summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--user/mbedtls/APKBUILD17
-rw-r--r--user/mbedtls/fix-big-endian-alignment-tests.patch313
2 files changed, 318 insertions, 12 deletions
diff --git a/user/mbedtls/APKBUILD b/user/mbedtls/APKBUILD
index 2b2751e6f..362e112e9 100644
--- a/user/mbedtls/APKBUILD
+++ b/user/mbedtls/APKBUILD
@@ -11,7 +11,9 @@ depends=""
checkdepends="python3"
makedepends="cmake"
subpackages="$pkgname-dev"
-source="mbedtls-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/refs/tags/v$pkgver.tar.gz"
+source="mbedtls-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/refs/tags/v$pkgver.tar.gz
+ fix-big-endian-alignment-tests.patch
+ "
# secfixes:
# 3.3.0-r0:
@@ -20,16 +22,6 @@ source="mbedtls-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/refs/
# - CVE-2022-46392
# - CVE-2022-46393
-prepare() {
- default_prepare
-
- #1002 -- fails on BE platforms (ppc64, sparc64, ...)
- rm -v \
- tests/suites/test_suite_alignment.data \
- tests/suites/test_suite_alignment.function \
- ;
-}
-
build() {
if [ "$CBUILD" != "$CHOST" ]; then
CMAKE_CROSSOPTS="-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_HOST_SYSTEM_NAME=Linux"
@@ -59,4 +51,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="be24d2c926f94a7958c4340574e2c74a745120ccf20bcaeeda18b9c0e732fd1913f37c1f883b74ff772c24fbe8763c25c34e99a20a69e023c3d0d49aedd5f6b5 mbedtls-3.4.0.tar.gz"
+sha512sums="be24d2c926f94a7958c4340574e2c74a745120ccf20bcaeeda18b9c0e732fd1913f37c1f883b74ff772c24fbe8763c25c34e99a20a69e023c3d0d49aedd5f6b5 mbedtls-3.4.0.tar.gz
+40a4aefd39b63babf1f54bb2ab655278aaca1482da6e0b8943751a55c067307f8a591217b0c3b546a8ae02f7eca72c22da9d74378a5c28e00f8ca97dbcf1b7f8 fix-big-endian-alignment-tests.patch"
diff --git a/user/mbedtls/fix-big-endian-alignment-tests.patch b/user/mbedtls/fix-big-endian-alignment-tests.patch
new file mode 100644
index 000000000..c03fdb426
--- /dev/null
+++ b/user/mbedtls/fix-big-endian-alignment-tests.patch
@@ -0,0 +1,313 @@
+See also:
+
+ * https://git.adelielinux.org/adelie/packages/-/issues/1002
+ * https://github.com/Mbed-TLS/mbedtls/issues/7428
+ * https://github.com/Mbed-TLS/mbedtls/pull/7440
+
+From 9dc8b6a6a201ccdbfcbf0de8f76b8b0ddfc2f85c Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 12:53:35 +0100
+Subject: [PATCH 1/6] Test fixes for big-endian
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 58 ++++++++++++----------
+ 1 file changed, 31 insertions(+), 27 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index f6703318ce7..45080cc7b6a 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -17,6 +17,20 @@ int parse_hex_string(char *hex_string, uint64_t *result)
+ if (mbedtls_test_unhexify(raw, sizeof(raw), hex_string, &olen) != 0) {
+ return 0;
+ }
++
++ /* If < 8 bytes, shift right and pad with leading zeros for big-endian */
++ if (MBEDTLS_IS_BIG_ENDIAN) {
++ if (olen < 8) {
++ int offset = 8 - olen;
++ for (int i = olen - 1; i >= 0; i--) {
++ raw[i + offset] = raw[i];
++ }
++ for (int i = 0; i < offset; i++) {
++ raw[i] = 0;
++ }
++ }
++ }
++
+ *result = 0;
+ for (size_t i = 0; i < olen; i++) {
+ if (MBEDTLS_IS_BIG_ENDIAN) {
+@@ -57,38 +71,28 @@ void mbedtls_unaligned_access(int size, int offset)
+ break;
+ }
+
+- /* Generate expected result */
+- uint64_t expected = 0;
+- for (uint8_t i = 0; i < 8; i++) {
+- uint8_t shift;
+- if (MBEDTLS_IS_BIG_ENDIAN) {
+- /*
+- * Similar to little-endian case described below, but the shift needs
+- * to be inverted
+- */
+- shift = 7 - (i * 8);
+- } else {
+- /* example for offset == 1:
+- * expected = (( 1 + 0 ) << (0 * 8)) | (( 1 + 1 ) << (1 * 8)) | (( 1 + 2 ) << (2 * 8)))
+- * = (1 << 0) | (2 << 8) | (3 << 16) ...
+- * = 0x0807060504030201
+- * x = { 0, 1, 2, 3, ... }
+- * ie expected is the value that would be read from x on a LE system, when
+- * byte swapping is not performed
+- */
+- shift = i * 8;
+- }
+- uint64_t b = offset + i;
+- expected |= b << shift;
++ /* Define expected result by manually aligning the raw bytes, and
++ * reading back with a normal pointer access. */
++ uint64_t raw_aligned = 0;
++ uint8_t *e8 = (uint8_t *) &raw_aligned;
++ uint8_t *r8 = ((uint8_t *) &raw) + offset;
++ /* Make aligned copy */
++ for (int i = 0; i < size / 8; i++) {
++ e8[i] = r8[i];
+ }
+-
+- /* Mask out excess bits from expected result */
++ /* Make a 16/32/64 byte read from the aligned location, and copy to expected */
++ uint64_t expected = 0;
+ switch (size) {
+ case 16:
+- expected &= 0xffff;
++ uint16_t *e16 = (uint16_t *) &raw_aligned;
++ expected = *e16;
+ break;
+ case 32:
+- expected &= 0xffffffff;
++ uint32_t *e32 = (uint32_t *) &raw_aligned;
++ expected = *e32;
++ break;
++ case 64:
++ expected = raw_aligned;
+ break;
+ }
+
+
+From 0a05e703dbc303fc5e1154e926bc96cb312ace89 Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 13:01:34 +0100
+Subject: [PATCH 2/6] Tidy-up
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 29 ++++++++--------------
+ 1 file changed, 11 insertions(+), 18 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index 45080cc7b6a..cd4502005f0 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -19,15 +19,13 @@ int parse_hex_string(char *hex_string, uint64_t *result)
+ }
+
+ /* If < 8 bytes, shift right and pad with leading zeros for big-endian */
+- if (MBEDTLS_IS_BIG_ENDIAN) {
+- if (olen < 8) {
+- int offset = 8 - olen;
+- for (int i = olen - 1; i >= 0; i--) {
+- raw[i + offset] = raw[i];
+- }
+- for (int i = 0; i < offset; i++) {
+- raw[i] = 0;
+- }
++ if (MBEDTLS_IS_BIG_ENDIAN && olen < 8) {
++ int offset = 8 - olen;
++ for (int i = olen - 1; i >= 0; i--) {
++ raw[i + offset] = raw[i];
++ }
++ for (int i = 0; i < offset; i++) {
++ raw[i] = 0;
+ }
+ }
+
+@@ -73,13 +71,8 @@ void mbedtls_unaligned_access(int size, int offset)
+
+ /* Define expected result by manually aligning the raw bytes, and
+ * reading back with a normal pointer access. */
+- uint64_t raw_aligned = 0;
+- uint8_t *e8 = (uint8_t *) &raw_aligned;
+- uint8_t *r8 = ((uint8_t *) &raw) + offset;
+- /* Make aligned copy */
+- for (int i = 0; i < size / 8; i++) {
+- e8[i] = r8[i];
+- }
++ uint64_t raw_aligned;
++ memcpy(&raw_aligned, ((uint8_t*)&raw) + offset, size / 8);
+ /* Make a 16/32/64 byte read from the aligned location, and copy to expected */
+ uint64_t expected = 0;
+ switch (size) {
+@@ -98,7 +91,7 @@ void mbedtls_unaligned_access(int size, int offset)
+
+ TEST_EQUAL(r, expected);
+
+- /* Write sentinel to the part of the array we will testing writing to */
++ /* Write sentinel to the part of the array we will test writing to */
+ for (size_t i = 0; i < (size_t) (size / 8); i++) {
+ x[i + offset] = 0xff;
+ }
+@@ -319,7 +312,7 @@ void unaligned_access_endian_aware(int size, int offset, int big_endian)
+ /* Verify read */
+ TEST_EQUAL(read, expected);
+
+- /* Test writing back to memory. First write sentiel */
++ /* Test writing back to memory. First write sentinel */
+ for (size_t i = 0; i < (size_t) (size / 8); i++) {
+ x[i + offset] = 0xff;
+ }
+
+From df2d5b1ca1569f3a6e129e276756d9d15980f719 Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 13:41:09 +0100
+Subject: [PATCH 3/6] Fix compile error
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index cd4502005f0..3a5038e98c2 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -71,21 +71,21 @@ void mbedtls_unaligned_access(int size, int offset)
+
+ /* Define expected result by manually aligning the raw bytes, and
+ * reading back with a normal pointer access. */
+- uint64_t raw_aligned;
+- memcpy(&raw_aligned, ((uint8_t*)&raw) + offset, size / 8);
++ uint64_t raw_aligned_64;
++ uint16_t *raw_aligned_16 = (uint16_t *) &raw_aligned_64;
++ uint32_t *raw_aligned_32 = (uint32_t *) &raw_aligned_64;
++ memcpy(&raw_aligned_64, ((uint8_t *) &raw) + offset, size / 8);
+ /* Make a 16/32/64 byte read from the aligned location, and copy to expected */
+ uint64_t expected = 0;
+ switch (size) {
+ case 16:
+- uint16_t *e16 = (uint16_t *) &raw_aligned;
+- expected = *e16;
++ expected = *raw_aligned_16;
+ break;
+ case 32:
+- uint32_t *e32 = (uint32_t *) &raw_aligned;
+- expected = *e32;
++ expected = *raw_aligned_32;
+ break;
+ case 64:
+- expected = raw_aligned;
++ expected = raw_aligned_64;
+ break;
+ }
+
+
+From b169671c50e7c1779763ac89d35af11dc0997477 Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 13:46:46 +0100
+Subject: [PATCH 4/6] Tidy-up
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 9 ++-------
+ 1 file changed, 2 insertions(+), 7 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index 3a5038e98c2..b027c4b1165 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -20,13 +20,8 @@ int parse_hex_string(char *hex_string, uint64_t *result)
+
+ /* If < 8 bytes, shift right and pad with leading zeros for big-endian */
+ if (MBEDTLS_IS_BIG_ENDIAN && olen < 8) {
+- int offset = 8 - olen;
+- for (int i = olen - 1; i >= 0; i--) {
+- raw[i + offset] = raw[i];
+- }
+- for (int i = 0; i < offset; i++) {
+- raw[i] = 0;
+- }
++ memmove(raw + 8 - olen, raw, olen);
++ memset(raw, 0, 8 - olen);
+ }
+
+ *result = 0;
+
+From c07df36f9e402ef8b97beb92b25556b04c10c77e Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 14:54:12 +0100
+Subject: [PATCH 5/6] More fixes for big-endian
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 12 +-----------
+ 1 file changed, 1 insertion(+), 11 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index b027c4b1165..717c51a6951 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -18,19 +18,9 @@ int parse_hex_string(char *hex_string, uint64_t *result)
+ return 0;
+ }
+
+- /* If < 8 bytes, shift right and pad with leading zeros for big-endian */
+- if (MBEDTLS_IS_BIG_ENDIAN && olen < 8) {
+- memmove(raw + 8 - olen, raw, olen);
+- memset(raw, 0, 8 - olen);
+- }
+-
+ *result = 0;
+ for (size_t i = 0; i < olen; i++) {
+- if (MBEDTLS_IS_BIG_ENDIAN) {
+- *result |= ((uint64_t) raw[i]) << (i * 8);
+- } else {
+- *result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
+- }
++ *result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8);
+ }
+ return 1;
+ }
+
+From 9145dc46ed98f0bc19e09d52486ba120c1f14589 Mon Sep 17 00:00:00 2001
+From: Dave Rodgman <dave.rodgman@arm.com>
+Date: Thu, 13 Apr 2023 14:59:03 +0100
+Subject: [PATCH 6/6] Ensure variables initialised
+
+Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
+---
+ tests/suites/test_suite_alignment.function | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function
+index 717c51a6951..ed8f918d8c3 100644
+--- a/tests/suites/test_suite_alignment.function
++++ b/tests/suites/test_suite_alignment.function
+@@ -12,7 +12,7 @@
+ */
+ int parse_hex_string(char *hex_string, uint64_t *result)
+ {
+- uint8_t raw[8];
++ uint8_t raw[8] = {0};
+ size_t olen;
+ if (mbedtls_test_unhexify(raw, sizeof(raw), hex_string, &olen) != 0) {
+ return 0;
+@@ -104,7 +104,7 @@ void mbedtls_unaligned_access(int size, int offset)
+ /* BEGIN_CASE */
+ void mbedtls_byteswap(char *input_str, int size, char *expected_str)
+ {
+- uint64_t input, expected;
++ uint64_t input = 0, expected = 0;
+ TEST_ASSERT(parse_hex_string(input_str, &input));
+ TEST_ASSERT(parse_hex_string(expected_str, &expected));
+