rpms/libtpms
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Applied patches resolving issues solved in upcoming 0.8.5

Browse Source
This commit is contained in:
Stefan Berger 2021-08-11 12:13:15 -04:00
parent d759e64122
commit 0844981e0a
3 changed files with 99 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
0001-tpm2-Initialize-a-whole-OBJECT-before-using-it.patch Normal file
View File

@ -0,0 +1,34 @@
From 33a03986e0a09dde439985e0312d1c8fb3743aab Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Thu, 22 Jul 2021 21:23:58 -0400
Subject: [PATCH 1/2] tpm2: Initialize a whole OBJECT before using it
Initialize a whole OBJECT before using it. This is necessary since
an OBJECT may also be used as a HASH_OBJECT via the ANY_OBJECT
union and that HASH_OBJECT can leave bad size inidicators in TPM2B
buffer in the OBJECT. To get rid of this problem we reset the whole
OBJECT to 0 before using it. This is as if the memory for the
OBJECT was just initialized.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
src/tpm2/Object.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/tpm2/Object.c b/src/tpm2/Object.c
index 8e8b3ee..8406d8f 100644
--- a/src/tpm2/Object.c
+++ b/src/tpm2/Object.c
@@ -276,7 +276,8 @@ FindEmptyObjectSlot(
if(handle)
*handle = i + TRANSIENT_FIRST;
// Initialize the object attributes
- MemorySet(&object->attributes, 0, sizeof(OBJECT_ATTRIBUTES));
+ // MemorySet(&object->attributes, 0, sizeof(OBJECT_ATTRIBUTES));
+ MemorySet(object, 0, sizeof(*object)); // libtpms added: Initialize the whole object
return object;
}
}
--
2.31.1

56
0002-tpm2-NVMarshal-Handle-index-orderly-RAM-without-0-si.patch Normal file
View File

@ -0,0 +1,56 @@
From aaef222e8682cc2e0f9ea7124220c5fe44fab62b Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Fri, 23 Jul 2021 13:29:00 -0400
Subject: [PATCH 2/2] tpm2: NVMarshal: Handle index orderly RAM without 0-sized
terminating node
The NVRAM entries in s_indexOrderlyRam array do not need to contain a
0-sized terminating node. Instead, the entries may fill up this 512
byte array so that no NV_RAM_HEADER structure fits anymore. The fact
that no more NV_RAM_HEADER structure fits is also an indicator for the
last entry. We need to account for this in the code marshalling and
unmarshalling the entries so that we stop marshalling the entries
then and similarly stop unmarshalling.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
src/tpm2/NVMarshal.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
index f8a3798..935a76c 100644
--- a/src/tpm2/NVMarshal.c
+++ b/src/tpm2/NVMarshal.c
@@ -4244,6 +4244,12 @@ INDEX_ORDERLY_RAM_Marshal(void *array, size_t array_size,
datasize, buffer, size);
}
offset += nrh.size;
+ if (offset + sizeof(NV_RAM_HEADER) > array_size) {
+ /* nothing will fit anymore and there won't be a 0-sized
+ * terminating node (@1).
+ */
+ break;
+ }
}
written += BLOCK_SKIP_WRITE_PUSH(TRUE, buffer, size);
@@ -4286,6 +4292,16 @@ INDEX_ORDERLY_RAM_Unmarshal(void *array, size_t array_size,
*/
nrhp = array + offset;
+ if (offset + sizeof(NV_RAM_HEADER) > sourceside_size) {
+ /* this case can occur with the previous entry filling up the
+ * space; in this case there will not be a 0-sized terminating
+ * node (see @1 above). We clear the rest of our space.
+ */
+ if (array_size > offset)
+ memset(nrhp, 0, array_size - offset);
+ break;
+ }
+
/* write the NVRAM header;
nrh->size holds the complete size including data;
nrh->size = 0 indicates the end */
--
2.31.1

10
libtpms.spec
View File

@ -3,13 +3,16 @@
Name: libtpms Name: libtpms
Version: 0.8.4 Version: 0.8.4
Release: 0.%{gitdate}git%{gitversion}%{?dist}.2 Release: 1.%{gitdate}git%{gitversion}%{?dist}.0
Summary: Library providing Trusted Platform Module (TPM) functionality Summary: Library providing Trusted Platform Module (TPM) functionality
License: BSD License: BSD
Url: http://github.com/stefanberger/libtpms Url: http://github.com/stefanberger/libtpms
Source0: libtpms-%{gitdate}.tar.xz Source0: libtpms-%{gitdate}.tar.xz
Patch0001: 0001-tpm2-Initialize-a-whole-OBJECT-before-using-it.patch
Patch0002: 0002-tpm2-NVMarshal-Handle-index-orderly-RAM-without-0-si.patch
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig gawk sed BuildRequires: pkgconfig gawk sed
BuildRequires: automake autoconf libtool bash coreutils gcc-c++ BuildRequires: automake autoconf libtool bash coreutils gcc-c++
@ -28,6 +31,8 @@ Libtpms header files and documentation.
%prep %prep
%setup -q -n %{name}-%{gitdate} %setup -q -n %{name}-%{gitdate}
%patch0001 -p1
%patch0002 -p1
%build %build
NOCONFIGURE=1 sh autogen.sh NOCONFIGURE=1 sh autogen.sh
%configure --disable-static --with-tpm2 --with-openssl %configure --disable-static --with-tpm2 --with-openssl
@ -55,6 +60,9 @@ find %{buildroot} -type f -name '*.la' | xargs rm -f -- || :
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Wed Aug 11 2021 Stefan Berger <stefanb@linux.ibm.com> - 0.8.4-1.20210625gita594c4692a
- Applied patches resolving issues solved in upcoming 0.8.5
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.4-0.20210624gita594c4692a.2 * Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.4-0.20210624gita594c4692a.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild