blob: 5c91a5ec51a9025b514f890db72cc5ce0b6a7857 [file] [log] [blame]
William A. Kennington IIIee32beb2021-06-02 12:48:35 -07001From 2b74d3df9b3b6932052ace627b21ff1352aa2932 Mon Sep 17 00:00:00 2001
2From: William Roberts <william.c.roberts@intel.com>
3Date: Wed, 5 May 2021 13:32:05 -0500
4Subject: [PATCH 1/4] test: fix build for gcc11
5MIME-Version: 1.0
6Content-Type: text/plain; charset=UTF-8
7Content-Transfer-Encoding: 8bit
8
9Fixes 0 size regions by ignoring them. The test code intentionally does
10bad things.
11
12test/unit/test_twist.c: In function test_twistbin_aappend_twist_null’:
13test/unit/test_twist.c:327:18: error: twistbin_aappend accessing 16 bytes in a region of size 0 [-Werror=stringop-overflow=]
14 327 | actual = twistbin_aappend(expected, (binarybuffer *) 0xDEADBEEF, 0);
15 | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
16
17Signed-off-by: William Roberts <william.c.roberts@intel.com>
18
19Upstream-Status: Pending
20Fix out for merge to offical repo
21
22Signed-off-by: Armin Kuster <akuster808@gmail.com>
23
24---
25 test/unit/test_twist.c | 12 ++++++++++++
26 1 file changed, 12 insertions(+)
27
28diff --git a/test/unit/test_twist.c b/test/unit/test_twist.c
29index ec66f69f..58d4530a 100644
30--- a/test/unit/test_twist.c
31+++ b/test/unit/test_twist.c
32@@ -244,15 +244,23 @@ void test_twistbin_create(void **state) {
33 void test_twistbin_new_overflow_1(void **state) {
34 (void) state;
35
36+#pragma GCC diagnostic push
37+#pragma GCC diagnostic ignored "-Wpragmas"
38+#pragma GCC diagnostic ignored "-Wstringop-overflow"
39 twist actual = twistbin_new((void *) 0xDEADBEEF, ~0);
40 assert_null(actual);
41+#pragma GCC diagnostic pop
42 }
43
44 void test_twistbin_new_overflow_2(void **state) {
45 (void) state;
46
47+#pragma GCC diagnostic push
48+#pragma GCC diagnostic ignored "-Wpragmas"
49+#pragma GCC diagnostic ignored "-Wstringop-overflow"
50 twist actual = twistbin_new((void *) 0xDEADBEEF, ~0 - sizeof(void *));
51 assert_null(actual);
52+#pragma GCC diagnostic pop
53 }
54
55 void test_twistbin_new_overflow_3(void **state) {
56@@ -318,8 +326,12 @@ void test_twistbin_aappend_twist_null(void **state) {
57 twist actual = twistbin_aappend(expected, NULL, 42);
58 assert_ptr_equal((void * )actual, (void * )expected);
59
60+#pragma GCC diagnostic push
61+#pragma GCC diagnostic ignored "-Wpragmas"
62+#pragma GCC diagnostic ignored "-Wstringop-overflow"
63 actual = twistbin_aappend(expected, (binarybuffer *) 0xDEADBEEF, 0);
64 assert_ptr_equal((void * )actual, (void * )expected);
65+#pragma GCC diagnostic pop
66
67 twist_free(actual);
68 }
69
70From 5bea05613e638375b73e29e5d56a9dabcfd2269d Mon Sep 17 00:00:00 2001
71From: William Roberts <william.c.roberts@intel.com>
72Date: Wed, 5 May 2021 11:52:23 -0500
73Subject: [PATCH 2/4] utils: fix stringop-overread in str_padded_copy
74
75cc1: all warnings being treated as errors
76| make: *** [Makefile:1953: src/lib/slot.lo] Error 1
77| make: *** Waiting for unfinished jobs....
78| In file included from src/lib/mutex.h:10,
79| from src/lib/session_ctx.h:6,
80| from src/lib/digest.h:13,
81| from src/lib/tpm.c:28:
82| In function 'str_padded_copy',
83| inlined from 'tpm_get_token_info' at src/lib/tpm.c:742:5:
84| src/lib/utils.h:42:5: error: 'strnlen' specified bound 32 exceeds source size 5 [-Werror=stringop-overread]
85| 42 | memcpy(dst, src, strnlen((char *)(src), dst_len));
86| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
87| src/lib/utils.h: In function 'tpm_get_token_info':
88| src/lib/tpm.c:739:19: note: source object declared here
89| 739 | unsigned char manufacturerID[sizeof(UINT32)+1] = {0}; // 4 bytes + '\0' as temp storage
90| | ^~~~~~~~~~~~~~
91| cc1: all warnings being treated as errors
92| make: *** [Makefile:1953: src/lib/tpm.lo] Error 1
93| WARNING: exit code 1 from a shell command.
94
95Fixes #676
96
97Signed-off-by: William Roberts <william.c.roberts@intel.com>
98---
99 src/lib/general.c | 8 ++++----
100 src/lib/general.h | 2 +-
101 src/lib/slot.c | 4 ++--
102 src/lib/token.c | 4 ++--
103 src/lib/tpm.c | 7 +++----
104 src/lib/utils.h | 6 ++++--
105 6 files changed, 16 insertions(+), 15 deletions(-)
106
107diff --git a/src/lib/general.c b/src/lib/general.c
108index 9b7327c1..eaddaf82 100644
109--- a/src/lib/general.c
110+++ b/src/lib/general.c
111@@ -19,8 +19,8 @@
112 #define VERSION "UNKNOWN"
113 #endif
114
115-#define LIBRARY_DESCRIPTION (CK_UTF8CHAR_PTR)"TPM2.0 Cryptoki"
116-#define LIBRARY_MANUFACTURER (CK_UTF8CHAR_PTR)"tpm2-software.github.io"
117+static const CK_UTF8CHAR LIBRARY_DESCRIPTION[] = "TPM2.0 Cryptoki";
118+static const CK_UTF8CHAR LIBRARY_MANUFACTURER[] = "tpm2-software.github.io";
119
120 #define CRYPTOKI_VERSION { \
121 .major = CRYPTOKI_VERSION_MAJOR, \
122@@ -78,8 +78,8 @@ CK_RV general_get_info(CK_INFO *info) {
123
124 static CK_INFO *_info = NULL;
125 if (!_info) {
126- str_padded_copy(_info_.manufacturerID, LIBRARY_MANUFACTURER, sizeof(_info_.manufacturerID));
127- str_padded_copy(_info_.libraryDescription, LIBRARY_DESCRIPTION, sizeof(_info_.libraryDescription));
128+ str_padded_copy(_info_.manufacturerID, LIBRARY_MANUFACTURER);
129+ str_padded_copy(_info_.libraryDescription, LIBRARY_DESCRIPTION);
130
131 parse_lib_version(&_info_.libraryVersion.major,
132 &_info_.libraryVersion.minor);
133diff --git a/src/lib/general.h b/src/lib/general.h
134index 14a18e46..356c142d 100644
135--- a/src/lib/general.h
136+++ b/src/lib/general.h
137@@ -10,7 +10,7 @@
138 #define TPM2_TOKEN_LABEL "TPM2 PKCS#11 Token"
139 #define TPM2_TOKEN_MANUFACTURER "Intel"
140 #define TPM2_TOKEN_MODEL "TPM2 PKCS#11"
141-#define TPM2_TOKEN_SERIAL_NUMBER "0000000000000000"
142+static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000";
143 #define TPM2_TOKEN_HW_VERSION { 0, 0 }
144 #define TPM2_TOKEN_FW_VERSION { 0, 0 }
145
146diff --git a/src/lib/slot.c b/src/lib/slot.c
147index 548d22b5..6db5bb93 100644
148--- a/src/lib/slot.c
149+++ b/src/lib/slot.c
150@@ -119,8 +119,8 @@ CK_RV slot_get_info (CK_SLOT_ID slot_id, CK_SLOT_INFO *info) {
151 return CKR_GENERAL_ERROR;
152 }
153
154- str_padded_copy(info->manufacturerID, token_info.manufacturerID, sizeof(info->manufacturerID));
155- str_padded_copy(info->slotDescription, token_info.label, sizeof(info->slotDescription));
156+ str_padded_copy(info->manufacturerID, token_info.manufacturerID);
157+ str_padded_copy(info->slotDescription, token_info.label);
158
159 info->hardwareVersion = token_info.hardwareVersion;
160 info->firmwareVersion = token_info.firmwareVersion;
161diff --git a/src/lib/token.c b/src/lib/token.c
162index 6d7ebd27..c7211296 100644
163--- a/src/lib/token.c
164+++ b/src/lib/token.c
165@@ -317,8 +317,8 @@ CK_RV token_get_info (token *t, CK_TOKEN_INFO *info) {
166 }
167
168 // Identification
169- str_padded_copy(info->label, t->label, sizeof(info->label));
170- str_padded_copy(info->serialNumber, (unsigned char*) TPM2_TOKEN_SERIAL_NUMBER, sizeof(info->serialNumber));
171+ str_padded_copy(info->label, t->label);
172+ str_padded_copy(info->serialNumber, TPM2_TOKEN_SERIAL_NUMBER);
173
174
175 // Memory: TODO not sure what memory values should go here, the platform?
176diff --git a/src/lib/tpm.c b/src/lib/tpm.c
177index 1639df48..7f9f052a 100644
178--- a/src/lib/tpm.c
179+++ b/src/lib/tpm.c
180@@ -740,15 +740,14 @@ CK_RV tpm_get_token_info (tpm_ctx *ctx, CK_TOKEN_INFO *info) {
181 unsigned char manufacturerID[sizeof(UINT32)+1] = {0}; // 4 bytes + '\0' as temp storage
182 UINT32 manufacturer = ntohl(tpmProperties[TPM2_PT_MANUFACTURER - TPM2_PT_FIXED].value);
183 memcpy(manufacturerID, (unsigned char*) &manufacturer, sizeof(uint32_t));
184- str_padded_copy(info->manufacturerID, manufacturerID, sizeof(info->manufacturerID));
185+ str_padded_copy(info->manufacturerID, manufacturerID);
186
187 // Map human readable Manufacturer String, if available,
188 // otherwise 4 byte ID was already padded and will be used.
189 for (unsigned int i=0; i < ARRAY_LEN(TPM2_MANUFACTURER_MAP); i++){
190 if (!strncasecmp((char *)info->manufacturerID, TPM2_MANUFACTURER_MAP[i][0], 4)) {
191 str_padded_copy(info->manufacturerID,
192- (unsigned char *)TPM2_MANUFACTURER_MAP[i][1],
193- sizeof(info->manufacturerID));
194+ (unsigned char *)TPM2_MANUFACTURER_MAP[i][1]);
195 }
196 }
197
198@@ -758,7 +757,7 @@ CK_RV tpm_get_token_info (tpm_ctx *ctx, CK_TOKEN_INFO *info) {
199 vendor[1] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_2 - TPM2_PT_FIXED].value);
200 vendor[2] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_3 - TPM2_PT_FIXED].value);
201 vendor[3] = ntohl(tpmProperties[TPM2_PT_VENDOR_STRING_4 - TPM2_PT_FIXED].value);
202- str_padded_copy(info->model, (unsigned char*) &vendor, sizeof(info->model));
203+ str_padded_copy(info->model, (unsigned char*) &vendor);
204
205 return CKR_OK;
206 }
207diff --git a/src/lib/utils.h b/src/lib/utils.h
208index 81c61fae..cf357464 100644
209--- a/src/lib/utils.h
210+++ b/src/lib/utils.h
211@@ -39,9 +39,11 @@
212
213 int str_to_ul(const char *val, size_t *res);
214
215-static inline void str_padded_copy(CK_UTF8CHAR_PTR dst, const CK_UTF8CHAR_PTR src, size_t dst_len) {
216+#define str_padded_copy(dst, src) _str_padded_copy(dst, sizeof(dst), src, strnlen((const char *)src, sizeof(src)))
217+static inline void _str_padded_copy(CK_UTF8CHAR_PTR dst, size_t dst_len, const CK_UTF8CHAR *src, size_t src_len) {
218 memset(dst, ' ', dst_len);
219- memcpy(dst, src, strnlen((char *)(src), dst_len));
220+ memcpy(dst, src, src_len);
221+ LOGE("BILL(%zu): %.*s\n", dst_len, dst_len, dst);
222 }
223
224 twist utils_hash_pass(const twist pin, const twist salt);
225
226From afeae8a3846e06152fafb180077fbad4381a124d Mon Sep 17 00:00:00 2001
227From: William Roberts <william.c.roberts@intel.com>
228Date: Wed, 5 May 2021 14:09:27 -0500
229Subject: [PATCH 3/4] general: drop unused macros
230
231Signed-off-by: William Roberts <william.c.roberts@intel.com>
232---
233 src/lib/general.h | 10 ----------
234 1 file changed, 10 deletions(-)
235
236diff --git a/src/lib/general.h b/src/lib/general.h
237index 356c142d..b3089554 100644
238--- a/src/lib/general.h
239+++ b/src/lib/general.h
240@@ -7,17 +7,7 @@
241
242 #include "pkcs11.h"
243
244-#define TPM2_TOKEN_LABEL "TPM2 PKCS#11 Token"
245-#define TPM2_TOKEN_MANUFACTURER "Intel"
246-#define TPM2_TOKEN_MODEL "TPM2 PKCS#11"
247 static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000";
248-#define TPM2_TOKEN_HW_VERSION { 0, 0 }
249-#define TPM2_TOKEN_FW_VERSION { 0, 0 }
250-
251-#define TPM2_SLOT_DESCRIPTION "Intel TPM2.0 Cryptoki"
252-#define TPM2_SLOT_MANUFACTURER TPM2_TOKEN_MANUFACTURER
253-#define TPM2_SLOT_HW_VERSION TPM2_TOKEN_HW_VERSION
254-#define TPM2_SLOT_FW_VERSION TPM2_TOKEN_FW_VERSION
255
256 CK_RV general_init(void *init_args);
257 CK_RV general_get_func_list(CK_FUNCTION_LIST **function_list);
258
259From 8b43a99c5ff604d890bdc23fd2fa5f98aa087d83 Mon Sep 17 00:00:00 2001
260From: William Roberts <william.c.roberts@intel.com>
261Date: Wed, 5 May 2021 14:11:04 -0500
262Subject: [PATCH 4/4] token: move TPM2_TOKEN_SERIAL_NUMBER local to use
263
264Signed-off-by: William Roberts <william.c.roberts@intel.com>
265---
266 src/lib/general.h | 2 --
267 src/lib/token.c | 2 ++
268 2 files changed, 2 insertions(+), 2 deletions(-)
269
270diff --git a/src/lib/general.h b/src/lib/general.h
271index b3089554..9afd61ec 100644
272--- a/src/lib/general.h
273+++ b/src/lib/general.h
274@@ -7,8 +7,6 @@
275
276 #include "pkcs11.h"
277
278-static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000";
279-
280 CK_RV general_init(void *init_args);
281 CK_RV general_get_func_list(CK_FUNCTION_LIST **function_list);
282 CK_RV general_get_info(CK_INFO *info);
283diff --git a/src/lib/token.c b/src/lib/token.c
284index c7211296..63a9a71b 100644
285--- a/src/lib/token.c
286+++ b/src/lib/token.c
287@@ -20,6 +20,8 @@
288 #include "token.h"
289 #include "utils.h"
290
291+static const CK_UTF8CHAR TPM2_TOKEN_SERIAL_NUMBER[] = "0000000000000000";
292+
293 void pobject_config_free(pobject_config *c) {
294
295 if (c->is_transient) {