aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch50
-rw-r--r--meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch67
-rw-r--r--meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch37
-rw-r--r--meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb29
4 files changed, 183 insertions, 0 deletions
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch b/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch
new file mode 100644
index 0000000000..f35f631c60
--- /dev/null
+++ b/meta-oe/recipes-crypto/libkcapi/files/0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch
@@ -0,0 +1,50 @@
+From 303c766d67cef5c357e9b3d3a97f7b480d29e1cb Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Thu, 12 Jul 2018 18:13:16 +0200
+Subject: [PATCH 1/3] Fix possible buffer overflow with strncpy and
+ -Wstringop-truncation warning
+
+If valid cipher name (to which netlink socket was bound) is longer than
+CRYPTO_MAX_ALG_NAME defined in lib/cryptouser.h, then the strncpy() will
+try to copy length of this cipher name into smaller buffer.
+
+In libkcapi the CRYPTO_MAX_ALG_NAME (thus the size of the buffer) is
+defined as 64 but since commit f437a3f477cc ("crypto: api - Extend
+algorithm name limit to 128 bytes") in Linux kernel (v4.12), the kernel
+defines it as 128.
+
+It is error-prone to use source buffer length as limit of dst buffer.
+Instead choose sizeof(dst buffer).
+
+This also fixes the warning with GCC v8.1.0:
+
+ lib/kcapi-kernel-if.c: In function '__kcapi_common_getinfo.isra.2':
+ lib/kcapi-kernel-if.c:632:3: error: 'strncpy' output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation]
+ strncpy(req.cru.cru_name, ciphername, strlen(ciphername));
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Upstream-Status: Submitted
+---
+ lib/kcapi-kernel-if.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
+index 2481f8abde63..807cbfe219cd 100644
+--- a/lib/kcapi-kernel-if.c
++++ b/lib/kcapi-kernel-if.c
+@@ -627,9 +627,9 @@ static int __kcapi_common_getinfo(struct kcapi_handle *handle,
+
+ if (drivername)
+ strncpy(req.cru.cru_driver_name, ciphername,
+- strlen(ciphername));
++ sizeof(req.cru.cru_driver_name) - 1);
+ else
+- strncpy(req.cru.cru_name, ciphername, strlen(ciphername));
++ strncpy(req.cru.cru_name, ciphername, sizeof(req.cru.cru_name) - 1);
+
+ /* talk to netlink socket */
+ sd = socket(AF_NETLINK, SOCK_RAW, NETLINK_CRYPTO);
+--
+2.7.4
+
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch b/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch
new file mode 100644
index 0000000000..ba76599fd8
--- /dev/null
+++ b/meta-oe/recipes-crypto/libkcapi/files/0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch
@@ -0,0 +1,67 @@
+From 88f1a8fe4697b0921f39fcd9c7efc4a0486cf91b Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Thu, 12 Jul 2018 18:13:24 +0200
+Subject: [PATCH 2/3] apps: Disable -Wstringop-truncation warning on false
+ positives
+
+The GCC v8.1.0 warns:
+
+ In function 'paste',
+ inlined from 'get_hmac_file' at apps/kcapi-hasher.c:395:11:
+ apps/kcapi-hasher.c:346:2: error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation]
+ strncpy(dst, src, size);
+ ^~~~~~~~~~~~~~~~~~~~~~~
+
+These are false positives because at the end of paste() calls, the buffer is
+NULL terminated.
+
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Upstream-Status: Submitted
+---
+ apps/kcapi-hasher.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
+index ae88211ff4dd..4052260bf871 100644
+--- a/apps/kcapi-hasher.c
++++ b/apps/kcapi-hasher.c
+@@ -61,6 +61,10 @@
+
+ #include "app-internal.h"
+
++#define GCC_VERSION (__GNUC__ * 10000 \
++ + __GNUC_MINOR__ * 100 \
++ + __GNUC_PATCHLEVEL__)
++
+ struct hash_name {
+ const char *kcapiname;
+ const char *bsdname;
+@@ -341,6 +345,17 @@ out:
+ return ret;
+ }
+
++/*
++ * GCC v8.1.0 introduced -Wstringop-truncation but it is not smart enough to
++ * find that cursor string will be NULL-terminated after all paste() calls and
++ * warns with:
++ * error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation]
++ * error: 'strncpy' output truncated before terminating nul copying 5 bytes from a string of the same length [-Werror=stringop-truncation]
++ */
++#pragma GCC diagnostic push
++#if GCC_VERSION >= 80100
++#pragma GCC diagnostic ignored "-Wstringop-truncation"
++#endif
+ static char *paste(char *dst, const char *src, size_t size)
+ {
+ strncpy(dst, src, size);
+@@ -398,6 +413,7 @@ static char *get_hmac_file(const char *filename, const char *subdir)
+ strncpy(cursor, "\0", 1);
+ return checkfile;
+ }
++#pragma GCC diagnostic pop /* -Wstringop-truncation */
+
+ static int hash_files(const struct hash_params *params,
+ char *filenames[], uint32_t files,
+--
+2.7.4
+
diff --git a/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch b/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch
new file mode 100644
index 0000000000..885f3ca124
--- /dev/null
+++ b/meta-oe/recipes-crypto/libkcapi/files/0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch
@@ -0,0 +1,37 @@
+From 505d949dcb6b756f6db6588d3425d9cd6108c77f Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <krzk@kernel.org>
+Date: Thu, 12 Jul 2018 18:13:32 +0200
+Subject: [PATCH 3/3] test: Be sure to terminate strncpy() copied string
+ (-Wstringop-truncation)
+
+strncpy() might not NULL-terminate the buffer. This fixes GCC v8.1.0 warning:
+
+ test/kcapi-main.c: In function 'main':
+ test/kcapi-main.c:3123:5: error: 'strncpy' specified bound 63 equals destination size [-Werror=stringop-truncation]
+ strncpy(cavs_test.cipher, optarg,
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CIPHERMAXNAME);
+ ~~~~~~~~~~~~~~
+
+Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
+Upstream-Status: Submitted
+---
+ test/kcapi-main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/kcapi-main.c b/test/kcapi-main.c
+index 835249987aa5..c167b7f61809 100644
+--- a/test/kcapi-main.c
++++ b/test/kcapi-main.c
+@@ -3121,7 +3121,7 @@ int main(int argc, char *argv[])
+ break;
+ case 'c':
+ strncpy(cavs_test.cipher, optarg,
+- CIPHERMAXNAME);
++ CIPHERMAXNAME - 1);
+ break;
+ case 'p':
+ len = strlen(optarg);
+--
+2.7.4
+
diff --git a/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb b/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb
new file mode 100644
index 0000000000..e401b70a7d
--- /dev/null
+++ b/meta-oe/recipes-crypto/libkcapi/libkcapi_git.bb
@@ -0,0 +1,29 @@
+SUMMARY = "Linux Kernel Crypto API User Space Interface Library"
+HOMEPAGE = "http://www.chronox.de/libkcapi.html"
+LICENSE = "BSD | GPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=d0421cf231423bda10cea691b613e866"
+
+DEPENDS = "libtool"
+
+S = "${WORKDIR}/git"
+# Use v1.1.1 with changes on top for building in OE
+SRCREV = "342b50fc9225a991c224126c13c188ad9f1ef9f9"
+PV = "1.1.1+git${SRCPV}"
+SRC_URI = " \
+ git://github.com/smuellerDD/libkcapi.git \
+ file://0001-Fix-possible-buffer-overflow-with-strncpy-and-Wstrin.patch \
+ file://0002-apps-Disable-Wstringop-truncation-warning-on-false-p.patch \
+ file://0003-test-Be-sure-to-terminate-strncpy-copied-string-Wstr.patch \
+"
+
+inherit autotools
+
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[testapp] = "--enable-kcapi-test,,,"
+PACKAGECONFIG[apps] = "--enable-kcapi-speed --enable-kcapi-hasher --enable-kcapi-rngapp --enable-kcapi-encapp --enable-kcapi-dgstapp,,,"
+
+do_install_append() {
+ # bindir contains testapp and apps. However it is always created, even
+ # when no binaries are installed (empty bin_PROGRAMS in Makefile.am),
+ rmdir --ignore-fail-on-non-empty ${D}${bindir}
+}