diff --git a/libgcrypt-1.4.4-padlock.patch b/libgcrypt-1.4.4-padlock.patch new file mode 100644 index 0000000..e9501de --- /dev/null +++ b/libgcrypt-1.4.4-padlock.patch @@ -0,0 +1,28 @@ +diff -up libgcrypt-1.4.4/random/rndhw.c.padlock libgcrypt-1.4.4/random/rndhw.c +--- libgcrypt-1.4.4/random/rndhw.c.padlock 2008-09-03 12:04:43.000000000 +0200 ++++ libgcrypt-1.4.4/random/rndhw.c 2009-06-17 20:11:42.000000000 +0200 +@@ -41,7 +41,7 @@ static size_t + poll_padlock (void (*add)(const void*, size_t, enum random_origins), + enum random_origins origin, int fast) + { +- char buffer[64+8] __attribute__ ((aligned (8))); ++ volatile char buffer[64+8] __attribute__ ((aligned (8))); + char *p; + unsigned int nbytes, status; + +@@ -55,12 +55,11 @@ poll_padlock (void (*add)(const void*, s + nbytes = 0; + while (nbytes < 64) + { +- asm volatile ++ asm volatile + ("movl %1, %%edi\n\t" /* Set buffer. */ + "xorl %%edx, %%edx\n\t" /* Request up to 8 bytes. */ +- ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ +- "movl %%eax, %0\n" /* Return the status. */ +- : "=g" (status) ++ ".byte 0x0f, 0xa7, 0xc0\n" /* XSTORE RNG. */ ++ : "=a" (status) + : "g" (p) + : "%edx", "%edi", "cc" + ); diff --git a/libgcrypt.spec b/libgcrypt.spec index df1fcad..431ca4f 100644 --- a/libgcrypt.spec +++ b/libgcrypt.spec @@ -1,6 +1,6 @@ Name: libgcrypt Version: 1.4.4 -Release: 4%{?dist} +Release: 5%{?dist} Source0: libgcrypt-%{version}-hobbled.tar.bz2 # The original libgcrypt sources now contain potentially patented ECC # cipher support. We have to remove it in the tarball we ship with @@ -11,6 +11,7 @@ Source2: wk@g10code.com Source3: hobble-libgcrypt Patch1: libgcrypt-1.4.4-fips-no-access.patch Patch2: libgcrypt-1.4.4-use-fipscheck.patch +Patch3: libgcrypt-1.4.4-padlock.patch # Technically LGPLv2.1+, but Fedora's table doesn't draw a distinction. License: LGPLv2+ @@ -145,6 +146,9 @@ exit 0 %{_infodir}/gcrypt.info* %changelog +* Wed Jun 17 2009 Tomas Mraz 1.4.4-5 +- fix VIA padlock RNG inline assembly call (#505724) + * Thu Mar 5 2009 Tomas Mraz 1.4.4-4 - with the integrity verification check the library needs to link to libdl (#488702)