_CLEAR) { + err_clear(es, es->top); + es->top = es->top > 0 ? es->top - 1 : ERR_NUM_ERRORS - 1; + continue; + } + i = (es->bottom + 1) % ERR_NUM_ERRORS; + if (es->err_flags[i] & ERR_FLAG_CLEAR) { + es->bottom = i; + err_clear(es, es->bottom); + continue; + } + break; + } + if (es->bottom == es->top) return 0; + if (top) i = es->top; /* last error */ else @@ -1158,23 +1174,6 @@ int ERR_pop_to_mark(void) return 1; } -#ifdef UINTPTR_T -# undef UINTPTR_T -#endif -/* - * uintptr_t is the answer, but unformtunately we can't assume that all - * compilers supported by 1.0.2 have it :-( - */ -#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE==64 -/* - * But we can't use size_t on VMS, because it adheres to sizeof(size_t)==4 - * even in 64-bit builds, which means that it won't work as mask. - */ -# define UINTPTR_T unsigned long long -#else -# define UINTPTR_T size_t -#endif - void err_clear_last_constant_time(int clear) { ERR_STATE *es; @@ -1186,11 +1185,11 @@ void err_clear_last_constant_time(int clear) top = es->top; - es->err_flags[top] &= ~(0 - clear); - es->err_buffer[top] &= ~(0UL - clear); - es->err_file[top] = (const char *)((UINTPTR_T)es->err_file[top] & - ~((UINTPTR_T)0 - clear)); - es->err_line[top] |= 0 - clear; - - es->top = (top + ERR_NUM_ERRORS - clear) % ERR_NUM_ERRORS; + /* + * Flag error as cleared but remove it elsewhere to avoid two errors + * accessing the same error stack location, revealing timing information. + */ + clear = constant_time_select_int(constant_time_eq_int(clear, 0), + 0, ERR_FLAG_CLEAR); + es->err_flags[top] |= clear; } Modified: vendor-crypto/openssl/dist-1.0.2/crypto/err/err.h ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/err/err.h Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/err/err.h Tue May 28 20:13:54 2019 (r348335) @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -143,6 +143,7 @@ extern "C" { # define ERR_TXT_STRING 0x02 # define ERR_FLAG_MARK 0x01 +# define ERR_FLAG_CLEAR 0x02 # define ERR_NUM_ERRORS 16 typedef struct err_state_st { Modified: vendor-crypto/openssl/dist-1.0.2/crypto/opensslv.h ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/opensslv.h Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/opensslv.h Tue May 28 20:13:54 2019 (r348335) @@ -30,11 +30,11 @@ extern "C" { * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x1000212fL +# define OPENSSL_VERSION_NUMBER 0x1000213fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2r-fips 26 Feb 2019" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2s-fips 28 May 2019" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2r 26 Feb 2019" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2s 28 May 2019" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT Modified: vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_eay.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_eay.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_eay.c Tue May 28 20:13:54 2019 (r348335) @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== - * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -589,7 +589,7 @@ static int RSA_eay_private_decrypt(int flen, const uns goto err; } RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED); - err_clear_last_constant_time(r >= 0); + err_clear_last_constant_time(1 & ~constant_time_msb(r)); err: if (ctx != NULL) { Modified: vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_oaep.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_oaep.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_oaep.c Tue May 28 20:13:54 2019 (r348335) @@ -144,7 +144,7 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *t * |num| is the length of the modulus; |flen| is the length of the * encoded message. Therefore, for any |from| that was obtained by * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * num < 2 * mdlen + 2 must hold for the modulus irrespective of + * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective of * the ciphertext, see PKCS #1 v2.2, section 7.1.2. * This does not leak any side-channel information. */ @@ -180,17 +180,16 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *t from -= 1 & mask; *--em = *from & mask; } - from = em; /* * The first byte must be zero, however we must not leak if this is * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). */ - good = constant_time_is_zero(from[0]); + good = constant_time_is_zero(em[0]); - maskedseed = from + 1; - maskeddb = from + 1 + mdlen; + maskedseed = em + 1; + maskeddb = em + 1 + mdlen; if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) goto cleanup; @@ -231,29 +230,30 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *t mlen = dblen - msg_index; /* - * For good measure, do this check in constant tine as well. + * For good measure, do this check in constant time as well. */ good &= constant_time_ge(tlen, mlen); /* - * Even though we can't fake result's length, we can pretend copying - * |tlen| bytes where |mlen| bytes would be real. Last |tlen| of |dblen| - * bytes are viewed as circular buffer with start at |tlen|-|mlen'|, - * where |mlen'| is "saturated" |mlen| value. Deducing information - * about failure or |mlen| would take attacker's ability to observe - * memory access pattern with byte granularity *as it occurs*. It - * should be noted that failure is indistinguishable from normal - * operation if |tlen| is fixed by protocol. + * Move the result in-place by |dblen|-|mdlen|-1-|mlen| bytes to the left. + * Then if |good| move |mlen| bytes from |db|+|mdlen|+1 to |to|. + * Otherwise leave |to| unchanged. + * Copy the memory back in a way that does not reveal the size of + * the data being copied via a timing side channel. This requires copying + * parts of the buffer multiple times based on the bits set in the real + * length. Clear bits do a non-copy with identical access pattern. + * The loop below has overall complexity of O(N*log(N)). */ - tlen = constant_time_select_int(constant_time_lt(dblen, tlen), dblen, tlen); - msg_index = constant_time_select_int(good, msg_index, dblen - tlen); - mlen = dblen - msg_index; - for (from = db + msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); - - from -= dblen & equals; /* if (i == dblen) rewind */ - mask &= mask ^ equals; /* if (i == dblen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), + dblen - mdlen - 1, tlen); + for (msg_index = 1; msg_index < dblen - mdlen - 1; msg_index <<= 1) { + mask = ~constant_time_eq(msg_index & (dblen - mdlen - 1 - mlen), 0); + for (i = mdlen + 1; i < dblen - msg_index; i++) + db[i] = constant_time_select_8(mask, db[i + msg_index], db[i]); + } + for (i = 0; i < tlen; i++) { + mask = good & constant_time_lt(i, mlen); + to[i] = constant_time_select_8(mask, db[i + mdlen + 1], to[i]); } /* Modified: vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pk1.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pk1.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pk1.c Tue May 28 20:13:54 2019 (r348335) @@ -241,15 +241,14 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); /* scan over padding data */ found_zero_byte = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); @@ -257,7 +256,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -276,24 +275,25 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, good &= constant_time_ge(tlen, mlen); /* - * Even though we can't fake result's length, we can pretend copying - * |tlen| bytes where |mlen| bytes would be real. Last |tlen| of |num| - * bytes are viewed as circular buffer with start at |tlen|-|mlen'|, - * where |mlen'| is "saturated" |mlen| value. Deducing information - * about failure or |mlen| would take attacker's ability to observe - * memory access pattern with byte granularity *as it occurs*. It - * should be noted that failure is indistinguishable from normal - * operation if |tlen| is fixed by protocol. + * Move the result in-place by |num|-11-|mlen| bytes to the left. + * Then if |good| move |mlen| bytes from |em|+11 to |to|. + * Otherwise leave |to| unchanged. + * Copy the memory back in a way that does not reveal the size of + * the data being copied via a timing side channel. This requires copying + * parts of the buffer multiple times based on the bits set in the real + * length. Clear bits do a non-copy with identical access pattern. + * The loop below has overall complexity of O(N*log(N)). */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); - msg_index = constant_time_select_int(good, msg_index, num - tlen); - mlen = num - msg_index; - for (from += msg_index, mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(i, mlen); - - from -= tlen & equals; /* if (i == mlen) rewind */ - mask &= mask ^ equals; /* if (i == mlen) mask = 0 */ - to[i] = constant_time_select_8(mask, from[i], to[i]); + tlen = constant_time_select_int(constant_time_lt(num - 11, tlen), + num - 11, tlen); + for (msg_index = 1; msg_index < num - 11; msg_index <<= 1) { + mask = ~constant_time_eq(msg_index & (num - 11 - mlen), 0); + for (i = 11; i < num - msg_index; i++) + em[i] = constant_time_select_8(mask, em[i + msg_index], em[i]); + } + for (i = 0; i < tlen; i++) { + mask = good & constant_time_lt(i, mlen); + to[i] = constant_time_select_8(mask, em[i + 11], to[i]); } OPENSSL_cleanse(em, num); Modified: vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pmeth.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pmeth.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_pmeth.c Tue May 28 20:13:54 2019 (r348335) @@ -4,7 +4,7 @@ * 2006. */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2019 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -103,7 +103,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx) rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX)); if (!rctx) return 0; - rctx->nbits = 1024; + rctx->nbits = 2048; rctx->pub_exp = NULL; rctx->pad_mode = RSA_PKCS1_PADDING; rctx->md = NULL; Modified: vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_ssl.c ============================================================================== --- vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_ssl.c Tue May 28 20:08:42 2019 (r348334) +++ vendor-crypto/openssl/dist-1.0.2/crypto/rsa/rsa_ssl.c Tue May 28 20:13:54 2019 (r348335) @@ -104,7 +104,7 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen /* * Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding - * if nul delimiter is preceded by 8 consecutive 0x03 bytes. It also + * if nul delimiter is not preceded by 8 consecutive 0x03 bytes. It also * preserves error code reporting for backward compatibility. */ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, @@ -116,7 +116,10 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tl unsigned int good, found_zero_byte, mask, threes_in_row; int zero_index = 0, msg_index, mlen = -1, err; - if (flen < 10) { + if (tlen <= 0 || flen <= 0) + return -1; + + if (flen > num || num < 11) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return (-1); } @@ -138,10 +141,9 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tl from -= 1 & mask; *--em = *from & mask; } - from = em; - good = constant_time_is_zero(from[0]); - good &= constant_time_eq(from[1], 2); + good = constant_time_is_zero(em[0]); + good &= constant_time_eq(em[1], 2); err = constant_time_select_int(good, 0, RSA_R_BLOCK_TYPE_IS_NOT_02); mask = ~good; @@ -149,18 +151,18 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tl found_zero_byte = 0; threes_in_row = 0; for (i = 2; i < num; i++) { - unsigned int equals0 = constant_time_is_zero(from[i]); + unsigned int equals0 = constant_time_is_zero(em[i]); zero_index = constant_time_select_int(~found_zero_byte & equals0, i, zero_index); found_zero_byte |= equals0; threes_in_row += 1 & ~found_zero_byte; - threes_in_row &= found_zero_byte | constant_time_eq(from[i], 3); + threes_in_row &= found_zero_byte | constant_time_eq(em[i], 3); } /* - * PS must be at least 8 bytes long, and it starts two bytes into |from|. + * PS must be at least 8 bytes long, and it starts two bytes into |em|. * If we never found a 0-byte, then |zero_index| is 0 and the check * also fails. */ @@ -169,7 +171,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tl RSA_R_NULL_BEFORE_BLOCK_MISSING); mask = ~good; - good &= constant_time_lt(threes_in_row, 8); + good &= constant_time_ge(threes_in_row, 8); err = constant_time_select_int(mask | good, err, RSA_R_SSLV3_ROLLBACK_ATTACK); mask = ~good; @@ -188,24 +190,25 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tl err = constant_time_select_int(mask | good, err, RSA_R_DATA_TOO_LARGE); /* - * Even though we can't fake result's length, we can pretend copying - * |tlen| bytes where |mlen| bytes would be real. Last |tlen| of |num| - * bytes are viewed as circular buffer with start at |tlen|-|mlen'|, - * where |mlen'| is "saturated" |mlen| value. Deducing information - * about failure or |mlen| would take attacker's ability to observe - * memory access pattern with byte granularity *as it occurs*. It - * should be noted that failure is indistinguishable from normal - * operation if |tlen| is fixed by protocol. + * Move the result in-place by |num|-11-|mlen| bytes to the left. + * Then if |good| move |mlen| bytes from |em|+11 to |to|. + * Otherwise leave |to| unchanged. + * Copy the memory back in a way that does not reveal the size of + * the data being copied via a timing side channel. This requires copying + * parts of the buffer multiple times based on the bits set in the real + * length. Clear bits do a non-copy with identical access pattern. + * The loop below has overall complexity of O(N*log(N)). */ - tlen = constant_time_select_int(constant_time_lt(num, tlen), num, tlen); *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@freebsd.org Tue May 28 20:14:34 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9AAEF15AAF82; Tue, 28 May 2019 20:14:34 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3AE818FEA0; Tue, 28 May 2019 20:14:34 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E81EE1F49F; Tue, 28 May 2019 20:14:33 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SKEXJV062645; Tue, 28 May 2019 20:14:33 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SKEXDN062644; Tue, 28 May 2019 20:14:33 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282014.x4SKEXDN062644@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 20:14:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348336 - vendor-crypto/openssl/1.0.2s X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: vendor-crypto/openssl/1.0.2s X-SVN-Commit-Revision: 348336 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3AE818FEA0 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.95)[-0.954,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 20:14:34 -0000 Author: jkim Date: Tue May 28 20:14:33 2019 New Revision: 348336 URL: https://svnweb.freebsd.org/changeset/base/348336 Log: Tag OpenSSL 1.0.2s. Added: vendor-crypto/openssl/1.0.2s/ - copied from r348335, vendor-crypto/openssl/dist-1.0.2/ From owner-svn-src-vendor@freebsd.org Tue May 28 21:10:36 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8215D15AC85F; Tue, 28 May 2019 21:10:36 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 28E596B7B8; Tue, 28 May 2019 21:10:36 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 067281FD2C; Tue, 28 May 2019 21:10:36 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4SLAZmv090890; Tue, 28 May 2019 21:10:35 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4SLAZlK090889; Tue, 28 May 2019 21:10:35 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201905282110.x4SLAZlK090889@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 28 May 2019 21:10:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348339 - vendor-crypto/openssl/dist X-SVN-Group: vendor-crypto X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: vendor-crypto/openssl/dist X-SVN-Commit-Revision: 348339 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 28E596B7B8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.97)[-0.967,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 May 2019 21:10:36 -0000 Author: jkim Date: Tue May 28 21:10:35 2019 New Revision: 348339 URL: https://svnweb.freebsd.org/changeset/base/348339 Log: Import OpenSSL 1.1.1c. Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade ============================================================================== --- vendor-crypto/openssl/dist/FREEBSD-upgrade Tue May 28 20:54:59 2019 (r348338) +++ vendor-crypto/openssl/dist/FREEBSD-upgrade Tue May 28 21:10:35 2019 (r348339) @@ -11,7 +11,7 @@ First, read http://wiki.freebsd.org/SubversionPrimer/V # Xlist setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist setenv FSVN "svn+ssh://repo.freebsd.org/base" -setenv OSSLVER 1.1.1b +setenv OSSLVER 1.1.1c ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _` @@ -60,6 +60,7 @@ cd secure/lib/libcrypto # Update version number and release date in Makefile.inc # Update all opensslconf-${MACHINE_CPUARCH}.h +# Update Version.map # Regen assembly files if necessary make -f Makefile.asm all From owner-svn-src-vendor@freebsd.org Thu May 30 12:27:56 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 412E015C0DBB; Thu, 30 May 2019 12:27:56 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A9088868E4; Thu, 30 May 2019 12:27:55 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8F571190A5; Thu, 30 May 2019 12:27:55 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4UCRtHU034656; Thu, 30 May 2019 12:27:55 GMT (envelope-from mw@FreeBSD.org) Received: (from mw@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4UCRtAl034655; Thu, 30 May 2019 12:27:55 GMT (envelope-from mw@FreeBSD.org) Message-Id: <201905301227.x4UCRtAl034655@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mw set sender to mw@FreeBSD.org using -f From: Marcin Wojtas Date: Thu, 30 May 2019 12:27:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348383 - in vendor-sys/ena-com/dist: . ena_defs X-SVN-Group: vendor-sys X-SVN-Commit-Author: mw X-SVN-Commit-Paths: in vendor-sys/ena-com/dist: . ena_defs X-SVN-Commit-Revision: 348383 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: A9088868E4 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.962,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2019 12:27:56 -0000 Author: mw Date: Thu May 30 12:27:55 2019 New Revision: 348383 URL: https://svnweb.freebsd.org/changeset/base/348383 Log: Update ena-com for the ENAv2 version The new ena-com is required for the ENAv2 release of the driver. Genmask macro was fixed in the platform file. The GENMASK macro is intended to work on 32-bit values. Before this patch the, calling GENMASK(31, 0) would cause 32-bit value to be shifted by 32. This could lead to unexpected behavior, as shifting by the number greater or equal to word length is undefined operation. Submitted by: Michal Krawczyk Obtained from: Semihalf Sponsored by: Amazon, Inc. Modified: vendor-sys/ena-com/dist/ena_com.c vendor-sys/ena-com/dist/ena_com.h vendor-sys/ena-com/dist/ena_defs/ena_admin_defs.h vendor-sys/ena-com/dist/ena_defs/ena_common_defs.h vendor-sys/ena-com/dist/ena_defs/ena_eth_io_defs.h vendor-sys/ena-com/dist/ena_defs/ena_gen_info.h vendor-sys/ena-com/dist/ena_defs/ena_regs_defs.h vendor-sys/ena-com/dist/ena_eth_com.c vendor-sys/ena-com/dist/ena_eth_com.h vendor-sys/ena-com/dist/ena_plat.h Modified: vendor-sys/ena-com/dist/ena_com.c ============================================================================== --- vendor-sys/ena-com/dist/ena_com.c Thu May 30 04:09:45 2019 (r348382) +++ vendor-sys/ena-com/dist/ena_com.c Thu May 30 12:27:55 2019 (r348383) @@ -1,7 +1,7 @@ /*- * BSD LICENSE * - * Copyright (c) 2015-2017 Amazon.com, Inc. or its affiliates. + * Copyright (c) 2015-2019 Amazon.com, Inc. or its affiliates. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,9 +32,6 @@ */ #include "ena_com.h" -#ifdef ENA_INTERNAL -#include "ena_gen_info.h" -#endif /*****************************************************************************/ /*****************************************************************************/ @@ -52,9 +49,6 @@ #define ENA_EXTENDED_STAT_GET_QUEUE(_funct_queue) (_funct_queue >> 16) #endif /* ENA_EXTENDED_STATS */ -#define MIN_ENA_VER (((ENA_COMMON_SPEC_VERSION_MAJOR) << \ - ENA_REGS_VERSION_MAJOR_VERSION_SHIFT) \ - | (ENA_COMMON_SPEC_VERSION_MINOR)) #define ENA_CTRL_MAJOR 0 #define ENA_CTRL_MINOR 0 @@ -76,6 +70,8 @@ #define ENA_REGS_ADMIN_INTR_MASK 1 +#define ENA_POLL_MS 5 + /*****************************************************************************/ /*****************************************************************************/ /*****************************************************************************/ @@ -112,8 +108,8 @@ static inline int ena_com_mem_addr_set(struct ena_com_ return ENA_COM_INVAL; } - ena_addr->mem_addr_low = (u32)addr; - ena_addr->mem_addr_high = (u16)((u64)addr >> 32); + ena_addr->mem_addr_low = lower_32_bits(addr); + ena_addr->mem_addr_high = (u16)upper_32_bits(addr); return 0; } @@ -127,7 +123,7 @@ static int ena_com_admin_init_sq(struct ena_com_admin_ sq->mem_handle); if (!sq->entries) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } @@ -149,7 +145,7 @@ static int ena_com_admin_init_cq(struct ena_com_admin_ cq->mem_handle); if (!cq->entries) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } @@ -174,7 +170,7 @@ static int ena_com_admin_init_aenq(struct ena_com_dev aenq->mem_handle); if (!aenq->entries) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } @@ -249,7 +245,7 @@ static struct ena_comp_ctx *__ena_com_submit_admin_cmd tail_masked = admin_queue->sq.tail & queue_size_mask; /* In case of queue FULL */ - cnt = ATOMIC32_READ(&admin_queue->outstanding_cmds); + cnt = (u16)ATOMIC32_READ(&admin_queue->outstanding_cmds); if (cnt >= admin_queue->q_depth) { ena_trc_dbg("admin queue is full.\n"); admin_queue->stats.out_of_space++; @@ -301,7 +297,7 @@ static inline int ena_com_init_comp_ctxt(struct ena_co queue->comp_ctx = ENA_MEM_ALLOC(queue->q_dmadev, size); if (unlikely(!queue->comp_ctx)) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } @@ -320,7 +316,7 @@ static struct ena_comp_ctx *ena_com_submit_admin_cmd(s struct ena_admin_acq_entry *comp, size_t comp_size_in_bytes) { - unsigned long flags; + unsigned long flags = 0; struct ena_comp_ctx *comp_ctx; ENA_SPINLOCK_LOCK(admin_queue->q_lock, flags); @@ -332,7 +328,7 @@ static struct ena_comp_ctx *ena_com_submit_admin_cmd(s cmd_size_in_bytes, comp, comp_size_in_bytes); - if (unlikely(IS_ERR(comp_ctx))) + if (IS_ERR(comp_ctx)) admin_queue->running_state = false; ENA_SPINLOCK_UNLOCK(admin_queue->q_lock, flags); @@ -348,6 +344,7 @@ static int ena_com_init_io_sq(struct ena_com_dev *ena_ memset(&io_sq->desc_addr, 0x0, sizeof(io_sq->desc_addr)); + io_sq->dma_addr_bits = (u8)ena_dev->dma_addr_bits; io_sq->desc_entry_size = (io_sq->direction == ENA_COM_IO_QUEUE_DIRECTION_TX) ? sizeof(struct ena_eth_io_tx_desc) : @@ -373,18 +370,21 @@ static int ena_com_init_io_sq(struct ena_com_dev *ena_ } if (!io_sq->desc_addr.virt_addr) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } } if (io_sq->mem_queue_type == ENA_ADMIN_PLACEMENT_POLICY_DEV) { /* Allocate bounce buffers */ - io_sq->bounce_buf_ctrl.buffer_size = ena_dev->llq_info.desc_list_entry_size; - io_sq->bounce_buf_ctrl.buffers_num = ENA_COM_BOUNCE_BUFFER_CNTRL_CNT; + io_sq->bounce_buf_ctrl.buffer_size = + ena_dev->llq_info.desc_list_entry_size; + io_sq->bounce_buf_ctrl.buffers_num = + ENA_COM_BOUNCE_BUFFER_CNTRL_CNT; io_sq->bounce_buf_ctrl.next_to_use = 0; - size = io_sq->bounce_buf_ctrl.buffer_size * io_sq->bounce_buf_ctrl.buffers_num; + size = io_sq->bounce_buf_ctrl.buffer_size * + io_sq->bounce_buf_ctrl.buffers_num; ENA_MEM_ALLOC_NODE(ena_dev->dmadev, size, @@ -395,11 +395,12 @@ static int ena_com_init_io_sq(struct ena_com_dev *ena_ io_sq->bounce_buf_ctrl.base_buffer = ENA_MEM_ALLOC(ena_dev->dmadev, size); if (!io_sq->bounce_buf_ctrl.base_buffer) { - ena_trc_err("bounce buffer memory allocation failed"); + ena_trc_err("bounce buffer memory allocation failed\n"); return ENA_COM_NO_MEM; } - memcpy(&io_sq->llq_info, &ena_dev->llq_info, sizeof(io_sq->llq_info)); + memcpy(&io_sq->llq_info, &ena_dev->llq_info, + sizeof(io_sq->llq_info)); /* Initiate the first bounce buffer */ io_sq->llq_buf_ctrl.curr_bounce_buf = @@ -408,6 +409,10 @@ static int ena_com_init_io_sq(struct ena_com_dev *ena_ 0x0, io_sq->llq_info.desc_list_entry_size); io_sq->llq_buf_ctrl.descs_left_in_line = io_sq->llq_info.descs_num_before_header; + + if (io_sq->llq_info.max_entries_in_tx_burst > 0) + io_sq->entries_in_tx_burst_left = + io_sq->llq_info.max_entries_in_tx_burst; } io_sq->tail = 0; @@ -451,7 +456,7 @@ static int ena_com_init_io_cq(struct ena_com_dev *ena_ } if (!io_cq->cdesc_addr.virt_addr) { - ena_trc_err("memory allocation failed"); + ena_trc_err("memory allocation failed\n"); return ENA_COM_NO_MEM; } @@ -500,12 +505,12 @@ static void ena_com_handle_admin_completion(struct ena cqe = &admin_queue->cq.entries[head_masked]; /* Go over all the completions */ - while ((cqe->acq_common_descriptor.flags & + while ((READ_ONCE8(cqe->acq_common_descriptor.flags) & ENA_ADMIN_ACQ_COMMON_DESC_PHASE_MASK) == phase) { /* Do not read the rest of the completion entry before the * phase bit was validated */ - rmb(); + dma_rmb(); ena_com_handle_single_admin_completion(admin_queue, cqe); head_masked++; @@ -552,7 +557,8 @@ static int ena_com_comp_status_to_errno(u8 comp_status static int ena_com_wait_and_process_admin_cq_polling(struct ena_comp_ctx *comp_ctx, struct ena_com_admin_queue *admin_queue) { - unsigned long flags, timeout; + unsigned long flags = 0; + unsigned long timeout; int ret; timeout = ENA_GET_SYSTEM_TIMEOUT(admin_queue->completion_timeout); @@ -577,7 +583,7 @@ static int ena_com_wait_and_process_admin_cq_polling(s goto err; } - ENA_MSLEEP(100); + ENA_MSLEEP(ENA_POLL_MS); } if (unlikely(comp_ctx->status == ENA_CMD_ABORTED)) { @@ -598,42 +604,113 @@ err: return ret; } +/** + * Set the LLQ configurations of the firmware + * + * The driver provides only the enabled feature values to the device, + * which in turn, checks if they are supported. + */ +static int ena_com_set_llq(struct ena_com_dev *ena_dev) +{ + struct ena_com_admin_queue *admin_queue; + struct ena_admin_set_feat_cmd cmd; + struct ena_admin_set_feat_resp resp; + struct ena_com_llq_info *llq_info = &ena_dev->llq_info; + int ret; + + memset(&cmd, 0x0, sizeof(cmd)); + admin_queue = &ena_dev->admin_queue; + + cmd.aq_common_descriptor.opcode = ENA_ADMIN_SET_FEATURE; + cmd.feat_common.feature_id = ENA_ADMIN_LLQ; + + cmd.u.llq.header_location_ctrl_enabled = llq_info->header_location_ctrl; + cmd.u.llq.entry_size_ctrl_enabled = llq_info->desc_list_entry_size_ctrl; + cmd.u.llq.desc_num_before_header_enabled = llq_info->descs_num_before_header; + cmd.u.llq.descriptors_stride_ctrl_enabled = llq_info->desc_stride_ctrl; + + ret = ena_com_execute_admin_command(admin_queue, + (struct ena_admin_aq_entry *)&cmd, + sizeof(cmd), + (struct ena_admin_acq_entry *)&resp, + sizeof(resp)); + + if (unlikely(ret)) + ena_trc_err("Failed to set LLQ configurations: %d\n", ret); + + return ret; +} + static int ena_com_config_llq_info(struct ena_com_dev *ena_dev, - struct ena_admin_feature_llq_desc *llq_desc) + struct ena_admin_feature_llq_desc *llq_features, + struct ena_llq_configurations *llq_default_cfg) { struct ena_com_llq_info *llq_info = &ena_dev->llq_info; + u16 supported_feat; + int rc; memset(llq_info, 0, sizeof(*llq_info)); - switch (llq_desc->header_location_ctrl) { - case ENA_ADMIN_INLINE_HEADER: - llq_info->inline_header = true; - break; - case ENA_ADMIN_HEADER_RING: - llq_info->inline_header = false; - break; - default: - ena_trc_err("Invalid header location control\n"); + supported_feat = llq_features->header_location_ctrl_supported; + + if (likely(supported_feat & llq_default_cfg->llq_header_location)) { + llq_info->header_location_ctrl = + llq_default_cfg->llq_header_location; + } else { + ena_trc_err("Invalid header location control, supported: 0x%x\n", + supported_feat); return -EINVAL; } - switch (llq_desc->entry_size_ctrl) { - case ENA_ADMIN_LIST_ENTRY_SIZE_128B: - llq_info->desc_list_entry_size = 128; - break; - case ENA_ADMIN_LIST_ENTRY_SIZE_192B: - llq_info->desc_list_entry_size = 192; - break; - case ENA_ADMIN_LIST_ENTRY_SIZE_256B: - llq_info->desc_list_entry_size = 256; - break; - default: - ena_trc_err("Invalid entry_size_ctrl %d\n", - llq_desc->entry_size_ctrl); - return -EINVAL; + if (likely(llq_info->header_location_ctrl == ENA_ADMIN_INLINE_HEADER)) { + supported_feat = llq_features->descriptors_stride_ctrl_supported; + if (likely(supported_feat & llq_default_cfg->llq_stride_ctrl)) { + llq_info->desc_stride_ctrl = llq_default_cfg->llq_stride_ctrl; + } else { + if (supported_feat & ENA_ADMIN_MULTIPLE_DESCS_PER_ENTRY) { + llq_info->desc_stride_ctrl = ENA_ADMIN_MULTIPLE_DESCS_PER_ENTRY; + } else if (supported_feat & ENA_ADMIN_SINGLE_DESC_PER_ENTRY) { + llq_info->desc_stride_ctrl = ENA_ADMIN_SINGLE_DESC_PER_ENTRY; + } else { + ena_trc_err("Invalid desc_stride_ctrl, supported: 0x%x\n", + supported_feat); + return -EINVAL; + } + + ena_trc_err("Default llq stride ctrl is not supported, performing fallback, default: 0x%x, supported: 0x%x, used: 0x%x\n", + llq_default_cfg->llq_stride_ctrl, + supported_feat, + llq_info->desc_stride_ctrl); + } + } else { + llq_info->desc_stride_ctrl = 0; } - if ((llq_info->desc_list_entry_size & 0x7)) { + supported_feat = llq_features->entry_size_ctrl_supported; + if (likely(supported_feat & llq_default_cfg->llq_ring_entry_size)) { + llq_info->desc_list_entry_size_ctrl = llq_default_cfg->llq_ring_entry_size; + llq_info->desc_list_entry_size = llq_default_cfg->llq_ring_entry_size_value; + } else { + if (supported_feat & ENA_ADMIN_LIST_ENTRY_SIZE_128B) { + llq_info->desc_list_entry_size_ctrl = ENA_ADMIN_LIST_ENTRY_SIZE_128B; + llq_info->desc_list_entry_size = 128; + } else if (supported_feat & ENA_ADMIN_LIST_ENTRY_SIZE_192B) { + llq_info->desc_list_entry_size_ctrl = ENA_ADMIN_LIST_ENTRY_SIZE_192B; + llq_info->desc_list_entry_size = 192; + } else if (supported_feat & ENA_ADMIN_LIST_ENTRY_SIZE_256B) { + llq_info->desc_list_entry_size_ctrl = ENA_ADMIN_LIST_ENTRY_SIZE_256B; + llq_info->desc_list_entry_size = 256; + } else { + ena_trc_err("Invalid entry_size_ctrl, supported: 0x%x\n", supported_feat); + return -EINVAL; + } + + ena_trc_err("Default llq ring entry size is not supported, performing fallback, default: 0x%x, supported: 0x%x, used: 0x%x\n", + llq_default_cfg->llq_ring_entry_size, + supported_feat, + llq_info->desc_list_entry_size); + } + if (unlikely(llq_info->desc_list_entry_size & 0x7)) { /* The desc list entry size should be whole multiply of 8 * This requirement comes from __iowrite64_copy() */ @@ -642,35 +719,50 @@ static int ena_com_config_llq_info(struct ena_com_dev return -EINVAL; } - if (llq_info->inline_header) { - llq_info->desc_stride_ctrl = llq_desc->descriptors_stride_ctrl; - if ((llq_info->desc_stride_ctrl != ENA_ADMIN_SINGLE_DESC_PER_ENTRY) && - (llq_info->desc_stride_ctrl != ENA_ADMIN_MULTIPLE_DESCS_PER_ENTRY)) { - ena_trc_err("Invalid desc_stride_ctrl %d\n", - llq_info->desc_stride_ctrl); - return -EINVAL; - } - } else { - llq_info->desc_stride_ctrl = ENA_ADMIN_SINGLE_DESC_PER_ENTRY; - } - - if (llq_info->desc_stride_ctrl == ENA_ADMIN_SINGLE_DESC_PER_ENTRY) + if (llq_info->desc_stride_ctrl == ENA_ADMIN_MULTIPLE_DESCS_PER_ENTRY) llq_info->descs_per_entry = llq_info->desc_list_entry_size / sizeof(struct ena_eth_io_tx_desc); else llq_info->descs_per_entry = 1; - llq_info->descs_num_before_header = llq_desc->desc_num_before_header_ctrl; + supported_feat = llq_features->desc_num_before_header_supported; + if (likely(supported_feat & llq_default_cfg->llq_num_decs_before_header)) { + llq_info->descs_num_before_header = llq_default_cfg->llq_num_decs_before_header; + } else { + if (supported_feat & ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_2) { + llq_info->descs_num_before_header = ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_2; + } else if (supported_feat & ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_1) { + llq_info->descs_num_before_header = ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_1; + } else if (supported_feat & ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_4) { + llq_info->descs_num_before_header = ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_4; + } else if (supported_feat & ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_8) { + llq_info->descs_num_before_header = ENA_ADMIN_LLQ_NUM_DESCS_BEFORE_HEADER_8; + } else { + ena_trc_err("Invalid descs_num_before_header, supported: 0x%x\n", + supported_feat); + return -EINVAL; + } - return 0; -} + ena_trc_err("Default llq num descs before header is not supported, performing fallback, default: 0x%x, supported: 0x%x, used: 0x%x\n", + llq_default_cfg->llq_num_decs_before_header, + supported_feat, + llq_info->descs_num_before_header); + } + llq_info->max_entries_in_tx_burst = + (u16)(llq_features->max_tx_burst_size / llq_default_cfg->llq_ring_entry_size_value); + rc = ena_com_set_llq(ena_dev); + if (rc) + ena_trc_err("Cannot set LLQ configuration: %d\n", rc); + return 0; +} + static int ena_com_wait_and_process_admin_cq_interrupts(struct ena_comp_ctx *comp_ctx, struct ena_com_admin_queue *admin_queue) { - unsigned long flags; + unsigned long flags = 0; int ret; ENA_WAIT_EVENT_WAIT(comp_ctx->wait_event, @@ -715,7 +807,7 @@ static u32 ena_com_reg_bar_read32(struct ena_com_dev * volatile struct ena_admin_ena_mmio_req_read_less_resp *read_resp = mmio_read->read_resp; u32 mmio_read_reg, ret, i; - unsigned long flags; + unsigned long flags = 0; u32 timeout = mmio_read->reg_read_to; ENA_MIGHT_SLEEP(); @@ -736,15 +828,11 @@ static u32 ena_com_reg_bar_read32(struct ena_com_dev * mmio_read_reg |= mmio_read->seq_num & ENA_REGS_MMIO_REG_READ_REQ_ID_MASK; - /* make sure read_resp->req_id get updated before the hw can write - * there - */ - wmb(); + ENA_REG_WRITE32(ena_dev->bus, mmio_read_reg, + ena_dev->reg_bar + ENA_REGS_MMIO_REG_READ_OFF); - ENA_REG_WRITE32(ena_dev->bus, mmio_read_reg, ena_dev->reg_bar + ENA_REGS_MMIO_REG_READ_OFF); - for (i = 0; i < timeout; i++) { - if (read_resp->req_id == mmio_read->seq_num) + if (READ_ONCE16(read_resp->req_id) == mmio_read->seq_num) break; ENA_UDELAY(1); @@ -761,7 +849,7 @@ static u32 ena_com_reg_bar_read32(struct ena_com_dev * } if (read_resp->reg_off != offset) { - ena_trc_err("Read failure: wrong offset provided"); + ena_trc_err("Read failure: wrong offset provided\n"); ret = ENA_MMIO_READ_TIMEOUT; } else { ret = read_resp->reg_val; @@ -856,7 +944,6 @@ static void ena_com_io_queue_free(struct ena_com_dev * } if (io_sq->bounce_buf_ctrl.base_buffer) { - size = io_sq->llq_info.desc_list_entry_size * ENA_COM_BOUNCE_BUFFER_CNTRL_CNT; ENA_MEM_FREE(ena_dev->dmadev, io_sq->bounce_buf_ctrl.base_buffer); io_sq->bounce_buf_ctrl.base_buffer = NULL; } @@ -867,6 +954,9 @@ static int wait_for_reset_state(struct ena_com_dev *en { u32 val, i; + /* Convert timeout from resolution of 100ms to ENA_POLL_MS */ + timeout = (timeout * 100) / ENA_POLL_MS; + for (i = 0; i < timeout; i++) { val = ena_com_reg_bar_read32(ena_dev, ENA_REGS_DEV_STS_OFF); @@ -879,8 +969,7 @@ static int wait_for_reset_state(struct ena_com_dev *en exp_state) return 0; - /* The resolution of the timeout is 100ms */ - ENA_MSLEEP(100); + ENA_MSLEEP(ENA_POLL_MS); } return ENA_COM_TIMER_EXPIRED; @@ -903,7 +992,8 @@ static int ena_com_get_feature_ex(struct ena_com_dev * struct ena_admin_get_feat_resp *get_resp, enum ena_admin_aq_feature_id feature_id, dma_addr_t control_buf_dma_addr, - u32 control_buff_size) + u32 control_buff_size, + u8 feature_ver) { struct ena_com_admin_queue *admin_queue; struct ena_admin_get_feat_cmd get_cmd; @@ -934,7 +1024,7 @@ static int ena_com_get_feature_ex(struct ena_com_dev * } get_cmd.control_buffer.length = control_buff_size; - + get_cmd.feat_common.feature_version = feature_ver; get_cmd.feat_common.feature_id = feature_id; ret = ena_com_execute_admin_command(admin_queue, @@ -954,13 +1044,15 @@ static int ena_com_get_feature_ex(struct ena_com_dev * static int ena_com_get_feature(struct ena_com_dev *ena_dev, struct ena_admin_get_feat_resp *get_resp, - enum ena_admin_aq_feature_id feature_id) + enum ena_admin_aq_feature_id feature_id, + u8 feature_ver) { return ena_com_get_feature_ex(ena_dev, get_resp, feature_id, 0, - 0); + 0, + feature_ver); } static int ena_com_hash_key_allocate(struct ena_com_dev *ena_dev) @@ -1030,7 +1122,7 @@ static int ena_com_indirect_table_allocate(struct ena_ int ret; ret = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_RSS_REDIRECTION_TABLE_CONFIG); + ENA_ADMIN_RSS_REDIRECTION_TABLE_CONFIG, 0); if (unlikely(ret)) return ret; @@ -1269,7 +1361,7 @@ int ena_com_execute_admin_command(struct ena_com_admin comp_ctx = ena_com_submit_admin_cmd(admin_queue, cmd, cmd_size, comp, comp_size); - if (unlikely(IS_ERR(comp_ctx))) { + if (IS_ERR(comp_ctx)) { if (comp_ctx == ERR_PTR(ENA_COM_NO_DEVICE)) ena_trc_dbg("Failed to submit command [%ld]\n", PTR_ERR(comp_ctx)); @@ -1389,12 +1481,12 @@ void ena_com_abort_admin_commands(struct ena_com_dev * void ena_com_wait_for_abort_completion(struct ena_com_dev *ena_dev) { struct ena_com_admin_queue *admin_queue = &ena_dev->admin_queue; - unsigned long flags; + unsigned long flags = 0; ENA_SPINLOCK_LOCK(admin_queue->q_lock, flags); while (ATOMIC32_READ(&admin_queue->outstanding_cmds) != 0) { ENA_SPINLOCK_UNLOCK(admin_queue->q_lock, flags); - ENA_MSLEEP(20); + ENA_MSLEEP(ENA_POLL_MS); ENA_SPINLOCK_LOCK(admin_queue->q_lock, flags); } ENA_SPINLOCK_UNLOCK(admin_queue->q_lock, flags); @@ -1433,7 +1525,7 @@ bool ena_com_get_admin_running_state(struct ena_com_de void ena_com_set_admin_running_state(struct ena_com_dev *ena_dev, bool state) { struct ena_com_admin_queue *admin_queue = &ena_dev->admin_queue; - unsigned long flags; + unsigned long flags = 0; ENA_SPINLOCK_LOCK(admin_queue->q_lock, flags); ena_dev->admin_queue.running_state = state; @@ -1460,14 +1552,14 @@ int ena_com_set_aenq_config(struct ena_com_dev *ena_de struct ena_admin_get_feat_resp get_resp; int ret; - ret = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_AENQ_CONFIG); + ret = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_AENQ_CONFIG, 0); if (ret) { ena_trc_info("Can't get aenq configuration\n"); return ret; } if ((get_resp.u.aenq.supported_groups & groups_flag) != groups_flag) { - ena_trc_warn("Trying to set unsupported aenq events. supported flag: %x asked flag: %x\n", + ena_trc_warn("Trying to set unsupported aenq events. supported flag: 0x%x asked flag: 0x%x\n", get_resp.u.aenq.supported_groups, groups_flag); return ENA_COM_UNSUPPORTED; @@ -1542,11 +1634,6 @@ int ena_com_validate_version(struct ena_com_dev *ena_d ENA_REGS_VERSION_MAJOR_VERSION_SHIFT, ver & ENA_REGS_VERSION_MINOR_VERSION_MASK); - if (ver < MIN_ENA_VER) { - ena_trc_err("ENA version is lower than the minimal version the driver supports\n"); - return -1; - } - ena_trc_info("ena controller version: %d.%d.%d implementation version %d\n", (ctrl_ver & ENA_REGS_CONTROLLER_VERSION_MAJOR_VERSION_MASK) >> ENA_REGS_CONTROLLER_VERSION_MAJOR_VERSION_SHIFT, @@ -1579,9 +1666,6 @@ void ena_com_admin_destroy(struct ena_com_dev *ena_dev u16 size; ENA_WAIT_EVENT_DESTROY(admin_queue->comp_ctx->wait_event); - - ENA_SPINLOCK_DESTROY(admin_queue->q_lock); - if (admin_queue->comp_ctx) ENA_MEM_FREE(ena_dev->dmadev, admin_queue->comp_ctx); admin_queue->comp_ctx = NULL; @@ -1602,6 +1686,7 @@ void ena_com_admin_destroy(struct ena_com_dev *ena_dev ENA_MEM_FREE_COHERENT(ena_dev->dmadev, size, aenq->entries, aenq->dma_addr, aenq->mem_handle); aenq->entries = NULL; + ENA_SPINLOCK_DESTROY(admin_queue->q_lock); } void ena_com_set_admin_polling_mode(struct ena_com_dev *ena_dev, bool polling) @@ -1611,7 +1696,8 @@ void ena_com_set_admin_polling_mode(struct ena_com_dev if (polling) mask_value = ENA_REGS_ADMIN_INTR_MASK; - ENA_REG_WRITE32(ena_dev->bus, mask_value, ena_dev->reg_bar + ENA_REGS_INTR_MASK_OFF); + ENA_REG_WRITE32(ena_dev->bus, mask_value, + ena_dev->reg_bar + ENA_REGS_INTR_MASK_OFF); ena_dev->admin_queue.polling = polling; } @@ -1626,7 +1712,7 @@ int ena_com_mmio_reg_read_request_init(struct ena_com_ mmio_read->read_resp_dma_addr, mmio_read->read_resp_mem_handle); if (unlikely(!mmio_read->read_resp)) - return ENA_COM_NO_MEM; + goto err; ena_com_mmio_reg_read_request_write_dev_addr(ena_dev); @@ -1635,6 +1721,10 @@ int ena_com_mmio_reg_read_request_init(struct ena_com_ mmio_read->readless_supported = true; return 0; + +err: + ENA_SPINLOCK_DESTROY(mmio_read->lock); + return ENA_COM_NO_MEM; } void ena_com_set_mmio_read_mode(struct ena_com_dev *ena_dev, bool readless_supported) @@ -1658,7 +1748,6 @@ void ena_com_mmio_reg_read_request_destroy(struct ena_ mmio_read->read_resp_mem_handle); mmio_read->read_resp = NULL; - ENA_SPINLOCK_DESTROY(mmio_read->lock); } @@ -1675,17 +1764,12 @@ void ena_com_mmio_reg_read_request_write_dev_addr(stru } int ena_com_admin_init(struct ena_com_dev *ena_dev, - struct ena_aenq_handlers *aenq_handlers, - bool init_spinlock) + struct ena_aenq_handlers *aenq_handlers) { struct ena_com_admin_queue *admin_queue = &ena_dev->admin_queue; u32 aq_caps, acq_caps, dev_sts, addr_low, addr_high; int ret; -#ifdef ENA_INTERNAL - ena_trc_info("ena_defs : Version:[%s] Build date [%s]", - ENA_GEN_COMMIT, ENA_GEN_DATE); -#endif dev_sts = ena_com_reg_bar_read32(ena_dev, ENA_REGS_DEV_STS_OFF); if (unlikely(dev_sts == ENA_MMIO_READ_TIMEOUT)) { @@ -1707,8 +1791,7 @@ int ena_com_admin_init(struct ena_com_dev *ena_dev, ATOMIC32_SET(&admin_queue->outstanding_cmds, 0); - if (init_spinlock) - ENA_SPINLOCK_INIT(admin_queue->q_lock); + ENA_SPINLOCK_INIT(admin_queue->q_lock); ret = ena_com_init_comp_ctxt(admin_queue); if (ret) @@ -1848,9 +1931,65 @@ void ena_com_destroy_io_queue(struct ena_com_dev *ena_ int ena_com_get_link_params(struct ena_com_dev *ena_dev, struct ena_admin_get_feat_resp *resp) { - return ena_com_get_feature(ena_dev, resp, ENA_ADMIN_LINK_CONFIG); + return ena_com_get_feature(ena_dev, resp, ENA_ADMIN_LINK_CONFIG, 0); } +int ena_com_extra_properties_strings_init(struct ena_com_dev *ena_dev) +{ + struct ena_admin_get_feat_resp resp; + struct ena_extra_properties_strings *extra_properties_strings = + &ena_dev->extra_properties_strings; + u32 rc; + extra_properties_strings->size = ENA_ADMIN_EXTRA_PROPERTIES_COUNT * + ENA_ADMIN_EXTRA_PROPERTIES_STRING_LEN; + + ENA_MEM_ALLOC_COHERENT(ena_dev->dmadev, + extra_properties_strings->size, + extra_properties_strings->virt_addr, + extra_properties_strings->dma_addr, + extra_properties_strings->dma_handle); + if (unlikely(!extra_properties_strings->virt_addr)) { + ena_trc_err("Failed to allocate extra properties strings\n"); + return 0; + } + + rc = ena_com_get_feature_ex(ena_dev, &resp, + ENA_ADMIN_EXTRA_PROPERTIES_STRINGS, + extra_properties_strings->dma_addr, + extra_properties_strings->size, 0); + if (rc) { + ena_trc_dbg("Failed to get extra properties strings\n"); + goto err; + } + + return resp.u.extra_properties_strings.count; +err: + ena_com_delete_extra_properties_strings(ena_dev); + return 0; +} + +void ena_com_delete_extra_properties_strings(struct ena_com_dev *ena_dev) +{ + struct ena_extra_properties_strings *extra_properties_strings = + &ena_dev->extra_properties_strings; + + if (extra_properties_strings->virt_addr) { + ENA_MEM_FREE_COHERENT(ena_dev->dmadev, + extra_properties_strings->size, + extra_properties_strings->virt_addr, + extra_properties_strings->dma_addr, + extra_properties_strings->dma_handle); + extra_properties_strings->virt_addr = NULL; + } +} + +int ena_com_get_extra_properties_flags(struct ena_com_dev *ena_dev, + struct ena_admin_get_feat_resp *resp) +{ + return ena_com_get_feature(ena_dev, resp, + ENA_ADMIN_EXTRA_PROPERTIES_FLAGS, 0); +} + int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_dev, struct ena_com_dev_get_features_ctx *get_feat_ctx) { @@ -1858,7 +1997,7 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ int rc; rc = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_DEVICE_ATTRIBUTES); + ENA_ADMIN_DEVICE_ATTRIBUTES, 0); if (rc) return rc; @@ -1866,17 +2005,34 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ sizeof(get_resp.u.dev_attr)); ena_dev->supported_features = get_resp.u.dev_attr.supported_features; - rc = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_MAX_QUEUES_NUM); - if (rc) - return rc; + if (ena_dev->supported_features & BIT(ENA_ADMIN_MAX_QUEUES_EXT)) { + rc = ena_com_get_feature(ena_dev, &get_resp, + ENA_ADMIN_MAX_QUEUES_EXT, + ENA_FEATURE_MAX_QUEUE_EXT_VER); + if (rc) + return rc; - memcpy(&get_feat_ctx->max_queues, &get_resp.u.max_queue, - sizeof(get_resp.u.max_queue)); - ena_dev->tx_max_header_size = get_resp.u.max_queue.max_header_size; + if (get_resp.u.max_queue_ext.version != ENA_FEATURE_MAX_QUEUE_EXT_VER) + return -EINVAL; + memcpy(&get_feat_ctx->max_queue_ext, &get_resp.u.max_queue_ext, + sizeof(get_resp.u.max_queue_ext)); + ena_dev->tx_max_header_size = + get_resp.u.max_queue_ext.max_queue_ext.max_tx_header_size; + } else { + rc = ena_com_get_feature(ena_dev, &get_resp, + ENA_ADMIN_MAX_QUEUES_NUM, 0); + memcpy(&get_feat_ctx->max_queues, &get_resp.u.max_queue, + sizeof(get_resp.u.max_queue)); + ena_dev->tx_max_header_size = + get_resp.u.max_queue.max_header_size; + + if (rc) + return rc; + } + rc = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_AENQ_CONFIG); + ENA_ADMIN_AENQ_CONFIG, 0); if (rc) return rc; @@ -1884,7 +2040,7 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ sizeof(get_resp.u.aenq)); rc = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_STATELESS_OFFLOAD_CONFIG); + ENA_ADMIN_STATELESS_OFFLOAD_CONFIG, 0); if (rc) return rc; @@ -1894,7 +2050,7 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ /* Driver hints isn't mandatory admin command. So in case the * command isn't supported set driver hints to 0 */ - rc = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_HW_HINTS); + rc = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_HW_HINTS, 0); if (!rc) memcpy(&get_feat_ctx->hw_hints, &get_resp.u.hw_hints, @@ -1904,7 +2060,7 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ else return rc; - rc = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_LLQ); + rc = ena_com_get_feature(ena_dev, &get_resp, ENA_ADMIN_LLQ, 0); if (!rc) memcpy(&get_feat_ctx->llq, &get_resp.u.llq, sizeof(get_resp.u.llq)); @@ -1913,6 +2069,17 @@ int ena_com_get_dev_attr_feat(struct ena_com_dev *ena_ else return rc; + rc = ena_com_get_feature(ena_dev, &get_resp, + ENA_ADMIN_RSS_REDIRECTION_TABLE_CONFIG, 0); + if (!rc) + memcpy(&get_feat_ctx->ind_table, &get_resp.u.ind_table, + sizeof(get_resp.u.ind_table)); + else if (rc == ENA_COM_UNSUPPORTED) + memset(&get_feat_ctx->ind_table, 0x0, + sizeof(get_feat_ctx->ind_table)); + else + return rc; + return 0; } @@ -1944,8 +2111,8 @@ void ena_com_aenq_intr_handler(struct ena_com_dev *dev struct ena_admin_aenq_entry *aenq_e; struct ena_admin_aenq_common_desc *aenq_common; struct ena_com_aenq *aenq = &dev->aenq; - ena_aenq_handler handler_cb; unsigned long long timestamp; + ena_aenq_handler handler_cb; u16 masked_head, processed = 0; u8 phase; @@ -1955,8 +2122,13 @@ void ena_com_aenq_intr_handler(struct ena_com_dev *dev aenq_common = &aenq_e->aenq_common_desc; /* Go over all the events */ - while ((aenq_common->flags & ENA_ADMIN_AENQ_COMMON_DESC_PHASE_MASK) == - phase) { + while ((READ_ONCE8(aenq_common->flags) & + ENA_ADMIN_AENQ_COMMON_DESC_PHASE_MASK) == phase) { + /* Make sure the phase bit (ownership) is as expected before + * reading the rest of the descriptor. + */ + dma_rmb(); + timestamp = (unsigned long long)aenq_common->timestamp_low | ((unsigned long long)aenq_common->timestamp_high << 32); ena_trc_dbg("AENQ! Group[%x] Syndrom[%x] timestamp: [%llus]\n", @@ -1990,7 +2162,9 @@ void ena_com_aenq_intr_handler(struct ena_com_dev *dev /* write the aenq doorbell after all AENQ descriptors were read */ mb(); - ENA_REG_WRITE32(dev->bus, (u32)aenq->head, dev->reg_bar + ENA_REGS_AENQ_HEAD_DB_OFF); + ENA_REG_WRITE32_RELAXED(dev->bus, (u32)aenq->head, + dev->reg_bar + ENA_REGS_AENQ_HEAD_DB_OFF); + mmiowb(); } #ifdef ENA_EXTENDED_STATS /* @@ -2141,7 +2315,7 @@ int ena_com_get_dev_extended_stats(struct ena_com_dev phys_addr); if (unlikely(ret)) { ena_trc_err("memory address set failed\n"); - return ret; + goto free_ext_stats_mem; } get_cmd->u.control_buffer.length = len; @@ -2202,7 +2376,7 @@ int ena_com_get_offload_settings(struct ena_com_dev *e struct ena_admin_get_feat_resp resp; ret = ena_com_get_feature(ena_dev, &resp, - ENA_ADMIN_STATELESS_OFFLOAD_CONFIG); + ENA_ADMIN_STATELESS_OFFLOAD_CONFIG, 0); if (unlikely(ret)) { ena_trc_err("Failed to get offload capabilities %d\n", ret); return ret; @@ -2231,11 +2405,11 @@ int ena_com_set_hash_function(struct ena_com_dev *ena_ /* Validate hash function is supported */ ret = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_RSS_HASH_FUNCTION); + ENA_ADMIN_RSS_HASH_FUNCTION, 0); if (unlikely(ret)) return ret; - if (get_resp.u.flow_hash_func.supported_func & (1 << rss->hash_func)) { + if (!(get_resp.u.flow_hash_func.supported_func & BIT(rss->hash_func))) { ena_trc_err("Func hash %d isn't supported by device, abort\n", rss->hash_func); return ENA_COM_UNSUPPORTED; @@ -2291,7 +2465,7 @@ int ena_com_fill_hash_function(struct ena_com_dev *ena rc = ena_com_get_feature_ex(ena_dev, &get_resp, ENA_ADMIN_RSS_HASH_FUNCTION, rss->hash_key_dma_addr, - sizeof(*rss->hash_key)); + sizeof(*rss->hash_key), 0); if (unlikely(rc)) return rc; @@ -2320,6 +2494,7 @@ int ena_com_fill_hash_function(struct ena_com_dev *ena return ENA_COM_INVAL; } + rss->hash_func = func; rc = ena_com_set_hash_function(ena_dev); /* Restore the old function */ @@ -2342,7 +2517,7 @@ int ena_com_get_hash_function(struct ena_com_dev *ena_ rc = ena_com_get_feature_ex(ena_dev, &get_resp, ENA_ADMIN_RSS_HASH_FUNCTION, rss->hash_key_dma_addr, - sizeof(*rss->hash_key)); + sizeof(*rss->hash_key), 0); if (unlikely(rc)) return rc; @@ -2367,7 +2542,7 @@ int ena_com_get_hash_ctrl(struct ena_com_dev *ena_dev, rc = ena_com_get_feature_ex(ena_dev, &get_resp, ENA_ADMIN_RSS_HASH_INPUT, rss->hash_ctrl_dma_addr, - sizeof(*rss->hash_ctrl)); + sizeof(*rss->hash_ctrl), 0); if (unlikely(rc)) return rc; @@ -2603,7 +2778,7 @@ int ena_com_indirect_table_get(struct ena_com_dev *ena rc = ena_com_get_feature_ex(ena_dev, &get_resp, ENA_ADMIN_RSS_REDIRECTION_TABLE_CONFIG, rss->rss_ind_tbl_dma_addr, - tbl_size); + tbl_size, 0); if (unlikely(rc)) return rc; @@ -2670,6 +2845,10 @@ int ena_com_allocate_host_info(struct ena_com_dev *ena if (unlikely(!host_attr->host_info)) return ENA_COM_NO_MEM; + host_attr->host_info->ena_spec_version = ((ENA_COMMON_SPEC_VERSION_MAJOR << + ENA_REGS_VERSION_MAJOR_VERSION_SHIFT) | + (ENA_COMMON_SPEC_VERSION_MINOR)); + return 0; } @@ -2822,7 +3001,7 @@ int ena_com_init_interrupt_moderation(struct ena_com_d int rc; rc = ena_com_get_feature(ena_dev, &get_resp, - ENA_ADMIN_INTERRUPT_MODERATION); + ENA_ADMIN_INTERRUPT_MODERATION, 0); if (rc) { if (rc == ENA_COM_UNSUPPORTED) { @@ -2950,17 +3129,18 @@ void ena_com_get_intr_moderation_entry(struct ena_com_ } int ena_com_config_dev_mode(struct ena_com_dev *ena_dev, - struct ena_admin_feature_llq_desc *llq) + struct ena_admin_feature_llq_desc *llq_features, + struct ena_llq_configurations *llq_default_cfg) { int rc; int size; - if (llq->max_llq_num == 0) { + if (!llq_features->max_llq_num) { ena_dev->tx_mem_queue_type = ENA_ADMIN_PLACEMENT_POLICY_HOST; return 0; } - rc = ena_com_config_llq_info(ena_dev, llq); + rc = ena_com_config_llq_info(ena_dev, llq_features, llq_default_cfg); if (rc) return rc; *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@freebsd.org Thu May 30 12:31:53 2019 Return-Path: Delivered-To: svn-src-vendor@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1F84515C1032; Thu, 30 May 2019 12:31:53 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B1C9086B4B; Thu, 30 May 2019 12:31:52 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 730E719227; Thu, 30 May 2019 12:31:52 +0000 (UTC) (envelope-from mw@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4UCVq86037351; Thu, 30 May 2019 12:31:52 GMT (envelope-from mw@FreeBSD.org) Received: (from mw@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4UCVqsN037350; Thu, 30 May 2019 12:31:52 GMT (envelope-from mw@FreeBSD.org) Message-Id: <201905301231.x4UCVqsN037350@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mw set sender to mw@FreeBSD.org using -f From: Marcin Wojtas Date: Thu, 30 May 2019 12:31:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r348384 - vendor-sys/ena-com/2.0.0 X-SVN-Group: vendor-sys X-SVN-Commit-Author: mw X-SVN-Commit-Paths: vendor-sys/ena-com/2.0.0 X-SVN-Commit-Revision: 348384 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: B1C9086B4B X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.959,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2019 12:31:53 -0000 Author: mw Date: Thu May 30 12:31:51 2019 New Revision: 348384 URL: https://svnweb.freebsd.org/changeset/base/348384 Log: Create 2.0.0 tag in ena-com Tag is added after extending ENA HAL to support v2 revision of the card in r348383 Obtained from: Semihalf Sponsored by: Amazon, Inc. Added: vendor-sys/ena-com/2.0.0/ - copied from r348383, vendor-sys/ena-com/dist/