[openssl/openssl] 88dec6: fips provider: explicitly setup cpuid when initial...
Hongren Zheng
noreply at github.com
Wed May 22 11:28:25 UTC 2024
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 88dec6e12d09d8b577e3d70dd124950b4c46dd2a
https://github.com/openssl/openssl/commit/88dec6e12d09d8b577e3d70dd124950b4c46dd2a
Author: Hongren Zheng <i at zenithal.me>
Date: 2024-05-20 (Mon, 20 May 2024)
Changed paths:
M providers/fips/fipsprov.c
Log Message:
-----------
fips provider: explicitly setup cpuid when initializing
Fixes: #23979
Previously fips module relied on OPENSSL_cpuid_setup
being used as constructor by the linker to correctly
setup the capability vector, either via .section .init
(for x86_64) or via __attribute__((constructor)).
This would make ld.so call OPENSSL_cpuid_setup before
the init function for fips module. However, this early
constructing behavior has several disadvantages:
1. Not all platform/toolchain supports such behavior
2. Initialisation sequence is not well defined, and
some function might not be initialized when cpuid_setup
is called
3. Implicit path is hard to maintain and debug
Reviewed-by: Paul Dale <ppzgs1 at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24419)
(cherry picked from commit a192b2439c0207ce1b04ba6137329b68f9e23680)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list