diff options
author | Khem Raj <raj.khem@gmail.com> | 2018-08-30 23:54:38 -0700 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2018-08-30 23:54:38 -0700 |
commit | 58062ba654b645d7201f1e0d9b91b9f711ac64ad (patch) | |
tree | 3b815c766d7707bc7e431e3c61e85eac9026cae8 /meta-oe | |
parent | cb572824b4c09ac0f1fbea2912e00f59e2fc59f2 (diff) | |
download | meta-openembedded-58062ba654b645d7201f1e0d9b91b9f711ac64ad.tar.gz |
libkcapi: Upgrade to 1.1.3
Drop upstream patches
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Krzysztof Kozlowski <krzk@kernel.org>
Diffstat (limited to 'meta-oe')
4 files changed, 3 insertions, 160 deletions
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch b/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch deleted file mode 100644 index f35f631c6..000000000 --- a/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch +++ /dev/null | |||
@@ -1,50 +0,0 @@ | |||
1 | From 303c766d67cef5c357e9b3d3a97f7b480d29e1cb Mon Sep 17 00:00:00 2001 | ||
2 | From: Krzysztof Kozlowski <krzk@kernel.org> | ||
3 | Date: Thu, 12 Jul 2018 18:13:16 +0200 | ||
4 | Subject: [PATCH 1/3] Fix possible buffer overflow with strncpy and | ||
5 | -Wstringop-truncation warning | ||
6 | |||
7 | If valid cipher name (to which netlink socket was bound) is longer than | ||
8 | CRYPTO_MAX_ALG_NAME defined in lib/cryptouser.h, then the strncpy() will | ||
9 | try to copy length of this cipher name into smaller buffer. | ||
10 | |||
11 | In libkcapi the CRYPTO_MAX_ALG_NAME (thus the size of the buffer) is | ||
12 | defined as 64 but since commit f437a3f477cc ("crypto: api - Extend | ||
13 | algorithm name limit to 128 bytes") in Linux kernel (v4.12), the kernel | ||
14 | defines it as 128. | ||
15 | |||
16 | It is error-prone to use source buffer length as limit of dst buffer. | ||
17 | Instead choose sizeof(dst buffer). | ||
18 | |||
19 | This also fixes the warning with GCC v8.1.0: | ||
20 | |||
21 | lib/kcapi-kernel-if.c: In function '__kcapi_common_getinfo.isra.2': | ||
22 | lib/kcapi-kernel-if.c:632:3: error: 'strncpy' output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation] | ||
23 | strncpy(req.cru.cru_name, ciphername, strlen(ciphername)); | ||
24 | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
25 | |||
26 | Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> | ||
27 | Upstream-Status: Submitted | ||
28 | --- | ||
29 | lib/kcapi-kernel-if.c | 4 ++-- | ||
30 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
31 | |||
32 | diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c | ||
33 | index 2481f8abde63..807cbfe219cd 100644 | ||
34 | --- a/lib/kcapi-kernel-if.c | ||
35 | +++ b/lib/kcapi-kernel-if.c | ||
36 | @@ -627,9 +627,9 @@ static int __kcapi_common_getinfo(struct kcapi_handle *handle, | ||
37 | |||
38 | if (drivername) | ||
39 | strncpy(req.cru.cru_driver_name, ciphername, | ||
40 | - strlen(ciphername)); | ||
41 | + sizeof(req.cru.cru_driver_name) - 1); | ||
42 | else | ||
43 | - strncpy(req.cru.cru_name, ciphername, strlen(ciphername)); | ||
44 | + strncpy(req.cru.cru_name, ciphername, sizeof(req.cru.cru_name) - 1); | ||
45 | |||
46 | /* talk to netlink socket */ | ||
47 | sd = socket(AF_NETLINK, SOCK_RAW, NETLINK_CRYPTO); | ||
48 | -- | ||
49 | 2.7.4 | ||
50 | |||
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch b/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch deleted file mode 100644 index ba76599fd..000000000 --- a/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch +++ /dev/null | |||
@@ -1,67 +0,0 @@ | |||
1 | From 88f1a8fe4697b0921f39fcd9c7efc4a0486cf91b Mon Sep 17 00:00:00 2001 | ||
2 | From: Krzysztof Kozlowski <krzk@kernel.org> | ||
3 | Date: Thu, 12 Jul 2018 18:13:24 +0200 | ||
4 | Subject: [PATCH 2/3] apps: Disable -Wstringop-truncation warning on false | ||
5 | positives | ||
6 | |||
7 | The GCC v8.1.0 warns: | ||
8 | |||
9 | In function 'paste', | ||
10 | inlined from 'get_hmac_file' at apps/kcapi-hasher.c:395:11: | ||
11 | apps/kcapi-hasher.c:346:2: error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation] | ||
12 | strncpy(dst, src, size); | ||
13 | ^~~~~~~~~~~~~~~~~~~~~~~ | ||
14 | |||
15 | These are false positives because at the end of paste() calls, the buffer is | ||
16 | NULL terminated. | ||
17 | |||
18 | Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> | ||
19 | Upstream-Status: Submitted | ||
20 | --- | ||
21 | apps/kcapi-hasher.c | 16 ++++++++++++++++ | ||
22 | 1 file changed, 16 insertions(+) | ||
23 | |||
24 | diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c | ||
25 | index ae88211ff4dd..4052260bf871 100644 | ||
26 | --- a/apps/kcapi-hasher.c | ||
27 | +++ b/apps/kcapi-hasher.c | ||
28 | @@ -61,6 +61,10 @@ | ||
29 | |||
30 | #include "app-internal.h" | ||
31 | |||
32 | +#define GCC_VERSION (__GNUC__ * 10000 \ | ||
33 | + + __GNUC_MINOR__ * 100 \ | ||
34 | + + __GNUC_PATCHLEVEL__) | ||
35 | + | ||
36 | struct hash_name { | ||
37 | const char *kcapiname; | ||
38 | const char *bsdname; | ||
39 | @@ -341,6 +345,17 @@ out: | ||
40 | return ret; | ||
41 | } | ||
42 | |||
43 | +/* | ||
44 | + * GCC v8.1.0 introduced -Wstringop-truncation but it is not smart enough to | ||
45 | + * find that cursor string will be NULL-terminated after all paste() calls and | ||
46 | + * warns with: | ||
47 | + * error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation] | ||
48 | + * error: 'strncpy' output truncated before terminating nul copying 5 bytes from a string of the same length [-Werror=stringop-truncation] | ||
49 | + */ | ||
50 | +#pragma GCC diagnostic push | ||
51 | +#if GCC_VERSION >= 80100 | ||
52 | +#pragma GCC diagnostic ignored "-Wstringop-truncation" | ||
53 | +#endif | ||
54 | static char *paste(char *dst, const char *src, size_t size) | ||
55 | { | ||
56 | strncpy(dst, src, size); | ||
57 | @@ -398,6 +413,7 @@ static char *get_hmac_file(const char *filename, const char *subdir) | ||
58 | strncpy(cursor, "\0", 1); | ||
59 | return checkfile; | ||
60 | } | ||
61 | +#pragma GCC diagnostic pop /* -Wstringop-truncation */ | ||
62 | |||
63 | static int hash_files(const struct hash_params *params, | ||
64 | char *filenames[], uint32_t files, | ||
65 | -- | ||
66 | 2.7.4 | ||
67 | |||
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch b/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch deleted file mode 100644 index 885f3ca12..000000000 --- a/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch +++ /dev/null | |||
@@ -1,37 +0,0 @@ | |||
1 | From 505d949dcb6b756f6db6588d3425d9cd6108c77f Mon Sep 17 00:00:00 2001 | ||
2 | From: Krzysztof Kozlowski <krzk@kernel.org> | ||
3 | Date: Thu, 12 Jul 2018 18:13:32 +0200 | ||
4 | Subject: [PATCH 3/3] test: Be sure to terminate strncpy() copied string | ||
5 | (-Wstringop-truncation) | ||
6 | |||
7 | strncpy() might not NULL-terminate the buffer. This fixes GCC v8.1.0 warning: | ||
8 | |||
9 | test/kcapi-main.c: In function 'main': | ||
10 | test/kcapi-main.c:3123:5: error: 'strncpy' specified bound 63 equals destination size [-Werror=stringop-truncation] | ||
11 | strncpy(cavs_test.cipher, optarg, | ||
12 | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
13 | CIPHERMAXNAME); | ||
14 | ~~~~~~~~~~~~~~ | ||
15 | |||
16 | Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> | ||
17 | Upstream-Status: Submitted | ||
18 | --- | ||
19 | test/kcapi-main.c | 2 +- | ||
20 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
21 | |||
22 | diff --git a/test/kcapi-main.c b/test/kcapi-main.c | ||
23 | index 835249987aa5..c167b7f61809 100644 | ||
24 | --- a/test/kcapi-main.c | ||
25 | +++ b/test/kcapi-main.c | ||
26 | @@ -3121,7 +3121,7 @@ int main(int argc, char *argv[]) | ||
27 | break; | ||
28 | case 'c': | ||
29 | strncpy(cavs_test.cipher, optarg, | ||
30 | - CIPHERMAXNAME); | ||
31 | + CIPHERMAXNAME - 1); | ||
32 | break; | ||
33 | case 'p': | ||
34 | len = strlen(optarg); | ||
35 | -- | ||
36 | 2.7.4 | ||
37 | |||
diff --git a/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb b/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb index e401b70a7..addd169a8 100644 --- a/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb +++ b/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb | |||
@@ -6,14 +6,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d0421cf231423bda10cea691b613e866" | |||
6 | DEPENDS = "libtool" | 6 | DEPENDS = "libtool" |
7 | 7 | ||
8 | S = "${WORKDIR}/git" | 8 | S = "${WORKDIR}/git" |
9 | # Use v1.1.1 with changes on top for building in OE | 9 | # Use v1.1.3 with changes on top for building in OE |
10 | SRCREV = "342b50fc9225a991c224126c13c188ad9f1ef9f9" | 10 | SRCREV = "1c736c43eb71fbb5640d00efaf34a1edf1972c49" |
11 | PV = "1.1.1+git${SRCPV}" | 11 | PV = "1.1.3+git${SRCPV}" |
12 | SRC_URI = " \ | 12 | SRC_URI = " \ |
13 | git://github.com/smuellerDD/libkcapi.git \ | 13 | git://github.com/smuellerDD/libkcapi.git \ |
14 | file://0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch \ | ||
15 | file://0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch \ | ||
16 | file://0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch \ | ||
17 | " | 14 | " |
18 | 15 | ||
19 | inherit autotools | 16 | inherit autotools |