Accepting request 209457 from home:gary_lin:branches:Base:System
Include upstream patches and support MOK blacklist OBS-URL: https://build.opensuse.org/request/show/209457 OBS-URL: https://build.opensuse.org/package/show/Base:System/mokutil?expand=0&rev=12
This commit is contained in:
parent
44db4978c2
commit
30ebafa53a
2917
mokutil-mokx-support.patch
Normal file
2917
mokutil-mokx-support.patch
Normal file
File diff suppressed because it is too large
Load Diff
853
mokutil-upstream-fixes.patch
Normal file
853
mokutil-upstream-fixes.patch
Normal file
@ -0,0 +1,853 @@
|
|||||||
|
From 9bbf4150add7de95bfeed8515aa9d9d63977ebd4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gary Ching-Pang Lin <glin@suse.com>
|
||||||
|
Date: Wed, 25 Sep 2013 18:04:29 +0800
|
||||||
|
Subject: [PATCH 01/10] Update the copyright declaration
|
||||||
|
|
||||||
|
Allow the binary to be linked with openssl
|
||||||
|
---
|
||||||
|
src/efi.h | 47 +++++++++++++++++++++++++++++------------------
|
||||||
|
src/efilib.c | 17 +++++++++++++++++
|
||||||
|
src/mokutil.c | 14 ++++++++++++++
|
||||||
|
src/password-crypt.c | 14 ++++++++++++++
|
||||||
|
src/password-crypt.h | 14 ++++++++++++++
|
||||||
|
src/signature.h | 30 ++++++++++++++++++++++++++++++
|
||||||
|
6 files changed, 118 insertions(+), 18 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/efi.h b/src/efi.h
|
||||||
|
index 7930a94..a622a2b 100644
|
||||||
|
--- a/src/efi.h
|
||||||
|
+++ b/src/efi.h
|
||||||
|
@@ -1,22 +1,33 @@
|
||||||
|
/*
|
||||||
|
- efi.h - Extensible Firmware Interface definitions
|
||||||
|
-
|
||||||
|
- Copyright (C) 2001, 2003 Dell Computer Corporation <Matt_Domsch@dell.com>
|
||||||
|
- Copyright (C) 2012 Gary Lin <glin@suse.com>
|
||||||
|
-
|
||||||
|
- This program is free software; you can redistribute it and/or modify
|
||||||
|
- it under the terms of the GNU General Public License as published by
|
||||||
|
- the Free Software Foundation; either version 2 of the License, or
|
||||||
|
- (at your option) any later version.
|
||||||
|
-
|
||||||
|
- This program is distributed in the hope that it will be useful,
|
||||||
|
- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
- GNU General Public License for more details.
|
||||||
|
-
|
||||||
|
- You should have received a copy of the GNU General Public License
|
||||||
|
- along with this program; if not, write to the Free Software
|
||||||
|
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
+ * Copyright (C) 2001, 2003 Dell Computer Corporation <Matt_Domsch@dell.com>
|
||||||
|
+ * Copyright (C) 2012-2013 Gary Lin <glin@suse.com>
|
||||||
|
+ *
|
||||||
|
+ * This program is free software: you can redistribute it and/or modify
|
||||||
|
+ * it under the terms of the GNU General Public License as published by
|
||||||
|
+ * the Free Software Foundation, either version 3 of the License, or
|
||||||
|
+ * (at your option) any later version.
|
||||||
|
+ *
|
||||||
|
+ * This program is distributed in the hope that it will be useful,
|
||||||
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
+ * GNU General Public License for more details.
|
||||||
|
+ *
|
||||||
|
+ * You should have received a copy of the GNU General Public License
|
||||||
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef EFI_H
|
||||||
|
diff --git a/src/efilib.c b/src/efilib.c
|
||||||
|
index c2336f9..6db914f 100644
|
||||||
|
--- a/src/efilib.c
|
||||||
|
+++ b/src/efilib.c
|
||||||
|
@@ -14,6 +14,23 @@
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
+ * You should have received a copy of the GNU General Public License
|
||||||
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
+ *
|
||||||
|
* A part of the source code is copied from efibootmgr
|
||||||
|
*/
|
||||||
|
#include <sys/types.h>
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index e7ea08f..109a3eb 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -14,6 +14,20 @@
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
*/
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
diff --git a/src/password-crypt.c b/src/password-crypt.c
|
||||||
|
index a1d213b..7fbc3b6 100644
|
||||||
|
--- a/src/password-crypt.c
|
||||||
|
+++ b/src/password-crypt.c
|
||||||
|
@@ -13,6 +13,20 @@
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
*/
|
||||||
|
#include <string.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
diff --git a/src/password-crypt.h b/src/password-crypt.h
|
||||||
|
index b694ac1..04451b4 100644
|
||||||
|
--- a/src/password-crypt.h
|
||||||
|
+++ b/src/password-crypt.h
|
||||||
|
@@ -13,6 +13,20 @@
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
*/
|
||||||
|
#ifndef __PASSWORD_CRYPT_H__
|
||||||
|
#define __PASSWORD_CRYPT_H__
|
||||||
|
diff --git a/src/signature.h b/src/signature.h
|
||||||
|
index f795f14..df88e98 100644
|
||||||
|
--- a/src/signature.h
|
||||||
|
+++ b/src/signature.h
|
||||||
|
@@ -1,3 +1,33 @@
|
||||||
|
+/**
|
||||||
|
+ * Copyright (C) 2012-2013 Gary Lin <glin@suse.com>
|
||||||
|
+ *
|
||||||
|
+ * This program is free software: you can redistribute it and/or modify
|
||||||
|
+ * it under the terms of the GNU General Public License as published by
|
||||||
|
+ * the Free Software Foundation, either version 3 of the License, or
|
||||||
|
+ * (at your option) any later version.
|
||||||
|
+ *
|
||||||
|
+ * This program is distributed in the hope that it will be useful,
|
||||||
|
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
+ * GNU General Public License for more details.
|
||||||
|
+ *
|
||||||
|
+ * You should have received a copy of the GNU General Public License
|
||||||
|
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
+ *
|
||||||
|
+ * In addition, as a special exception, the copyright holders give
|
||||||
|
+ * permission to link the code of portions of this program with the
|
||||||
|
+ * OpenSSL library under certain conditions as described in each
|
||||||
|
+ * individual source file, and distribute linked combinations
|
||||||
|
+ * including the two.
|
||||||
|
+ *
|
||||||
|
+ * You must obey the GNU General Public License in all respects
|
||||||
|
+ * for all of the code used other than OpenSSL. If you modify
|
||||||
|
+ * file(s) with this exception, you may extend this exception to your
|
||||||
|
+ * version of the file(s), but you are not obligated to do so. If you
|
||||||
|
+ * do not wish to do so, delete this exception statement from your
|
||||||
|
+ * version. If you delete this exception statement from all source
|
||||||
|
+ * files in the program, then also delete it here.
|
||||||
|
+ */
|
||||||
|
#define SHA256_DIGEST_SIZE 32
|
||||||
|
|
||||||
|
#define EfiHashSha1Guid EFI_GUID (0x826ca512, 0xcf10, 0x4ac9, 0xb1, 0x87, 0xbe, 0x1, 0x49, 0x66, 0x31, 0xbd)
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From dcb76ee1e91c02a026bc0b0b8d02dac71d3c85e1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||||
|
Date: Wed, 2 Oct 2013 13:09:20 -0400
|
||||||
|
Subject: [PATCH 02/10] Add support for disabling/enabling the use of DB for
|
||||||
|
verification
|
||||||
|
|
||||||
|
This lets a user disable the use of DB for verification purposes. The new
|
||||||
|
options "--ignore-db" and "--use-db" toggle the state of this. This sets
|
||||||
|
a UEFI variable called MokDB that makes MokManager prompt the user to approve
|
||||||
|
the setting after a reboot.
|
||||||
|
|
||||||
|
We refactor MokSBVar to MokToggleVar and set_validation to set_toggle, as
|
||||||
|
both MokDB and MokSB are really just toggle variables.
|
||||||
|
---
|
||||||
|
src/mokutil.c | 54 +++++++++++++++++++++++++++++++++++++++++-------------
|
||||||
|
1 file changed, 41 insertions(+), 13 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 109a3eb..41bd8eb 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -76,6 +76,8 @@ EFI_GUID (0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b,
|
||||||
|
#define RESET (1 << 15)
|
||||||
|
#define GENERATE_PW_HASH (1 << 16)
|
||||||
|
#define SIMPLE_HASH (1 << 17)
|
||||||
|
+#define IGNORE_DB (1 << 18)
|
||||||
|
+#define USE_DB (1 << 19)
|
||||||
|
|
||||||
|
#define DEFAULT_CRYPT_METHOD SHA512_BASED
|
||||||
|
#define DEFAULT_SALT_SIZE SHA512_SALT_MAX
|
||||||
|
@@ -90,10 +92,10 @@ typedef struct {
|
||||||
|
} MokListNode;
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
- uint32_t mok_sb_state;
|
||||||
|
+ uint32_t mok_toggle_state;
|
||||||
|
uint32_t password_length;
|
||||||
|
uint16_t password[SB_PASSWORD_MAX];
|
||||||
|
-} MokSBVar;
|
||||||
|
+} MokToggleVar;
|
||||||
|
|
||||||
|
static void
|
||||||
|
print_help ()
|
||||||
|
@@ -119,6 +121,8 @@ print_help ()
|
||||||
|
printf (" --test-key <der file>\t\t\tTest if the key is enrolled or not\n");
|
||||||
|
printf (" --reset\t\t\t\tReset MOK list\n");
|
||||||
|
printf (" --generate-hash[=password]\t\tGenerate the password hash\n");
|
||||||
|
+ printf (" --ignore-db\t\t\t\tIgnore DB for validation\n");
|
||||||
|
+ printf (" --use-db\t\t\t\tUse DB for validation\n");
|
||||||
|
printf ("\n");
|
||||||
|
printf ("Supplimentary Options:\n");
|
||||||
|
printf (" --hash-file <hash file>\t\tUse the specific password hash\n");
|
||||||
|
@@ -1108,10 +1112,10 @@ error:
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
-set_validation (uint32_t state)
|
||||||
|
+set_toggle (const char * VarName, uint32_t state)
|
||||||
|
{
|
||||||
|
efi_variable_t var;
|
||||||
|
- MokSBVar sbvar;
|
||||||
|
+ MokToggleVar tvar;
|
||||||
|
char *password = NULL;
|
||||||
|
int pw_len;
|
||||||
|
efi_char16_t efichar_pass[SB_PASSWORD_MAX];
|
||||||
|
@@ -1123,26 +1127,26 @@ set_validation (uint32_t state)
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- sbvar.password_length = pw_len;
|
||||||
|
+ tvar.password_length = pw_len;
|
||||||
|
|
||||||
|
efichar_from_char (efichar_pass, password,
|
||||||
|
SB_PASSWORD_MAX * sizeof(efi_char16_t));
|
||||||
|
|
||||||
|
- memcpy(sbvar.password, efichar_pass,
|
||||||
|
+ memcpy(tvar.password, efichar_pass,
|
||||||
|
SB_PASSWORD_MAX * sizeof(efi_char16_t));
|
||||||
|
|
||||||
|
- sbvar.mok_sb_state = state;
|
||||||
|
+ tvar.mok_toggle_state = state;
|
||||||
|
|
||||||
|
- var.VariableName = "MokSB";
|
||||||
|
+ var.VariableName = VarName;
|
||||||
|
var.VendorGuid = SHIM_LOCK_GUID;
|
||||||
|
- var.Data = (void *)&sbvar;
|
||||||
|
- var.DataSize = sizeof(sbvar);
|
||||||
|
+ var.Data = (void *)&tvar;
|
||||||
|
+ var.DataSize = sizeof(tvar);
|
||||||
|
var.Attributes = EFI_VARIABLE_NON_VOLATILE
|
||||||
|
| EFI_VARIABLE_BOOTSERVICE_ACCESS
|
||||||
|
| EFI_VARIABLE_RUNTIME_ACCESS;
|
||||||
|
|
||||||
|
if (edit_protected_variable (&var) != EFI_SUCCESS) {
|
||||||
|
- fprintf (stderr, "Failed to request new SB state\n");
|
||||||
|
+ fprintf (stderr, "Failed to request new %s state\n", VarName);
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1156,13 +1160,13 @@ error:
|
||||||
|
static int
|
||||||
|
disable_validation()
|
||||||
|
{
|
||||||
|
- return set_validation(0);
|
||||||
|
+ return set_toggle("MokSB", 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
enable_validation()
|
||||||
|
{
|
||||||
|
- return set_validation(1);
|
||||||
|
+ return set_toggle("MokSB", 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
@@ -1195,6 +1199,18 @@ sb_state ()
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
+disable_db()
|
||||||
|
+{
|
||||||
|
+ return set_toggle("MokDB", 0);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int
|
||||||
|
+enable_db()
|
||||||
|
+{
|
||||||
|
+ return set_toggle("MokDB", 1);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int
|
||||||
|
test_key (const char *key_file)
|
||||||
|
{
|
||||||
|
struct stat buf;
|
||||||
|
@@ -1346,6 +1362,8 @@ main (int argc, char *argv[])
|
||||||
|
{"generate-hash", optional_argument, 0, 'g'},
|
||||||
|
{"root-pw", no_argument, 0, 'P'},
|
||||||
|
{"simple-hash", no_argument, 0, 's'},
|
||||||
|
+ {"ignore-db", no_argument, 0, 0 },
|
||||||
|
+ {"use-db", no_argument, 0, 0 },
|
||||||
|
{0, 0, 0, 0}
|
||||||
|
};
|
||||||
|
|
||||||
|
@@ -1377,6 +1395,10 @@ main (int argc, char *argv[])
|
||||||
|
command |= SB_STATE;
|
||||||
|
} else if (strcmp (option, "reset") == 0) {
|
||||||
|
command |= RESET;
|
||||||
|
+ } else if (strcmp (option, "ignore-db") == 0) {
|
||||||
|
+ command |= IGNORE_DB;
|
||||||
|
+ } else if (strcmp (option, "use-db") == 0) {
|
||||||
|
+ command |= USE_DB;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'd':
|
||||||
|
@@ -1523,6 +1545,12 @@ main (int argc, char *argv[])
|
||||||
|
case GENERATE_PW_HASH:
|
||||||
|
ret = generate_pw_hash (input_pw);
|
||||||
|
break;
|
||||||
|
+ case IGNORE_DB:
|
||||||
|
+ ret = disable_db ();
|
||||||
|
+ break;
|
||||||
|
+ case USE_DB:
|
||||||
|
+ ret = enable_db ();
|
||||||
|
+ break;
|
||||||
|
default:
|
||||||
|
print_help ();
|
||||||
|
break;
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From 2cc44c8e18c48a6985265fd3173e156280d1ec59 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 09:41:41 -0500
|
||||||
|
Subject: [PATCH 03/10] Free mok lists we've allocated in our error paths.
|
||||||
|
|
||||||
|
Coverity says they're leaking, and it's right, though I suspect we just
|
||||||
|
exit anyway.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/mokutil.c | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 41bd8eb..566c14e 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -343,6 +343,7 @@ delete_key_from_list (void *mok, uint32_t mok_size,
|
||||||
|
|
||||||
|
ret = 1;
|
||||||
|
done:
|
||||||
|
+ free (list);
|
||||||
|
free (var.Data);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
@@ -763,6 +764,7 @@ is_duplicate (const void *cert, const uint32_t cert_size, const char *db_name,
|
||||||
|
}
|
||||||
|
|
||||||
|
done:
|
||||||
|
+ free (list);
|
||||||
|
free (var.Data);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
@@ -1037,6 +1039,7 @@ export_moks ()
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
error:
|
||||||
|
+ free (list);
|
||||||
|
free (var.Data);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From 86007043adb5bbd2dd0e206998a16783779f9bd3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 09:43:57 -0500
|
||||||
|
Subject: [PATCH 04/10] Don't close file descriptors < 0.
|
||||||
|
|
||||||
|
Coverity complains, though you'll just get EBADFD.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/mokutil.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 566c14e..4f9b288 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -1256,7 +1256,8 @@ error:
|
||||||
|
if (key)
|
||||||
|
free (key);
|
||||||
|
|
||||||
|
- close (fd);
|
||||||
|
+ if (fd >= 0)
|
||||||
|
+ close (fd);
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From 11d68c32f35306dd475d429ba8fbc127a1c77f44 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 09:48:32 -0500
|
||||||
|
Subject: [PATCH 05/10] Error check reading hash from file.
|
||||||
|
|
||||||
|
Coverity noticed that if read() returns error, we're doing string[-1].
|
||||||
|
We're also only reading some of the file in some cases. Replaced this
|
||||||
|
with a proper read loop.
|
||||||
|
|
||||||
|
Also we were overruning the string by one byte.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/mokutil.c | 20 +++++++++++++++++---
|
||||||
|
1 file changed, 17 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 4f9b288..2a5e72f 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -29,6 +29,7 @@
|
||||||
|
* version. If you delete this exception statement from all source
|
||||||
|
* files in the program, then also delete it here.
|
||||||
|
*/
|
||||||
|
+#include <errno.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
@@ -567,7 +568,7 @@ static int
|
||||||
|
get_hash_from_file (const char *file, pw_crypt_t *pw_crypt)
|
||||||
|
{
|
||||||
|
char string[300];
|
||||||
|
- ssize_t read_len;
|
||||||
|
+ ssize_t read_len = 0;
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
fd = open (file, O_RDONLY);
|
||||||
|
@@ -575,10 +576,23 @@ get_hash_from_file (const char *file, pw_crypt_t *pw_crypt)
|
||||||
|
fprintf (stderr, "Failed to open %s\n", file);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
- read_len = read (fd, string, 300);
|
||||||
|
+
|
||||||
|
+ while (read_len < 300) {
|
||||||
|
+ int rc = read (fd, string + read_len, 300 - read_len);
|
||||||
|
+ if (rc == EAGAIN)
|
||||||
|
+ continue;
|
||||||
|
+ if (rc < 0) {
|
||||||
|
+ fprintf (stderr, "Failed to read %s: %m\n", file);
|
||||||
|
+ close (fd);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ if (rc == 0)
|
||||||
|
+ break;
|
||||||
|
+ read_len += rc;
|
||||||
|
+ }
|
||||||
|
close (fd);
|
||||||
|
|
||||||
|
- if (string[read_len] != '\0') {
|
||||||
|
+ if (string[read_len-1] != '\0') {
|
||||||
|
fprintf (stderr, "corrupted string\n");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From 97b09b346640ea74e7d51c9b59247cd75836c453 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 10:01:35 -0500
|
||||||
|
Subject: [PATCH 06/10] Use a read/realloc loop to avoid a race condition on
|
||||||
|
stat()
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Coverity says:
|
||||||
|
4. shim-0.7/mokutil-0.2.0/src/mokutil.c:1228:toctou – Calling function
|
||||||
|
"open(char const *, int, ...)" that uses "key_file" after a check
|
||||||
|
function. This can cause a time-of-check, time-of-use race condition.
|
||||||
|
|
||||||
|
So with the new code we'll probably get garbage if somebody tries racing
|
||||||
|
that for some reason, but at least it'll be consistent garbage :)
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/mokutil.c | 35 ++++++++++++++++++++++++++---------
|
||||||
|
1 file changed, 26 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 2a5e72f..f29b57d 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -1227,6 +1227,30 @@ enable_db()
|
||||||
|
return set_toggle("MokDB", 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+static inline int
|
||||||
|
+read_file(int fd, char **bufp, size_t *lenptr) {
|
||||||
|
+ int alloced = 0, size = 0, i = 0;
|
||||||
|
+ char * buf = NULL;
|
||||||
|
+
|
||||||
|
+ do {
|
||||||
|
+ size += i;
|
||||||
|
+ if ((size + 1024) > alloced) {
|
||||||
|
+ alloced += 4096;
|
||||||
|
+ buf = realloc (buf, alloced + 1);
|
||||||
|
+ }
|
||||||
|
+ } while ((i = read (fd, buf + size, 1024)) > 0);
|
||||||
|
+
|
||||||
|
+ if (i < 0) {
|
||||||
|
+ free (buf);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ *bufp = buf;
|
||||||
|
+ *lenptr = size;
|
||||||
|
+
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int
|
||||||
|
test_key (const char *key_file)
|
||||||
|
{
|
||||||
|
@@ -1235,21 +1259,14 @@ test_key (const char *key_file)
|
||||||
|
ssize_t read_size;
|
||||||
|
int fd, ret = -1;
|
||||||
|
|
||||||
|
- if (stat (key_file, &buf) != 0) {
|
||||||
|
- fprintf (stderr, "Failed to get file status, %s\n", key_file);
|
||||||
|
- return -1;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- key = malloc (buf.st_size);
|
||||||
|
-
|
||||||
|
fd = open (key_file, O_RDONLY);
|
||||||
|
if (fd < 0) {
|
||||||
|
fprintf (stderr, "Failed to open %s\n", key_file);
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- read_size = read (fd, key, buf.st_size);
|
||||||
|
- if (read_size < 0 || read_size != buf.st_size) {
|
||||||
|
+ int rc = read_file (fd, &key, &read_size);
|
||||||
|
+ if (rc < 0) {
|
||||||
|
fprintf (stderr, "Failed to read %s\n", key_file);
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From 5facb36c5320fe54d38ab081505259c962f8fadb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 10:04:06 -0500
|
||||||
|
Subject: [PATCH 07/10] Fix check for string termination that was actually a
|
||||||
|
NULL ptr check...
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Coverity says:
|
||||||
|
|
||||||
|
2. shim-0.7/mokutil-0.2.0/src/password-crypt.c:267:check_after_deref –
|
||||||
|
Null-checking "tmp" suggests that it may be null, but it has already
|
||||||
|
been dereferenced on all paths leading to the check.
|
||||||
|
|
||||||
|
And:
|
||||||
|
|
||||||
|
2. shim-0.7/mokutil-0.2.0/src/password-crypt.c:215:check_after_deref –
|
||||||
|
Null-checking "tmp" suggests that it may be null, but it has already
|
||||||
|
been dereferenced on all paths leading to the check.
|
||||||
|
|
||||||
|
But to me it looks like these were supposed to be checking for end-of-string
|
||||||
|
instead.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/password-crypt.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/password-crypt.c b/src/password-crypt.c
|
||||||
|
index 7fbc3b6..17362f1 100644
|
||||||
|
--- a/src/password-crypt.c
|
||||||
|
+++ b/src/password-crypt.c
|
||||||
|
@@ -212,7 +212,7 @@ decode_sha256_pass (const char *string, pw_crypt_t *pw_crypt)
|
||||||
|
tmp = ptr;
|
||||||
|
if (strlen (ptr) > SHA256_B64_LENGTH) {
|
||||||
|
while (*tmp != '$') {
|
||||||
|
- if (tmp == '\0')
|
||||||
|
+ if (*tmp == '\0')
|
||||||
|
return -1;
|
||||||
|
count++;
|
||||||
|
tmp++;
|
||||||
|
@@ -264,7 +264,7 @@ decode_sha512_pass (const char *string, pw_crypt_t *pw_crypt)
|
||||||
|
tmp = ptr;
|
||||||
|
if (strlen (ptr) > SHA512_B64_LENGTH) {
|
||||||
|
while (*tmp != '$') {
|
||||||
|
- if (tmp == '\0')
|
||||||
|
+ if (*tmp == '\0')
|
||||||
|
return -1;
|
||||||
|
count++;
|
||||||
|
tmp++;
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From fcae982278ee1399d44c10a162a825589f735b54 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Jones <pjones@redhat.com>
|
||||||
|
Date: Fri, 15 Nov 2013 10:23:03 -0500
|
||||||
|
Subject: [PATCH 08/10] Make generate_pw_hash() somewhat cleaner.
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Coverity needlessly complains:
|
||||||
|
|
||||||
|
2. shim-0.7/mokutil-0.2.0/src/mokutil.c:1322:check_after_deref –
|
||||||
|
Null-checking "password" suggests that it may be null, but it has
|
||||||
|
already been dereferenced on all paths leading to the check.
|
||||||
|
|
||||||
|
While this doesn't really make any difference, the whole ret and
|
||||||
|
error-path was overkill here, so I got rid of it.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||||
|
---
|
||||||
|
src/mokutil.c | 16 ++++++++--------
|
||||||
|
1 file changed, 8 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index f29b57d..c6cfb29 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -1312,7 +1312,7 @@ generate_pw_hash (const char *input_pw)
|
||||||
|
char *crypt_string;
|
||||||
|
const char *prefix;
|
||||||
|
int prefix_len;
|
||||||
|
- int pw_len, salt_size, ret = -1;
|
||||||
|
+ int pw_len, salt_size;
|
||||||
|
|
||||||
|
if (input_pw) {
|
||||||
|
pw_len = strlen (input_pw);
|
||||||
|
@@ -1345,19 +1345,15 @@ generate_pw_hash (const char *input_pw)
|
||||||
|
settings[DEFAULT_SALT_SIZE + prefix_len] = '\0';
|
||||||
|
|
||||||
|
crypt_string = crypt (password, settings);
|
||||||
|
+ free (password);
|
||||||
|
if (!crypt_string) {
|
||||||
|
fprintf (stderr, "Failed to generate hash\n");
|
||||||
|
- goto error;
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
printf ("%s\n", crypt_string);
|
||||||
|
|
||||||
|
- ret = 0;
|
||||||
|
-error:
|
||||||
|
- if (password)
|
||||||
|
- free (password);
|
||||||
|
-
|
||||||
|
- return ret;
|
||||||
|
+ return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
@@ -1489,6 +1485,10 @@ main (int argc, char *argv[])
|
||||||
|
break;
|
||||||
|
case 't':
|
||||||
|
key_file = strdup (optarg);
|
||||||
|
+ if (key_file == NULL) {
|
||||||
|
+ fprintf (stderr, "Could not allocate space: %m\n");
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
command |= TEST_KEY;
|
||||||
|
break;
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From ab16ba45293896bc9e649d23e20ae4e39946f219 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gary Ching-Pang Lin <glin@suse.com>
|
||||||
|
Date: Mon, 25 Nov 2013 16:55:23 +0800
|
||||||
|
Subject: [PATCH 09/10] Fix warnings from gcc
|
||||||
|
|
||||||
|
---
|
||||||
|
src/mokutil.c | 11 +++++------
|
||||||
|
1 file changed, 5 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index c6cfb29..9aa4376 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -1228,9 +1228,9 @@ enable_db()
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline int
|
||||||
|
-read_file(int fd, char **bufp, size_t *lenptr) {
|
||||||
|
+read_file(int fd, void **bufp, size_t *lenptr) {
|
||||||
|
int alloced = 0, size = 0, i = 0;
|
||||||
|
- char * buf = NULL;
|
||||||
|
+ void * buf = NULL;
|
||||||
|
|
||||||
|
do {
|
||||||
|
size += i;
|
||||||
|
@@ -1254,10 +1254,9 @@ read_file(int fd, char **bufp, size_t *lenptr) {
|
||||||
|
static int
|
||||||
|
test_key (const char *key_file)
|
||||||
|
{
|
||||||
|
- struct stat buf;
|
||||||
|
void *key = NULL;
|
||||||
|
- ssize_t read_size;
|
||||||
|
- int fd, ret = -1;
|
||||||
|
+ size_t read_size;
|
||||||
|
+ int fd, rc, ret = -1;
|
||||||
|
|
||||||
|
fd = open (key_file, O_RDONLY);
|
||||||
|
if (fd < 0) {
|
||||||
|
@@ -1265,7 +1264,7 @@ test_key (const char *key_file)
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
- int rc = read_file (fd, &key, &read_size);
|
||||||
|
+ rc = read_file (fd, &key, &read_size);
|
||||||
|
if (rc < 0) {
|
||||||
|
fprintf (stderr, "Failed to read %s\n", key_file);
|
||||||
|
goto error;
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
||||||
|
|
||||||
|
From a1a7385419b45834a728464f36100fa1098b9741 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gary Ching-Pang Lin <glin@suse.com>
|
||||||
|
Date: Mon, 25 Nov 2013 16:57:33 +0800
|
||||||
|
Subject: [PATCH 10/10] Fix the indentation
|
||||||
|
|
||||||
|
---
|
||||||
|
src/mokutil.c | 34 +++++++++++++++++-----------------
|
||||||
|
1 file changed, 17 insertions(+), 17 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/mokutil.c b/src/mokutil.c
|
||||||
|
index 9aa4376..e4e247c 100644
|
||||||
|
--- a/src/mokutil.c
|
||||||
|
+++ b/src/mokutil.c
|
||||||
|
@@ -1229,26 +1229,26 @@ enable_db()
|
||||||
|
|
||||||
|
static inline int
|
||||||
|
read_file(int fd, void **bufp, size_t *lenptr) {
|
||||||
|
- int alloced = 0, size = 0, i = 0;
|
||||||
|
- void * buf = NULL;
|
||||||
|
-
|
||||||
|
- do {
|
||||||
|
- size += i;
|
||||||
|
- if ((size + 1024) > alloced) {
|
||||||
|
- alloced += 4096;
|
||||||
|
- buf = realloc (buf, alloced + 1);
|
||||||
|
- }
|
||||||
|
- } while ((i = read (fd, buf + size, 1024)) > 0);
|
||||||
|
+ int alloced = 0, size = 0, i = 0;
|
||||||
|
+ void * buf = NULL;
|
||||||
|
|
||||||
|
- if (i < 0) {
|
||||||
|
- free (buf);
|
||||||
|
- return -1;
|
||||||
|
- }
|
||||||
|
+ do {
|
||||||
|
+ size += i;
|
||||||
|
+ if ((size + 1024) > alloced) {
|
||||||
|
+ alloced += 4096;
|
||||||
|
+ buf = realloc (buf, alloced + 1);
|
||||||
|
+ }
|
||||||
|
+ } while ((i = read (fd, buf + size, 1024)) > 0);
|
||||||
|
|
||||||
|
- *bufp = buf;
|
||||||
|
- *lenptr = size;
|
||||||
|
+ if (i < 0) {
|
||||||
|
+ free (buf);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ *bufp = buf;
|
||||||
|
+ *lenptr = size;
|
||||||
|
|
||||||
|
- return 0;
|
||||||
|
+ return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
@ -1,3 +1,11 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Dec 5 02:11:40 UTC 2013 - glin@suse.com
|
||||||
|
|
||||||
|
- Add mokutil-upstream-fixes.patch to include upstream fixes for
|
||||||
|
db signature check, gcc warnings, and error handling
|
||||||
|
- Add mokutil-mokx-support.patch to support the MOK blacklist
|
||||||
|
(FATE#316531)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jul 25 09:13:44 UTC 2013 - glin@suse.com
|
Thu Jul 25 09:13:44 UTC 2013 - glin@suse.com
|
||||||
|
|
||||||
|
@ -24,6 +24,10 @@ License: GPL-3.0
|
|||||||
Group: Productivity/Security
|
Group: Productivity/Security
|
||||||
Url: https://github.com/lcp/mokutil
|
Url: https://github.com/lcp/mokutil
|
||||||
Source: %{name}-%{version}.tar.bz2
|
Source: %{name}-%{version}.tar.bz2
|
||||||
|
# PATCH-FIX-UPSTREAM mokutil-upstream-fixes.patch glin@suse.com -- Include upstream fixes for db signature check, gcc warnings, error handling
|
||||||
|
Patch1: mokutil-upstream-fixes.patch
|
||||||
|
# PATCH-FIX-UPSTREAM mokutil-mokx-support.patch glin@suse.com -- Support the MOK blacklist
|
||||||
|
Patch2: mokutil-mokx-support.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: libopenssl-devel >= 0.9.8
|
BuildRequires: libopenssl-devel >= 0.9.8
|
||||||
@ -43,6 +47,8 @@ Authors:
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure
|
%configure
|
||||||
|
Loading…
Reference in New Issue
Block a user