From 20256176fc7a953f85f16eda80ad408005510017 Mon Sep 17 00:00:00 2001 From: K1 Date: Tue, 28 Nov 2023 17:25:54 +0800 Subject: [PATCH 1/2] Avoid clobbering non-volatile XMM registers This affects some Poly1305 assembler functions which are only used for certain CPU types. Remove those functions for Windows targets, as a simple interim solution. Refer to https://github.com/openssl/openssl/issues/21522. Fix CVE-2023-4807. --- crypto/poly1305/asm/poly1305-x86_64.pl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/poly1305/asm/poly1305-x86_64.pl b/crypto/poly1305/asm/poly1305-x86_64.pl index fa9bfb7a7..4cddca1c5 100755 --- a/crypto/poly1305/asm/poly1305-x86_64.pl +++ b/crypto/poly1305/asm/poly1305-x86_64.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -195,7 +195,7 @@ sub poly1305_iteration { bt \$`5+32`,%r9 # AVX2? cmovc %rax,%r10 ___ -$code.=<<___ if ($avx>3); +$code.=<<___ if ($avx>3 && !$win64); mov \$`(1<<31|1<<21|1<<16)`,%rax shr \$32,%r9 and %rax,%r9 @@ -2724,7 +2724,7 @@ sub poly1305_iteration { .cfi_endproc .size poly1305_blocks_avx512,.-poly1305_blocks_avx512 ___ -if ($avx>3) { +if ($avx>3 && !$win64) { ######################################################################## # VPMADD52 version using 2^44 radix. # From 2df789f1ac96c8046a0b633e70a24f89883210b6 Mon Sep 17 00:00:00 2001 From: K1 Date: Tue, 28 Nov 2023 17:40:41 +0800 Subject: [PATCH 2/2] Add CVE-2023-4807 to CHANGES --- CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 7e7036023..5f5e0eed9 100644 --- a/CHANGES +++ b/CHANGES @@ -4,7 +4,7 @@ Changes between 8.4.0-pre3 and 8.4.0-pre4 [xx XXX xxxx] - *) + *) 修复CVE-2023-4807 Changes between 8.4.0-pre2 and 8.4.0-pre3 [08 Oct 2023]