diff --git a/tboot-signature-segfault.patch b/tboot-signature-segfault.patch new file mode 100644 index 0000000..0146634 --- /dev/null +++ b/tboot-signature-segfault.patch @@ -0,0 +1,80 @@ +changeset: 506:09fae64a7515 +user: Ning Sun +date: Sat Sep 02 01:40:15 2017 -0700 +summary: Fix openssl-1.0.2 double frees + +Index: tboot-1.9.6/lcptools-v2/crtpollist.c +=================================================================== +--- tboot-1.9.6.orig/lcptools-v2/crtpollist.c ++++ tboot-1.9.6/lcptools-v2/crtpollist.c +@@ -160,15 +160,14 @@ static lcp_signature_t2 *read_rsa_pubkey + + memset(sig, 0, sizeof(lcp_rsa_signature_t) + 2*keysize); + sig->rsa_signature.pubkey_size = keysize; +- +- BIGNUM *modulus = BN_new(); +- ++ + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA + stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ BIGNUM *modulus = BN_new(); + RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); + #else +- modulus = pubkey->n; ++ BIGNUM *modulus = BN_dup(pubkey->n); + #endif + + unsigned char key[keysize]; +Index: tboot-1.9.6/lcptools-v2/lcputils.c +=================================================================== +--- tboot-1.9.6.orig/lcptools-v2/lcputils.c ++++ tboot-1.9.6/lcptools-v2/lcputils.c +@@ -384,8 +384,8 @@ bool verify_signature(const uint8_t *dat + #if OPENSSL_VERSION_NUMBER >= 0x10100000L + RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); + #else +- rsa_pubkey->n = modulus; +- rsa_pubkey->e = exponent; ++ rsa_pubkey->n = BN_dup(modulus); ++ rsa_pubkey->e = BN_dup(exponent); + rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; + #endif + +Index: tboot-1.9.6/lcptools/crtpollist.c +=================================================================== +--- tboot-1.9.6.orig/lcptools/crtpollist.c ++++ tboot-1.9.6/lcptools/crtpollist.c +@@ -155,14 +155,14 @@ static lcp_signature_t *read_pubkey_file + + memset(sig, 0, sizeof(*sig) + 2*keysize); + sig->pubkey_size = keysize; +- +- BIGNUM *modulus = BN_new(); ++ + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA + stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ BIGNUM *modulus = BN_new(); + RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); + #else +- modulus = pubkey->n; ++ BIGNUM *modulus = BN_dup(pubkey->n); + #endif + unsigned char key[keysize]; + BN_bn2bin(modulus, key); +Index: tboot-1.9.6/lcptools/lcputils2.c +=================================================================== +--- tboot-1.9.6.orig/lcptools/lcputils2.c ++++ tboot-1.9.6/lcptools/lcputils2.c +@@ -288,8 +288,8 @@ bool verify_signature(const uint8_t *dat + #if OPENSSL_VERSION_NUMBER >= 0x10100000L + RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); + #else +- rsa_pubkey->n = modulus; +- rsa_pubkey->e = exponent; ++ rsa_pubkey->n = BN_dup(modulus); ++ rsa_pubkey->e = BN_dup(exponent); + rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; + #endif + diff --git a/tboot-ssl-broken.patch b/tboot-ssl-broken.patch new file mode 100644 index 0000000..58a6fd9 --- /dev/null +++ b/tboot-ssl-broken.patch @@ -0,0 +1,268 @@ +Index: tboot-1.9.6/lcptools-v2/crtpollist.c +=================================================================== +--- tboot-1.9.6.orig/lcptools-v2/crtpollist.c ++++ tboot-1.9.6/lcptools-v2/crtpollist.c +@@ -132,6 +132,7 @@ static lcp_signature_t2 *read_rsa_pubkey + if ( fp == NULL ) { + ERROR("Error: failed to open .pem file %s: %s\n", file, + strerror(errno)); ++ fclose(fp); + return NULL; + } + +@@ -141,6 +142,7 @@ static lcp_signature_t2 *read_rsa_pubkey + ERROR("Error: failed to read .pem file %s: %s\n", file, + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); ++ fclose(fp); + return NULL; + } + +@@ -148,6 +150,7 @@ static lcp_signature_t2 *read_rsa_pubkey + if ( keysize == 0 ) { + ERROR("Error: public key size is 0\n"); + RSA_free(pubkey); ++ fclose(fp); + return NULL; + } + +@@ -155,19 +158,20 @@ static lcp_signature_t2 *read_rsa_pubkey + if ( sig == NULL ) { + ERROR("Error: failed to allocate sig\n"); + RSA_free(pubkey); ++ fclose(fp); + return NULL; + } + + memset(sig, 0, sizeof(lcp_rsa_signature_t) + 2*keysize); + sig->rsa_signature.pubkey_size = keysize; + ++ const BIGNUM *modulus = NULL; + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA + stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L +- BIGNUM *modulus = BN_new(); +- RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); ++ RSA_get0_key(pubkey, &modulus, NULL, NULL); + #else +- BIGNUM *modulus = BN_dup(pubkey->n); ++ modulus = pubkey->n; + #endif + + unsigned char key[keysize]; +@@ -183,8 +187,8 @@ static lcp_signature_t2 *read_rsa_pubkey + } + + LOG("read rsa pubkey succeed!\n"); +- BN_free(modulus); + RSA_free(pubkey); ++ fclose(fp); + return sig; + } + +@@ -386,13 +390,13 @@ static bool ecdsa_sign_tpm20_list_data(l + return false; + } + +- BIGNUM *r = BN_new(); +- BIGNUM *s = BN_new(); +- ++ const BIGNUM *r = NULL; ++ const BIGNUM *s = NULL; ++ + /* OpenSSL Version 1.1.0 and later don't allow direct access to + ECDSA_SIG stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L +- ECDSA_SIG_get0(ecdsasig, (const BIGNUM **)&r, (const BIGNUM **)&s); ++ ECDSA_SIG_get0(ecdsasig, &r, &s); + #else + r = ecdsasig->r; + s = ecdsasig->s; +@@ -415,8 +419,7 @@ static bool ecdsa_sign_tpm20_list_data(l + display_tpm20_signature(" ", sig, pollist->sig_alg, false); + } + +- BN_free(r); +- BN_free(s); ++ ECDSA_SIG_free(ecdsasig); + return true; + } + return false; +Index: tboot-1.9.6/lcptools-v2/lcputils.c +=================================================================== +--- tboot-1.9.6.orig/lcptools-v2/lcputils.c ++++ tboot-1.9.6/lcptools-v2/lcputils.c +@@ -371,9 +371,8 @@ bool verify_signature(const uint8_t *dat + return false; + } + +- BIGNUM *modulus = BN_new(); ++ BIGNUM *modulus = BN_bin2bn(key, pubkey_size, NULL); + BIGNUM *exponent = BN_new(); +- modulus = BN_bin2bn(key, pubkey_size, NULL); + + /* uses fixed exponent (LCP_SIG_EXPONENT) */ + char exp[32]; +@@ -384,8 +383,8 @@ bool verify_signature(const uint8_t *dat + #if OPENSSL_VERSION_NUMBER >= 0x10100000L + RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); + #else +- rsa_pubkey->n = BN_dup(modulus); +- rsa_pubkey->e = BN_dup(exponent); ++ rsa_pubkey->n = modulus; ++ rsa_pubkey->e = exponent; + rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; + #endif + +@@ -407,8 +406,6 @@ bool verify_signature(const uint8_t *dat + tb_hash_t digest; + if ( !hash_buffer(data, data_size, &digest, hashalg) ) { + ERROR("Error: failed to hash list\n"); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -451,8 +448,6 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to verify list: %s\n", + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -467,8 +462,6 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to verify list: %s\n", + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -483,8 +476,6 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to verify list: %s\n", + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -499,8 +490,6 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to verify list: %s\n", + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -508,13 +497,10 @@ bool verify_signature(const uint8_t *dat + + default : + LOG("unknown hash alg\n"); +- BN_free(modulus); +- BN_free(exponent); ++ RSA_free(rsa_pubkey); + return false; + } + +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return true; + } +Index: tboot-1.9.6/lcptools/crtpollist.c +=================================================================== +--- tboot-1.9.6.orig/lcptools/crtpollist.c ++++ tboot-1.9.6/lcptools/crtpollist.c +@@ -156,13 +156,14 @@ static lcp_signature_t *read_pubkey_file + memset(sig, 0, sizeof(*sig) + 2*keysize); + sig->pubkey_size = keysize; + ++ const BIGNUM *modulus = NULL; ++ + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA + stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L +- BIGNUM *modulus = BN_new(); +- RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); ++ RSA_get0_key(pubkey, &modulus, NULL, NULL); + #else +- BIGNUM *modulus = BN_dup(pubkey->n); ++ modulus = pubkey->n; + #endif + unsigned char key[keysize]; + BN_bn2bin(modulus, key); +@@ -175,8 +176,7 @@ static lcp_signature_t *read_pubkey_file + LOG("signature:\n"); + display_signature(" ", sig, false); + } +- +- BN_free(modulus); ++ + RSA_free(pubkey); + return sig; + } +Index: tboot-1.9.6/lcptools/lcputils2.c +=================================================================== +--- tboot-1.9.6.orig/lcptools/lcputils2.c ++++ tboot-1.9.6/lcptools/lcputils2.c +@@ -274,31 +274,29 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to allocate key\n"); + return false; + } +- BIGNUM *modulus = BN_new(); ++ ++ BIGNUM *modulus = BN_bin2bn(key, pubkey_size, NULL); + BIGNUM *exponent = BN_new(); +- modulus = BN_bin2bn(key, pubkey_size, NULL); + + /* uses fixed exponent (LCP_SIG_EXPONENT) */ + char exp[32]; + snprintf(exp, sizeof(exp), "%u", LCP_SIG_EXPONENT); + BN_dec2bn(&exponent, exp); +- ++ + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA + stuct */ + #if OPENSSL_VERSION_NUMBER >= 0x10100000L +- RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); ++ RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); + #else +- rsa_pubkey->n = BN_dup(modulus); +- rsa_pubkey->e = BN_dup(exponent); +- rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; ++ rsa_pubkey->n = modulus; ++ rsa_pubkey->e = exponent; ++ rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; + #endif + + /* first create digest of data */ + tb_hash_t digest; + if ( !hash_buffer(data, data_size, &digest, TB_HALG_SHA1_LG) ) { + ERROR("Error: failed to hash list\n"); +- BN_free(modulus); +- BN_free(exponent); + RSA_free(rsa_pubkey); + return false; + } +@@ -339,14 +337,10 @@ bool verify_signature(const uint8_t *dat + ERROR("Error: failed to verify list: %s\n", + ERR_error_string(ERR_get_error(), NULL)); + ERR_free_strings(); +- BN_free(modulus); +- BN_free(exponent); +- RSA_free(rsa_pubkey); ++ RSA_free(rsa_pubkey); + return false; + } +- +- BN_free(modulus); +- BN_free(exponent); ++ + RSA_free(rsa_pubkey); + return true; + } diff --git a/tboot.changes b/tboot.changes index ac99cd1..05db822 100644 --- a/tboot.changes +++ b/tboot.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Mar 15 09:49:03 UTC 2018 - matthias.gerstner@suse.com + +- tboot-ssl-broken.patch: Fixed memory corruption when using OpenSSL + functionality like in lcp2_crtpollist (bnc#1083693). Fix has not yet been + commented on by upstream (posted on tboot-devel mailing list). + ------------------------------------------------------------------- Wed Feb 21 12:26:10 UTC 2018 - matthias.gerstner@suse.com diff --git a/tboot.spec b/tboot.spec index 8a250c3..115939d 100644 --- a/tboot.spec +++ b/tboot.spec @@ -30,7 +30,12 @@ Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch5: tboot-openssl-1-1-0.patch Patch6: tboot-CVE-2017-16837.patch Patch7: tboot-distributor.patch -# PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ +# a stark history regarding SSL: ssl functions never really worked in tboot, +# even the signature-segfault upstream fix didn't fix the root causes. +# ssl-broken.patch is my own patch that I have published on the tboot-devel +# mailing list, but no response so far. +Patch8: tboot-signature-segfault.patch +Patch9: tboot-ssl-broken.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel @@ -58,6 +63,8 @@ verified launch of an OS kernel/VMM. %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build export CFLAGS="%{optflags}" @@ -107,7 +114,7 @@ make debug=y install DISTDIR="%{buildroot}" MANPATH="%{buildroot}/%{_mandir}" %postun %if 0%{?update_bootloader_check_type_reinit_post:1} # there is no clean solution for refresh during package removal at the moment. -# %posttrans is not executed during package removal. +# %%posttrans is not executed during package removal. %update_bootloader_check_type_reinit_post grub2 grub2-efi %update_bootloader_posttrans %else