Bundle GMP to privatize memory functions

Related: #2097327
Signed-off-by: Daiki Ueno <dueno@redhat.com>

.gitignore

@@ -139,3 +139,4 @@ gnutls-2.10.1-nosrp.tar.bz2
 /gnutls-3.7.3.tar.xz.sig
 /gnutls-3.7.6.tar.xz
 /gnutls-3.7.6.tar.xz.sig
+/gmp-6.2.1.tar.xz

gnutls-3.7.6-gmp-static.patch

@@ -0,0 +1,159 @@
+From 88808f0b8906bdc32579c144a2c44401ee97798a Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 19 Aug 2022 12:32:27 +0900
+Subject: [PATCH] build: allow GMP to be statically linked
+
+Even though we set the custom allocator[1] to zeroize sensitive data,
+it can be easily invalidated if the application sets its own custom
+allocator.  An approach to prevent that is to link against a static
+library of GMP, so the use of GMP is privatized and the custom
+allocator configuration is not shared with other applications.
+
+This patch allows libgnutls to be linked with the static library of
+GMP.  Note that, to this work libgmp.a needs to be compiled with -fPIC
+and libhogweed in Nettle is also linked to the static library of GMP.
+
+1. https://gitlab.com/gnutls/gnutls/-/merge_requests/1554
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ configure.ac   | 14 +++++++++++++-
+ lib/fips.c     | 10 ++++++++++
+ lib/fipshmac.c |  5 ++++-
+ lib/global.c   |  2 ++
+ 4 files changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 96894b0be3..e4cf5eab81 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -742,6 +742,8 @@ AC_CHECK_FUNCS(nettle_cmac_kuznyechik_update)
+ LIBS=$save_LIBS
+ 
+ # Check sonames of the linked libraries needed for FIPS selftests.
++save_CFLAGS=$CFLAGS
++CFLAGS="$CFLAGS $GMP_CFLAGS"
+ save_LIBS=$LIBS
+ LIBS="$LIBS $GMP_LIBS"
+ AC_MSG_CHECKING([gmp soname])
+@@ -755,9 +757,14 @@ if test -z "$gmp_so"; then
+ 	gmp_so=none
+ fi
+ AC_MSG_RESULT($gmp_so)
+-AC_DEFINE_UNQUOTED([GMP_LIBRARY_SONAME], ["$gmp_so"], [The soname of gmp library])
++if test "$gmp_so" != none; then
++	AC_DEFINE_UNQUOTED([GMP_LIBRARY_SONAME], ["$gmp_so"], [The soname of gmp library])
++fi
+ LIBS=$save_LIBS
++CFLAGS=$save_CFLAGS
+ 
++save_CFLAGS=$CFLAGS
++CFLAGS="$CFLAGS $NETTLE_CFLAGS"
+ save_LIBS=$LIBS
+ LIBS="$LIBS $NETTLE_LIBS"
+ AC_MSG_CHECKING([nettle soname])
+@@ -773,7 +780,11 @@ fi
+ AC_MSG_RESULT($nettle_so)
+ AC_DEFINE_UNQUOTED([NETTLE_LIBRARY_SONAME], ["$nettle_so"], [The soname of nettle library])
+ LIBS=$save_LIBS
++CFLAGS=$save_CFLAGS
+ 
++save_CFLAGS=$CFLAGS
++# <nettle/bignum.h> includes <gmp.h>
++CFLAGS="$CFLAGS $HOGWEED_CFLAGS $GMP_CFLAGS"
+ save_LIBS=$LIBS
+ LIBS="$LIBS $HOGWEED_LIBS"
+ AC_MSG_CHECKING([hogweed soname])
+@@ -789,6 +800,7 @@ fi
+ AC_MSG_RESULT($hogweed_so)
+ AC_DEFINE_UNQUOTED([HOGWEED_LIBRARY_SONAME], ["$hogweed_so"], [The soname of hogweed library])
+ LIBS=$save_LIBS
++CFLAGS=$save_CFLAGS
+ 
+ gnutls_so=libgnutls.so.`expr "$LT_CURRENT" - "$LT_AGE"`
+ AC_DEFINE_UNQUOTED([GNUTLS_LIBRARY_SONAME], ["$gnutls_so"], [The soname of gnutls library])
+diff --git a/lib/fips.c b/lib/fips.c
+index 54eb4a37d4..42124ecf4e 100644
+--- a/lib/fips.c
++++ b/lib/fips.c
+@@ -149,7 +149,11 @@ void _gnutls_fips_mode_reset_zombie(void)
+ #define GNUTLS_LIBRARY_NAME GNUTLS_LIBRARY_SONAME
+ #define NETTLE_LIBRARY_NAME NETTLE_LIBRARY_SONAME
+ #define HOGWEED_LIBRARY_NAME HOGWEED_LIBRARY_SONAME
++
++/* GMP can be statically linked. */
++#ifdef GMP_LIBRARY_SONAME
+ #define GMP_LIBRARY_NAME GMP_LIBRARY_SONAME
++#endif
+ 
+ #define HMAC_SIZE 32
+ #define HMAC_ALGO GNUTLS_MAC_SHA256
+@@ -168,7 +172,9 @@ typedef struct
+ 	struct hmac_entry gnutls;
+ 	struct hmac_entry nettle;
+ 	struct hmac_entry hogweed;
++#ifdef GMP_LIBRARY_SONAME
+ 	struct hmac_entry gmp;
++#endif
+ } hmac_file;
+ 
+ static int get_library_path(const char* lib, const char* symbol, char* path, size_t path_size)
+@@ -259,8 +265,10 @@ static int handler(void *user, const char *section, const char *name, const char
+ 		return lib_handler(&p->nettle, section, name, value);
+ 	} else if (!strcmp(section, HOGWEED_LIBRARY_NAME)) {
+ 		return lib_handler(&p->hogweed, section, name, value);
++#ifdef GMP_LIBRARY_SONAME
+ 	} else if (!strcmp(section, GMP_LIBRARY_NAME)) {
+ 		return lib_handler(&p->gmp, section, name, value);
++#endif
+ 	} else {
+ 		return 0;
+ 	}
+@@ -408,9 +416,11 @@ static int check_binary_integrity(void)
+ 	ret = check_lib_hmac(&file.hogweed, HOGWEED_LIBRARY_NAME, "nettle_mpz_sizeinbase_256_u");
+ 	if (ret < 0)
+ 		return ret;
++#ifdef GMP_LIBRARY_SONAME
+ 	ret = check_lib_hmac(&file.gmp, GMP_LIBRARY_NAME, "__gmpz_init");
+ 	if (ret < 0)
+ 		return ret;
++#endif
+ 
+ 	return 0;
+ }
+diff --git a/lib/fipshmac.c b/lib/fipshmac.c
+index b091572bdf..363077f3e2 100644
+--- a/lib/fipshmac.c
++++ b/lib/fipshmac.c
+@@ -159,10 +159,13 @@ int main(int argc, char **argv)
+ 	ret = print_lib_dl(HOGWEED_LIBRARY_SONAME, "nettle_mpz_sizeinbase_256_u");
+ 	if (ret < 0)
+ 		return EXIT_FAILURE;
+-	
++
++	/* GMP can be statically linked. */
++#ifdef GMP_LIBRARY_SONAME
+ 	ret = print_lib_dl(GMP_LIBRARY_SONAME, "__gmpz_init");
+ 	if (ret < 0)
+ 		return EXIT_FAILURE;
++#endif
+ 
+ 	return EXIT_SUCCESS;
+ }
+diff --git a/lib/global.c b/lib/global.c
+index 1b372c15bd..9f3c7b22bd 100644
+--- a/lib/global.c
++++ b/lib/global.c
+@@ -548,7 +548,9 @@ static const struct gnutls_library_config_st _gnutls_library_config[] = {
+ 	{ "libgnutls-soname", GNUTLS_LIBRARY_SONAME },
+ 	{ "libnettle-soname", NETTLE_LIBRARY_SONAME },
+ 	{ "libhogweed-soname", HOGWEED_LIBRARY_SONAME },
++#ifdef GMP_LIBRARY_SONAME
+ 	{ "libgmp-soname", GMP_LIBRARY_SONAME },
++#endif
+ 	{ "hardware-features", HW_FEATURES },
+ 	{ "tls-features", TLS_FEATURES },
+ 	{ NULL, NULL }
+-- 
+2.37.1
+

gnutls.spec

@@ -13,7 +13,7 @@ print(string.sub(hash, 0, 16))
 }
 
 Version: 3.7.6
-Release: 7%{?dist}
+Release: 8%{?dist}
 # not upstreamed
 Patch: gnutls-3.6.7-no-now-guile.patch
 Patch: gnutls-3.2.7-rpath.patch
@@ -34,6 +34,7 @@ Patch: gnutls-3.7.3-disable-config-reload.patch
 Patch: gnutls-3.7.3-fips-dsa-post.patch
 Patch: gnutls-3.7.6-drbg-reseed.patch
 Patch: gnutls-3.7.6-cpuid-fixes.patch
+Patch: gnutls-3.7.6-gmp-static.patch
 
 %bcond_without bootstrap
 %bcond_without dane
@@ -94,6 +95,10 @@ Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz
 Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz.sig
 Source2: gnutls-release-keyring.gpg
 
+Source100:	gmp-6.2.1.tar.xz
+# Taken from the main gmp package
+Source101:	gmp-6.2.1-intel-cet.patch
+
 # Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
 Provides: bundled(gnulib) = 20130424
 
@@ -191,6 +196,31 @@ This package contains Guile bindings for the library.
 %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' || :
 
 %autosetup -p1 -S git
+
+%if %{with fips}
+mkdir -p bundled_gmp
+pushd bundled_gmp
+tar --strip-components=1 -xf %{SOURCE100}
+patch -p1 < %{SOURCE101}
+popd
+%endif
+
+%build
+%ifarch aarch64 ppc64le
+%define _lto_cflags %{nil}
+%endif
+
+%if %{with fips}
+pushd bundled_gmp
+autoreconf -ifv
+%configure --disable-cxx --disable-shared --enable-fat --with-pic
+%make_build
+popd
+
+export GMP_CFLAGS="-I$PWD/bundled_gmp"
+export GMP_LIBS="$PWD/bundled_gmp/.libs/libgmp.a"
+%endif
+
 %if %{with bootstrap}
 autoreconf -fi
 %endif
@@ -200,14 +230,6 @@ rm -f lib/minitasn1/*.c lib/minitasn1/*.h
 
 echo "SYSTEM=NORMAL" >> tests/system.prio
 
-# Note that we explicitly enable SHA1, as SHA1 deprecation is handled
-# via the crypto policies
-
-%build
-%ifarch aarch64 ppc64le
-%define _lto_cflags %{nil}
-%endif
-
 %if %{with guile}
 # These should be checked by m4/guile.m4 instead of configure.ac
 # taking into account of _guile_suffix
@@ -364,6 +386,9 @@ make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
 %endif
 
 %changelog
+* Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-8
+- Bundle GMP to privatize memory functions
+
 * Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-7
 - Update gnutls-3.7.6-cpuid-fixes.patch
 

sources

@@ -1,2 +1,3 @@
 SHA512 (gnutls-3.7.6.tar.xz) = f872339df80ec31d292821ff00eaafbe50e0bd4cdbb86e21e4f78541cd0a26d843596d5e69c91de4db8ce7d027fc639ae6462b57d89fb116162ae63c5a97486a
 SHA512 (gnutls-3.7.6.tar.xz.sig) = c969da9a938b9d29a70cea3b00cce337f9a4c4304aae7f501ef6263894f81a420395ddbe1b005f35dff2e900d3fac75e288f10bbfde0ebea034f7e257bb16d0e
+SHA512 (gmp-6.2.1.tar.xz) = c99be0950a1d05a0297d65641dd35b75b74466f7bf03c9e8a99895a3b2f9a0856cd17887738fa51cf7499781b65c049769271cbcb77d057d2e9f1ec52e07dd84