From d7083542d1e95c5d080efd2d9b1d10c3a0ea5056 Mon Sep 17 00:00:00 2001
From: K1 <dongbeiouba@gmail.com>
Date: Fri, 8 Mar 2024 11:50:54 +0800
Subject: [PATCH 1/2] poly1305-ppc.pl: Fix vector register clobbering

Fixes CVE-2023-6129

The POLY1305 MAC (message authentication code) implementation in OpenSSL for
PowerPC CPUs saves the the contents of vector registers in different order
than they are restored. Thus the contents of some of these vector registers
is corrupted when returning to the caller. The vulnerable code is used only
on newer PowerPC processors supporting the PowerISA 2.07 instructions.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23200)
---
 crypto/poly1305/asm/poly1305-ppc.pl | 42 ++++++++++++++---------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl
index 9f86134d9..2e601bb9c 100755
--- a/crypto/poly1305/asm/poly1305-ppc.pl
+++ b/crypto/poly1305/asm/poly1305-ppc.pl
@@ -744,7 +744,7 @@
 my $LOCALS= 6*$SIZE_T;
 my $VSXFRAME = $LOCALS + 6*$SIZE_T;
    $VSXFRAME += 128;	# local variables
-   $VSXFRAME += 13*16;	# v20-v31 offload
+   $VSXFRAME += 12*16;	# v20-v31 offload
 
 my $BIG_ENDIAN = ($flavour !~ /le/) ? 4 : 0;
 
@@ -919,12 +919,12 @@
 	addi	r11,r11,32
 	stvx	v22,r10,$sp
 	addi	r10,r10,32
-	stvx	v23,r10,$sp
-	addi	r10,r10,32
-	stvx	v24,r11,$sp
+	stvx	v23,r11,$sp
 	addi	r11,r11,32
-	stvx	v25,r10,$sp
+	stvx	v24,r10,$sp
 	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
 	stvx	v26,r10,$sp
 	addi	r10,r10,32
 	stvx	v27,r11,$sp
@@ -1153,12 +1153,12 @@
 	addi	r11,r11,32
 	stvx	v22,r10,$sp
 	addi	r10,r10,32
-	stvx	v23,r10,$sp
-	addi	r10,r10,32
-	stvx	v24,r11,$sp
+	stvx	v23,r11,$sp
 	addi	r11,r11,32
-	stvx	v25,r10,$sp
+	stvx	v24,r10,$sp
 	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
 	stvx	v26,r10,$sp
 	addi	r10,r10,32
 	stvx	v27,r11,$sp
@@ -1899,26 +1899,26 @@
 	mtspr	256,r12				# restore vrsave
 	lvx	v20,r10,$sp
 	addi	r10,r10,32
-	lvx	v21,r10,$sp
-	addi	r10,r10,32
-	lvx	v22,r11,$sp
+	lvx	v21,r11,$sp
 	addi	r11,r11,32
-	lvx	v23,r10,$sp
+	lvx	v22,r10,$sp
 	addi	r10,r10,32
-	lvx	v24,r11,$sp
+	lvx	v23,r11,$sp
 	addi	r11,r11,32
-	lvx	v25,r10,$sp
+	lvx	v24,r10,$sp
 	addi	r10,r10,32
-	lvx	v26,r11,$sp
+	lvx	v25,r11,$sp
 	addi	r11,r11,32
-	lvx	v27,r10,$sp
+	lvx	v26,r10,$sp
 	addi	r10,r10,32
-	lvx	v28,r11,$sp
+	lvx	v27,r11,$sp
 	addi	r11,r11,32
-	lvx	v29,r10,$sp
+	lvx	v28,r10,$sp
 	addi	r10,r10,32
-	lvx	v30,r11,$sp
-	lvx	v31,r10,$sp
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
 	$POP	r27,`$VSXFRAME-$SIZE_T*5`($sp)
 	$POP	r28,`$VSXFRAME-$SIZE_T*4`($sp)
 	$POP	r29,`$VSXFRAME-$SIZE_T*3`($sp)

From a37675e24c029db0f5ef5e09ad2150785c381b54 Mon Sep 17 00:00:00 2001
From: K1 <dongbeiouba@gmail.com>
Date: Fri, 8 Mar 2024 11:51:57 +0800
Subject: [PATCH 2/2] Add CHANGES entry for CVE-2023-6129

---
 CHANGES | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGES b/CHANGES
index fb1e52f1a..9a1c3e5dc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,8 @@
 
  Changes between 8.4.0 and 8.5.0 [xx XXX xxxx]
 
+  *) 修复CVE-2023-6129
+
   *) 增加SM2两方门限解密算法
 
   *) 增加SM2两方门限签名算法 [with work originated from FullyRobert]