[19.10 FEAT] openssl: SIMD implementation of chacha20

Bug #1736705 reported by bugproxy on 2017-12-06
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Wishlist
Canonical Foundations Team
openssl (Ubuntu)
Wishlist
Skipper Bug Screeners

Bug Description

Enable support for TLS 1.3 with chacha20poly1305 cipher suites using SIMD instructions
Planned for openssl 1.2

bugproxy (bugproxy) on 2017-12-06
tags: added: architecture-s39064 bugnameltc-161599 severity-high targetmilestone-inin1804
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → openssl (Ubuntu)
Frank Heimes (fheimes) wrote :

setting - for now - to Incomplete until openssl 1.2 got released

Changed in ubuntu-z-systems:
importance: Undecided → High
status: New → Incomplete
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Dimitri John Ledkov (xnox) wrote :

Next openssl series is expected to be 1.1.1, however it is unknown if that will be released in time for inclusion into 18.04 LTS. Please see ubuntu-devel mailing list discussion detailing outstanding concerns with shipping 1.1.0 or later.

Changed in ubuntu-z-systems:
importance: High → Wishlist
Changed in openssl (Ubuntu):
importance: Undecided → Wishlist
Changed in openssl (Ubuntu):
milestone: none → later
summary: - [18.04 FEAT] openssl: SIMD implementation of chacha20
+ [18.10 FEAT] openssl: SIMD implementation of chacha20

------- Comment From <email address hidden> 2018-01-17 07:09 EDT-------
New target 18.10 due to "not in time" integration.

tags: added: targetmilestone-inin1810
removed: targetmilestone-inin1804

As far as I understand the SIMD instructions for chacha20 are in 1.1.0 release and later. Thus an upgrade to 1.1.0 is sufficient to resolve this ticket. (Note that TLS v1.3 is not expected until OpenSSL 1.1.1+)

Changed in openssl (Ubuntu):
milestone: later → ubuntu-18.02
status: New → In Progress
Frank Heimes (fheimes) on 2018-02-08
Changed in ubuntu-z-systems:
status: Incomplete → In Progress
Dimitri John Ledkov (xnox) wrote :

Do you have commit ids for this feature?

592eef5c349b8f8ea6f4b7dba91d700f3a343e84 s390x assembly pack: add ChaCha20 and Poly1305 modules.

$ git tag --contains 592eef5c349b8f8ea6f4b7dba91d700f3a343e84
OpenSSL_1_1_0
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_0a
OpenSSL_1_1_0b
OpenSSL_1_1_0c
OpenSSL_1_1_0d
OpenSSL_1_1_0e
OpenSSL_1_1_0f
OpenSSL_1_1_0g
OpenSSL_1_1_1-pre1

And thus is now available in Bionic, since we ship OpenSSL_1_1_0g by default now. Note that TLS 1.3 itself is not available, as that is not yet release upstream.

Should this ticket be closed as fix released?

Changed in openssl (Ubuntu):
status: In Progress → Incomplete
Changed in ubuntu-z-systems:
status: In Progress → Incomplete
Dimitri John Ledkov (xnox) wrote :

Please provide commit ids of the features required.

Changed in openssl (Ubuntu):
status: Incomplete → Invalid
Changed in ubuntu-z-systems:
status: Incomplete → Invalid

------- Comment From <email address hidden> 2018-02-28 11:06 EDT-------
Commit 592eef5c349b8f8ea6f4b7dba91d700f3a343e84 is not related to this ticket.

The patches corresponding to this ticket were submitted upstream for integration to master but are not accepted yet.

summary: - [18.10 FEAT] openssl: SIMD implementation of chacha20
+ [19.04 FEAT] openssl: SIMD implementation of chacha20
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2018-08-29 08:32 EDT-------
Moved to 19.04, integration of openssl 1.1.1 will not happen with Cosmic

tags: added: targetmilestone-inin1904
removed: targetmilestone-inin1810

Waiting for the function to land in a new openssl version > 1.1.1

Changed in openssl (Ubuntu):
status: Invalid → Incomplete
Changed in ubuntu-z-systems:
status: Invalid → Incomplete
summary: - [19.04 FEAT] openssl: SIMD implementation of chacha20
+ [19.10 FEAT] openssl: SIMD implementation of chacha20

------- Comment From <email address hidden> 2018-11-30 08:02 EDT-------
Moved to 19.10. openssl will not make into 19.04

tags: added: targetmilestone-inin1910
removed: targetmilestone-inin1904
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-04-30 09:27 EDT-------
Feature will be provided with openssl 3.0

Frank Heimes (fheimes) wrote :

Leaving at Incomplete until OpenSSL 3.0 is released.

bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-05-09 03:56 EDT-------
Due to the fact, that openssl 3.0 is in the unplanned future.
Here are the upstream ids which can be applied to openssl 1.1.1:

"s390x assembly pack: perlasm support."
c66bb88cb08adbc848271dd388aa9695c7e200be "

"crypto/chacha/asm/chacha-s390x.pl: add vx code path."
f760137b2144740916afd9ff381451fa16c710de

"s390x assembly pack: fix formal interface bug in chacha module"
b2b580fe445e064da50c13d3e00f71022da16ece

"s390x assembly pack: import chacha from cryptogams repo"
d1229190bfbb19439589557e4d65f9bccab09b2d

Frank Heimes (fheimes) on 2019-07-11
Changed in ubuntu-z-systems:
status: Incomplete → Triaged
information type: Private → Public
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 1.1.1c-1ubuntu4

---------------
openssl (1.1.1c-1ubuntu4) eoan; urgency=medium

  * Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20
    from master. LP: #1736705 LP: #1736704

 -- Dimitri John Ledkov <email address hidden> Tue, 20 Aug 2019 12:46:33 +0100

Changed in openssl (Ubuntu):
status: Incomplete → Fix Released
Frank Heimes (fheimes) on 2019-08-30
Changed in ubuntu-z-systems:
status: Triaged → Fix Released
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-09-02 05:19 EDT-------
IBM bugzilla status -> closed, Fix Released with Eoan

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers