[Pkg-gnutls-commits] r734 - in /packages/libgcrypt11/trunk/debian: changelog patches/20_padlock.diff

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sat Jul 4 12:01:01 UTC 2009 

Author: ametzler
Date: Sat Jul  4 12:00:49 2009
New Revision: 734

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=734
Log:
Fix VIA padlock RNG inline assembly call, to avoid hitting stack smashing detection on those systems. #535456

Added:
    packages/libgcrypt11/trunk/debian/patches/20_padlock.diff
Modified:
    packages/libgcrypt11/trunk/debian/changelog

Modified: packages/libgcrypt11/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/libgcrypt11/trunk/debian/changelog?rev=734&op=diff
==============================================================================
--- packages/libgcrypt11/trunk/debian/changelog (original)
+++ packages/libgcrypt11/trunk/debian/changelog Sat Jul  4 12:00:49 2009
@@ -1,8 +1,10 @@
-libgcrypt11 (1.4.4-3) UNRELEASED; urgency=low
-
-  * NOT RELEASED YET
-
- -- Andreas Metzler <ametzler at debian.org>  Sat, 21 Feb 2009 14:13:54 +0100
+libgcrypt11 (1.4.4-3) unstable; urgency=low
+
+  * 20_padlock.diff: Fix stack smashing on VIA processors with Padlock RNG
+    (patch by Tomas       Mraz of Red Hat; thanks to Roberto Rosario for the
+    archaeology, forwarded from Ubuntu by Colin Watson). Closes: #535456
+
+ -- Andreas Metzler <ametzler at debian.org>  Sat, 04 Jul 2009 13:47:23 +0200
 
 libgcrypt11 (1.4.4-2) unstable; urgency=low
 

Added: packages/libgcrypt11/trunk/debian/patches/20_padlock.diff
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/libgcrypt11/trunk/debian/patches/20_padlock.diff?rev=734&op=file
==============================================================================
--- packages/libgcrypt11/trunk/debian/patches/20_padlock.diff (added)
+++ packages/libgcrypt11/trunk/debian/patches/20_padlock.diff Sat Jul  4 12:00:49 2009
@@ -1,0 +1,33 @@
+Description: Fix VIA padlock RNG inline assembly call, to avoid hitting
+ stack smashing detection on those systems. Patch by Tomas Mraz of Red Hat.
+Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/389053
+Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=505724
+
+diff -Nur -x '*.orig' -x '*~' libgcrypt11-1.4.4/random/rndhw.c libgcrypt11-1.4.4.new/random/rndhw.c
+--- libgcrypt11-1.4.4/random/rndhw.c	2008-09-03 11:04:43.000000000 +0100
++++ libgcrypt11-1.4.4.new/random/rndhw.c	2009-07-02 11:27:38.000000000 +0100
+@@ -41,7 +41,7 @@
+ poll_padlock (void (*add)(const void*, size_t, enum random_origins),
+               enum random_origins origin, int fast)
+ {
+-  char buffer[64+8] __attribute__ ((aligned (8)));
++  volatile char buffer[64+8] __attribute__ ((aligned (8)));
+   char *p;
+   unsigned int nbytes, status;
+   
+@@ -55,12 +55,11 @@
+   nbytes = 0;
+   while (nbytes < 64)
+     {
+-      asm volatile 
++      asm volatile
+         ("movl %1, %%edi\n\t"         /* Set buffer.  */
+          "xorl %%edx, %%edx\n\t"      /* Request up to 8 bytes.  */
+-         ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */
+-         "movl %%eax, %0\n"           /* Return the status.  */
+-         : "=g" (status)
++         ".byte 0x0f, 0xa7, 0xc0\n"   /* XSTORE RNG. */
++         : "=a" (status)
+          : "g" (p)
+          : "%edx", "%edi", "cc"
+          );

More information about the Pkg-gnutls-commits mailing list