From aef7c262b172a4c94e1a9924345278d06816be38 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Jan 13 2014 16:41:47 +0000 Subject: Update the textrel patch for x86 - update the PIC patch for iaesx86.s to not use ELF relocations (RT#7815, #1045699) to the version that landed upstream --- diff --git a/krb5-1.12-pic-aes-ni.patch b/krb5-1.12-pic-aes-ni.patch index 2000fbe..c010086 100644 --- a/krb5-1.12-pic-aes-ni.patch +++ b/krb5-1.12-pic-aes-ni.patch @@ -1,70 +1,42 @@ ---- krb5-1.12/src/lib/crypto/builtin/aes/iaesx86.s -+++ krb5-1.12/src/lib/crypto/builtin/aes/iaesx86.s -@@ -256,6 +256,7 @@ DD 0 - section .text - - -+extern _GLOBAL_OFFSET_TABLE_ - - align 16 - key_expansion256: -@@ -318,12 +319,18 @@ _iEncExpandKey128: - - mov ecx,[esp-4+8] ;input - mov edx,[esp-4+12] ;ctx -+ push ebx - - movdqu xmm1, [ecx] ; loading the key +commit 3847aa109e8ff3f2781d53315f81e8d29ee35892 +Author: Tom Yu +Date: Fri Jan 10 15:04:32 2014 -0500 + + Avoid text relocations in iaesx86.s + + Use PC-relative addressing to avoid runtime text relocations on i386. + + Adapted patch from Nalin Dahyabhai. + + ticket: 7815 + target_version: 1.12.1 + tags: pullup + +diff --git a/src/lib/crypto/builtin/aes/iaesx86.s b/src/lib/crypto/builtin/aes/iaesx86.s +index 1aa12e6..33470dd 100644 +--- a/src/lib/crypto/builtin/aes/iaesx86.s ++++ b/src/lib/crypto/builtin/aes/iaesx86.s +@@ -323,7 +323,10 @@ _iEncExpandKey128: movdqu [edx], xmm1 - movdqa xmm5, [shuffle_mask] -+ call .get_GOT -+.get_GOT: -+ pop ebx -+ add ebx,_GLOBAL_OFFSET_TABLE_+$$-.get_GOT wrt ..gotpc -+ -+ movdqa xmm5, [ebx+shuffle_mask wrt ..gotoff] ++ call .next ++.next: ++ pop ecx ++ movdqa xmm5, [ecx-.next+shuffle_mask] add edx,16 -@@ -348,6 +355,8 @@ _iEncExpandKey128: - aeskeygenassist xmm2, xmm1, 0x36 ; Generating round key 10 - call key_expansion128 - -+ pop ebx -+ - ret - - -@@ -412,6 +421,7 @@ global _iEncExpandKey256 - _iEncExpandKey256: - mov ecx, [esp-4+8] ;input - mov edx, [esp-4+12] ;expanded key -+ push ebx - - - movdqu xmm1, [ecx] ; loading the key -@@ -421,7 +431,12 @@ _iEncExpandKey256: +@@ -421,7 +424,10 @@ _iEncExpandKey256: add edx,32 - movdqa xmm5, [shuffle_mask] ; this mask is used by key_expansion -+ call .get_GOT -+.get_GOT: -+ pop ebx -+ add ebx,_GLOBAL_OFFSET_TABLE_+$$-.get_GOT wrt ..gotpc -+ -+ movdqa xmm5, [ebx+shuffle_mask wrt ..gotoff] ; this mask is used by key_expansion ++ call .next ++.next: ++ pop ecx ++ movdqa xmm5, [ecx-.next+shuffle_mask] ; this mask is used by key_expansion aeskeygenassist xmm2, xmm3, 0x1 ; call key_expansion256 -@@ -452,6 +467,8 @@ _iEncExpandKey256: - movdqu [edx], xmm1 - - -+ pop ebx -+ - ret - - diff --git a/krb5.spec b/krb5.spec index 8a253d5..03922f9 100644 --- a/krb5.spec +++ b/krb5.spec @@ -41,7 +41,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.12 -Release: 10%{?dist} +Release: 11%{?dist} # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.12/krb5-1.12-signed.tar Source0: krb5-%{version}.tar.gz @@ -978,6 +978,10 @@ exit 0 %{_sbindir}/uuserver %changelog +* Mon Jan 13 2014 Nalin Dahyabhai - 1.12-11 +- update the PIC patch for iaesx86.s to not use ELF relocations to the version + that landed upstream (RT#7815, #1045699) + * Thu Jan 9 2014 Nalin Dahyabhai - pass -Wl,--warn-shared-textrel to the compiler when we're creating shared libraries