1 |
commit: 9570993b65a75260234df497710949db861ffd8f |
2 |
Author: Salah Coronya <salah.coronya <AT> gmail <DOT> com> |
3 |
AuthorDate: Mon May 11 16:40:04 2020 +0000 |
4 |
Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu May 14 22:12:13 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9570993b |
7 |
|
8 |
dev-libs/libtpms: Fix compiliation under GCC10 |
9 |
|
10 |
Closes: https://bugs.gentoo.org/722056 |
11 |
Package-Manager: Portage-2.3.99, Repoman-2.3.22 |
12 |
Signed-off-by: Salah Coronya <salah.coronya <AT> gmail.com> |
13 |
Closes: https://github.com/gentoo/gentoo/pull/15750 |
14 |
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org> |
15 |
|
16 |
...tial-buffer-overflow-in-filename-creation.patch | 105 ++++++++++++++++++++ |
17 |
...Initialize-a-few-variables-for-x86-gcc-O3.patch | 108 +++++++++++++++++++++ |
18 |
...0-tpm12-Initialize-some-variables-for-gcc.patch | 74 ++++++++++++++ |
19 |
...pms-0.7.0-tpm2-Fix-a-gcc-10.1.0-complaint.patch | 53 ++++++++++ |
20 |
dev-libs/libtpms/libtpms-0.7.0-r1.ebuild | 7 ++ |
21 |
5 files changed, 347 insertions(+) |
22 |
|
23 |
diff --git a/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Fix-potential-buffer-overflow-in-filename-creation.patch b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Fix-potential-buffer-overflow-in-filename-creation.patch |
24 |
new file mode 100644 |
25 |
index 00000000000..9e7af9e88ed |
26 |
--- /dev/null |
27 |
+++ b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Fix-potential-buffer-overflow-in-filename-creation.patch |
28 |
@@ -0,0 +1,105 @@ |
29 |
+From 1cdd950e7342240ed8edc695372365cf57fbc6cb Mon Sep 17 00:00:00 2001 |
30 |
+From: Stefan Berger <stefanb@××××××××××××××.com> |
31 |
+Date: Thu, 17 Oct 2019 10:19:23 -0400 |
32 |
+Subject: [PATCH 2/2] tpm12: Fix potential buffer overflow in filename creation |
33 |
+ |
34 |
+Fix a potential buffer overflow bug in the creation of filenames |
35 |
+that were using sprintf() rather than snprintf(). The buffer overflow |
36 |
+could occurr if the buffer is longer than 4096 bytes. The state path |
37 |
+may alone be 4096 bytes and could possibly trigger the overflow. |
38 |
+ |
39 |
+Swtpm for example is not affected from this since it uses the callbacks |
40 |
+that are invoked before the faulty function is called. |
41 |
+ |
42 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
43 |
+--- |
44 |
+ src/tpm12/tpm_nvfile.c | 43 ++++++++++++++++++++++++++++++++---------- |
45 |
+ 1 file changed, 33 insertions(+), 10 deletions(-) |
46 |
+ |
47 |
+diff --git a/src/tpm12/tpm_nvfile.c b/src/tpm12/tpm_nvfile.c |
48 |
+index c8e7bcf..0268bd0 100644 |
49 |
+--- a/src/tpm12/tpm_nvfile.c |
50 |
++++ b/src/tpm12/tpm_nvfile.c |
51 |
+@@ -70,7 +70,8 @@ |
52 |
+ |
53 |
+ /* local prototypes */ |
54 |
+ |
55 |
+-static void TPM_NVRAM_GetFilenameForName(char *filename, |
56 |
++static TPM_RESULT TPM_NVRAM_GetFilenameForName(char *filename, |
57 |
++ size_t filename_len, |
58 |
+ uint32_t tpm_number, |
59 |
+ const char *name); |
60 |
+ |
61 |
+@@ -189,7 +190,10 @@ TPM_RESULT TPM_NVRAM_LoadData(unsigned char **data, /* freed by caller */ |
62 |
+ /* open the file */ |
63 |
+ if (rc == 0) { |
64 |
+ /* map name to the rooted filename */ |
65 |
+- TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); |
66 |
++ rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), |
67 |
++ tpm_number, name); |
68 |
++ } |
69 |
++ if (rc == 0) { |
70 |
+ printf(" TPM_NVRAM_LoadData: Opening file %s\n", filename); |
71 |
+ file = fopen(filename, "rb"); /* closed @1 */ |
72 |
+ if (file == NULL) { /* if failure, determine cause */ |
73 |
+@@ -297,7 +301,10 @@ TPM_RESULT TPM_NVRAM_StoreData(const unsigned char *data, |
74 |
+ printf(" TPM_NVRAM_StoreData: To name %s\n", name); |
75 |
+ if (rc == 0) { |
76 |
+ /* map name to the rooted filename */ |
77 |
+- TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); |
78 |
++ rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), |
79 |
++ tpm_number, name); |
80 |
++ } |
81 |
++ if (rc == 0) { |
82 |
+ /* open the file */ |
83 |
+ printf(" TPM_NVRAM_StoreData: Opening file %s\n", filename); |
84 |
+ file = fopen(filename, "wb"); /* closed @1 */ |
85 |
+@@ -339,14 +346,27 @@ TPM_RESULT TPM_NVRAM_StoreData(const unsigned char *data, |
86 |
+ state_directory/tpm_number.name |
87 |
+ */ |
88 |
+ |
89 |
+-static void TPM_NVRAM_GetFilenameForName(char *filename, /* output: rooted filename */ |
90 |
+- uint32_t tpm_number, |
91 |
+- const char *name) /* input: abstract name */ |
92 |
++static TPM_RESULT TPM_NVRAM_GetFilenameForName(char *filename, /* output: rooted filename */ |
93 |
++ size_t filename_len, |
94 |
++ uint32_t tpm_number, |
95 |
++ const char *name) /* input: abstract name */ |
96 |
+ { |
97 |
++ int n; |
98 |
++ TPM_RESULT rc = TPM_FAIL; |
99 |
++ |
100 |
+ printf(" TPM_NVRAM_GetFilenameForName: For name %s\n", name); |
101 |
+- sprintf(filename, "%s/%02lx.%s", state_directory, (unsigned long)tpm_number, name); |
102 |
+- printf(" TPM_NVRAM_GetFilenameForName: File name %s\n", filename); |
103 |
+- return; |
104 |
++ n = snprintf(filename, filename_len, |
105 |
++ "%s/%02lx.%s", state_directory, (unsigned long)tpm_number, |
106 |
++ name); |
107 |
++ if (n < 0) { |
108 |
++ printf(" TPM_NVRAM_GetFilenameForName: Error (fatal), snprintf failed\n"); |
109 |
++ } else if ((size_t)n >= filename_len) { |
110 |
++ printf(" TPM_NVRAM_GetFilenameForName: Error (fatal), buffer too small\n"); |
111 |
++ } else { |
112 |
++ printf(" TPM_NVRAM_GetFilenameForName: File name %s\n", filename); |
113 |
++ rc = TPM_SUCCESS; |
114 |
++ } |
115 |
++ return rc; |
116 |
+ } |
117 |
+ |
118 |
+ /* TPM_NVRAM_DeleteName() deletes the 'name' from NVRAM |
119 |
+@@ -380,7 +400,10 @@ TPM_RESULT TPM_NVRAM_DeleteName(uint32_t tpm_number, |
120 |
+ |
121 |
+ printf(" TPM_NVRAM_DeleteName: Name %s\n", name); |
122 |
+ /* map name to the rooted filename */ |
123 |
+- TPM_NVRAM_GetFilenameForName(filename, tpm_number, name); |
124 |
++ if (rc == 0) { |
125 |
++ rc = TPM_NVRAM_GetFilenameForName(filename, sizeof(filename), |
126 |
++ tpm_number, name); |
127 |
++ } |
128 |
+ if (rc == 0) { |
129 |
+ irc = remove(filename); |
130 |
+ if ((irc != 0) && /* if the remove failed */ |
131 |
+-- |
132 |
+2.26.2 |
133 |
+ |
134 |
|
135 |
diff --git a/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-a-few-variables-for-x86-gcc-O3.patch b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-a-few-variables-for-x86-gcc-O3.patch |
136 |
new file mode 100644 |
137 |
index 00000000000..e1c79875a02 |
138 |
--- /dev/null |
139 |
+++ b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-a-few-variables-for-x86-gcc-O3.patch |
140 |
@@ -0,0 +1,108 @@ |
141 |
+From 464083396ae1d242fb2a26c1ab6e39971e82f47e Mon Sep 17 00:00:00 2001 |
142 |
+From: Stefan Berger <stefanb@×××××××××.com> |
143 |
+Date: Fri, 17 Jan 2020 19:01:24 +0000 |
144 |
+Subject: [PATCH 3/3] tpm12: Initialize a few variables for x86 gcc -O3 |
145 |
+MIME-Version: 1.0 |
146 |
+Content-Type: text/plain; charset=UTF-8 |
147 |
+Content-Transfer-Encoding: 8bit |
148 |
+ |
149 |
+gcc (Ubuntu 5.4.0-6ubuntu1~16.04.12) 5.4.0 20160609 |
150 |
+ |
151 |
+The above gcc on x86 with -O3 reports the following false positives: |
152 |
+ |
153 |
+ gcc -DHAVE_CONFIG_H -I. -I.. -include tpm_library_conf.h -I../include/libtpms -I../include/libtpms -fstack-protector-strong -DTPM_V12 -DTPM_PCCLIENT -DTPM_VOLATILE_LOAD -DTPM_ENABLE_ACTIVATE -DTPM_AES -DTPM_LIBTPMS_CALLBACKS -DTPM_NV_DISK -DTPM_POSIX -DTPM_NOMAINTENANCE_COMMANDS -O3 -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1 -DUSE_OPENSSL_FUNCTIONS_EC=1 -DUSE_OPENSSL_FUNCTIONS_ECDSA=0 -DUSE_OPENSSL_FUNCTIONS_RSA=0 -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign -MT tpm12/libtpms_tpm12_la-tpm_nvram.lo -MD -MP -MF tpm12/.deps/libtpms_tpm12_la-tpm_nvram.Tpo -c tpm12/tpm_nvram.c -o tpm12/libtpms_tpm12_la-tpm_nvram.o |
154 |
+tpm12/tpm_nvram.c: In function ‘TPM_Process_NVReadValue’: |
155 |
+tpm12/tpm_nvram.c:1539:38: error: ‘isGPIO’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
156 |
+ if ((returnCode == TPM_SUCCESS) && !isGPIO) { |
157 |
+ ^ |
158 |
+tpm12/tpm_nvram.c: In function ‘TPM_Process_NVWriteValue’: |
159 |
+tpm12/tpm_nvram.c:2323:6: error: ‘isGPIO’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
160 |
+ if (!isGPIO) { |
161 |
+ ^ |
162 |
+ |
163 |
+gcc -DHAVE_CONFIG_H -I. -I.. -include tpm_library_conf.h -I../include/libtpms -I../include/libtpms -fstack-protector-strong -DTPM_V12 -DTPM_PCCLIENT -DTPM_VOLATILE_LOAD -DTPM_ENABLE_ACTIVATE -DTPM_AES -DTPM_LIBTPMS_CALLBACKS -DTPM_NV_DISK -DTPM_POSIX -DTPM_NOMAINTENANCE_COMMANDS -O3 -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1 -DUSE_OPENSSL_FUNCTIONS_EC=1 -DUSE_OPENSSL_FUNCTIONS_ECDSA=0 -DUSE_OPENSSL_FUNCTIONS_RSA=0 -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign -MT tpm12/libtpms_tpm12_la-tpm_process.lo -MD -MP -MF tpm12/.deps/libtpms_tpm12_la-tpm_process.Tpo -c tpm12/tpm_process.c -o tpm12/libtpms_tpm12_la-tpm_process.o |
164 |
+tpm12/tpm_process.c: In function ‘TPM_Process_GetCapabilitySigned’: |
165 |
+tpm12/tpm_process.c:5089:19: error: ‘transportEncrypt’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
166 |
+ returnCode = TPM_ProcessAudit(tpm_state, |
167 |
+ ^ |
168 |
+tpm12/tpm_process.c: In function ‘TPM_Process_SetCapability’: |
169 |
+tpm12/tpm_process.c:5309:19: error: ‘transportEncrypt’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
170 |
+ returnCode = TPM_ProcessAudit(tpm_state, |
171 |
+ ^ |
172 |
+tpm12/tpm_process.c: At top level: |
173 |
+ |
174 |
+gcc -DHAVE_CONFIG_H -I. -I.. -include tpm_library_conf.h -I../include/libtpms -I../include/libtpms -fstack-protector-strong -DTPM_V12 -DTPM_PCCLIENT -DTPM_VOLATILE_LOAD -DTPM_ENABLE_ACTIVATE -DTPM_AES -DTPM_LIBTPMS_CALLBACKS -DTPM_NV_DISK -DTPM_POSIX -DTPM_NOMAINTENANCE_COMMANDS -O3 -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1 -DUSE_OPENSSL_FUNCTIONS_EC=1 -DUSE_OPENSSL_FUNCTIONS_ECDSA=0 -DUSE_OPENSSL_FUNCTIONS_RSA=0 -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign -MT tpm12/libtpms_tpm12_la-tpm_transport.lo -MD -MP -MF tpm12/.deps/libtpms_tpm12_la-tpm_transport.Tpo -c tpm12/tpm_transport.c -o tpm12/libtpms_tpm12_la-tpm_transport.o |
175 |
+tpm12/tpm_transport.c: In function ‘TPM_Process_ReleaseTransportSigned’: |
176 |
+tpm12/tpm_transport.c:2810:42: error: ‘t1TpmTransportInternal’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
177 |
+ returnCode = TPM_TransportLogOut_Extend(t1TpmTransportInternal->transDigest, |
178 |
+ ^ |
179 |
+ |
180 |
+This patch initializes the variables. |
181 |
+ |
182 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
183 |
+--- |
184 |
+ src/tpm12/tpm_nvram.c | 4 ++-- |
185 |
+ src/tpm12/tpm_process.c | 4 ++-- |
186 |
+ src/tpm12/tpm_transport.c | 2 +- |
187 |
+ 3 files changed, 5 insertions(+), 5 deletions(-) |
188 |
+ |
189 |
+diff --git a/src/tpm12/tpm_nvram.c b/src/tpm12/tpm_nvram.c |
190 |
+index 1b9c005..620944e 100644 |
191 |
+--- a/src/tpm12/tpm_nvram.c |
192 |
++++ b/src/tpm12/tpm_nvram.c |
193 |
+@@ -1288,7 +1288,7 @@ TPM_RESULT TPM_Process_NVReadValue(tpm_state_t *tpm_state, |
194 |
+ TPM_BOOL ignore_auth = FALSE; |
195 |
+ TPM_BOOL dir = FALSE; |
196 |
+ TPM_BOOL physicalPresence; |
197 |
+- TPM_BOOL isGPIO; |
198 |
++ TPM_BOOL isGPIO = FALSE; |
199 |
+ BYTE *gpioData = NULL; |
200 |
+ TPM_NV_DATA_SENSITIVE *d1NvdataSensitive; |
201 |
+ uint32_t s1Last; |
202 |
+@@ -2000,7 +2000,7 @@ TPM_RESULT TPM_Process_NVWriteValue(tpm_state_t *tpm_state, |
203 |
+ TPM_NV_DATA_SENSITIVE *d1NvdataSensitive; |
204 |
+ uint32_t s1Last; |
205 |
+ TPM_BOOL physicalPresence; |
206 |
+- TPM_BOOL isGPIO; |
207 |
++ TPM_BOOL isGPIO = FALSE; |
208 |
+ uint32_t nv1 = tpm_state->tpm_permanent_data.noOwnerNVWrite; |
209 |
+ /* temp for noOwnerNVWrite, initialize to |
210 |
+ silence compiler */ |
211 |
+diff --git a/src/tpm12/tpm_process.c b/src/tpm12/tpm_process.c |
212 |
+index d6a3b8e..c433621 100644 |
213 |
+--- a/src/tpm12/tpm_process.c |
214 |
++++ b/src/tpm12/tpm_process.c |
215 |
+@@ -4844,7 +4844,7 @@ TPM_RESULT TPM_Process_GetCapabilitySigned(tpm_state_t *tpm_state, |
216 |
+ unsigned char * inParamEnd; /* ending point of inParam's */ |
217 |
+ TPM_DIGEST inParamDigest; |
218 |
+ TPM_BOOL auditStatus; /* audit the ordinal */ |
219 |
+- TPM_BOOL transportEncrypt; /* wrapped in encrypted transport session */ |
220 |
++ TPM_BOOL transportEncrypt = FALSE;/* wrapped in encrypted transport session */ |
221 |
+ TPM_BOOL authHandleValid = FALSE; |
222 |
+ TPM_AUTH_SESSION_DATA *auth_session_data; /* session data for authHandle */ |
223 |
+ TPM_SECRET *hmacKey; |
224 |
+@@ -5144,7 +5144,7 @@ TPM_RESULT TPM_Process_SetCapability(tpm_state_t *tpm_state, |
225 |
+ unsigned char * inParamEnd; /* ending point of inParam's */ |
226 |
+ TPM_DIGEST inParamDigest; |
227 |
+ TPM_BOOL auditStatus; /* audit the ordinal */ |
228 |
+- TPM_BOOL transportEncrypt; /* wrapped in encrypted transport session */ |
229 |
++ TPM_BOOL transportEncrypt = FALSE;/* wrapped in encrypted transport session */ |
230 |
+ TPM_BOOL authHandleValid = FALSE; |
231 |
+ TPM_AUTH_SESSION_DATA *auth_session_data; /* session data for authHandle */ |
232 |
+ TPM_SECRET *hmacKey; |
233 |
+diff --git a/src/tpm12/tpm_transport.c b/src/tpm12/tpm_transport.c |
234 |
+index 2261670..7b9c520 100644 |
235 |
+--- a/src/tpm12/tpm_transport.c |
236 |
++++ b/src/tpm12/tpm_transport.c |
237 |
+@@ -2599,7 +2599,7 @@ TPM_RESULT TPM_Process_ReleaseTransportSigned(tpm_state_t *tpm_state, |
238 |
+ TPM_BOOL authHandleValid = FALSE; |
239 |
+ TPM_BOOL transHandleValid = FALSE; |
240 |
+ TPM_AUTH_SESSION_DATA *auth_session_data = NULL; /* session data for authHandle */ |
241 |
+- TPM_TRANSPORT_INTERNAL *t1TpmTransportInternal; |
242 |
++ TPM_TRANSPORT_INTERNAL *t1TpmTransportInternal = NULL; |
243 |
+ TPM_SECRET *hmacKey; |
244 |
+ TPM_KEY *sigKey = NULL; /* the key specified by keyHandle */ |
245 |
+ TPM_BOOL parentPCRStatus; |
246 |
+-- |
247 |
+2.26.2 |
248 |
+ |
249 |
|
250 |
diff --git a/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-some-variables-for-gcc.patch b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-some-variables-for-gcc.patch |
251 |
new file mode 100644 |
252 |
index 00000000000..309c78b3d1e |
253 |
--- /dev/null |
254 |
+++ b/dev-libs/libtpms/files/libtpms-0.7.0-tpm12-Initialize-some-variables-for-gcc.patch |
255 |
@@ -0,0 +1,74 @@ |
256 |
+From aab357515eda564500290a4b3f542d2b4609af4f Mon Sep 17 00:00:00 2001 |
257 |
+From: Stefan Berger <stefanb@×××××××××.com> |
258 |
+Date: Tue, 14 Jan 2020 18:05:06 -0500 |
259 |
+Subject: [PATCH] tpm12: Initialize some variables for gcc ppc64el compiler |
260 |
+MIME-Version: 1.0 |
261 |
+Content-Type: text/plain; charset=UTF-8 |
262 |
+Content-Transfer-Encoding: 8bit |
263 |
+ |
264 |
+gcc (Ubuntu 9.2.1-21ubuntu1) 9.2.1 20191130 |
265 |
+ |
266 |
+The gcc compiler on Ubuntu Focal reports several false positives for |
267 |
+potentially uninitialized variables: |
268 |
+ |
269 |
+tpm12/tpm_session.c: In function ‘TPM_Process_SaveContext’: |
270 |
+tpm12/tpm_session.c:3229:19: error: ‘tpm_auth_session_data’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
271 |
+ 3229 | returnCode = TPM_AuthSessionData_Store(&r1ContextSensitive, tpm_auth_session_data); |
272 |
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
273 |
+ |
274 |
+tpm12/tpm_delegate.c: In function ‘TPM_Process_DelegateManage’: |
275 |
+tpm12/tpm_delegate.c:1787:49: error: ‘familyRow’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
276 |
+ 1787 | if ((opCode != TPM_FAMILY_CREATE) && (familyRow->flags & TPM_DELEGATE_ADMIN_LOCK)) { |
277 |
+ | ~~~~~~~~~^~~~~~~ |
278 |
+tpm12/tpm_delegate.c: In function ‘TPM_Process_DelegateUpdateVerification’: |
279 |
+tpm12/tpm_delegate.c:3575:48: error: ‘d1DelegateTableRow’ may be used uninitialized in this function [-Werror=maybe-uninitialized] |
280 |
+ 3575 | d1DelegateTableRow->pub.verificationCount = familyRow->verificationCount; |
281 |
+ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
282 |
+ |
283 |
+All of the variables are initialize under the same condition as they are |
284 |
+accessed. |
285 |
+ |
286 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
287 |
+--- |
288 |
+ src/tpm12/tpm_delegate.c | 4 ++-- |
289 |
+ src/tpm12/tpm_session.c | 2 +- |
290 |
+ 2 files changed, 3 insertions(+), 3 deletions(-) |
291 |
+ |
292 |
+diff --git a/src/tpm12/tpm_delegate.c b/src/tpm12/tpm_delegate.c |
293 |
+index 51d12f3..37ebc02 100644 |
294 |
+--- a/src/tpm12/tpm_delegate.c |
295 |
++++ b/src/tpm12/tpm_delegate.c |
296 |
+@@ -1629,7 +1629,7 @@ TPM_RESULT TPM_Process_DelegateManage(tpm_state_t *tpm_state, |
297 |
+ TPM_SECRET *hmacKey; |
298 |
+ TPM_SECRET savedAuth; /* saved copy for response */ |
299 |
+ TPM_DELEGATE_PUBLIC *delegatePublic; /* from DSAP session */ |
300 |
+- TPM_FAMILY_TABLE_ENTRY *familyRow; /* family table row containing familyID */ |
301 |
++ TPM_FAMILY_TABLE_ENTRY *familyRow = NULL; /* family table row containing familyID */ |
302 |
+ uint32_t nv1 = tpm_state->tpm_permanent_data.noOwnerNVWrite; |
303 |
+ /* temp for noOwnerNVWrite, initialize to |
304 |
+ silence compiler */ |
305 |
+@@ -3360,7 +3360,7 @@ TPM_RESULT TPM_Process_DelegateUpdateVerification(tpm_state_t *tpm_state, |
306 |
+ TPM_DELEGATE_INDEX d1DelegateIndex; |
307 |
+ TPM_DELEGATE_OWNER_BLOB d1DelegateOwnerBlob; |
308 |
+ TPM_DELEGATE_KEY_BLOB d1DelegateKeyBlob; |
309 |
+- TPM_DELEGATE_TABLE_ROW *d1DelegateTableRow; |
310 |
++ TPM_DELEGATE_TABLE_ROW *d1DelegateTableRow = NULL; |
311 |
+ TPM_FAMILY_ID familyID = 0; |
312 |
+ TPM_FAMILY_TABLE_ENTRY *familyRow; /* family table row containing familyID */ |
313 |
+ TPM_DELEGATE_PUBLIC *delegatePublic; /* from DSAP session */ |
314 |
+diff --git a/src/tpm12/tpm_session.c b/src/tpm12/tpm_session.c |
315 |
+index 5e7b708..15b977f 100644 |
316 |
+--- a/src/tpm12/tpm_session.c |
317 |
++++ b/src/tpm12/tpm_session.c |
318 |
+@@ -3044,7 +3044,7 @@ TPM_RESULT TPM_Process_SaveContext(tpm_state_t *tpm_state, |
319 |
+ TPM_STORE_BUFFER b1_sbuffer; /* serialization of b1 */ |
320 |
+ TPM_STCLEAR_DATA *v1StClearData = NULL; |
321 |
+ TPM_KEY_HANDLE_ENTRY *tpm_key_handle_entry; /* key table entry for the handle */ |
322 |
+- TPM_AUTH_SESSION_DATA *tpm_auth_session_data; /* session table entry for the handle */ |
323 |
++ TPM_AUTH_SESSION_DATA *tpm_auth_session_data = NULL; /* session table entry for the handle */ |
324 |
+ TPM_TRANSPORT_INTERNAL *tpm_transport_internal; /* transport table entry for the handle */ |
325 |
+ TPM_DAA_SESSION_DATA *tpm_daa_session_data; /* daa session table entry for the handle */ |
326 |
+ TPM_NONCE *n1ContextNonce = NULL; |
327 |
+-- |
328 |
+2.26.2 |
329 |
+ |
330 |
|
331 |
diff --git a/dev-libs/libtpms/files/libtpms-0.7.0-tpm2-Fix-a-gcc-10.1.0-complaint.patch b/dev-libs/libtpms/files/libtpms-0.7.0-tpm2-Fix-a-gcc-10.1.0-complaint.patch |
332 |
new file mode 100644 |
333 |
index 00000000000..539ddb243d0 |
334 |
--- /dev/null |
335 |
+++ b/dev-libs/libtpms/files/libtpms-0.7.0-tpm2-Fix-a-gcc-10.1.0-complaint.patch |
336 |
@@ -0,0 +1,53 @@ |
337 |
+From f3f78c72a5b6ef42119188ac5af73bb3a0a8bbba Mon Sep 17 00:00:00 2001 |
338 |
+From: Stefan Berger <stefanb@××××××××××××××.com> |
339 |
+Date: Tue, 12 May 2020 13:41:53 -0400 |
340 |
+Subject: [PATCH] tpm2: Fix a gcc 10.1.0 complaint |
341 |
+ |
342 |
+This PR addresses issue 133: https://github.com/stefanberger/libtpms/issues/133 |
343 |
+ |
344 |
+bin/sh ../libtool --tag=CC --mode=compile x86_64-pc-linux-gnu-gcc \ |
345 |
+ -DHAVE_CONFIG_H -I. -I.. -include tpm_library_conf.h \ |
346 |
+ -I../include/libtpms -I../include/libtpms -fstack-protector-strong \ |
347 |
+ -D_POSIX_ -DTPM_POSIX -DTPM_LIBTPMS_CALLBACKS -I ./tpm2 \ |
348 |
+ -I ./tpm2/crypto -I ./tpm2/crypto/openssl -g -O2 \ |
349 |
+ -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1 -DUSE_OPENSSL_FUNCTIONS_EC=1 \ |
350 |
+ -DUSE_OPENSSL_FUNCTIONS_ECDSA=1 -DUSE_OPENSSL_FUNCTIONS_RSA=1 \ |
351 |
+ -Wall -Werror -Wreturn-type -Wsign-compare -Wno-self-assign \ |
352 |
+ -c -o tpm2/libtpms_tpm2_la-NVDynamic.lo `test -f 'tpm2/NVDynamic.c' \ |
353 |
+ || echo './'`tpm2/NVDynamic.c |
354 |
+libtool: compile: x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. \ |
355 |
+ -I.. -include tpm_library_conf.h -I../include/libtpms \ |
356 |
+ -I../include/libtpms -fstack-protector-strong -D_POSIX_ -DTPM_POSIX \ |
357 |
+ -DTPM_LIBTPMS_CALLBACKS -I ./tpm2 -I ./tpm2/crypto \ |
358 |
+ -I ./tpm2/crypto/openssl -g -O2 -DUSE_OPENSSL_FUNCTIONS_SYMMETRIC=1 \ |
359 |
+ -DUSE_OPENSSL_FUNCTIONS_EC=1 -DUSE_OPENSSL_FUNCTIONS_ECDSA=1 \ |
360 |
+ -DUSE_OPENSSL_FUNCTIONS_RSA=1 -Wall -Werror -Wreturn-type -Wsign-compare \ |
361 |
+ -Wno-self-assign -c tpm2/NVDynamic.c -fPIC -DPIC \ |
362 |
+ -o tpm2/.libs/libtpms_tpm2_la-NVDynamic.o |
363 |
+tpm2/NVDynamic.c: In function ?NvNextByType?: |
364 |
+tpm2/NVDynamic.c:126:10: error: ?nvHandle? may be used uninitialized in this function [-Werror=maybe-uninitialized] |
365 |
+ 126 | *handle = nvHandle; |
366 |
+ | ~~~~~~~~^~~~~~~~~~ |
367 |
+tpm2/NVDynamic.c: At top level: |
368 |
+ |
369 |
+Signed-off-by: Stefan Berger <stefanb@×××××××××.com> |
370 |
+--- |
371 |
+ src/tpm2/NVDynamic.c | 2 +- |
372 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
373 |
+ |
374 |
+diff --git a/src/tpm2/NVDynamic.c b/src/tpm2/NVDynamic.c |
375 |
+index 32f46bb..4381658 100644 |
376 |
+--- a/src/tpm2/NVDynamic.c |
377 |
++++ b/src/tpm2/NVDynamic.c |
378 |
+@@ -114,7 +114,7 @@ NvNextByType( |
379 |
+ ) |
380 |
+ { |
381 |
+ NV_REF addr; |
382 |
+- TPM_HANDLE nvHandle; |
383 |
++ TPM_HANDLE nvHandle = 0; // libtpms changed: gcc 10.1.0 complaint |
384 |
+ while((addr = NvNext(iter, &nvHandle)) != 0) |
385 |
+ { |
386 |
+ // addr: the address of the location containing the handle of the value |
387 |
+-- |
388 |
+2.26.2 |
389 |
+ |
390 |
|
391 |
diff --git a/dev-libs/libtpms/libtpms-0.7.0-r1.ebuild b/dev-libs/libtpms/libtpms-0.7.0-r1.ebuild |
392 |
index b13d07d5023..a64f5e30012 100644 |
393 |
--- a/dev-libs/libtpms/libtpms-0.7.0-r1.ebuild |
394 |
+++ b/dev-libs/libtpms/libtpms-0.7.0-r1.ebuild |
395 |
@@ -17,6 +17,13 @@ DEPEND=" !libressl? ( dev-libs/openssl:0= ) |
396 |
libressl? ( dev-libs/libressl:0= )" |
397 |
RDEPEND="${DEPEND}" |
398 |
|
399 |
+PATCHES=( |
400 |
+ "${FILESDIR}/${P}-tpm12-Initialize-some-variables-for-gcc.patch" |
401 |
+ "${FILESDIR}/${P}-tpm12-Fix-potential-buffer-overflow-in-filename-creation.patch" |
402 |
+ "${FILESDIR}/${P}-tpm12-Initialize-a-few-variables-for-x86-gcc-O3.patch" |
403 |
+ "${FILESDIR}/${P}-tpm2-Fix-a-gcc-10.1.0-complaint.patch" |
404 |
+ ) |
405 |
+ |
406 |
src_prepare() { |
407 |
default |
408 |
eautoreconf |