diff options
| author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2014-01-17 10:55:16 -0500 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin@dahyabhai.net> | 2014-01-17 10:55:16 -0500 |
| commit | 4dec248a05ec1be4cc8ea87310ee994d6f2e703d (patch) | |
| tree | a6c0d2796d225365bec55430aa5e3919c486417f | |
| parent | 8ae5258eb36efad37153caf7bd7ba5422f340867 (diff) | |
| download | krb5-4dec248a05ec1be4cc8ea87310ee994d6f2e703d.tar.gz krb5-4dec248a05ec1be4cc8ea87310ee994d6f2e703d.tar.xz krb5-4dec248a05ec1be4cc8ea87310ee994d6f2e703d.zip | |
Drop obsolete patches
| -rw-r--r-- | krb5-1.12-enable-NX.patch | 57 | ||||
| -rw-r--r-- | krb5-1.12-pic-aes-ni.patch | 42 | ||||
| -rw-r--r-- | krb5.spec | 5 |
3 files changed, 1 insertions, 103 deletions
diff --git a/krb5-1.12-enable-NX.patch b/krb5-1.12-enable-NX.patch deleted file mode 100644 index 2b8a508..0000000 --- a/krb5-1.12-enable-NX.patch +++ /dev/null @@ -1,57 +0,0 @@ -commit c64e39c69a9a7ee32c00b0cf7918f6274a565544 -Author: Greg Hudson <ghudson@mit.edu> -Date: Fri Jan 3 13:50:48 2014 -0500 - - Mark AESNI files as not needing executable stacks - - Some Linux systems now come with facilities to mark the stack as - non-executable, making it more difficult to exploit buffer overrun - bugs. For this to work, object files built from assembly need a - section added to note whether they require an executable stack. - - Patch from Dhiru Kholia with comments added. More information at: - https://bugzilla.redhat.com/show_bug.cgi?id=1045699 - https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart - - ticket: 7813 - target_version: 1.12.1 - tags: pullup - -diff --git a/src/lib/crypto/builtin/aes/iaesx64.s b/src/lib/crypto/builtin/aes/iaesx64.s -index 1c091c1..d03c859 100644 ---- a/src/lib/crypto/builtin/aes/iaesx64.s -+++ b/src/lib/crypto/builtin/aes/iaesx64.s -@@ -834,3 +834,14 @@ lp256encsingle_CBC: - movdqu [r9],xmm1 - add rsp,16*16+8 - ret -+ -+; Mark this file as not needing an executable stack. -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf32 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf64 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -diff --git a/src/lib/crypto/builtin/aes/iaesx86.s b/src/lib/crypto/builtin/aes/iaesx86.s -index b667acd..1aa12e6 100644 ---- a/src/lib/crypto/builtin/aes/iaesx86.s -+++ b/src/lib/crypto/builtin/aes/iaesx86.s -@@ -871,3 +871,14 @@ lp256encsingle_CBC: - movdqu [ecx],xmm1 ; store last iv for chaining - - ret -+ -+; Mark this file as not needing an executable stack. -+%ifidn __OUTPUT_FORMAT__,elf -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf32 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif -+%ifidn __OUTPUT_FORMAT__,elf64 -+section .note.GNU-stack noalloc noexec nowrite progbits -+%endif diff --git a/krb5-1.12-pic-aes-ni.patch b/krb5-1.12-pic-aes-ni.patch deleted file mode 100644 index c010086..0000000 --- a/krb5-1.12-pic-aes-ni.patch +++ /dev/null @@ -1,42 +0,0 @@ -commit 3847aa109e8ff3f2781d53315f81e8d29ee35892 -Author: Tom Yu <tlyu@mit.edu> -Date: Fri Jan 10 15:04:32 2014 -0500 - - Avoid text relocations in iaesx86.s - - Use PC-relative addressing to avoid runtime text relocations on i386. - - Adapted patch from Nalin Dahyabhai. - - ticket: 7815 - target_version: 1.12.1 - tags: pullup - -diff --git a/src/lib/crypto/builtin/aes/iaesx86.s b/src/lib/crypto/builtin/aes/iaesx86.s -index 1aa12e6..33470dd 100644 ---- a/src/lib/crypto/builtin/aes/iaesx86.s -+++ b/src/lib/crypto/builtin/aes/iaesx86.s -@@ -323,7 +323,10 @@ _iEncExpandKey128: - - movdqu [edx], xmm1 - -- movdqa xmm5, [shuffle_mask] -+ call .next -+.next: -+ pop ecx -+ movdqa xmm5, [ecx-.next+shuffle_mask] - - add edx,16 - -@@ -421,7 +424,10 @@ _iEncExpandKey256: - - add edx,32 - -- movdqa xmm5, [shuffle_mask] ; this mask is used by key_expansion -+ call .next -+.next: -+ pop ecx -+ movdqa xmm5, [ecx-.next+shuffle_mask] ; this mask is used by key_expansion - - aeskeygenassist xmm2, xmm3, 0x1 ; - call key_expansion256 @@ -90,8 +90,6 @@ Patch86: krb5-1.9-debuginfo.patch Patch105: krb5-kvno-230379.patch Patch129: krb5-1.11-run_user_0.patch Patch134: krb5-1.11-kpasswdtest.patch -Patch141: krb5-1.12-enable-NX.patch -Patch142: krb5-1.12-pic-aes-ni.patch License: MIT URL: http://web.mit.edu/kerberos/www/ @@ -310,8 +308,6 @@ ln -s NOTICE LICENSE %patch71 -p1 -b .dirsrv-accountlock %{?_rawbuild} %patch86 -p0 -b .debuginfo %patch105 -p1 -b .kvno -%patch141 -p1 -b .enable-NX -%patch142 -p1 -b .pic-aes-ni # Apply when the hard-wired or configured default location is # DIR:/run/user/%%{uid}/krb5cc. @@ -974,6 +970,7 @@ exit 0 - drop patch for RT#7805, included now - drop patch for RT#7807, included now - drop patch for RT#7045, included now + - drop patches for RT#7813 and RT#7815, included now * Mon Jan 13 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12-11 - update the PIC patch for iaesx86.s to not use ELF relocations to the version |