diff options
author | Khem Raj <raj.khem@gmail.com> | 2023-05-23 09:17:13 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-05-25 12:36:00 +0100 |
commit | c3bdaa70e64b831bb3a1adb5464d347692600e8f (patch) | |
tree | fca541bfa538c0b29c33ca8ac8fb596a9e5551f7 /meta/recipes-devtools/go | |
parent | 57761516e6cd2a4d0c7038c17cc493f9da43f667 (diff) | |
download | poky-c3bdaa70e64b831bb3a1adb5464d347692600e8f.tar.gz |
go: Upgrade 1.20.1 -> 1.20.4
- Remove already upstreamed patches
- Brings a list of changes [1] [2] [3]
[1] https://github.com/golang/go/issues?q=milestone%3AGo1.20.2+label%3ACherryPickApproved
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.20.3+label%3ACherryPickApproved
[3] https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
(From OE-Core rev: e043bfb42156c59c93c6a4816528a63cfdaccc3e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/go')
-rw-r--r-- | meta/recipes-devtools/go/go-1.20.4.inc (renamed from meta/recipes-devtools/go/go-1.20.1.inc) | 5 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-binary-native_1.20.4.bb (renamed from meta/recipes-devtools/go/go-binary-native_1.20.1.bb) | 6 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb (renamed from meta/recipes-devtools/go/go-cross-canadian_1.20.1.bb) | 0 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-cross_1.20.4.bb (renamed from meta/recipes-devtools/go/go-cross_1.20.1.bb) | 0 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-crosssdk_1.20.4.bb (renamed from meta/recipes-devtools/go/go-crosssdk_1.20.1.bb) | 0 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-native_1.20.4.bb (renamed from meta/recipes-devtools/go/go-native_1.20.1.bb) | 0 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go-runtime_1.20.4.bb (renamed from meta/recipes-devtools/go/go-runtime_1.20.1.bb) | 0 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go/0010-cmd-compile-re-compile-instantiated-generic-methods-.patch | 90 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go/CVE-2023-24532.patch | 208 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go/CVE-2023-24537.patch | 89 | ||||
-rw-r--r-- | meta/recipes-devtools/go/go_1.20.4.bb (renamed from meta/recipes-devtools/go/go_1.20.1.bb) | 0 |
11 files changed, 4 insertions, 394 deletions
diff --git a/meta/recipes-devtools/go/go-1.20.1.inc b/meta/recipes-devtools/go/go-1.20.4.inc index 179f0e29eb..05bc168e0c 100644 --- a/meta/recipes-devtools/go/go-1.20.1.inc +++ b/meta/recipes-devtools/go/go-1.20.4.inc | |||
@@ -14,8 +14,5 @@ SRC_URI += "\ | |||
14 | file://0007-exec.go-do-not-write-linker-flags-into-buildids.patch \ | 14 | file://0007-exec.go-do-not-write-linker-flags-into-buildids.patch \ |
15 | file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ | 15 | file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ |
16 | file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ | 16 | file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ |
17 | file://0010-cmd-compile-re-compile-instantiated-generic-methods-.patch \ | ||
18 | file://CVE-2023-24532.patch \ | ||
19 | file://CVE-2023-24537.patch \ | ||
20 | " | 17 | " |
21 | SRC_URI[main.sha256sum] = "b5c1a3af52c385a6d1c76aed5361cf26459023980d0320de7658bae3915831a2" | 18 | SRC_URI[main.sha256sum] = "9f34ace128764b7a3a4b238b805856cc1b2184304df9e5690825b0710f4202d6" |
diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.1.bb b/meta/recipes-devtools/go/go-binary-native_1.20.4.bb index 239334552a..87ce8a558f 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.20.1.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.20.4.bb | |||
@@ -9,9 +9,9 @@ PROVIDES = "go-native" | |||
9 | 9 | ||
10 | # Checksums available at https://go.dev/dl/ | 10 | # Checksums available at https://go.dev/dl/ |
11 | SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" | 11 | SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" |
12 | SRC_URI[go_linux_amd64.sha256sum] = "000a5b1fca4f75895f78befeb2eecf10bfff3c428597f3f1e69133b63b911b02" | 12 | SRC_URI[go_linux_amd64.sha256sum] = "698ef3243972a51ddb4028e4a1ac63dc6d60821bf18e59a807e051fee0a385bd" |
13 | SRC_URI[go_linux_arm64.sha256sum] = "5e5e2926733595e6f3c5b5ad1089afac11c1490351855e87849d0e7702b1ec2e" | 13 | SRC_URI[go_linux_arm64.sha256sum] = "105889992ee4b1d40c7c108555222ca70ae43fccb42e20fbf1eebb822f5e72c6" |
14 | SRC_URI[go_linux_ppc64le.sha256sum] = "85cfd4b89b48c94030783b6e9e619e35557862358b846064636361421d0b0c52" | 14 | SRC_URI[go_linux_ppc64le.sha256sum] = "8c6f44b96c2719c90eebabe2dd866f9c39538648f7897a212cac448587e9a408" |
15 | 15 | ||
16 | UPSTREAM_CHECK_URI = "https://golang.org/dl/" | 16 | UPSTREAM_CHECK_URI = "https://golang.org/dl/" |
17 | UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" | 17 | UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" |
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.20.1.bb b/meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb index 7ac9449e47..7ac9449e47 100644 --- a/meta/recipes-devtools/go/go-cross-canadian_1.20.1.bb +++ b/meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb | |||
diff --git a/meta/recipes-devtools/go/go-cross_1.20.1.bb b/meta/recipes-devtools/go/go-cross_1.20.4.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/meta/recipes-devtools/go/go-cross_1.20.1.bb +++ b/meta/recipes-devtools/go/go-cross_1.20.4.bb | |||
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.20.1.bb b/meta/recipes-devtools/go/go-crosssdk_1.20.4.bb index 1857c8a577..1857c8a577 100644 --- a/meta/recipes-devtools/go/go-crosssdk_1.20.1.bb +++ b/meta/recipes-devtools/go/go-crosssdk_1.20.4.bb | |||
diff --git a/meta/recipes-devtools/go/go-native_1.20.1.bb b/meta/recipes-devtools/go/go-native_1.20.4.bb index ddf25b2c9b..ddf25b2c9b 100644 --- a/meta/recipes-devtools/go/go-native_1.20.1.bb +++ b/meta/recipes-devtools/go/go-native_1.20.4.bb | |||
diff --git a/meta/recipes-devtools/go/go-runtime_1.20.1.bb b/meta/recipes-devtools/go/go-runtime_1.20.4.bb index 63464a1501..63464a1501 100644 --- a/meta/recipes-devtools/go/go-runtime_1.20.1.bb +++ b/meta/recipes-devtools/go/go-runtime_1.20.4.bb | |||
diff --git a/meta/recipes-devtools/go/go/0010-cmd-compile-re-compile-instantiated-generic-methods-.patch b/meta/recipes-devtools/go/go/0010-cmd-compile-re-compile-instantiated-generic-methods-.patch deleted file mode 100644 index f9ac202421..0000000000 --- a/meta/recipes-devtools/go/go/0010-cmd-compile-re-compile-instantiated-generic-methods-.patch +++ /dev/null | |||
@@ -1,90 +0,0 @@ | |||
1 | From 7a3bb16b43efba73674629eae4369f9004e37f22 Mon Sep 17 00:00:00 2001 | ||
2 | From: Cuong Manh Le <cuong.manhle.vn@gmail.com> | ||
3 | Date: Sat, 18 Mar 2023 00:53:07 +0700 | ||
4 | Subject: [PATCH] cmd/compile: re-compile instantiated generic methods in | ||
5 | linkshared mode | ||
6 | |||
7 | For G[T] that was seen and compiled in imported package, it is not added | ||
8 | to typecheck.Target.Decls, prevent wasting compile time re-creating | ||
9 | DUPOKS symbols. However, the linker do not support a type symbol | ||
10 | referencing a method symbol across DSO boundary. That causes unreachable | ||
11 | sym error when building under -linkshared mode. | ||
12 | |||
13 | To fix it, always re-compile generic methods in linkshared mode. | ||
14 | |||
15 | Fixes #58966 | ||
16 | |||
17 | Change-Id: I894b417cfe8234ae1fe809cc975889345df22cef | ||
18 | Reviewed-on: https://go-review.googlesource.com/c/go/+/477375 | ||
19 | Run-TryBot: Cuong Manh Le <cuong.manhle.vn@gmail.com> | ||
20 | Reviewed-by: Cherry Mui <cherryyz@google.com> | ||
21 | Reviewed-by: Matthew Dempsky <mdempsky@google.com> | ||
22 | TryBot-Result: Gopher Robot <gobot@golang.org> | ||
23 | |||
24 | Upstream-Status: Backport [https://github.com/golang/go/commit/bcd82125f85c7c552493e863fa1bb14e6c444557] | ||
25 | |||
26 | Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> | ||
27 | --- | ||
28 | misc/cgo/testshared/shared_test.go | 7 ++++++- | ||
29 | misc/cgo/testshared/testdata/issue58966/main.go | 15 +++++++++++++++ | ||
30 | src/cmd/compile/internal/noder/unified.go | 6 +++++- | ||
31 | 3 files changed, 26 insertions(+), 2 deletions(-) | ||
32 | create mode 100644 misc/cgo/testshared/testdata/issue58966/main.go | ||
33 | |||
34 | diff --git a/misc/cgo/testshared/shared_test.go b/misc/cgo/testshared/shared_test.go | ||
35 | index b14fb1cb3a..03da8f9435 100644 | ||
36 | --- a/misc/cgo/testshared/shared_test.go | ||
37 | +++ b/misc/cgo/testshared/shared_test.go | ||
38 | @@ -1112,8 +1112,13 @@ func TestStd(t *testing.T) { | ||
39 | t.Skip("skip in short mode") | ||
40 | } | ||
41 | t.Parallel() | ||
42 | + tmpDir := t.TempDir() | ||
43 | // Use a temporary pkgdir to not interfere with other tests, and not write to GOROOT. | ||
44 | // Cannot use goCmd as it runs with cloned GOROOT which is incomplete. | ||
45 | runWithEnv(t, "building std", []string{"GOROOT=" + oldGOROOT}, | ||
46 | - filepath.Join(oldGOROOT, "bin", "go"), "install", "-buildmode=shared", "-pkgdir="+t.TempDir(), "std") | ||
47 | + filepath.Join(oldGOROOT, "bin", "go"), "install", "-buildmode=shared", "-pkgdir="+tmpDir, "std") | ||
48 | + | ||
49 | + // Issue #58966. | ||
50 | + runWithEnv(t, "testing issue #58966", []string{"GOROOT=" + oldGOROOT}, | ||
51 | + filepath.Join(oldGOROOT, "bin", "go"), "run", "-linkshared", "-pkgdir="+tmpDir, "./issue58966/main.go") | ||
52 | } | ||
53 | diff --git a/misc/cgo/testshared/testdata/issue58966/main.go b/misc/cgo/testshared/testdata/issue58966/main.go | ||
54 | new file mode 100644 | ||
55 | index 0000000000..2d923c3607 | ||
56 | --- /dev/null | ||
57 | +++ b/misc/cgo/testshared/testdata/issue58966/main.go | ||
58 | @@ -0,0 +1,15 @@ | ||
59 | +// Copyright 2023 The Go Authors. All rights reserved. | ||
60 | +// Use of this source code is governed by a BSD-style | ||
61 | +// license that can be found in the LICENSE file. | ||
62 | + | ||
63 | +package main | ||
64 | + | ||
65 | +import "crypto/elliptic" | ||
66 | + | ||
67 | +var curve elliptic.Curve | ||
68 | + | ||
69 | +func main() { | ||
70 | + switch curve { | ||
71 | + case elliptic.P224(): | ||
72 | + } | ||
73 | +} | ||
74 | diff --git a/src/cmd/compile/internal/noder/unified.go b/src/cmd/compile/internal/noder/unified.go | ||
75 | index ed97a09302..25136e6aad 100644 | ||
76 | --- a/src/cmd/compile/internal/noder/unified.go | ||
77 | +++ b/src/cmd/compile/internal/noder/unified.go | ||
78 | @@ -158,7 +158,11 @@ func readBodies(target *ir.Package, duringInlining bool) { | ||
79 | // Instantiated generic function: add to Decls for typechecking | ||
80 | // and compilation. | ||
81 | if fn.OClosure == nil && len(pri.dict.targs) != 0 { | ||
82 | - if duringInlining { | ||
83 | + // cmd/link does not support a type symbol referencing a method symbol | ||
84 | + // across DSO boundary, so force re-compiling methods on a generic type | ||
85 | + // even it was seen from imported package in linkshared mode, see #58966. | ||
86 | + canSkipNonGenericMethod := !(base.Ctxt.Flag_linkshared && ir.IsMethod(fn)) | ||
87 | + if duringInlining && canSkipNonGenericMethod { | ||
88 | inlDecls = append(inlDecls, fn) | ||
89 | } else { | ||
90 | target.Decls = append(target.Decls, fn) | ||
diff --git a/meta/recipes-devtools/go/go/CVE-2023-24532.patch b/meta/recipes-devtools/go/go/CVE-2023-24532.patch deleted file mode 100644 index 22f080dbd4..0000000000 --- a/meta/recipes-devtools/go/go/CVE-2023-24532.patch +++ /dev/null | |||
@@ -1,208 +0,0 @@ | |||
1 | From 602eeaab387f24a4b28c5eccbb50fa934f3bc3c4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Filippo Valsorda <filippo@golang.org> | ||
3 | Date: Mon, 13 Feb 2023 15:16:27 +0100 | ||
4 | Subject: [PATCH] [release-branch.go1.20] crypto/internal/nistec: reduce P-256 | ||
5 | scalar | ||
6 | |||
7 | Unlike the rest of nistec, the P-256 assembly doesn't use complete | ||
8 | addition formulas, meaning that p256PointAdd[Affine]Asm won't return the | ||
9 | correct value if the two inputs are equal. | ||
10 | |||
11 | This was (undocumentedly) ignored in the scalar multiplication loops | ||
12 | because as long as the input point is not the identity and the scalar is | ||
13 | lower than the order of the group, the addition inputs can't be the same. | ||
14 | |||
15 | As part of the math/big rewrite, we went however from always reducing | ||
16 | the scalar to only checking its length, under the incorrect assumption | ||
17 | that the scalar multiplication loop didn't require reduction. | ||
18 | |||
19 | Added a reduction, and while at it added it in P256OrdInverse, too, to | ||
20 | enforce a universal reduction invariant on p256OrdElement values. | ||
21 | |||
22 | Note that if the input point is the infinity, the code currently still | ||
23 | relies on undefined behavior, but that's easily tested to behave | ||
24 | acceptably, and will be addressed in a future CL. | ||
25 | |||
26 | Updates #58647 | ||
27 | Fixes #58720 | ||
28 | Fixes CVE-2023-24532 | ||
29 | |||
30 | (Filed with the "safe APIs like complete addition formulas are good" dept.) | ||
31 | |||
32 | Change-Id: I7b2c75238440e6852be2710fad66ff1fdc4e2b24 | ||
33 | Reviewed-on: https://go-review.googlesource.com/c/go/+/471255 | ||
34 | TryBot-Result: Gopher Robot <gobot@golang.org> | ||
35 | Reviewed-by: Roland Shoemaker <roland@golang.org> | ||
36 | Run-TryBot: Filippo Valsorda <filippo@golang.org> | ||
37 | Auto-Submit: Filippo Valsorda <filippo@golang.org> | ||
38 | Reviewed-by: Damien Neil <dneil@google.com> | ||
39 | (cherry picked from commit 203e59ad41bd288e1d92b6f617c2f55e70d3c8e3) | ||
40 | Reviewed-on: https://go-review.googlesource.com/c/go/+/471695 | ||
41 | Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> | ||
42 | Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> | ||
43 | Reviewed-by: Filippo Valsorda <filippo@golang.org> | ||
44 | Run-TryBot: Roland Shoemaker <roland@golang.org> | ||
45 | |||
46 | CVE: CVE-2023-24532 | ||
47 | Upstream-Status: Backport [602eeaab387f24a4b28c5eccbb50fa934f3bc3c4] | ||
48 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
49 | |||
50 | --- | ||
51 | src/crypto/internal/nistec/nistec_test.go | 81 +++++++++++++++++++++++ | ||
52 | src/crypto/internal/nistec/p256_asm.go | 17 +++++ | ||
53 | src/crypto/internal/nistec/p256_ordinv.go | 1 + | ||
54 | 3 files changed, 99 insertions(+) | ||
55 | |||
56 | diff --git a/src/crypto/internal/nistec/nistec_test.go b/src/crypto/internal/nistec/nistec_test.go | ||
57 | index 309f68be16a9f..9103608c18a0f 100644 | ||
58 | --- a/src/crypto/internal/nistec/nistec_test.go | ||
59 | +++ b/src/crypto/internal/nistec/nistec_test.go | ||
60 | @@ -8,6 +8,7 @@ import ( | ||
61 | "bytes" | ||
62 | "crypto/elliptic" | ||
63 | "crypto/internal/nistec" | ||
64 | + "fmt" | ||
65 | "internal/testenv" | ||
66 | "math/big" | ||
67 | "math/rand" | ||
68 | @@ -165,6 +166,86 @@ func testEquivalents[P nistPoint[P]](t *testing.T, newPoint func() P, c elliptic | ||
69 | } | ||
70 | } | ||
71 | |||
72 | +func TestScalarMult(t *testing.T) { | ||
73 | + t.Run("P224", func(t *testing.T) { | ||
74 | + testScalarMult(t, nistec.NewP224Point, elliptic.P224()) | ||
75 | + }) | ||
76 | + t.Run("P256", func(t *testing.T) { | ||
77 | + testScalarMult(t, nistec.NewP256Point, elliptic.P256()) | ||
78 | + }) | ||
79 | + t.Run("P384", func(t *testing.T) { | ||
80 | + testScalarMult(t, nistec.NewP384Point, elliptic.P384()) | ||
81 | + }) | ||
82 | + t.Run("P521", func(t *testing.T) { | ||
83 | + testScalarMult(t, nistec.NewP521Point, elliptic.P521()) | ||
84 | + }) | ||
85 | +} | ||
86 | + | ||
87 | +func testScalarMult[P nistPoint[P]](t *testing.T, newPoint func() P, c elliptic.Curve) { | ||
88 | + G := newPoint().SetGenerator() | ||
89 | + checkScalar := func(t *testing.T, scalar []byte) { | ||
90 | + p1, err := newPoint().ScalarBaseMult(scalar) | ||
91 | + fatalIfErr(t, err) | ||
92 | + p2, err := newPoint().ScalarMult(G, scalar) | ||
93 | + fatalIfErr(t, err) | ||
94 | + if !bytes.Equal(p1.Bytes(), p2.Bytes()) { | ||
95 | + t.Error("[k]G != ScalarBaseMult(k)") | ||
96 | + } | ||
97 | + | ||
98 | + d := new(big.Int).SetBytes(scalar) | ||
99 | + d.Sub(c.Params().N, d) | ||
100 | + d.Mod(d, c.Params().N) | ||
101 | + g1, err := newPoint().ScalarBaseMult(d.FillBytes(make([]byte, len(scalar)))) | ||
102 | + fatalIfErr(t, err) | ||
103 | + g1.Add(g1, p1) | ||
104 | + if !bytes.Equal(g1.Bytes(), newPoint().Bytes()) { | ||
105 | + t.Error("[N - k]G + [k]G != ∞") | ||
106 | + } | ||
107 | + } | ||
108 | + | ||
109 | + byteLen := len(c.Params().N.Bytes()) | ||
110 | + bitLen := c.Params().N.BitLen() | ||
111 | + t.Run("0", func(t *testing.T) { checkScalar(t, make([]byte, byteLen)) }) | ||
112 | + t.Run("1", func(t *testing.T) { | ||
113 | + checkScalar(t, big.NewInt(1).FillBytes(make([]byte, byteLen))) | ||
114 | + }) | ||
115 | + t.Run("N-1", func(t *testing.T) { | ||
116 | + checkScalar(t, new(big.Int).Sub(c.Params().N, big.NewInt(1)).Bytes()) | ||
117 | + }) | ||
118 | + t.Run("N", func(t *testing.T) { checkScalar(t, c.Params().N.Bytes()) }) | ||
119 | + t.Run("N+1", func(t *testing.T) { | ||
120 | + checkScalar(t, new(big.Int).Add(c.Params().N, big.NewInt(1)).Bytes()) | ||
121 | + }) | ||
122 | + t.Run("all1s", func(t *testing.T) { | ||
123 | + s := new(big.Int).Lsh(big.NewInt(1), uint(bitLen)) | ||
124 | + s.Sub(s, big.NewInt(1)) | ||
125 | + checkScalar(t, s.Bytes()) | ||
126 | + }) | ||
127 | + if testing.Short() { | ||
128 | + return | ||
129 | + } | ||
130 | + for i := 0; i < bitLen; i++ { | ||
131 | + t.Run(fmt.Sprintf("1<<%d", i), func(t *testing.T) { | ||
132 | + s := new(big.Int).Lsh(big.NewInt(1), uint(i)) | ||
133 | + checkScalar(t, s.FillBytes(make([]byte, byteLen))) | ||
134 | + }) | ||
135 | + } | ||
136 | + // Test N+1...N+32 since they risk overlapping with precomputed table values | ||
137 | + // in the final additions. | ||
138 | + for i := int64(2); i <= 32; i++ { | ||
139 | + t.Run(fmt.Sprintf("N+%d", i), func(t *testing.T) { | ||
140 | + checkScalar(t, new(big.Int).Add(c.Params().N, big.NewInt(i)).Bytes()) | ||
141 | + }) | ||
142 | + } | ||
143 | +} | ||
144 | + | ||
145 | +func fatalIfErr(t *testing.T, err error) { | ||
146 | + t.Helper() | ||
147 | + if err != nil { | ||
148 | + t.Fatal(err) | ||
149 | + } | ||
150 | +} | ||
151 | + | ||
152 | func BenchmarkScalarMult(b *testing.B) { | ||
153 | b.Run("P224", func(b *testing.B) { | ||
154 | benchmarkScalarMult(b, nistec.NewP224Point().SetGenerator(), 28) | ||
155 | diff --git a/src/crypto/internal/nistec/p256_asm.go b/src/crypto/internal/nistec/p256_asm.go | ||
156 | index 6ea161eb49953..99a22b833f028 100644 | ||
157 | --- a/src/crypto/internal/nistec/p256_asm.go | ||
158 | +++ b/src/crypto/internal/nistec/p256_asm.go | ||
159 | @@ -364,6 +364,21 @@ func p256PointDoubleAsm(res, in *P256Point) | ||
160 | // Montgomery domain (with R 2²⁵⁶) as four uint64 limbs in little-endian order. | ||
161 | type p256OrdElement [4]uint64 | ||
162 | |||
163 | +// p256OrdReduce ensures s is in the range [0, ord(G)-1]. | ||
164 | +func p256OrdReduce(s *p256OrdElement) { | ||
165 | + // Since 2 * ord(G) > 2²⁵⁶, we can just conditionally subtract ord(G), | ||
166 | + // keeping the result if it doesn't underflow. | ||
167 | + t0, b := bits.Sub64(s[0], 0xf3b9cac2fc632551, 0) | ||
168 | + t1, b := bits.Sub64(s[1], 0xbce6faada7179e84, b) | ||
169 | + t2, b := bits.Sub64(s[2], 0xffffffffffffffff, b) | ||
170 | + t3, b := bits.Sub64(s[3], 0xffffffff00000000, b) | ||
171 | + tMask := b - 1 // zero if subtraction underflowed | ||
172 | + s[0] ^= (t0 ^ s[0]) & tMask | ||
173 | + s[1] ^= (t1 ^ s[1]) & tMask | ||
174 | + s[2] ^= (t2 ^ s[2]) & tMask | ||
175 | + s[3] ^= (t3 ^ s[3]) & tMask | ||
176 | +} | ||
177 | + | ||
178 | // Add sets q = p1 + p2, and returns q. The points may overlap. | ||
179 | func (q *P256Point) Add(r1, r2 *P256Point) *P256Point { | ||
180 | var sum, double P256Point | ||
181 | @@ -393,6 +408,7 @@ func (r *P256Point) ScalarBaseMult(scalar []byte) (*P256Point, error) { | ||
182 | } | ||
183 | scalarReversed := new(p256OrdElement) | ||
184 | p256OrdBigToLittle(scalarReversed, (*[32]byte)(scalar)) | ||
185 | + p256OrdReduce(scalarReversed) | ||
186 | |||
187 | r.p256BaseMult(scalarReversed) | ||
188 | return r, nil | ||
189 | @@ -407,6 +423,7 @@ func (r *P256Point) ScalarMult(q *P256Point, scalar []byte) (*P256Point, error) | ||
190 | } | ||
191 | scalarReversed := new(p256OrdElement) | ||
192 | p256OrdBigToLittle(scalarReversed, (*[32]byte)(scalar)) | ||
193 | + p256OrdReduce(scalarReversed) | ||
194 | |||
195 | r.Set(q).p256ScalarMult(scalarReversed) | ||
196 | return r, nil | ||
197 | diff --git a/src/crypto/internal/nistec/p256_ordinv.go b/src/crypto/internal/nistec/p256_ordinv.go | ||
198 | index 86a7a230bdce8..1274fb7fd3f5c 100644 | ||
199 | --- a/src/crypto/internal/nistec/p256_ordinv.go | ||
200 | +++ b/src/crypto/internal/nistec/p256_ordinv.go | ||
201 | @@ -25,6 +25,7 @@ func P256OrdInverse(k []byte) ([]byte, error) { | ||
202 | |||
203 | x := new(p256OrdElement) | ||
204 | p256OrdBigToLittle(x, (*[32]byte)(k)) | ||
205 | + p256OrdReduce(x) | ||
206 | |||
207 | // Inversion is implemented as exponentiation by n - 2, per Fermat's little theorem. | ||
208 | // | ||
diff --git a/meta/recipes-devtools/go/go/CVE-2023-24537.patch b/meta/recipes-devtools/go/go/CVE-2023-24537.patch deleted file mode 100644 index 6b5dc2c8d9..0000000000 --- a/meta/recipes-devtools/go/go/CVE-2023-24537.patch +++ /dev/null | |||
@@ -1,89 +0,0 @@ | |||
1 | From 110e4fb1c2e3a21631704bbfaf672230b9ba2492 Mon Sep 17 00:00:00 2001 | ||
2 | From: Damien Neil <dneil@google.com> | ||
3 | Date: Wed, 22 Mar 2023 09:33:22 -0700 | ||
4 | Subject: [PATCH] go/scanner: reject large line and column numbers in //line | ||
5 | directives | ||
6 | |||
7 | Setting a large line or column number using a //line directive can cause | ||
8 | integer overflow even in small source files. | ||
9 | |||
10 | Limit line and column numbers in //line directives to 2^30-1, which | ||
11 | is small enough to avoid int32 overflow on all reasonbly-sized files. | ||
12 | |||
13 | For #59180 | ||
14 | Fixes CVE-2023-24537 | ||
15 | |||
16 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1802456 | ||
17 | Reviewed-by: Julie Qiu <julieqiu@google.com> | ||
18 | Reviewed-by: Roland Shoemaker <bracewell@google.com> | ||
19 | Run-TryBot: Damien Neil <dneil@google.com> | ||
20 | Change-Id: I149bf34deca532af7994203fa1e6aca3c890ea14 | ||
21 | Reviewed-on: https://go-review.googlesource.com/c/go/+/482078 | ||
22 | Reviewed-by: Matthew Dempsky <mdempsky@google.com> | ||
23 | TryBot-Bypass: Michael Knyszek <mknyszek@google.com> | ||
24 | Run-TryBot: Michael Knyszek <mknyszek@google.com> | ||
25 | Auto-Submit: Michael Knyszek <mknyszek@google.com> | ||
26 | |||
27 | CVE: CVE-2023-24537 | ||
28 | Upstream-Status: Backport | ||
29 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
30 | --- | ||
31 | src/go/parser/parser_test.go | 16 ++++++++++++++++ | ||
32 | src/go/scanner/scanner.go | 7 +++++-- | ||
33 | 2 files changed, 21 insertions(+), 2 deletions(-) | ||
34 | |||
35 | diff --git a/src/go/parser/parser_test.go b/src/go/parser/parser_test.go | ||
36 | index 153562df75068..22b11a0cc4535 100644 | ||
37 | --- a/src/go/parser/parser_test.go | ||
38 | +++ b/src/go/parser/parser_test.go | ||
39 | @@ -764,3 +764,19 @@ func TestRangePos(t *testing.T) { | ||
40 | }) | ||
41 | } | ||
42 | } | ||
43 | + | ||
44 | +// TestIssue59180 tests that line number overflow doesn't cause an infinite loop. | ||
45 | +func TestIssue59180(t *testing.T) { | ||
46 | + testcases := []string{ | ||
47 | + "package p\n//line :9223372036854775806\n\n//", | ||
48 | + "package p\n//line :1:9223372036854775806\n\n//", | ||
49 | + "package p\n//line file:9223372036854775806\n\n//", | ||
50 | + } | ||
51 | + | ||
52 | + for _, src := range testcases { | ||
53 | + _, err := ParseFile(token.NewFileSet(), "", src, ParseComments) | ||
54 | + if err == nil { | ||
55 | + t.Errorf("ParseFile(%s) succeeded unexpectedly", src) | ||
56 | + } | ||
57 | + } | ||
58 | +} | ||
59 | diff --git a/src/go/scanner/scanner.go b/src/go/scanner/scanner.go | ||
60 | index 16958d22ce299..0cd9f5901d0bb 100644 | ||
61 | --- a/src/go/scanner/scanner.go | ||
62 | +++ b/src/go/scanner/scanner.go | ||
63 | @@ -253,13 +253,16 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) { | ||
64 | return | ||
65 | } | ||
66 | |||
67 | + // Put a cap on the maximum size of line and column numbers. | ||
68 | + // 30 bits allows for some additional space before wrapping an int32. | ||
69 | + const maxLineCol = 1<<30 - 1 | ||
70 | var line, col int | ||
71 | i2, n2, ok2 := trailingDigits(text[:i-1]) | ||
72 | if ok2 { | ||
73 | //line filename:line:col | ||
74 | i, i2 = i2, i | ||
75 | line, col = n2, n | ||
76 | - if col == 0 { | ||
77 | + if col == 0 || col > maxLineCol { | ||
78 | s.error(offs+i2, "invalid column number: "+string(text[i2:])) | ||
79 | return | ||
80 | } | ||
81 | @@ -269,7 +272,7 @@ func (s *Scanner) updateLineInfo(next, offs int, text []byte) { | ||
82 | line = n | ||
83 | } | ||
84 | |||
85 | - if line == 0 { | ||
86 | + if line == 0 || line > maxLineCol { | ||
87 | s.error(offs+i, "invalid line number: "+string(text[i:])) | ||
88 | return | ||
89 | } | ||
diff --git a/meta/recipes-devtools/go/go_1.20.1.bb b/meta/recipes-devtools/go/go_1.20.4.bb index 587ee55944..587ee55944 100644 --- a/meta/recipes-devtools/go/go_1.20.1.bb +++ b/meta/recipes-devtools/go/go_1.20.4.bb | |||