From 93d91197b98463277b601ec2653351666a4ca4bd Mon Sep 17 00:00:00 2001 From: "Sergey V. Lobanov" Date: Sat, 1 Jan 2022 22:37:13 +0300 Subject: [PATCH] wolfssl: update to 5.1.1-stable Bump from 4.8.1-stable to 5.1.1-stable Detailed release notes: https://github.com/wolfSSL/wolfssl/releases Upstreamed patches: 001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch - https://github.com/wolfSSL/wolfssl/commit/fa8f23284d4689c2a737204b337b58d966dcbd8c 002-Update-macro-guard-on-SHA256-transform-call.patch - https://github.com/wolfSSL/wolfssl/commit/f447e4c1fa4c932c0286fa0331966756e243db81 Refreshed patches: 100-disable-hardening-check.patch 200-ecc-rng.patch CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains configure option The size of the ipk changed on aarch64 like this: 491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk 520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk Tested-by: Alozxy Acked-by: Eneas U de Queiroz Signed-off-by: Sergey V. Lobanov --- package/libs/wolfssl/Makefile | 6 +- ...change-asm-snippets-to-get-compiling.patch | 116 ------------------ ...macro-guard-on-SHA256-transform-call.patch | 22 ---- .../patches/100-disable-hardening-check.patch | 2 +- .../libs/wolfssl/patches/200-ecc-rng.patch | 4 +- 5 files changed, 6 insertions(+), 144 deletions(-) delete mode 100644 package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch delete mode 100644 package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 15cfd430eb..6417bc2745 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=4.8.1-stable +PKG_VERSION:=5.1.1-stable PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=50db45f348f47e00c93dd244c24108220120cb3cc9d01434789229c32937c444 +PKG_HASH:=d3e0544dbe7e9587c0f6538cdc671b6492663bb7a4281819538abe6c99cdbd92 PKG_FIXUP:=libtool libtool-abiver PKG_INSTALL:=1 @@ -64,7 +64,6 @@ TARGET_CFLAGS += \ -fomit-frame-pointer \ -flto \ -DFP_MAX_BITS=8192 \ - -DWOLFSSL_ALT_CERT_CHAINS \ $(if $(CONFIG_WOLFSSL_ALT_NAMES),-DWOLFSSL_ALT_NAMES) TARGET_LDFLAGS += -flto @@ -77,6 +76,7 @@ CONFIGURE_ARGS += \ --enable-opensslextra \ --enable-sni \ --enable-stunnel \ + --enable-altcertchains \ --disable-crypttests \ --disable-examples \ --disable-jobserver \ diff --git a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch b/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch deleted file mode 100644 index 763f9e8d06..0000000000 --- a/package/libs/wolfssl/patches/001-Maths-x86-asm-change-asm-snippets-to-get-compiling.patch +++ /dev/null @@ -1,116 +0,0 @@ -From fa8f23284d4689c2a737204b337b58d966dcbd8c Mon Sep 17 00:00:00 2001 -From: Sean Parkinson -Date: Fri, 20 Aug 2021 10:23:38 +1000 -Subject: [PATCH] Maths x86 asm: change asm snippets to get compiling - -TFM: - Use register or memory for c0, c1, c2 in SQRADD and SQRADD2. -SP: - Use register or memory for vl, vh, vo in SP_ASM_MUL_ADD, -SP_ASM_MUL_ADD2 and SP_ASM_SQR_ADD. ---- - wolfcrypt/src/asm.c | 29 ++++++++++++++++++++--------- - wolfcrypt/src/sp_int.c | 6 +++--- - 2 files changed, 23 insertions(+), 12 deletions(-) - ---- a/wolfcrypt/src/asm.c -+++ b/wolfcrypt/src/asm.c -@@ -698,33 +698,39 @@ __asm__( \ - - #define SQRADD(i, j) \ - __asm__( \ -- "movl %6,%%eax \n\t" \ -+ "movl %3,%%eax \n\t" \ - "mull %%eax \n\t" \ - "addl %%eax,%0 \n\t" \ - "adcl %%edx,%1 \n\t" \ - "adcl $0,%2 \n\t" \ -- :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","cc"); -+ :"+rm"(c0), "+rm"(c1), "+rm"(c2) \ -+ : "m"(i) \ -+ :"%eax","%edx","cc"); - - #define SQRADD2(i, j) \ - __asm__( \ -- "movl %6,%%eax \n\t" \ -- "mull %7 \n\t" \ -+ "movl %3,%%eax \n\t" \ -+ "mull %4 \n\t" \ - "addl %%eax,%0 \n\t" \ - "adcl %%edx,%1 \n\t" \ - "adcl $0,%2 \n\t" \ - "addl %%eax,%0 \n\t" \ - "adcl %%edx,%1 \n\t" \ - "adcl $0,%2 \n\t" \ -- :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx", "cc"); -+ :"+rm"(c0), "+rm"(c1), "+rm"(c2) \ -+ : "m"(i), "m"(j) \ -+ :"%eax","%edx", "cc"); - - #define SQRADDSC(i, j) \ --__asm__( \ -+__asm__( \ - "movl %3,%%eax \n\t" \ - "mull %4 \n\t" \ - "movl %%eax,%0 \n\t" \ - "movl %%edx,%1 \n\t" \ - "xorl %2,%2 \n\t" \ -- :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","cc"); -+ :"=r"(sc0), "=r"(sc1), "=r"(sc2) \ -+ : "g"(i), "g"(j) \ -+ :"%eax","%edx","cc"); - - #define SQRADDAC(i, j) \ - __asm__( \ -@@ -733,7 +739,9 @@ __asm__( - "addl %%eax,%0 \n\t" \ - "adcl %%edx,%1 \n\t" \ - "adcl $0,%2 \n\t" \ -- :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","cc"); -+ :"=r"(sc0), "=r"(sc1), "=r"(sc2) \ -+ : "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) \ -+ :"%eax","%edx","cc"); - - #define SQRADDDB \ - __asm__( \ -@@ -743,7 +751,10 @@ __asm__( - "addl %6,%0 \n\t" \ - "adcl %7,%1 \n\t" \ - "adcl %8,%2 \n\t" \ -- :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc"); -+ :"=r"(c0), "=r"(c1), "=r"(c2) \ -+ : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), \ -+ "r"(sc2) \ -+ : "cc"); - - #elif defined(TFM_X86_64) - /* x86-64 optimized */ ---- a/wolfcrypt/src/sp_int.c -+++ b/wolfcrypt/src/sp_int.c -@@ -476,7 +476,7 @@ static WC_INLINE sp_int_digit sp_div_wor - "addl %%eax, %[l] \n\t" \ - "adcl %%edx, %[h] \n\t" \ - "adcl $0 , %[o] \n\t" \ -- : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo) \ -+ : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \ - : [a] "r" (va), [b] "r" (vb) \ - : "eax", "edx", "cc" \ - ) -@@ -502,7 +502,7 @@ static WC_INLINE sp_int_digit sp_div_wor - "addl %%eax, %[l] \n\t" \ - "adcl %%edx, %[h] \n\t" \ - "adcl $0 , %[o] \n\t" \ -- : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo) \ -+ : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \ - : [a] "r" (va), [b] "r" (vb) \ - : "eax", "edx", "cc" \ - ) -@@ -541,7 +541,7 @@ static WC_INLINE sp_int_digit sp_div_wor - "addl %%eax, %[l] \n\t" \ - "adcl %%edx, %[h] \n\t" \ - "adcl $0 , %[o] \n\t" \ -- : [l] "+r" (vl), [h] "+r" (vh), [o] "+r" (vo) \ -+ : [l] "+rm" (vl), [h] "+rm" (vh), [o] "+rm" (vo) \ - : [a] "m" (va) \ - : "eax", "edx", "cc" \ - ) diff --git a/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch b/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch deleted file mode 100644 index f986b72798..0000000000 --- a/package/libs/wolfssl/patches/002-Update-macro-guard-on-SHA256-transform-call.patch +++ /dev/null @@ -1,22 +0,0 @@ -From f447e4c1fa4c932c0286fa0331966756e243db81 Mon Sep 17 00:00:00 2001 -From: JacobBarthelmeh -Date: Fri, 17 Sep 2021 15:06:13 -0700 -Subject: [PATCH] update macro guard on SHA256 transform call - ---- - src/ssl.c | 3 ++- - tests/api.c | 3 ++- - 2 files changed, 4 insertions(+), 2 deletions(-) - ---- a/src/ssl.c -+++ b/src/ssl.c -@@ -17639,7 +17639,8 @@ size_t wolfSSL_get_client_random(const W - - #if defined(OPENSSL_EXTRA) - #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \ -- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) -+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \ -+ !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) - /* Apply SHA256 transformation to the data */ - int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256, - const unsigned char* data) diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch index 4141e28750..79d0d6f759 100644 --- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch +++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch @@ -1,6 +1,6 @@ --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h -@@ -2274,7 +2274,7 @@ extern void uITRON4_free(void *p) ; +@@ -2346,7 +2346,7 @@ extern void uITRON4_free(void *p) ; #endif /* warning for not using harden build options (default with ./configure) */ diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch index d8581be7eb..78ff4b1f4a 100644 --- a/package/libs/wolfssl/patches/200-ecc-rng.patch +++ b/package/libs/wolfssl/patches/200-ecc-rng.patch @@ -11,7 +11,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c -@@ -10938,21 +10938,21 @@ void wc_ecc_fp_free(void) +@@ -11647,21 +11647,21 @@ void wc_ecc_fp_free(void) #endif /* FP_ECC */ @@ -37,7 +37,7 @@ RNG regardless of the built settings for wolfssl. --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h -@@ -616,10 +616,8 @@ WOLFSSL_API +@@ -647,10 +647,8 @@ WOLFSSL_API void wc_ecc_fp_free(void); WOLFSSL_LOCAL void wc_ecc_fp_init(void);