packages/tpm2-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!18 update tpm2-tools to 5.0 and fix segmentation fault on tpm2

Browse Source 
From: @panxh_purple
Reviewed-by: @zhujianwei001
Signed-off-by: @zhujianwei001
This commit is contained in:
openeuler-ci-bot 2021-05-25 11:13:05 +08:00 committed by Gitee
commit 49f961df89
6 changed files with 59 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
0001-tpm2_getcap-fix-misspelling-of-TPM2_PT_HR_-constants.patch
View File

@ -1,104 +0,0 @@
From 7e9bb6c3a91a5da2792010f42df88ab9f80e8093 Mon Sep 17 00:00:00 2001
From: Matthew Dempsky <matthew@dempsky.org>
Date: Tue, 27 Aug 2019 18:11:27 -0700
Subject: [PATCH] tpm2_getcap: fix misspelling of TPM2_PT_HR_ constants
tpm2-tss mispelled some of these constants as TPM2_PT_TPM2_HR_*
instead of just TPM2_PT_HR_*, and tpm2_getcap blindly followed suit.
This commit switches tpm2_getcap to use the proper names, and to
define them locally if they're missing. Once tpm2-tools can assume a
fixed tpm2-tss, this workaround can be removed.
Updates tpm2-software/tpm2-tss#1500.
Signed-off-by: Matthew Dempsky <matthew@dempsky.org>
---
tools/tpm2_getcap.c | 37 +++++++++++++++++++++++++------------
1 file changed, 25 insertions(+), 12 deletions(-)
diff --git a/tools/tpm2_getcap.c b/tools/tpm2_getcap.c
index 9b15e3b..8b753dd 100644
--- a/tools/tpm2_getcap.c
+++ b/tools/tpm2_getcap.c
@@ -38,6 +38,19 @@
#include "tpm2_tool.h"
#include "tpm2_util.h"
+/*
+ * Older versions of tpm2-tss misspelled these constants' names.
+ * See https://github.com/tpm2-software/tpm2-tss/issues/1500.
+ */
+#ifndef TPM2_PT_HR_TRANSIENT_MIN
+#define TPM2_PT_HR_TRANSIENT_MIN ((TPM2_PT) (TPM2_PT_FIXED + 14))
+#define TPM2_PT_HR_PERSISTENT_MIN ((TPM2_PT) (TPM2_PT_FIXED + 15))
+#define TPM2_PT_HR_NV_INDEX ((TPM2_PT) (TPM2_PT_VAR + 2))
+#define TPM2_PT_HR_TRANSIENT_AVAIL ((TPM2_PT) (TPM2_PT_VAR + 7))
+#define TPM2_PT_HR_PERSISTENT ((TPM2_PT) (TPM2_PT_VAR + 8))
+#define TPM2_PT_HR_PERSISTENT_AVAIL ((TPM2_PT) (TPM2_PT_VAR + 9))
+#endif
+
/* convenience macro to convert flags into "set" / "clear" strings */
#define prop_str(val) val ? "set" : "clear"
/* number of eleents in the capability_map array */
@@ -313,11 +313,11 @@ dump_tpm_properties_fixed (TPMS_TAGGED_PROPERTY properties[],
case TPM2_PT_INPUT_BUFFER:
tpm2_tool_output ("TPM2_PT_INPUT_BUFFER: 0x%08x\n", value);
break;
- case TPM2_PT_TPM2_HR_TRANSIENT_MIN:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_TRANSIENT_MIN: 0x%08x\n", value);
+ case TPM2_PT_HR_TRANSIENT_MIN:
+ tpm2_tool_output ("TPM2_PT_HR_TRANSIENT_MIN: 0x%08x\n", value);
break;
- case TPM2_PT_TPM2_HR_PERSISTENT_MIN:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT_MIN: 0x%08x\n", value);
+ case TPM2_PT_HR_PERSISTENT_MIN:
+ tpm2_tool_output ("TPM2_PT_HR_PERSISTENT_MIN: 0x%08x\n", value);
break;
case TPM2_PT_HR_LOADED_MIN:
tpm2_tool_output ("TPM2_PT_HR_LOADED_MIN: 0x%08x\n", value);
@@ -428,8 +428,8 @@ dump_tpm_properties_var (TPMS_TAGGED_PROPERTY properties[],
case TPM2_PT_STARTUP_CLEAR:
dump_startup_clear_attrs ((TPMA_STARTUP_CLEAR)value);
break;
- case TPM2_PT_TPM2_HR_NV_INDEX:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_NV_INDEX: 0x%08x\n", value);
+ case TPM2_PT_HR_NV_INDEX:
+ tpm2_tool_output ("TPM2_PT_HR_NV_INDEX: 0x%08x\n", value);
break;
case TPM2_PT_HR_LOADED:
tpm2_tool_output ("TPM2_PT_HR_LOADED: 0x%08x\n", value);
@@ -443,14 +443,14 @@ dump_tpm_properties_var (TPMS_TAGGED_PROPERTY properties[],
case TPM2_PT_HR_ACTIVE_AVAIL:
tpm2_tool_output ("TPM2_PT_HR_ACTIVE_AVAIL: 0x%08x\n", value);
break;
- case TPM2_PT_TPM2_HR_TRANSIENT_AVAIL:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_TRANSIENT_AVAIL: 0x%08x\n", value);
+ case TPM2_PT_HR_TRANSIENT_AVAIL:
+ tpm2_tool_output ("TPM2_PT_HR_TRANSIENT_AVAIL: 0x%08x\n", value);
break;
- case TPM2_PT_TPM2_HR_PERSISTENT:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT: 0x%08x\n", value);
+ case TPM2_PT_HR_PERSISTENT:
+ tpm2_tool_output ("TPM2_PT_HR_PERSISTENT: 0x%08x\n", value);
break;
- case TPM2_PT_TPM2_HR_PERSISTENT_AVAIL:
- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT_AVAIL: 0x%08x\n", value);
+ case TPM2_PT_HR_PERSISTENT_AVAIL:
+ tpm2_tool_output ("TPM2_PT_HR_PERSISTENT_AVAIL: 0x%08x\n", value);
break;
case TPM2_PT_NV_COUNTERS:
tpm2_tool_output ("TPM2_PT_NV_COUNTERS: 0x%08x\n", value);
diff --git a/tools/tpm2_listpersistent.c b/tools/tpm2_listpersistent.c
index 45da1a4..d693e6c 100644
--- a/tools/tpm2_listpersistent.c
+++ b/tools/tpm2_listpersistent.c
@@ -152,7 +152,7 @@ int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
UINT32 property = tpm2_util_endian_swap_32(TPM2_HT_PERSISTENT);
rval = TSS2_RETRY_EXP(Tss2_Sys_GetCapability(sapi_context, 0, TPM2_CAP_HANDLES,
- property, TPM2_PT_TPM2_HR_PERSISTENT, &moreData,
+ property, TPM2_PT_HR_PERSISTENT, &moreData,
&capabilityData, 0));
if(rval != TPM2_RC_SUCCESS)
{

43
Revert-objectattrs-clear-before-or-ing-in-values.patch
View File

@ -1,43 +0,0 @@
From 1f3451ee7b046a590b6dfc20b6af010166670ff7 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Thu, 12 Jul 2018 19:50:26 +0200
Subject: [PATCH 1/1] Revert "objectattrs: clear before or'ing in values"
This reverts commit e103bbf5117b0b62b358fd15f18f848854fcb0ee.
The tpm2-tools 3.1.0 release contains a backward incompatible change that
was introduced by commit e103bbf5117 ("objectattrs: clear before or'ing
in values"), that changed the way that object attributes were specified.
Before there were a set of default attributes and the user could specify
additional attributes to be used, but after the mentioned commit the user
must specify all attributes.
This is a user visible change that changes the tools semantics, so is not
a suitable change for a MINOR version number increment, according to the
Semantic Versioning document (https://semver.org) since it breaks rule 2:
2.MINOR version when you add functionality in a backwards-compatible manner
Fixes: #1097
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
lib/tpm2_attr_util.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/lib/tpm2_attr_util.c b/lib/tpm2_attr_util.c
index d461a744c0d..e43d03f9e0a 100644
--- a/lib/tpm2_attr_util.c
+++ b/lib/tpm2_attr_util.c
@@ -501,7 +501,6 @@ bool tpm2_attr_util_nv_strtoattr(char *attribute_list, TPMA_NV *nvattrs) {
bool tpm2_attr_util_obj_strtoattr(char *attribute_list, TPMA_OBJECT *objattrs) {
- memset(objattrs, 0, sizeof(*objattrs));
return common_strtoattr(attribute_list, objattrs, obj_attr_table, ARRAY_LEN(obj_attr_table));
}
--
2.17.1

43
backport-Don-t-assume-end-of-argv-is-NULL.patch Normal file
View File

@ -0,0 +1,43 @@
From fb1e0d98eca5279bf33304deedd9019b0130393a Mon Sep 17 00:00:00 2001
From: Erik Larsson <who+github@cnackers.org>
Date: Sat, 21 Nov 2020 10:59:13 +0100
Subject: [PATCH] Don't assume end of argv is NULL
On a musl based system argv[optind] && strcmp(...) where optind > argc might read random memory and segfault.
Signed-off-by: Erik Larsson <who+github@cnackers.org>
---
lib/tpm2_options.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/tpm2_options.c b/lib/tpm2_options.c
index e9aaa0364..9fa583c60 100644
--- a/lib/tpm2_options.c
+++ b/lib/tpm2_options.c
@@ -300,7 +300,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
if (argv[optind - 1]) {
if (!strcmp(argv[optind - 1], "--help=no-man") ||
!strcmp(argv[optind - 1], "-h=no-man") ||
- (argv[optind] && !strcmp(argv[optind], "no-man"))) {
+ (argc < optind && !strcmp(argv[optind], "no-man"))) {
manpager = false;
optind++;
/*
@@ -309,7 +309,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
*/
} else if (!strcmp(argv[optind - 1], "--help=man") ||
!strcmp(argv[optind - 1], "-h=man") ||
- (argv[optind] && !strcmp(argv[optind], "man"))) {
+ (argc < optind && !strcmp(argv[optind], "man"))) {
manpager = true;
explicit_manpager = true;
optind++;
@@ -318,7 +318,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
* argv[0] = "tool name"
* argv[1] = "--help" argv[2] = 0
*/
- if (!argv[optind] && argc == 2) {
+ if (optind >= argc && argc == 2) {
manpager = false;
} else {
/*

BIN
tpm2-tools-3.1.1.tar.gz
View File

Binary file not shown.

BIN
tpm2-tools-5.0.tar.gz Normal file
View File

Binary file not shown.

24
tpm2-tools.spec
View File

@ -1,18 +1,18 @@
Name: tpm2-tools
Version: 3.1.1
Release: 8
Version: 5.0
Release: 2
Summary: A TPM2.0 testing tool based on TPM2.0-TSS
License: BSD
URL: https://github.com/tpm2-software/tpm2-tools
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz
Patch1: Revert-objectattrs-clear-before-or-ing-in-values.patch
Patch2: 0001-tpm2_getcap-fix-misspelling-of-TPM2_PT_HR_-constants.patch
Patch0: backport-Don-t-assume-end-of-argv-is-NULL.patch
BuildRequires: gcc-c++ libtool autoconf-archive pkgconfig(cmocka) pkgconfig(libcurl) pkgconfig(openssl)
BuildRequires: pkgconfig(tss2-mu) pkgconfig(tss2-sys) pkgconfig(tss2-esys) git libgcrypt
BuildRequires: pkgconfig(tss2-mu) pkgconfig(tss2-sys) pkgconfig(tss2-esys) pkgconfig(uuid) git libgcrypt
BuildRequires: libgcrypt-devel gdb
Requires: tpm2-tss >= 2.0.0-2
Requires: tpm2-tss >= 2.3.1
Requires: tpm2-tools-help = %{version}-%{release}
Obsoletes: tpm2-tools <= 2.1.1-2
%description
@ -48,14 +48,22 @@ make check
%files
%defattr(-,root,root)
%license LICENSE
%license doc/LICENSE
%{_bindir}/*
%{_datadir}/bash-completion/completions/tpm2*
%{_datadir}/bash-completion/completions/tss2*
%files help
%doc README.md CHANGELOG.md
%doc README.md doc/CHANGELOG.md
%{_mandir}/*/*
%changelog
* Mon May 24 2021 panxiaohe<panxiaohe@huawei.com> - 5.0-2
- fix segmentation fault on tpm2
* Mon May 24 2021 panxiaohe<panxiaohe@huawei.com> - 5.0-1
- update to 5.0
* Tue May 12 2020 wanghongzhe<wanghongzhe@openeuler.org> - 3.1.1-8
- bugfix for tpm2-tss upgrade