commit af5718ab5d284404d1d62a4cffab3562ab59e54bd5c51b07e62590490b414db2 Author: Adrian Schröter Date: Fri May 3 14:03:27 2024 +0200 Sync from SUSE:SLFO:Main jitterentropy revision 05bab2a23087c02de425436efab1c984 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..14755ac --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,3 @@ +libjitterentropy3 +jitterentropy-devel + requires "libjitterentropy3- = " diff --git a/jitterentropy-fix-a-stack-corruption-on-s390x.patch b/jitterentropy-fix-a-stack-corruption-on-s390x.patch new file mode 100644 index 0000000..7ba613f --- /dev/null +++ b/jitterentropy-fix-a-stack-corruption-on-s390x.patch @@ -0,0 +1,70 @@ +From 7bf9f85d32bc6b809ca687d772bc41bd9c0ecdd8 Mon Sep 17 00:00:00 2001 +From: Vladis Dronov +Date: Tue, 27 Dec 2022 13:45:03 +0100 +Subject: [PATCH] fix a stack corruption on s390x + +Output size of the STCKE command on s390x is 16 bytes, compared to 8 bytes +of the STCK command. Fix a stack corruption in the s390x version of +jent_get_nstime(). Add some more detailed information on the STCKE command. + +Signed-off-by: Stephan Mueller +--- + jitterentropy-base-user.h | 43 ++++++++++++++++++++++++++++++++++----- + 1 file changed, 38 insertions(+), 5 deletions(-) + +diff --git a/jitterentropy-base-user.h b/jitterentropy-base-user.h +index b7d21e8..625767a 100644 +--- a/jitterentropy-base-user.h ++++ b/jitterentropy-base-user.h +@@ -129,13 +129,46 @@ static inline void jent_get_nstime(uint64_t *out) + + static inline void jent_get_nstime(uint64_t *out) + { +- uint64_t clk; ++ /* ++ * This is MVS+STCK code! Enable it with -S in the compiler. ++ * ++ * uint64_t clk; ++ * __asm__ volatile("stck %0" : "=m" (clk) : : "cc"); ++ * *out = (uint64_t)(clk); ++ */ ++ ++ /* ++ * This is GCC+STCKE code. STCKE command and data format: ++ * z/Architecture - Principles of Operation ++ * http://publibz.boulder.ibm.com/epubs/pdf/dz9zr007.pdf ++ * ++ * The current value of bits 0-103 of the TOD clock is stored in bytes ++ * 1-13 of the sixteen-byte output: ++ * ++ * bits 0-7: zeros (reserved for future extention) ++ * bits 8-111: TOD Clock value ++ * bits 112-127: Programmable Field ++ * ++ * Output bit 59 (TOD-Clock bit 51) effectively increments every ++ * microsecond. Bits 60 to 111 of STCKE output are fractions of ++ * a miscrosecond: bit 59 is 1.0us, bit 60 is .5us, bit 61 is .25us, ++ * bit 62 is .125us, bit 63 is 62.5ns, etc. ++ * ++ * Some of these bits can be implemented, some not. 64 bits of ++ * the TOD clock are implemented usually nowadays, these are ++ * bits 8-71 of the output. ++ * ++ * The stepping value of TOD-clock bit position 63, if implemented, ++ * is 2^-12 microseconds, or approximately 244 picoseconds. This value ++ * is called a clock unit. ++ */ ++ ++ uint8_t clk[16]; + +- /* this is MVS code! enable with -S in the compiler */ +- /*__asm__ volatile("stck %0" : "=m" (clk) : : "cc"); */ +- /* this is gcc */ + asm volatile("stcke %0" : "=Q" (clk) : : "cc"); +- *out = (uint64_t)(clk); ++ ++ /* s390x is big-endian, so just perfom a byte-by-byte copy */ ++ *out = *(uint64_t *)(clk + 1); + } + + #elif defined(__powerpc) diff --git a/jitterentropy.changes b/jitterentropy.changes new file mode 100644 index 0000000..430c127 --- /dev/null +++ b/jitterentropy.changes @@ -0,0 +1,44 @@ +------------------------------------------------------------------- +Wed Mar 22 11:17:59 UTC 2023 - Pedro Monreal + +- Fix a stack corruption on s390x: [bsc#1209627] + * Output size of the STCKE command on s390x is 16 bytes, compared + to 8 bytes of the STCK command. Fix a stack corruption in the + s390x version of jent_get_nstime(). Add some more detailed + information on the STCKE command. + * github.com/smuellerDD/jitterentropy-library/commit/7bf9f85 + * Add jitterentropy-fix-a-stack-corruption-on-s390x.patch + +------------------------------------------------------------------- +Mon Sep 12 07:04:35 UTC 2022 - Marcus Meissner + +- updated to 3.4.1 + * add FIPS 140 hints to man page + * simplify the test tool to search for optimal configurations + * fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0 + * enhancement: add ARM64 assembler code to read high-res timer + +------------------------------------------------------------------- +Wed Aug 3 14:19:23 UTC 2022 - Marcus Meissner + +- updated to 3.4.0 + * enhancement: add API call jent_set_fips_failure_callback as requested by Daniel Ojalvo + * fix: Change the SHA-3 integration: The entropy pool is now a SHA-3 state. +It is filled with the time delta containing entropy and auxiliary data that does not contain entropy using a SHA update operation. The auxiliary data is calculated by a SHA-3 hashing of some varying state data. The time delta that contains entropy is measured about the SHA-3 hasing of the auxiliary data. This satisfies FIPS 140-3 IG D.K resolutions 4, 6, and 8. + * enhancement: add CMake support by Andrew Hopkins + +- updated to 3.3.1 + * fix: bug fix in initialization logic by Vladis Dronov + * fix: use __asm__ instead of asm to suit the C11 standard + +- added a -devel-static package to be able to link it static. + +------------------------------------------------------------------- +Tue Sep 28 20:19:44 UTC 2021 - Jan Engelhardt + +- Trim conjecture from descriptions. + +------------------------------------------------------------------- +Tue Sep 21 12:25:00 UTC 2021 - Marcus Meissner + +- add a userspace jitter entropy generator library diff --git a/jitterentropy.spec b/jitterentropy.spec new file mode 100644 index 0000000..5adbd0f --- /dev/null +++ b/jitterentropy.spec @@ -0,0 +1,98 @@ +# +# spec file for package jitterentropy +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: jitterentropy +Summary: A userspace library for jitter entropy generation +License: BSD-3-Clause OR GPL-2.0-or-later +Group: Development/Tools/Other +Version: 3.4.1 +Release: 0 +URL: https://github.com/smuellerDD/jitterentropy-library +Source0: https://github.com/smuellerDD/jitterentropy-library/archive/refs/tags/v%{version}.tar.gz +Source1: baselibs.conf +#PATCH-FIX-UPSTREAM github.com/smuellerDD/jitterentropy-library/commit/7bf9f85 +Patch0: jitterentropy-fix-a-stack-corruption-on-s390x.patch + +%description +The Jitter RNG provides a noise source using the CPU execution +timing jitter. It depends on a high-resolution time stamp. + +The design of this RNG is given in the documentation found at +http://www.chronox.de/jent.html . This documentation also covers the full +assessment of the SP800-90B compliance as well as all required test code. + +%package -n libjitterentropy3 +Summary: Jitter entropy generator shared library +Group: System/Libraries + +%description -n libjitterentropy3 +The Jitter RNG provides a noise source using the CPU execution +timing jitter. It depends on a high-resolution time stamp. + +This package contains the shared library. + +%package devel +Summary: Jitter entropy generator development header and library +Group: Development/Tools/Other +Requires: libjitterentropy3 = %{version} + +%description devel +The Jitter RNG provides a noise source using the CPU execution +timing jitter. It depends on a high-resolution time stamp. + +This package contains the development header and library. + +%package devel-static +Summary: Jitter entropy generator static library +Group: Development/Tools/Other + +%description devel-static +The Jitter RNG provides a noise source using the CPU execution +timing jitter. It depends on a high-resolution time stamp. + +This package contains the static library. + +%prep +%autosetup -n jitterentropy-library-%version + +%build +%make_build PREFIX="%_prefix" LIBDIR="%_lib" + +%install +%make_install PREFIX="%_prefix" LIBDIR="%_lib" all install-static + +%post -n libjitterentropy3 -p /sbin/ldconfig +%postun -n libjitterentropy3 -p /sbin/ldconfig + +%files devel +%license LICENSE.gplv2 LICENSE LICENSE.bsd +%_includedir/jitterentropy-base-user.h +%_includedir/jitterentropy.h +%_libdir/libjitterentropy.so +%_mandir/man3/jitterentropy.3* + +%files devel-static +%license LICENSE.gplv2 LICENSE LICENSE.bsd +%_libdir/libjitterentropy.a + +%files -n libjitterentropy3 +%license LICENSE.gplv2 LICENSE LICENSE.bsd +%_libdir/libjitterentropy.so.3 +%_libdir/libjitterentropy.so.%version + +%changelog diff --git a/v3.4.1.tar.gz b/v3.4.1.tar.gz new file mode 100644 index 0000000..e4395eb --- /dev/null +++ b/v3.4.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:33352369092b5a0d1463c720f5a8a3e870dbd63502ea57692e7da84a65c0c5c3 +size 86110