From: Nikolay Nikolaev <nicknickolaev@gmail.com>
Date: Tue, 24 Dec 2024 11:26:09 +0000 (+0200)
Subject: Workaround for RSA on AArch64 Big Endian
X-Git-Tag: openssl-3.5.0-alpha1~732
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=b26894ec6945656113fd9556527765aba08e4355;p=thirdparty%2Fopenssl.git

Workaround for RSA on AArch64 Big Endian

10646160125 introduced and optimized RSA NEON implementation
for AArch64 architecture, namely Cortex-A72 and Neoverse N1.
This implementation is broken in Big Endian mode, which is not
widely used, therefore not properly verified.
Here we disable this optimized implementation when Big Endian
platform is used.

Fixes: #22687

CLA: trivial

Signed-off-by: Nikolay Nikolaev <nicknickolaev@gmail.com>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26257)
---

diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl
index 912a7cf2f98..ea47e4c89d1 100755
--- a/crypto/bn/asm/armv8-mont.pl
+++ b/crypto/bn/asm/armv8-mont.pl
@@ -85,10 +85,12 @@ bn_mul_mont:
 	cmp	$num,#32
 	b.le	.Lscalar_impl
 #ifndef	__KERNEL__
+#ifndef	__AARCH64EB__
 	adrp	x17,OPENSSL_armv8_rsa_neonized
 	ldr	w17,[x17,#:lo12:OPENSSL_armv8_rsa_neonized]
 	cbnz	w17, bn_mul8x_mont_neon
 #endif
+#endif
 
 .Lscalar_impl:
 	tst	$num,#7