diff --git a/.gitignore b/.gitignore index 29be767..29c0a26 100644 --- a/.gitignore +++ b/.gitignore @@ -1,26 +1 @@ -s390-tools-1.8.2.tar.bz2 -cmsfs-1.1.8c.tar.gz -lib-zfcp-hbaapi-2.0.tar.gz -src_vipa-2.0.4.tar.gz -/lib-zfcp-hbaapi-2.1.tar.gz -/src_vipa-2.1.0.tar.gz -/s390-tools-*.tar.bz2 -/s390-tools-2.0.0.tar.gz -/s390-tools-2.1.0.tar.gz -/s390-tools-2.2.0.tar.gz -/s390-tools-2.3.0.tar.gz -/s390-tools-2.4.0.tar.gz -/s390-tools-2.5.0.tar.gz -/s390-tools-2.6.0.tar.gz -/s390-tools-2.7.0.tar.gz -/s390-tools-2.7.1.tar.gz -/s390-tools-2.8.0.tar.gz -/s390-tools-2.9.0.tar.gz -/s390-tools-2.10.0.tar.gz -/s390-tools-2.11.0.tar.gz -/s390-tools-2.12.0.tar.gz -/s390-tools-2.13.0.tar.gz -/s390-tools-2.14.0.tar.gz -/s390-tools-2.15.0.tar.gz -/s390-tools-2.15.1.tar.gz -/s390-tools-2.16.0.tar.gz +/s390-tools-*.tar.gz diff --git a/ccw.udev b/ccw.udev index a12ad05..8ef72db 100644 --- a/ccw.udev +++ b/ccw.udev @@ -1,13 +1,4 @@ -ACTION!="add|change", GOTO="ccw_end" +ACTION!="bind", GOTO="ccw_end" SUBSYSTEM!="ccw", GOTO="ccw_end" -ATTRS{cutype}=="1731/01", RUN+="ccw_init" -ATTRS{cutype}=="1731/02", RUN+="ccw_init" -ATTRS{cutype}=="1731/05", RUN+="ccw_init" -ATTRS{cutype}=="1731/06", RUN+="ccw_init" -ATTRS{cutype}=="3088/01", RUN+="ccw_init" -ATTRS{cutype}=="3088/08", RUN+="ccw_init" -ATTRS{cutype}=="3088/60", RUN+="ccw_init" -ATTRS{cutype}=="3088/61", RUN+="ccw_init" -ATTRS{cutype}=="3088/1e", RUN+="ccw_init" -ATTRS{cutype}=="3088/1f", RUN+="ccw_init" +DRIVER=="ctcm|lcs|qeth", RUN+="ccw_init" LABEL="ccw_end" diff --git a/s390-tools-2.16.0-genprotimg-openssl3.patch b/s390-tools-2.16.0-genprotimg-openssl3.patch deleted file mode 100644 index bc9ee45..0000000 --- a/s390-tools-2.16.0-genprotimg-openssl3.patch +++ /dev/null @@ -1,149 +0,0 @@ -From 8723dbce048add87ce10fe8c72eea75c4f828ef8 Mon Sep 17 00:00:00 2001 -From: Marc Hartmayer -Date: Wed, 23 Jun 2021 13:16:25 +0000 -Subject: [PATCH] genprotimg: add OpenSSL 3.0 support -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Add OpenSSL 3.0 support while still supporting OpenSSL 1.1.0 and newer. For this -set the OPENSSL_API_COMPAT user defined macro to OpenSSL 1.1.0 (see -https://www.openssl.org/docs/manmaster/man7/OPENSSL_API_COMPAT.html) so we don't -see any deprecation warnings when using OpenSSL 3.0. In addition, add an -compatibility layer for OpenSSL since some OpenSSL API functions were constified -with OpenSSL 3.0. - -Fixes: https://github.com/ibm-s390-linux/s390-tools/issues/112 -Reviewed-by: Patrick Steuer -Signed-off-by: Marc Hartmayer -Signed-off-by: Jan Höppner ---- - CHANGELOG.md | 1 + - genprotimg/src/Makefile | 1 + - genprotimg/src/utils/crypto.c | 15 ++++++------ - genprotimg/src/utils/openssl_compat.h | 33 +++++++++++++++++++++++++++ - 4 files changed, 43 insertions(+), 7 deletions(-) - create mode 100644 genprotimg/src/utils/openssl_compat.h - -diff --git a/genprotimg/src/Makefile b/genprotimg/src/Makefile -index a71bb1e3..0e811d66 100644 ---- a/genprotimg/src/Makefile -+++ b/genprotimg/src/Makefile -@@ -29,6 +29,7 @@ $(bin_PROGRAM)_OBJS := $($(bin_PROGRAM)_SRCS:.c=.o) - - ALL_CFLAGS += -std=gnu11 -DPKGDATADIR=$(PKGDATADIR) \ - $(GLIB2_CFLAGS) $(LIBCRYPTO_CFLAGS) $(LIBCURL_CFLAGS) \ -+ -DOPENSSL_API_COMPAT=0x10100000L \ - $(WARNINGS) \ - $(NULL) - ALL_CPPFLAGS += $(INCLUDE_PARMS) -diff --git a/genprotimg/src/utils/crypto.c b/genprotimg/src/utils/crypto.c -index 2e4750b8..087de375 100644 ---- a/genprotimg/src/utils/crypto.c -+++ b/genprotimg/src/utils/crypto.c -@@ -31,6 +31,7 @@ - - #include "buffer.h" - #include "curl.h" -+#include "openssl_compat.h" - #include "crypto.h" - - #define DEFINE_GSLIST_MAP(t2, t1) \ -@@ -1438,7 +1439,7 @@ static const char *get_first_dp_url(DIST_POINT *dp) - return NULL; - } - --static gboolean insert_crl(X509_NAME *name, X509_CRL *crl) -+static gboolean insert_crl(const X509_NAME *name, X509_CRL *crl) - { - g_autofree gchar *key = NULL; - -@@ -1453,7 +1454,7 @@ static gboolean insert_crl(X509_NAME *name, X509_CRL *crl) - } - - /* Caller is responsible for free'ing */ --static X509_CRL *lookup_crl(X509_NAME *name) -+static X509_CRL *lookup_crl(const X509_NAME *name) - { - g_autoptr(X509_CRL) crl = NULL; - g_autofree gchar *key = NULL; -@@ -1473,7 +1474,7 @@ static X509_CRL *lookup_crl(X509_NAME *name) - } - - /* Returns empty stack if no CRL downloaded. */ --static STACK_OF_X509_CRL *crls_download_cb(X509_STORE_CTX *ctx, X509_NAME *nm) -+static STACK_OF_X509_CRL *crls_download_cb(const X509_STORE_CTX *ctx, const X509_NAME *nm) - { - g_autoptr(STACK_OF_X509_CRL) crls = NULL; - g_autoptr(X509_CRL) crl = NULL; -@@ -1483,7 +1484,7 @@ static STACK_OF_X509_CRL *crls_download_cb(X509_STORE_CTX *ctx, X509_NAME *nm) - crls = sk_X509_CRL_new_null(); - if (!crls) - g_abort(); -- cert = X509_STORE_CTX_get_current_cert(ctx); -+ cert = Pv_X509_STORE_CTX_get_current_cert(ctx); - if (!cert) - return g_steal_pointer(&crls); - g_assert(X509_NAME_cmp(X509_get_issuer_name(cert), nm) == 0); -@@ -1527,19 +1528,19 @@ void STACK_OF_X509_CRL_free(STACK_OF_X509_CRL *stack) - /* Downloaded CRLs have a higher precedence than the CRLs specified on the - * command line. - */ --static STACK_OF_X509_CRL *crls_cb(X509_STORE_CTX *ctx, X509_NAME *nm) -+static STACK_OF_X509_CRL *crls_cb(const X509_STORE_CTX *ctx, const X509_NAME *nm) - { - g_autoptr(STACK_OF_X509_CRL) crls = crls_download_cb(ctx, nm); - - if (sk_X509_CRL_num(crls) > 0) - return g_steal_pointer(&crls); -- return X509_STORE_CTX_get1_crls(ctx, nm); -+ return Pv_X509_STORE_CTX_get1_crls(ctx, nm); - } - - /* Set up CRL lookup with download support */ - void store_setup_crl_download(X509_STORE *st) - { -- X509_STORE_set_lookup_crls(st, crls_cb); -+ Pv_X509_STORE_set_lookup_crls(st, crls_cb); - } - - /* Download a CRL using the URI specified in the distribution @crldp */ -diff --git a/genprotimg/src/utils/openssl_compat.h b/genprotimg/src/utils/openssl_compat.h -new file mode 100644 -index 00000000..791c31fc ---- /dev/null -+++ b/genprotimg/src/utils/openssl_compat.h -@@ -0,0 +1,33 @@ -+/* -+ * OpenSSL compatibility utils -+ * -+ * Copyright IBM Corp. 2021 -+ * -+ * s390-tools is free software; you can redistribute it and/or modify -+ * it under the terms of the MIT license. See LICENSE for details. -+ */ -+ -+#ifndef PV_UTILS_OPENSSL_COMPAT_H -+#define PV_UTILS_OPENSSL_COMPAT_H -+ -+#include -+#include -+#include -+ -+#if OPENSSL_VERSION_NUMBER < 0x30000000L -+#define Pv_X509_STORE_CTX_get_current_cert(ctx) \ -+ X509_STORE_CTX_get_current_cert((X509_STORE_CTX *)(ctx)) -+#define Pv_X509_STORE_CTX_get1_crls(ctx, nm) \ -+ X509_STORE_CTX_get1_crls((X509_STORE_CTX *)(ctx), (X509_NAME *)(nm)) -+#define Pv_X509_STORE_set_lookup_crls(st, cb) \ -+ X509_STORE_set_lookup_crls(st, (X509_STORE_CTX_lookup_crls_fn)(cb)) -+#else -+#define Pv_X509_STORE_CTX_get_current_cert(ctx) \ -+ X509_STORE_CTX_get_current_cert(ctx) -+#define Pv_X509_STORE_CTX_get1_crls(ctx, nm) \ -+ X509_STORE_CTX_get1_crls(ctx, nm) -+#define Pv_X509_STORE_set_lookup_crls(st, cb) \ -+ X509_STORE_set_lookup_crls(st, cb) -+#endif -+ -+#endif diff --git a/s390-tools-2.16.0-genprotimg.patch b/s390-tools-2.16.0-genprotimg.patch deleted file mode 100644 index 6f96a14..0000000 --- a/s390-tools-2.16.0-genprotimg.patch +++ /dev/null @@ -1,1021 +0,0 @@ -From b6bdd7744aba06d82f30b0c84012f0b06ccb01de Mon Sep 17 00:00:00 2001 -From: Marc Hartmayer -Date: Wed, 24 Feb 2021 15:04:11 +0000 -Subject: [PATCH] genprotimg: use `pv_` namespace for our Buffer implementation -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Use `pv_` namespace for our Buffer implementation so a symbol clash with other -libraries is less likely. - -Fixes: https://github.com/ibm-s390-linux/s390-tools/issues/109 -Reviewed-by: Jan Hoeppner -Signed-off-by: Marc Hartmayer -Signed-off-by: Jan Höppner ---- - genprotimg/src/pv/pv_comp.c | 26 +++++------ - genprotimg/src/pv/pv_comp.h | 4 +- - genprotimg/src/pv/pv_comps.c | 10 ++--- - genprotimg/src/pv/pv_comps.h | 4 +- - genprotimg/src/pv/pv_hdr.c | 24 +++++------ - genprotimg/src/pv/pv_hdr.h | 4 +- - genprotimg/src/pv/pv_image.c | 70 +++++++++++++++--------------- - genprotimg/src/pv/pv_image.h | 14 +++--- - genprotimg/src/pv/pv_ipib.c | 4 +- - genprotimg/src/pv/pv_ipib.h | 2 +- - genprotimg/src/pv/pv_stage3.c | 26 +++++------ - genprotimg/src/pv/pv_stage3.h | 10 ++--- - genprotimg/src/utils/buffer.c | 18 ++++---- - genprotimg/src/utils/buffer.h | 16 +++---- - genprotimg/src/utils/crypto.c | 72 +++++++++++++++---------------- - genprotimg/src/utils/crypto.h | 28 ++++++------ - genprotimg/src/utils/file_utils.c | 4 +- - genprotimg/src/utils/file_utils.h | 2 +- - 18 files changed, 169 insertions(+), 169 deletions(-) - -diff --git a/genprotimg/src/pv/pv_comp.c b/genprotimg/src/pv/pv_comp.c -index 1f64eea8..21879ae7 100644 ---- a/genprotimg/src/pv/pv_comp.c -+++ b/genprotimg/src/pv/pv_comp.c -@@ -73,12 +73,12 @@ PvComponent *pv_component_new_file(PvComponentType type, const gchar *path, - return pv_component_new(type, size, DATA_FILE, (void **)&file, err); - } - --PvComponent *pv_component_new_buf(PvComponentType type, const Buffer *buf, -+PvComponent *pv_component_new_buf(PvComponentType type, const PvBuffer *buf, - GError **err) - { - g_assert(buf); - -- g_autoptr(Buffer) dup_buf = buffer_dup(buf, FALSE); -+ g_autoptr(PvBuffer) dup_buf = pv_buffer_dup(buf, FALSE); - return pv_component_new(type, buf->size, DATA_BUFFER, (void **)&dup_buf, - err); - } -@@ -90,7 +90,7 @@ void pv_component_free(PvComponent *component) - - switch ((PvComponentDataType)component->d_type) { - case DATA_BUFFER: -- buffer_clear(&component->buf); -+ pv_buffer_clear(&component->buf); - break; - case DATA_FILE: - comp_file_free(component->file); -@@ -162,21 +162,21 @@ gint pv_component_align_and_encrypt(PvComponent *component, const gchar *tmp_pat - - switch ((PvComponentDataType)component->d_type) { - case DATA_BUFFER: { -- g_autoptr(Buffer) enc_buf = NULL; -+ g_autoptr(PvBuffer) enc_buf = NULL; - - if (!(IS_PAGE_ALIGNED(pv_component_size(component)))) { -- g_autoptr(Buffer) new = NULL; -+ g_autoptr(PvBuffer) new = NULL; - - /* create a page aligned copy */ -- new = buffer_dup(component->buf, TRUE); -- buffer_clear(&component->buf); -+ new = pv_buffer_dup(component->buf, TRUE); -+ pv_buffer_clear(&component->buf); - component->buf = g_steal_pointer(&new); - } - enc_buf = encrypt_buf(parms, component->buf, err); - if (!enc_buf) - return -1; - -- buffer_clear(&component->buf); -+ pv_buffer_clear(&component->buf); - component->buf = g_steal_pointer(&enc_buf); - return 0; - } -@@ -220,10 +220,10 @@ gint pv_component_align(PvComponent *component, const gchar *tmp_path, - - switch (component->d_type) { - case DATA_BUFFER: { -- g_autoptr(Buffer) buf = NULL; -+ g_autoptr(PvBuffer) buf = NULL; - -- buf = buffer_dup(component->buf, TRUE); -- buffer_clear(&component->buf); -+ buf = pv_buffer_dup(component->buf, TRUE); -+ pv_buffer_clear(&component->buf); - component->buf = g_steal_pointer(&buf); - return 0; - } break; -@@ -301,7 +301,7 @@ int64_t pv_component_update_pld(const PvComponent *comp, EVP_MD_CTX *ctx, - - switch (comp->d_type) { - case DATA_BUFFER: { -- const Buffer *buf = comp->buf; -+ const PvBuffer *buf = comp->buf; - - g_assert(buf->size <= INT64_MAX); - g_assert(buf->size == size); -@@ -425,7 +425,7 @@ gint pv_component_write(const PvComponent *component, FILE *f, GError **err) - - switch (component->d_type) { - case DATA_BUFFER: { -- const Buffer *buf = component->buf; -+ const PvBuffer *buf = component->buf; - - if (seek_and_write_buffer(f, buf, offset, err) < 0) - return -1; -diff --git a/genprotimg/src/pv/pv_comp.h b/genprotimg/src/pv/pv_comp.h -index aa1b5ae7..a4ffae81 100644 ---- a/genprotimg/src/pv/pv_comp.h -+++ b/genprotimg/src/pv/pv_comp.h -@@ -41,7 +41,7 @@ typedef struct { - gint d_type; /* PvComponentDataType */ - union { - struct comp_file *file; -- Buffer *buf; -+ PvBuffer *buf; - void *data; - }; - uint64_t src_addr; -@@ -51,7 +51,7 @@ typedef struct { - - PvComponent *pv_component_new_file(PvComponentType type, const gchar *path, - GError **err); --PvComponent *pv_component_new_buf(PvComponentType type, const Buffer *buf, -+PvComponent *pv_component_new_buf(PvComponentType type, const PvBuffer *buf, - GError **err); - void pv_component_free(PvComponent *component); - gint pv_component_type(const PvComponent *component); -diff --git a/genprotimg/src/pv/pv_comps.c b/genprotimg/src/pv/pv_comps.c -index 15d32f09..2d364fd0 100644 ---- a/genprotimg/src/pv/pv_comps.c -+++ b/genprotimg/src/pv/pv_comps.c -@@ -210,13 +210,13 @@ GSList *pv_img_comps_get_comps(const PvImgComps *comps) - return comps->comps; - } - --gint pv_img_comps_finalize(PvImgComps *comps, Buffer **pld_digest, -- Buffer **ald_digest, Buffer **tld_digest, -+gint pv_img_comps_finalize(PvImgComps *comps, PvBuffer **pld_digest, -+ PvBuffer **ald_digest, PvBuffer **tld_digest, - uint64_t *nep, GError **err) - { -- g_autoptr(Buffer) tmp_pld_digest = NULL; -- g_autoptr(Buffer) tmp_ald_digest = NULL; -- g_autoptr(Buffer) tmp_tld_digest = NULL; -+ g_autoptr(PvBuffer) tmp_pld_digest = NULL; -+ g_autoptr(PvBuffer) tmp_ald_digest = NULL; -+ g_autoptr(PvBuffer) tmp_tld_digest = NULL; - - comps->finalized = TRUE; - for (GSList *iterator = comps->comps; iterator; iterator = iterator->next) { -diff --git a/genprotimg/src/pv/pv_comps.h b/genprotimg/src/pv/pv_comps.h -index d555e36f..891ecdff 100644 ---- a/genprotimg/src/pv/pv_comps.h -+++ b/genprotimg/src/pv/pv_comps.h -@@ -32,8 +32,8 @@ gint pv_img_comps_add_component(PvImgComps *comps, PvComponent **comp, - GError **err); - PvComponent *pv_img_comps_get_nth_comp(PvImgComps *comps, guint n); - gint pv_img_comps_set_offset(PvImgComps *comps, gsize offset, GError **err); --gint pv_img_comps_finalize(PvImgComps *comps, Buffer **pld_digest, -- Buffer **ald_digest, Buffer **tld_digest, -+gint pv_img_comps_finalize(PvImgComps *comps, PvBuffer **pld_digest, -+ PvBuffer **ald_digest, PvBuffer **tld_digest, - uint64_t *nep, GError **err); - void pv_img_comps_free(PvImgComps *comps); - -diff --git a/genprotimg/src/pv/pv_hdr.c b/genprotimg/src/pv/pv_hdr.c -index 45e721dd..e46e1761 100644 ---- a/genprotimg/src/pv/pv_hdr.c -+++ b/genprotimg/src/pv/pv_hdr.c -@@ -76,17 +76,17 @@ uint64_t pv_hdr_get_nks(const PvHdr *hdr) - } - - /* In-place modification of ``buf`` */ --static gint pv_hdr_encrypt(const PvHdr *hdr, const PvImage *img, Buffer *buf, -+static gint pv_hdr_encrypt(const PvHdr *hdr, const PvImage *img, PvBuffer *buf, - GError **err) - { - uint32_t hdr_len = pv_hdr_size(hdr); - uint32_t aad_len = pv_hdr_aad_size(hdr); - guint tag_len = pv_hdr_tag_size(hdr); - uint32_t enc_len = pv_hdr_enc_size_casted(hdr); -- const Buffer aad_part = { .data = buf->data, .size = aad_len }; -- Buffer enc_part = { .data = (uint8_t *)buf->data + aad_len, -+ const PvBuffer aad_part = { .data = buf->data, .size = aad_len }; -+ PvBuffer enc_part = { .data = (uint8_t *)buf->data + aad_len, - .size = enc_len }; -- Buffer tag_part = { .data = (uint8_t *)buf->data + hdr_len - tag_len, -+ PvBuffer tag_part = { .data = (uint8_t *)buf->data + hdr_len - tag_len, - .size = tag_len }; - struct cipher_parms parms; - int64_t c_len; -@@ -119,9 +119,9 @@ static gint pv_hdr_aad_init(PvHdr *hdr, const PvImage *img, GError **err) - g_autofree union ecdh_pub_key *cust_pub_key = NULL; - struct pv_hdr_key_slot *hdr_slot = hdr->slots; - struct pv_hdr_head *head = &hdr->head; -- g_autoptr(Buffer) pld = NULL; -- g_autoptr(Buffer) ald = NULL; -- g_autoptr(Buffer) tld = NULL; -+ g_autoptr(PvBuffer) pld = NULL; -+ g_autoptr(PvBuffer) ald = NULL; -+ g_autoptr(PvBuffer) tld = NULL; - uint64_t nep = 0; - - g_assert(sizeof(head->iv) == img->gcm_iv->size); -@@ -250,7 +250,7 @@ PvHdr *pv_hdr_new(const PvImage *img, GError **err) - return g_steal_pointer(&ret); - } - --static void pv_hdr_memcpy(const PvHdr *hdr, const Buffer *dst) -+static void pv_hdr_memcpy(const PvHdr *hdr, const PvBuffer *dst) - { - uint64_t nks = pv_hdr_get_nks(hdr); - uint8_t *data; -@@ -270,13 +270,13 @@ static void pv_hdr_memcpy(const PvHdr *hdr, const Buffer *dst) - } - } - --Buffer *pv_hdr_serialize(const PvHdr *hdr, const PvImage *img, -- enum PvCryptoMode mode, GError **err) -+PvBuffer *pv_hdr_serialize(const PvHdr *hdr, const PvImage *img, -+ enum PvCryptoMode mode, GError **err) - { - uint32_t hdr_size = pv_hdr_size(hdr); -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - -- ret = buffer_alloc(hdr_size); -+ ret = pv_buffer_alloc(hdr_size); - pv_hdr_memcpy(hdr, ret); - - if (mode == PV_ENCRYPT) { -diff --git a/genprotimg/src/pv/pv_hdr.h b/genprotimg/src/pv/pv_hdr.h -index 8df7a6f1..fbcc9e9e 100644 ---- a/genprotimg/src/pv/pv_hdr.h -+++ b/genprotimg/src/pv/pv_hdr.h -@@ -23,8 +23,8 @@ - PvHdr *pv_hdr_new(const PvImage *img, GError **err); - void pv_hdr_free(PvHdr *hdr); - G_GNUC_UNUSED gboolean pv_hdr_uses_encryption(const PvHdr *hdr); --Buffer *pv_hdr_serialize(const PvHdr *hdr, const PvImage *img, -- enum PvCryptoMode mode, GError **err); -+PvBuffer *pv_hdr_serialize(const PvHdr *hdr, const PvImage *img, -+ enum PvCryptoMode mode, GError **err); - uint32_t pv_hdr_size(const PvHdr *hdr); - uint32_t pv_hdr_aad_size(const PvHdr *hdr); - uint64_t pv_hdr_enc_size(const PvHdr *hdr); -diff --git a/genprotimg/src/pv/pv_image.c b/genprotimg/src/pv/pv_image.c -index 59eca5e3..375e40f6 100644 ---- a/genprotimg/src/pv/pv_image.c -+++ b/genprotimg/src/pv/pv_image.c -@@ -56,7 +56,7 @@ static gint pv_img_prepare_component(const PvImage *img, PvComponent *comp, - GError **err) - { - struct cipher_parms parms = { 0 }; -- g_autoptr(Buffer) tweak = NULL; -+ g_autoptr(PvBuffer) tweak = NULL; - prepare_func func = NULL; - void *opaque = NULL; - gint rc; -@@ -76,7 +76,7 @@ static gint pv_img_prepare_component(const PvImage *img, PvComponent *comp, - EVP_CIPHER_iv_length(cipher)); - g_assert(img->xts_key->size <= UINT_MAX); - -- tweak = buffer_alloc(sizeof(comp->tweak.data)); -+ tweak = pv_buffer_alloc(sizeof(comp->tweak.data)); - memcpy(tweak->data, comp->tweak.data, tweak->size); - func = pv_component_align_and_encrypt; - parms.cipher = cipher; -@@ -93,11 +93,11 @@ static gint pv_img_prepare_component(const PvImage *img, PvComponent *comp, - return 0; - } - --static Buffer *pv_img_read_key(const gchar *path, guint key_size, -- GError **err) -+static PvBuffer *pv_img_read_key(const gchar *path, guint key_size, -+ GError **err) - { -- g_autoptr(Buffer) tmp_ret = NULL; -- Buffer *ret = NULL; -+ g_autoptr(PvBuffer) tmp_ret = NULL; -+ PvBuffer *ret = NULL; - gsize bytes_read; - FILE *f = NULL; - gsize size; -@@ -116,7 +116,7 @@ static Buffer *pv_img_read_key(const gchar *path, guint key_size, - if (!f) - return NULL; - -- tmp_ret = buffer_alloc(size); -+ tmp_ret = pv_buffer_alloc(size); - if (file_read(f, tmp_ret->data, 1, tmp_ret->size, &bytes_read, err) < 0) - goto err; - -@@ -160,8 +160,8 @@ static HostKeyList *pv_img_get_host_keys(GSList *host_keys_with_path, gint nid, - return g_steal_pointer(&ret); - } - --static Buffer *pv_img_get_key(const EVP_CIPHER *cipher, const gchar *path, -- GError **err) -+static PvBuffer *pv_img_get_key(const EVP_CIPHER *cipher, const gchar *path, -+ GError **err) - { - gint key_len = EVP_CIPHER_key_length(cipher); - -@@ -173,8 +173,8 @@ static Buffer *pv_img_get_key(const EVP_CIPHER *cipher, const gchar *path, - return generate_aes_key((guint)key_len, err); - } - --static Buffer *pv_img_get_iv(const EVP_CIPHER *cipher, const gchar *path, -- GError **err) -+static PvBuffer *pv_img_get_iv(const EVP_CIPHER *cipher, const gchar *path, -+ GError **err) - { - gint iv_len = EVP_CIPHER_iv_length(cipher); - -@@ -485,23 +485,23 @@ static void pv_hdr_key_slot_free(PvHdrKeySlot *slot) - WRAPPED_G_DEFINE_AUTOPTR_CLEANUP_FUNC(PvHdrKeySlot, pv_hdr_key_slot_free) - - static PvHdrKeySlot *pv_hdr_key_slot_new(const EVP_CIPHER *gcm_cipher, -- const Buffer *cust_root_key, -+ const PvBuffer *cust_root_key, - EVP_PKEY *cust_key, EVP_PKEY *host_key, - GError **err) - { - g_autoptr(PvHdrKeySlot) ret = g_new0(PvHdrKeySlot, 1); - g_autofree union ecdh_pub_key *pub = NULL; -- g_autoptr(Buffer) exchange_key = NULL; -- g_autoptr(Buffer) digest_key = NULL; -- g_autoptr(Buffer) iv = NULL; -- Buffer pub_buf; -+ g_autoptr(PvBuffer) exchange_key = NULL; -+ g_autoptr(PvBuffer) digest_key = NULL; -+ g_autoptr(PvBuffer) iv = NULL; -+ PvBuffer pub_buf; - /* No AAD data is used */ -- Buffer aad = { .data = NULL, .size = 0 }; -+ PvBuffer aad = { .data = NULL, .size = 0 }; - /* Set the output buffers for the encrypted data and the - * generated GCM tag - */ -- Buffer enc = { .data = ret->wrapped_key, .size = sizeof(ret->wrapped_key) }; -- Buffer tag = { .data = ret->tag, .size = sizeof(ret->tag) }; -+ PvBuffer enc = { .data = ret->wrapped_key, .size = sizeof(ret->wrapped_key) }; -+ PvBuffer tag = { .data = ret->tag, .size = sizeof(ret->tag) }; - struct cipher_parms parms; - int64_t c_len = 0; - -@@ -530,7 +530,7 @@ static PvHdrKeySlot *pv_hdr_key_slot_new(const EVP_CIPHER *gcm_cipher, - g_assert(exchange_key->size == (guint)EVP_CIPHER_key_length(gcm_cipher)); - - /* create zero IV */ -- iv = buffer_alloc((guint)EVP_CIPHER_iv_length(gcm_cipher)); -+ iv = pv_buffer_alloc((guint)EVP_CIPHER_iv_length(gcm_cipher)); - parms.iv_or_tweak = iv; - parms.key = exchange_key; - parms.cipher = gcm_cipher; -@@ -637,13 +637,13 @@ void pv_img_free(PvImage *img) - g_slist_free_full(img->key_slots, (GDestroyNotify)pv_hdr_key_slot_free); - g_slist_free_full(img->host_pub_keys, (GDestroyNotify)EVP_PKEY_free); - EVP_PKEY_free(img->cust_pub_priv_key); -- buffer_clear(&img->stage3a); -+ pv_buffer_clear(&img->stage3a); - pv_img_comps_free(img->comps); - g_free(img->tmp_dir); -- buffer_free(img->xts_key); -- buffer_free(img->cust_root_key); -- buffer_free(img->gcm_iv); -- buffer_free(img->cust_comm_key); -+ pv_buffer_free(img->xts_key); -+ pv_buffer_free(img->cust_root_key); -+ pv_buffer_free(img->gcm_iv); -+ pv_buffer_free(img->cust_comm_key); - g_free(img); - } - -@@ -684,13 +684,13 @@ gint pv_img_add_component(PvImage *img, const PvArg *arg, GError **err) - return 0; - } - --gint pv_img_calc_pld_ald_tld_nep(const PvImage *img, Buffer **pld, Buffer **ald, -- Buffer **tld, uint64_t *nep, GError **err) -+gint pv_img_calc_pld_ald_tld_nep(const PvImage *img, PvBuffer **pld, PvBuffer **ald, -+ PvBuffer **tld, uint64_t *nep, GError **err) - { - return pv_img_comps_finalize(img->comps, pld, ald, tld, nep, err); - } - --static gint pv_img_build_stage3b(PvImage *img, Buffer *stage3b, GError **err) -+static gint pv_img_build_stage3b(PvImage *img, PvBuffer *stage3b, GError **err) - { - g_autofree struct stage3b_args *args = NULL; - -@@ -708,7 +708,7 @@ static gint pv_img_build_stage3b(PvImage *img, Buffer *stage3b, GError **err) - gint pv_img_add_stage3b_comp(PvImage *img, const gchar *path, GError **err) - { - g_autoptr(PvComponent) comp = NULL; -- g_autoptr(Buffer) stage3b = NULL; -+ g_autoptr(PvBuffer) stage3b = NULL; - - stage3b = stage3b_getblob(path, err); - if (!stage3b) -@@ -825,7 +825,7 @@ static gint get_stage3a_data_size(const PvImage *img, gsize *data_size, - - gint pv_img_load_and_set_stage3a(PvImage *img, const gchar *path, GError **err) - { -- g_autoptr(Buffer) stage3a = NULL; -+ g_autoptr(PvBuffer) stage3a = NULL; - gsize bin_size, data_size = 0; - - if (get_stage3a_data_size(img, &data_size, err) < 0) -@@ -845,8 +845,8 @@ gint pv_img_load_and_set_stage3a(PvImage *img, const gchar *path, GError **err) - } - - /* Creates the PV IPIB and sets the stage3a arguments */ --static gint pv_img_build_stage3a(Buffer *stage3a, gsize stage3a_bin_size, -- GSList *comps, const Buffer *hdr, GError **err) -+static gint pv_img_build_stage3a(PvBuffer *stage3a, gsize stage3a_bin_size, -+ GSList *comps, const PvBuffer *hdr, GError **err) - { - g_autofree struct ipl_parameter_block *ipib = NULL; - -@@ -866,9 +866,9 @@ static gint pv_img_build_stage3a(Buffer *stage3a, gsize stage3a_bin_size, - } - - /* Creates the actual PV header (serialized and AES-GCM encrypted) */ --static Buffer *pv_img_create_pv_hdr(PvImage *img, GError **err) -+static PvBuffer *pv_img_create_pv_hdr(PvImage *img, GError **err) - { -- g_autoptr(Buffer) hdr_buf = NULL; -+ g_autoptr(PvBuffer) hdr_buf = NULL; - g_autoptr(PvHdr) hdr = NULL; - - hdr = pv_hdr_new(img, err); -@@ -887,7 +887,7 @@ static Buffer *pv_img_create_pv_hdr(PvImage *img, GError **err) - */ - gint pv_img_finalize(PvImage *pv, const gchar *stage3b_path, GError **err) - { -- g_autoptr(Buffer) hdr = NULL; -+ g_autoptr(PvBuffer) hdr = NULL; - - /* load stage3b template into memory and add it to the list of - * components. This must be done before calling -diff --git a/genprotimg/src/pv/pv_image.h b/genprotimg/src/pv/pv_image.h -index 7c624e24..116fb1a9 100644 ---- a/genprotimg/src/pv/pv_image.h -+++ b/genprotimg/src/pv/pv_image.h -@@ -25,7 +25,7 @@ - - typedef struct { - gchar *tmp_dir; /* directory used for temporary files */ -- Buffer *stage3a; /* stage3a containing IPIB and PV header */ -+ PvBuffer *stage3a; /* stage3a containing IPIB and PV header */ - gsize stage3a_bin_size; /* size of stage3a.bin */ - struct psw_t stage3a_psw; /* (short) PSW that is written to - * location 0 of the created image -@@ -35,15 +35,15 @@ typedef struct { - GSList *host_pub_keys; /* public host keys */ - gint nid; /* Elliptic Curve used for the key derivation */ - /* keys and cipher used for the AES-GCM encryption */ -- Buffer *cust_root_key; -- Buffer *gcm_iv; -+ PvBuffer *cust_root_key; -+ PvBuffer *gcm_iv; - const EVP_CIPHER *gcm_cipher; - /* Information for the IPIB and PV header */ - uint64_t pcf; - uint64_t scf; -- Buffer *cust_comm_key; -+ PvBuffer *cust_comm_key; - const EVP_CIPHER *cust_comm_cipher; -- Buffer *xts_key; -+ PvBuffer *xts_key; - const EVP_CIPHER *xts_cipher; - GSList *key_slots; - GSList *optional_items; -@@ -54,8 +54,8 @@ PvImage *pv_img_new(PvArgs *args, const gchar *stage3a_path, GError **err); - void pv_img_free(PvImage *img); - gint pv_img_add_component(PvImage *img, const PvArg *arg, GError **err); - gint pv_img_finalize(PvImage *img, const gchar *stage3b_path, GError **err); --gint pv_img_calc_pld_ald_tld_nep(const PvImage *img, Buffer **pld, Buffer **ald, -- Buffer **tld, uint64_t *nep, GError **err); -+gint pv_img_calc_pld_ald_tld_nep(const PvImage *img, PvBuffer **pld, PvBuffer **ald, -+ PvBuffer **tld, uint64_t *nep, GError **err); - gint pv_img_load_and_set_stage3a(PvImage *img, const gchar *path, GError **err); - const PvComponent *pv_img_get_stage3b_comp(const PvImage *img, GError **err); - gint pv_img_add_stage3b_comp(PvImage *img, const gchar *path, GError **err); -diff --git a/genprotimg/src/pv/pv_ipib.c b/genprotimg/src/pv/pv_ipib.c -index 2517e548..59fe0086 100644 ---- a/genprotimg/src/pv/pv_ipib.c -+++ b/genprotimg/src/pv/pv_ipib.c -@@ -35,7 +35,7 @@ uint64_t pv_ipib_get_size(uint32_t num_comp) - } - - static gint pv_ipib_init(IplParameterBlock *ipib, GSList *comps, -- const Buffer *hdr) -+ const PvBuffer *hdr) - { - g_assert(sizeof(struct ipl_pl_hdr) <= UINT32_MAX); - g_assert(sizeof(struct ipl_pb0_pv_comp) <= UINT32_MAX); -@@ -100,7 +100,7 @@ static gint pv_ipib_init(IplParameterBlock *ipib, GSList *comps, - return 0; - } - --IplParameterBlock *pv_ipib_new(GSList *comps, const Buffer *hdr, GError **err) -+IplParameterBlock *pv_ipib_new(GSList *comps, const PvBuffer *hdr, GError **err) - { - uint64_t ipib_size = pv_ipib_get_size(g_slist_length(comps)); - g_autoptr(IplParameterBlock) ret = NULL; -diff --git a/genprotimg/src/pv/pv_ipib.h b/genprotimg/src/pv/pv_ipib.h -index 93317901..4b66643d 100644 ---- a/genprotimg/src/pv/pv_ipib.h -+++ b/genprotimg/src/pv/pv_ipib.h -@@ -19,7 +19,7 @@ - typedef struct ipl_parameter_block IplParameterBlock; - - uint64_t pv_ipib_get_size(uint32_t num_comp); --IplParameterBlock *pv_ipib_new(GSList *comps, const Buffer *hdr, GError **err); -+IplParameterBlock *pv_ipib_new(GSList *comps, const PvBuffer *hdr, GError **err); - void pv_ipib_free(IplParameterBlock *ipib); - - WRAPPED_G_DEFINE_AUTOPTR_CLEANUP_FUNC(IplParameterBlock, pv_ipib_free) -diff --git a/genprotimg/src/pv/pv_stage3.c b/genprotimg/src/pv/pv_stage3.c -index a1e5b164..bff9db7d 100644 ---- a/genprotimg/src/pv/pv_stage3.c -+++ b/genprotimg/src/pv/pv_stage3.c -@@ -24,12 +24,12 @@ - ((struct stage3a_args *)((uint64_t)data_ptr + loader_size - \ - sizeof(struct stage3a_args))) - --static Buffer *loader_getblob(const gchar *filename, gsize *loader_size, -- gsize args_size, gsize data_size, -- gboolean data_aligned, GError **err) -+static PvBuffer *loader_getblob(const gchar *filename, gsize *loader_size, -+ gsize args_size, gsize data_size, -+ gboolean data_aligned, GError **err) - { - g_autoptr(GMappedFile) mapped_file = NULL; -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - gsize size, tmp_loader_size; - gchar *loader_data; - -@@ -60,7 +60,7 @@ static Buffer *loader_getblob(const gchar *filename, gsize *loader_size, - size = (data_aligned ? PAGE_ALIGN(tmp_loader_size) : tmp_loader_size) + - data_size; - -- ret = buffer_alloc(size); -+ ret = pv_buffer_alloc(size); - - /* copy the loader "template" */ - memcpy(ret->data, loader_data, tmp_loader_size); -@@ -71,8 +71,8 @@ static Buffer *loader_getblob(const gchar *filename, gsize *loader_size, - return g_steal_pointer(&ret); - } - --Buffer *stage3a_getblob(const gchar *filename, gsize *loader_size, -- gsize data_size, GError **err) -+PvBuffer *stage3a_getblob(const gchar *filename, gsize *loader_size, -+ gsize data_size, GError **err) - { - return loader_getblob(filename, loader_size, - sizeof(struct stage3a_args), data_size, TRUE, -@@ -83,8 +83,8 @@ Buffer *stage3a_getblob(const gchar *filename, gsize *loader_size, - /* Set the right offsets and sizes in the stage3a template + add - * the IPIB block with the PV header - */ --static gint stage3a_set_data(Buffer *loader, gsize loader_size, -- const Buffer *hdr, struct ipl_parameter_block *ipib, -+static gint stage3a_set_data(PvBuffer *loader, gsize loader_size, -+ const PvBuffer *hdr, struct ipl_parameter_block *ipib, - GError **err) - { - uint32_t ipib_size = GUINT32_FROM_BE(ipib->hdr.len); -@@ -126,15 +126,15 @@ static gint stage3a_set_data(Buffer *loader, gsize loader_size, - return 0; - } - --gint build_stage3a(Buffer *loader, gsize loader_size, const Buffer *hdr, -+gint build_stage3a(PvBuffer *loader, gsize loader_size, const PvBuffer *hdr, - struct ipl_parameter_block *ipib, GError **err) - { - return stage3a_set_data(loader, loader_size, hdr, ipib, err); - } - --Buffer *stage3b_getblob(const gchar *filename, GError **err) -+PvBuffer *stage3b_getblob(const gchar *filename, GError **err) - { -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - gsize rb_size; - - ret = loader_getblob(filename, &rb_size, sizeof(struct stage3b_args), 0, -@@ -146,7 +146,7 @@ Buffer *stage3b_getblob(const gchar *filename, GError **err) - return g_steal_pointer(&ret); - } - --void build_stage3b(Buffer *stage3b, const struct stage3b_args *args) -+void build_stage3b(PvBuffer *stage3b, const struct stage3b_args *args) - { - g_assert(stage3b->size > sizeof(*args)); - -diff --git a/genprotimg/src/pv/pv_stage3.h b/genprotimg/src/pv/pv_stage3.h -index baaf921b..364408ee 100644 ---- a/genprotimg/src/pv/pv_stage3.h -+++ b/genprotimg/src/pv/pv_stage3.h -@@ -19,12 +19,12 @@ - #include "boot/stage3b.h" - #include "utils/buffer.h" - --Buffer *stage3a_getblob(const gchar *filename, gsize *loader_size, -- gsize data_size, GError **err); --gint build_stage3a(Buffer *dc, gsize dc_size, const Buffer *hdr, -+PvBuffer *stage3a_getblob(const gchar *filename, gsize *loader_size, -+ gsize data_size, GError **err); -+gint build_stage3a(PvBuffer *dc, gsize dc_size, const PvBuffer *hdr, - struct ipl_parameter_block *ipib, GError **err); --Buffer *stage3b_getblob(const gchar *filename, GError **err); --void build_stage3b(Buffer *stage3b, const struct stage3b_args *args); -+PvBuffer *stage3b_getblob(const gchar *filename, GError **err); -+void build_stage3b(PvBuffer *stage3b, const struct stage3b_args *args); - void memblob_init(struct memblob *arg, uint64_t src, uint64_t size); - - #endif -diff --git a/genprotimg/src/utils/buffer.c b/genprotimg/src/utils/buffer.c -index 35aed742..509dc0de 100644 ---- a/genprotimg/src/utils/buffer.c -+++ b/genprotimg/src/utils/buffer.c -@@ -17,18 +17,18 @@ - #include "common.h" - #include "file_utils.h" - --Buffer *buffer_alloc(gsize size) -+PvBuffer *pv_buffer_alloc(gsize size) - { -- Buffer *ret = g_new0(Buffer, 1); -+ PvBuffer *ret = g_new0(PvBuffer, 1); - - ret->data = g_malloc0(size); - ret->size = size; - return ret; - } - --Buffer *buffer_dup(const Buffer *buf, gboolean page_aligned) -+PvBuffer *pv_buffer_dup(const PvBuffer *buf, gboolean page_aligned) - { -- Buffer *ret; -+ PvBuffer *ret; - gsize size; - - if (!buf) -@@ -38,19 +38,19 @@ Buffer *buffer_dup(const Buffer *buf, gboolean page_aligned) - if (page_aligned) - size = PAGE_ALIGN(size); - -- ret = buffer_alloc(size); -+ ret = pv_buffer_alloc(size); - - /* content will be 0-right-padded */ - memcpy(ret->data, buf->data, buf->size); - return ret; - } - --gint buffer_write(const Buffer *buf, FILE *file, GError **err) -+gint pv_buffer_write(const PvBuffer *buf, FILE *file, GError **err) - { - return file_write(file, buf->data, buf->size, 1, NULL, err); - } - --void buffer_free(Buffer *buf) -+void pv_buffer_free(PvBuffer *buf) - { - if (!buf) - return; -@@ -59,11 +59,11 @@ void buffer_free(Buffer *buf) - g_free(buf); - } - --void buffer_clear(Buffer **buf) -+void pv_buffer_clear(PvBuffer **buf) - { - if (!buf || !*buf) - return; - -- buffer_free(*buf); -+ pv_buffer_free(*buf); - *buf = NULL; - } -diff --git a/genprotimg/src/utils/buffer.h b/genprotimg/src/utils/buffer.h -index 7239d5c9..824b72cb 100644 ---- a/genprotimg/src/utils/buffer.h -+++ b/genprotimg/src/utils/buffer.h -@@ -15,17 +15,17 @@ - - #include "common.h" - --typedef struct Buffer { -+typedef struct PvBuffer { - void *data; - gsize size; /* in bytes */ --} Buffer; -+} PvBuffer; - --Buffer *buffer_alloc(gsize size); --void buffer_free(Buffer *buf); --void buffer_clear(Buffer **buf); --gint buffer_write(const Buffer *buf, FILE *file, GError **err); --Buffer *buffer_dup(const Buffer *buf, gboolean page_aligned); -+PvBuffer *pv_buffer_alloc(gsize size); -+void pv_buffer_free(PvBuffer *buf); -+void pv_buffer_clear(PvBuffer **buf); -+gint pv_buffer_write(const PvBuffer *buf, FILE *file, GError **err); -+PvBuffer *pv_buffer_dup(const PvBuffer *buf, gboolean page_aligned); - --WRAPPED_G_DEFINE_AUTOPTR_CLEANUP_FUNC(Buffer, buffer_free) -+WRAPPED_G_DEFINE_AUTOPTR_CLEANUP_FUNC(PvBuffer, pv_buffer_free) - - #endif -diff --git a/genprotimg/src/utils/crypto.c b/genprotimg/src/utils/crypto.c -index 44facc28..05c3e832 100644 ---- a/genprotimg/src/utils/crypto.c -+++ b/genprotimg/src/utils/crypto.c -@@ -89,15 +89,15 @@ EVP_MD_CTX *digest_ctx_new(const EVP_MD *md, GError **err) - return g_steal_pointer(&ctx); - } - --Buffer *digest_ctx_finalize(EVP_MD_CTX *ctx, GError **err) -+PvBuffer *digest_ctx_finalize(EVP_MD_CTX *ctx, GError **err) - { - gint md_size = EVP_MD_size(EVP_MD_CTX_md(ctx)); -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - guint digest_size; - - g_assert(md_size > 0); - -- ret = buffer_alloc((guint)md_size); -+ ret = pv_buffer_alloc((guint)md_size); - if (EVP_DigestFinal_ex(ctx, ret->data, &digest_size) != 1) { - g_set_error(err, PV_CRYPTO_ERROR, PV_CRYPTO_ERROR_INTERNAL, - _("EVP_DigestFinal_ex failed")); -@@ -110,10 +110,10 @@ Buffer *digest_ctx_finalize(EVP_MD_CTX *ctx, GError **err) - } - - /* Returns the digest of @buf using the hash algorithm @md */ --static Buffer *digest_buffer(const EVP_MD *md, const Buffer *buf, GError **err) -+static PvBuffer *digest_buffer(const EVP_MD *md, const PvBuffer *buf, GError **err) - { - g_autoptr(EVP_MD_CTX) md_ctx = NULL; -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - g_assert(buf); - - md_ctx = digest_ctx_new(md, err); -@@ -134,9 +134,9 @@ static Buffer *digest_buffer(const EVP_MD *md, const Buffer *buf, GError **err) - } - - /* Returns the SHA256 digest of @buf */ --Buffer *sha256_buffer(const Buffer *buf, GError **err) -+PvBuffer *sha256_buffer(const PvBuffer *buf, GError **err) - { -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - - ret = digest_buffer(EVP_sha256(), buf, err); - if (!ret) -@@ -207,10 +207,10 @@ union ecdh_pub_key *evp_pkey_to_ecdh_pub_key(EVP_PKEY *key, GError **err) - return g_steal_pointer(&ret); - } - --static Buffer *derive_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) -+static PvBuffer *derive_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) - { - g_autoptr(EVP_PKEY_CTX) ctx = NULL; -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - gsize key_size; - - ctx = EVP_PKEY_CTX_new(cust, NULL); -@@ -236,7 +236,7 @@ static Buffer *derive_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) - return NULL; - } - -- ret = buffer_alloc(key_size); -+ ret = pv_buffer_alloc(key_size); - if (EVP_PKEY_derive(ctx, ret->data, &key_size) != 1) { - g_set_error(err, PV_CRYPTO_ERROR, PV_CRYPTO_ERROR_DERIVE, - _("Key derivation failed")); -@@ -247,11 +247,11 @@ static Buffer *derive_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) - return g_steal_pointer(&ret); - } - --Buffer *compute_exchange_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) -+PvBuffer *compute_exchange_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err) - { -- g_autoptr(Buffer) raw = buffer_alloc(70); -- g_autoptr(Buffer) ret = NULL; -- g_autoptr(Buffer) key = NULL; -+ g_autoptr(PvBuffer) raw = pv_buffer_alloc(70); -+ g_autoptr(PvBuffer) ret = NULL; -+ g_autoptr(PvBuffer) key = NULL; - guchar *data; - - key = derive_key(cust, host, err); -@@ -290,10 +290,10 @@ gint generate_tweak(union tweak *tweak, uint16_t i, GError **err) - return 0; - } - --static Buffer *generate_rand_data(guint size, const gchar *err_msg, -- GError **err) -+static PvBuffer *generate_rand_data(guint size, const gchar *err_msg, -+ GError **err) - { -- g_autoptr(Buffer) buf = buffer_alloc(size); -+ g_autoptr(PvBuffer) buf = pv_buffer_alloc(size); - - g_assert(size <= INT_MAX); - -@@ -307,14 +307,14 @@ static Buffer *generate_rand_data(guint size, const gchar *err_msg, - return g_steal_pointer(&buf); - } - --Buffer *generate_aes_iv(guint size, GError **err) -+PvBuffer *generate_aes_iv(guint size, GError **err) - { - return generate_rand_data(size, - _("Generating a IV failed because the required amount of random data is not available"), - err); - } - --Buffer *generate_aes_key(guint size, GError **err) -+PvBuffer *generate_aes_key(guint size, GError **err) - { - return generate_rand_data(size, - _("Generating a key failed because the required amount of random data is not available"), -@@ -1756,8 +1756,8 @@ static gint __encrypt_decrypt_bio(const struct cipher_parms *parms, BIO *b_in, - gint cipher_block_size = EVP_CIPHER_block_size(cipher); - guchar in_buf[PAGE_SIZE], - out_buf[PAGE_SIZE + (guint)cipher_block_size]; -- const Buffer *key = parms->key; -- const Buffer *tweak = parms->iv_or_tweak; -+ const PvBuffer *key = parms->key; -+ const PvBuffer *tweak = parms->iv_or_tweak; - g_autofree guchar *tmp_tweak = NULL; - gint out_len, tweak_size; - gsize tmp_size_in = 0, tmp_size_out = 0; -@@ -1895,11 +1895,11 @@ static gint __encrypt_decrypt_bio(const struct cipher_parms *parms, BIO *b_in, - return 0; - } - --static Buffer *__encrypt_decrypt_buffer(const struct cipher_parms *parms, -- const Buffer *in, gboolean encrypt, -- GError **err) -+static PvBuffer *__encrypt_decrypt_buffer(const struct cipher_parms *parms, -+ const PvBuffer *in, gboolean encrypt, -+ GError **err) - { -- g_autoptr(Buffer) ret = NULL; -+ g_autoptr(PvBuffer) ret = NULL; - g_autoptr(BIO) b_out = NULL; - g_autoptr(BIO) b_in = NULL; - gsize in_size, out_size; -@@ -1927,19 +1927,19 @@ static Buffer *__encrypt_decrypt_buffer(const struct cipher_parms *parms, - return NULL; - } - -- ret = buffer_alloc((unsigned long)data_size); -+ ret = pv_buffer_alloc((unsigned long)data_size); - memcpy(ret->data, data, ret->size); - return g_steal_pointer(&ret); - } - --Buffer *encrypt_buf(const struct cipher_parms *parms, const Buffer *in, -- GError **err) -+PvBuffer *encrypt_buf(const struct cipher_parms *parms, const PvBuffer *in, -+ GError **err) - { - return __encrypt_decrypt_buffer(parms, in, TRUE, err); - } - --Buffer *decrypt_buf(const struct cipher_parms *parms, const Buffer *in, -- GError **err) -+PvBuffer *decrypt_buf(const struct cipher_parms *parms, const PvBuffer *in, -+ GError **err) - { - return __encrypt_decrypt_buffer(parms, in, FALSE, err); - } -@@ -1993,16 +1993,16 @@ G_GNUC_UNUSED static gint decrypt_file(const struct cipher_parms *parms, - } - - /* GCM mode uses (zero-)padding */ --static int64_t gcm_encrypt_decrypt(const Buffer *in, const Buffer *aad, -+static int64_t gcm_encrypt_decrypt(const PvBuffer *in, const PvBuffer *aad, - const struct cipher_parms *parms, -- Buffer *out, Buffer *tag, -+ PvBuffer *out, PvBuffer *tag, - enum PvCryptoMode mode, GError **err) - { - g_autoptr(EVP_CIPHER_CTX) ctx = NULL; - const EVP_CIPHER *cipher = parms->cipher; -- const Buffer *iv = parms->iv_or_tweak; -+ const PvBuffer *iv = parms->iv_or_tweak; - gboolean encrypt = mode == PV_ENCRYPT; -- const Buffer *key = parms->key; -+ const PvBuffer *key = parms->key; - int64_t ret = -1; - gint len = -1; - -@@ -2097,8 +2097,8 @@ static int64_t gcm_encrypt_decrypt(const Buffer *in, const Buffer *aad, - return ret; - } - --int64_t gcm_encrypt(const Buffer *in, const Buffer *aad, -- const struct cipher_parms *parms, Buffer *out, Buffer *tag, -+int64_t gcm_encrypt(const PvBuffer *in, const PvBuffer *aad, -+ const struct cipher_parms *parms, PvBuffer *out, PvBuffer *tag, - GError **err) - { - return gcm_encrypt_decrypt(in, aad, parms, out, tag, PV_ENCRYPT, err); -diff --git a/genprotimg/src/utils/crypto.h b/genprotimg/src/utils/crypto.h -index 286cf457..3cda4507 100644 ---- a/genprotimg/src/utils/crypto.h -+++ b/genprotimg/src/utils/crypto.h -@@ -117,8 +117,8 @@ union tweak { - - struct cipher_parms { - const EVP_CIPHER *cipher; -- const Buffer *key; -- const Buffer *iv_or_tweak; -+ const PvBuffer *key; -+ const PvBuffer *iv_or_tweak; - }; - - int check_crl_valid_for_cert(X509_CRL *crl, X509 *cert, -@@ -152,24 +152,24 @@ X509_CRL *get_first_valid_crl(X509_STORE_CTX *ctx, X509 *cert, GError **err); - void store_setup_crl_download(X509_STORE *st); - EVP_PKEY *read_ec_pubkey_cert(X509 *cert, gint nid, GError **err); - --Buffer *compute_exchange_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err); --Buffer *generate_aes_key(guint size, GError **err); --Buffer *generate_aes_iv(guint size, GError **err); -+PvBuffer *compute_exchange_key(EVP_PKEY *cust, EVP_PKEY *host, GError **err); -+PvBuffer *generate_aes_key(guint size, GError **err); -+PvBuffer *generate_aes_iv(guint size, GError **err); - EVP_PKEY *generate_ec_key(gint nid, GError **err); - gint generate_tweak(union tweak *tweak, uint16_t i, GError **err); - union ecdh_pub_key *evp_pkey_to_ecdh_pub_key(EVP_PKEY *key, GError **err); - EVP_MD_CTX *digest_ctx_new(const EVP_MD *md, GError **err); --Buffer *digest_ctx_finalize(EVP_MD_CTX *ctx, GError **err); --Buffer *sha256_buffer(const Buffer *buf, GError **err); --int64_t gcm_encrypt(const Buffer *in, const Buffer *aad, -- const struct cipher_parms *parms, Buffer *out, -- Buffer *tag, GError **err); -+PvBuffer *digest_ctx_finalize(EVP_MD_CTX *ctx, GError **err); -+PvBuffer *sha256_buffer(const PvBuffer *buf, GError **err); -+int64_t gcm_encrypt(const PvBuffer *in, const PvBuffer *aad, -+ const struct cipher_parms *parms, PvBuffer *out, -+ PvBuffer *tag, GError **err); - gint encrypt_file(const struct cipher_parms *parms, const gchar *in_path, - const gchar *path_out, gsize *in_size, gsize *out_size, - GError **err); --Buffer *encrypt_buf(const struct cipher_parms *parms, const Buffer *in, -- GError **err); --G_GNUC_UNUSED Buffer *decrypt_buf(const struct cipher_parms *parms, -- const Buffer *in, GError **err); -+PvBuffer *encrypt_buf(const struct cipher_parms *parms, const PvBuffer *in, -+ GError **err); -+G_GNUC_UNUSED PvBuffer *decrypt_buf(const struct cipher_parms *parms, -+ const PvBuffer *in, GError **err); - - #endif -diff --git a/genprotimg/src/utils/file_utils.c b/genprotimg/src/utils/file_utils.c -index 1d6fc370..ba33400f 100644 ---- a/genprotimg/src/utils/file_utils.c -+++ b/genprotimg/src/utils/file_utils.c -@@ -171,13 +171,13 @@ gint seek_and_write_file(FILE *o, const CompFile *ifile, uint64_t offset, - return ret; - } - --gint seek_and_write_buffer(FILE *o, const Buffer *buf, uint64_t offset, -+gint seek_and_write_buffer(FILE *o, const PvBuffer *buf, uint64_t offset, - GError **err) - { - if (file_seek(o, offset, err) < 0) - return -1; - -- if (buffer_write(buf, o, err) < 0) -+ if (pv_buffer_write(buf, o, err) < 0) - return -1; - - return 0; -diff --git a/genprotimg/src/utils/file_utils.h b/genprotimg/src/utils/file_utils.h -index 47df1148..456e7aca 100644 ---- a/genprotimg/src/utils/file_utils.h -+++ b/genprotimg/src/utils/file_utils.h -@@ -26,7 +26,7 @@ gint file_write(FILE *out, const void *ptr, gsize size, gsize count, - gsize *count_written, GError **err); - gint pad_file_right(const gchar *path_out, const gchar *path_in, - gsize *size_out, guint padding, GError **err); --gint seek_and_write_buffer(FILE *out, const Buffer *buf, uint64_t offset, -+gint seek_and_write_buffer(FILE *out, const PvBuffer *buf, uint64_t offset, - GError **err); - gint seek_and_write_file(FILE *o, const CompFile *ifile, uint64_t offset, - GError **err); diff --git a/s390-tools-2.16.0-zkey.patch b/s390-tools-2.16.0-zkey.patch deleted file mode 100644 index 42b2014..0000000 --- a/s390-tools-2.16.0-zkey.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 3f3f063c98278f53ad3b34e68b70fca62eaea8fb Mon Sep 17 00:00:00 2001 -From: Ingo Franzki -Date: Tue, 23 Feb 2021 08:52:26 +0100 -Subject: [PATCH] zkey: Fix build error when the compiler flags are overridden -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When the compiler flags are overridden, the build of zkey may fail with: - -kms.c:44:2: error: #error KMS_PLUGIN_LOCATION must be defined - 44 | #error KMS_PLUGIN_LOCATION must be defined - | ^~~~~ - -The Makefile uses CFLAGS variable for defining the KMS_PLUGIN_LOCATION, -but it should rather use ALL_CFLAGS. - -Also use ALL_CPPFLAGS for defining HAVE_LUKS2_SUPPORT. - -Fixes: https://github.com/ibm-s390-linux/s390-tools/issues/108 - -Signed-off-by: Ingo Franzki -Reviewed-by: Jan Hoeppner -Signed-off-by: Jan Höppner ---- - zkey/Makefile | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/zkey/Makefile b/zkey/Makefile -index 41129bcf..f74e2091 100644 ---- a/zkey/Makefile -+++ b/zkey/Makefile -@@ -18,7 +18,7 @@ ifneq (${HAVE_CRYPTSETUP2},0) - ifneq (${HAVE_OPENSSL},0) - BUILD_TARGETS += zkey-cryptsetup - INSTALL_TARGETS += install-zkey-cryptsetup -- CPPFLAGS += -DHAVE_LUKS2_SUPPORT -+ ALL_CPPFLAGS += -DHAVE_LUKS2_SUPPORT - else - BUILD_TARGETS += zkey-cryptsetup-skip-openssl - INSTALL_TARGETS += zkey-cryptsetup-skip-openssl -@@ -34,7 +34,7 @@ endif - - libs = $(rootdir)/libutil/libutil.a - --CFLAGS += -DKMS_PLUGIN_LOCATION=\"$(ZKEYKMSPLUGINDIR)\" -+ALL_CFLAGS += -DKMS_PLUGIN_LOCATION=\"$(ZKEYKMSPLUGINDIR)\" - - detect-libcryptsetup.dep: - echo "#include " > detect-libcryptsetup.dep diff --git a/s390utils.spec b/s390utils.spec index 32a4f52..7b29a92 100644 --- a/s390utils.spec +++ b/s390utils.spec @@ -5,24 +5,22 @@ Name: s390utils Summary: Utilities and daemons for IBM z Systems -Version: 2.16.0 -Release: 6%{?dist} +Version: 2.17.0 +Release: 1%{?dist} Epoch: 2 License: MIT ExclusiveArch: s390 s390x -#URL: http://www.ibm.com/developerworks/linux/linux390/s390-tools.html -URL: https://github.com/ibm-s390-tools/s390-tools -Source0: https://github.com/ibm-s390-tools/s390-tools/archive/v%{version}.tar.gz#/s390-tools-%{version}.tar.gz -Source5: zfcpconf.sh -Source7: zfcp.udev -# files for DASD initialization -Source12: dasd.udev -Source13: dasdconf.sh -Source14: device_cio_free -Source15: device_cio_free.service -Source16: ccw_init -Source17: ccw.udev -Source21: normalize_dasd_arg +URL: https://github.com/ibm-s390-linux/s390-tools +Source0: https://github.com/ibm-s390-linux/s390-tools/archive/v%{version}.tar.gz#/s390-tools-%{version}.tar.gz +Source5: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/zfcpconf.sh +Source7: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/zfcp.udev +Source12: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/dasd.udev +Source13: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/dasdconf.sh +Source14: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/device_cio_free +Source15: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/device_cio_free.service +Source16: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/ccw_init +Source17: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/ccw.udev +Source21: https://fedorapeople.org/cgit/sharkcz/public_git/utils.git/tree/normalize_dasd_arg Source23: 20-zipl-kernel.install Source24: 52-zipl-rescue.install Source25: 91-zipl.install @@ -35,14 +33,6 @@ Source25: 91-zipl.install Patch0: s390-tools-zipl-invert-script-options.patch Patch1: s390-tools-zipl-blscfg-rpm-nvr-sort.patch -# upstream fixes -# https://github.com/ibm-s390-linux/s390-tools/commit/3f3f063c98278f53ad3b34e68b70fca62eaea8fb -Patch100: s390-tools-2.16.0-zkey.patch -# https://github.com/ibm-s390-linux/s390-tools/commit/b6bdd7744aba06d82f30b0c84012f0b06ccb01de -Patch101: s390-tools-2.16.0-genprotimg.patch -# https://github.com/ibm-s390-linux/s390-tools/commit/8723dbce048add87ce10fe8c72eea75c4f828ef8 -Patch102: s390-tools-2.16.0-genprotimg-openssl3.patch - Requires: s390utils-core = %{epoch}:%{version}-%{release} Requires: s390utils-base = %{epoch}:%{version}-%{release} Requires: s390utils-osasnmpd = %{epoch}:%{version}-%{release} @@ -51,7 +41,7 @@ Requires: s390utils-mon_statd = %{epoch}:%{version}-%{release} Requires: s390utils-iucvterm = %{epoch}:%{version}-%{release} Requires: s390utils-ziomon = %{epoch}:%{version}-%{release} -BuildRequires: make +BuildRequires: make BuildRequires: gcc-c++ %description @@ -69,11 +59,6 @@ be used together with the zSeries (s390) Linux kernel and device drivers. %patch0 -p1 -b .zipl-invert-script-options %patch1 -p1 -b .blscfg-rpm-nvr-sort -# upstream fixes -%patch100 -p1 -%patch101 -p1 -%patch102 -p1 - # remove --strip from install find . -name Makefile | xargs sed -i 's/$(INSTALL) -s/$(INSTALL)/g' @@ -81,6 +66,7 @@ find . -name Makefile | xargs sed -i 's/$(INSTALL) -s/$(INSTALL)/g' %build make \ CFLAGS="%{build_cflags}" CXXFLAGS="%{build_cflags}" LDFLAGS="%{build_ldflags}" \ + NO_PIE_LDFLAGS="" \ BINDIR=/usr/sbin \ DISTRELEASE=%{release} \ V=1 @@ -195,7 +181,7 @@ This package provides minimal set of tools needed to system to boot. %{_sbindir}/fdasd %{_sbindir}/lszdev %{_sbindir}/zipl -%dir /lib/s390-tools/ +%dir /lib/s390-tools /lib/s390-tools/{zipl,chreipl}_helper.* /lib/s390-tools/cpictl /lib/s390-tools/stage3.bin @@ -252,6 +238,7 @@ Requires: gawk sed coreutils Requires: sg3_utils Requires: ethtool Requires: tar +Requires: file Requires: s390utils-core = %{epoch}:%{version}-%{release} %{?systemd_requires} BuildRequires: perl-generators @@ -261,6 +248,7 @@ BuildRequires: cryptsetup-devel >= 2.0.3 BuildRequires: json-c-devel BuildRequires: rpm-devel BuildRequires: glib2-devel +BuildRequires: libxml2-devel %description base @@ -420,6 +408,7 @@ getent group zkeyadm > /dev/null || groupadd -r zkeyadm %{_sbindir}/dasdstat %{_sbindir}/dasdview %{_sbindir}/dbginfo.sh +%{_sbindir}/hsavmcore %{_sbindir}/hsci %{_sbindir}/hyptop %{_sbindir}/ip_watcher.pl @@ -427,6 +416,7 @@ getent group zkeyadm > /dev/null || groupadd -r zkeyadm %{_sbindir}/lscpumf %{_sbindir}/lscss %{_sbindir}/lsdasd +%{_sbindir}/lshwc %{_sbindir}/lsqeth %{_sbindir}/lsluns %{_sbindir}/lsreipl @@ -470,17 +460,23 @@ getent group zkeyadm > /dev/null || groupadd -r zkeyadm /lib/s390-tools/zfcpdump/zfcpdump-initrd /lib/s390-tools/znetcontrolunits %{_libdir}/libekmfweb.so.* +%{_libdir}/libkmipclient.so.* +%dir %{_libdir}/zkey %{_libdir}/zkey/zkey-ekmfweb.so +%{_libdir}/zkey/zkey-kmip.so %{_mandir}/man1/dbginfo.sh.1* %{_mandir}/man1/dump2tar.1* %{_mandir}/man1/lscpumf.1* +%{_mandir}/man1/lshwc.1* %{_mandir}/man1/vmconvert.1* %{_mandir}/man1/zfcpdbf.1* %{_mandir}/man1/zipl-switch-to-blscfg.1* %{_mandir}/man1/zkey.1* %{_mandir}/man1/zkey-cryptsetup.1* %{_mandir}/man1/zkey-ekmfweb.1* +%{_mandir}/man1/zkey-kmip.1* %{_mandir}/man4/prandom.4* +%{_mandir}/man5/hsavmcore.conf.5* %{_mandir}/man8/chccwdev.8* %{_mandir}/man8/chchp.8* %{_mandir}/man8/chcpumf.8* @@ -490,6 +486,7 @@ getent group zkeyadm > /dev/null || groupadd -r zkeyadm %{_mandir}/man8/dasdview.8* %{_mandir}/man8/dumpconf.8* %{_mandir}/man8/genprotimg.8.* +%{_mandir}/man8/hsavmcore.8* %{_mandir}/man8/hsci.8* %{_mandir}/man8/hyptop.8* %{_mandir}/man8/lschp.8* @@ -518,10 +515,13 @@ getent group zkeyadm > /dev/null || groupadd -r zkeyadm %{_mandir}/man8/zgetdump.8* %{_mandir}/man8/znetconf.8* %{_mandir}/man8/zpcictl.8* -%dir %{_datadir}/s390-tools/ +%dir %{_datadir}/s390-tools %{_datadir}/s390-tools/genprotimg/ %{_datadir}/s390-tools/netboot/ %dir %attr(0770,root,zkeyadm) %{_sysconfdir}/zkey +%dir %attr(0770,root,zkeyadm) %{_sysconfdir}/zkey/kmip +%dir %attr(0770,root,zkeyadm) %{_sysconfdir}/zkey/kmip/profiles +%config(noreplace) %attr(0660,root,zkeyadm)%{_sysconfdir}/zkey/kmip/profiles/*.profile %dir %attr(0770,root,zkeyadm) %{_sysconfdir}/zkey/repository %config(noreplace) %attr(0660,root,zkeyadm)%{_sysconfdir}/zkey/kms-plugins.conf @@ -815,10 +815,16 @@ User-space development files for the s390/s390x architecture. %files devel %{_includedir}/%{name}/ %{_includedir}/ekmfweb/ +%{_includedir}/kmipclient/ %{_libdir}/libekmfweb.so +%{_libdir}/libkmipclient.so %changelog +* Thu Jul 15 2021 Dan Horák - 2:2.17.0-1 +- rebased to 2.17.0 (#1869554) +- Resolves: #1869554 + * Wed Jul 07 2021 Dan Horák - 2:2.16.0-6 - update genprotimg for OpenSSL3 (#1964818) - Related: #1964818 diff --git a/sources b/sources index 404b75d..f999e3d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (s390-tools-2.16.0.tar.gz) = d0866e2f372ba2938ccab264846d6cfe3db1b760cff6645fbefcd33a8ce8e7d971e442ccefda7e8e4d59818293147caa57fa593a3e66cd77e1e661928336793c +SHA512 (s390-tools-2.17.0.tar.gz) = 57d1c90e2a270c380fd7b4ac8efdd301299d9e8671a7ff10747557135b27a06e8124a49f50b8729b450550ced61599f392606bcbe5e499c5bd488b9e207945da diff --git a/zfcpconf.sh b/zfcpconf.sh index 8dc05ad..c3c6bf4 100644 --- a/zfcpconf.sh +++ b/zfcpconf.sh @@ -36,7 +36,7 @@ if [ -f "$CONFIG" ]; then modprobe zfcp fi if [ ! -d /sys/bus/ccw/drivers/zfcp ]; then - return + exit 1 fi sed 'y/ABCDEF/abcdef/' < $CONFIG | while read line; do case $line in @@ -74,3 +74,4 @@ if [ -f "$CONFIG" ]; then esac done fi +exit 0