aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDermot Bradley <dermot_bradley@yahoo.com>2023-04-27 02:59:22 +0100
committerpsykose <alice@ayaya.dev>2023-04-27 04:58:59 +0200
commit7a6fb314a8fcbc32fa5ca4eae86766dd59a29dd8 (patch)
tree05d604980572b83004635a33f66dbda48e946fe0
parent86b71c6481bf748b5b95bae056e28f173dd661f2 (diff)
main/jitterentropy-library: upgrade to 3.4.1
-rw-r--r--main/jitterentropy-library/01-disable-gcc-optimisation.patch6
-rw-r--r--main/jitterentropy-library/02-fix-s390x-stack-corruption.patch66
-rw-r--r--main/jitterentropy-library/03-fix-dangling-pointer.patch25
-rw-r--r--main/jitterentropy-library/04-fix-memory-leak.patch27
-rwxr-xr-xmain/jitterentropy-library/APKBUILD14
5 files changed, 131 insertions, 7 deletions
diff --git a/main/jitterentropy-library/01-disable-gcc-optimisation.patch b/main/jitterentropy-library/01-disable-gcc-optimisation.patch
index 2a198073853..cc129c58be8 100644
--- a/main/jitterentropy-library/01-disable-gcc-optimisation.patch
+++ b/main/jitterentropy-library/01-disable-gcc-optimisation.patch
@@ -14,13 +14,13 @@ https://github.com/smuellerDD/jitterentropy-library/issues/55
diff -aur a/Makefile b/Makefile
--- a/Makefile
+++ b/Makefile
-@@ -3,7 +3,8 @@
- CC ?= gcc
+@@ -4,7 +4,8 @@
#Hardening
+ ENABLE_STACK_PROTECTOR ?= 1
CFLAGS ?= -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -fPIE -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum
-CFLAGS +=-Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
+CFLAGS :=-Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
+CPPFLAGS :=
LDFLAGS +=-Wl,-z,relro,-z,now -lpthread
- GCCVERSIONFORMAT := $(shell echo `$(CC) -dumpversion | sed 's/\./\n/g' | wc -l`)
+ # Enable internal timer support
diff --git a/main/jitterentropy-library/02-fix-s390x-stack-corruption.patch b/main/jitterentropy-library/02-fix-s390x-stack-corruption.patch
new file mode 100644
index 00000000000..2f5cfe809bf
--- /dev/null
+++ b/main/jitterentropy-library/02-fix-s390x-stack-corruption.patch
@@ -0,0 +1,66 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+Output size of the STCKE command on s390x is 16 bytes, compared to 8
+bytes of the STCK command. This leads to a stack corruption in
+jent_get_nstime() on an s390x system.
+
+Upstream PR #95, already merged in master.
+
+---
+
+diff -aur a/jitterentropy-base-user.h b/jitterentropy-base-user.h
+--- a/jitterentropy-base-user.h
++++ b/jitterentropy-base-user.h
+@@ -129,13 +129,46 @@
+
+ static inline void jent_get_nstime(uint64_t *out)
+ {
+- uint64_t clk;
++ /*
++ * This is MVS+STCK code! Enable it with -S in the compiler.
++ *
++ * uint64_t clk;
++ * __asm__ volatile("stck %0" : "=m" (clk) : : "cc");
++ * *out = (uint64_t)(clk);
++ */
++
++ /*
++ * This is GCC+STCKE code. STCKE command and data format:
++ * z/Architecture - Principles of Operation
++ * http://publibz.boulder.ibm.com/epubs/pdf/dz9zr007.pdf
++ *
++ * The current value of bits 0-103 of the TOD clock is stored in bytes
++ * 1-13 of the sixteen-byte output:
++ *
++ * bits 0-7: zeros (reserved for future extention)
++ * bits 8-111: TOD Clock value
++ * bits 112-127: Programmable Field
++ *
++ * Output bit 59 (TOD-Clock bit 51) effectively increments every
++ * microsecond. Bits 60 to 111 of STCKE output are fractions of
++ * a miscrosecond: bit 59 is 1.0us, bit 60 is .5us, bit 61 is .25us,
++ * bit 62 is .125us, bit 63 is 62.5ns, etc.
++ *
++ * Some of these bits can be implemented, some not. 64 bits of
++ * the TOD clock are implemented usually nowadays, these are
++ * bits 8-71 of the output.
++ *
++ * The stepping value of TOD-clock bit position 63, if implemented,
++ * is 2^-12 microseconds, or approximately 244 picoseconds. This value
++ * is called a clock unit.
++ */
++
++ uint8_t clk[16];
+
+- /* this is MVS code! enable with -S in the compiler */
+- /*__asm__ volatile("stck %0" : "=m" (clk) : : "cc"); */
+- /* this is gcc */
+ asm volatile("stcke %0" : "=Q" (clk) : : "cc");
+- *out = (uint64_t)(clk);
++
++ /* s390x is big-endian, so just perfom a byte-by-byte copy */
++ *out = *(uint64_t *)(clk + 1);
+ }
+
+ #elif defined(__powerpc)
diff --git a/main/jitterentropy-library/03-fix-dangling-pointer.patch b/main/jitterentropy-library/03-fix-dangling-pointer.patch
new file mode 100644
index 00000000000..81b631e8ed7
--- /dev/null
+++ b/main/jitterentropy-library/03-fix-dangling-pointer.patch
@@ -0,0 +1,25 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+On a failure of jent_read_entropy() where the entropy collector will
+be reallocated, jent_entropy_collector_free() is used to release
+*ec, but *ec is not set to NULL. If a failure occurs in the
+following call to jent_entropy_collector_ex() then the function will
+return with a dangling pointer remaining in *ec. Set *ec to NULL
+after freeing to prevent this.
+
+Upstream PR #97, already merged in master.
+
+---
+
+diff -aur a/src/jitterentropy-base.c b/src/jitterentropy-base.c
+--- a/src/jitterentropy-base.c
++++ b/src/jitterentropy-base.c
+@@ -308,6 +308,7 @@
+ * memory size
+ */
+ jent_entropy_collector_free(*ec);
++ *ec = NULL;
+
+ /* Perform new health test with updated OSR */
+ if (jent_entropy_init_ex(osr, flags))
diff --git a/main/jitterentropy-library/04-fix-memory-leak.patch b/main/jitterentropy-library/04-fix-memory-leak.patch
new file mode 100644
index 00000000000..dfa790d95ad
--- /dev/null
+++ b/main/jitterentropy-library/04-fix-memory-leak.patch
@@ -0,0 +1,27 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+In the error cleanup block of jent_entropy_collector_alloc_internal(),
+the hash_state should also be zeroed and freed.
+
+Conflicting flags of JENT_DISABLE_INTERNAL_TIMER and
+JENT_FORCE_INTERNAL_TIMER will cause a EHEALTH return from
+jent_notime_enable() and jump to the error cleanup block after
+hash_state has been allocated.
+
+Upstream PR #98, already merged in master.
+
+---
+
+diff -aur a/src/jitterentropy-base.c b/src/jitterentropy-base.c
+--- a/src/jitterentropy-base.c
++++ b/src/jitterentropy-base.c
+@@ -486,6 +486,8 @@
+ err:
+ if (entropy_collector->mem != NULL)
+ jent_zfree(entropy_collector->mem, memsize);
++ if (entropy_collector->hash_state != NULL)
++ sha3_dealloc(entropy_collector->hash_state);
+ jent_zfree(entropy_collector, sizeof(struct rand_data));
+ return NULL;
+ }
diff --git a/main/jitterentropy-library/APKBUILD b/main/jitterentropy-library/APKBUILD
index 77c887b7271..b81b12d396c 100755
--- a/main/jitterentropy-library/APKBUILD
+++ b/main/jitterentropy-library/APKBUILD
@@ -9,8 +9,8 @@ pkgname=jitterentropy-library
# time and potentially upgrading jitterentropy-library alone could break
# rng-tools' jitter functionality).
#
-pkgver=3.3.1
-pkgrel=2
+pkgver=3.4.1
+pkgrel=0
pkgdesc="Jitterentropy library"
url="http://www.chronox.de/jent.html"
arch="all"
@@ -19,6 +19,9 @@ subpackages="$pkgname-dev $pkgname-doc"
options="!check" # There are no testcases
source="$pkgname-$pkgver.tar.gz::https://github.com/smuellerDD/jitterentropy-library/archive/v$pkgver.tar.gz
01-disable-gcc-optimisation.patch
+ 02-fix-s390x-stack-corruption.patch
+ 03-fix-dangling-pointer.patch
+ 04-fix-memory-leak.patch
"
build() {
@@ -30,6 +33,9 @@ package() {
}
sha512sums="
-7dc17c377cf90d38057bbc135e00730a3f84bc66aeed83eca1ad1b0e1c2fb89c5346ec20bdf25d3ce27f1d21893d44e52c08e96175554c18dfa1934a8d4fd9f7 jitterentropy-library-3.3.1.tar.gz
-0a71265b503a1ce9758cb4e2bf8c806e1c427be80567fb530168e50e3aa324569edeba42dcb7dc3c7a147f1a0e360479b4af52cea2dd548b1096939f4f5b8aa6 01-disable-gcc-optimisation.patch
+c832b33c084a8c56fb9ee0c0f7397fa9206cbd6fcbea047495e543566fc0d9b5d8978c8668103203d87b5b70c0e177f9ef7cc614b3ce689b90fbb8b85e6fedbb jitterentropy-library-3.4.1.tar.gz
+da19a711ca37081d05cefd46eff148dc6f44590b3b7375fbee9dd4bad453e2127256135d0f396ff614dc729fee2c80e0e567e19bb8829761cbd4a4c125341e4b 01-disable-gcc-optimisation.patch
+737848e0f2b43b81b2caf8f9600c616d6ad79a1c3a9bbc2346ae9e23f7dddf20ddb265caeb6be0e0bd70cc6e7d2eaf36aa457d2b45c86d9e8e2efa37ba9013b7 02-fix-s390x-stack-corruption.patch
+a3a4f0d66094c7d3139eef02437d17848fb5dcd338a84757f36eae71ba5c685cfe038d24cba990c2a940eccfcfdc6b3aaa780afa4ded33efe6f165d96df75c78 03-fix-dangling-pointer.patch
+1edd24b3deb171850dc06e25a579ca15db69ac28bb867c9210c8a600b4370afb82aa12511daddbe994d58997282dc8d486e538c5e7ceb5296a5387c88c1f120a 04-fix-memory-leak.patch
"