diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-connectivity/openssl')
4 files changed, 409 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-1292-Fix-openssl-c_rehash.patch b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-1292-Fix-openssl-c_rehash.patch new file mode 100644 index 000000000..ec4daf015 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-1292-Fix-openssl-c_rehash.patch @@ -0,0 +1,76 @@ +From e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz <tomas@openssl.org> +Date: Tue, 26 Apr 2022 12:40:24 +0200 +Subject: [PATCH] c_rehash: Do not use shell to invoke openssl + +Except on VMS where it is safe. + +This fixes CVE-2022-1292. + +Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> +Reviewed-by: Matt Caswell <matt@openssl.org> +--- + tools/c_rehash.in | 29 +++++++++++++++++++++++++---- + 1 file changed, 25 insertions(+), 4 deletions(-) + +diff --git a/tools/c_rehash.in b/tools/c_rehash.in +index fa7c6c9fef..83c1cc80e0 100644 +--- a/tools/c_rehash.in ++++ b/tools/c_rehash.in +@@ -152,6 +152,23 @@ sub check_file { + return ($is_cert, $is_crl); + } + ++sub compute_hash { ++ my $fh; ++ if ( $^O eq "VMS" ) { ++ # VMS uses the open through shell ++ # The file names are safe there and list form is unsupported ++ if (!open($fh, "-|", join(' ', @_))) { ++ print STDERR "Cannot compute hash on '$fname'\n"; ++ return; ++ } ++ } else { ++ if (!open($fh, "-|", @_)) { ++ print STDERR "Cannot compute hash on '$fname'\n"; ++ return; ++ } ++ } ++ return (<$fh>, <$fh>); ++} + + # Link a certificate to its subject name hash value, each hash is of + # the form <hash>.<n> where n is an integer. If the hash value already exists +@@ -161,10 +178,12 @@ sub check_file { + + sub link_hash_cert { + my $fname = $_[0]; +- $fname =~ s/\"/\\\"/g; +- my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; ++ my ($hash, $fprint) = compute_hash($openssl, "x509", $x509hash, ++ "-fingerprint", "-noout", ++ "-in", $fname); + chomp $hash; + chomp $fprint; ++ return if !$hash; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; +@@ -202,10 +221,12 @@ sub link_hash_cert { + + sub link_hash_crl { + my $fname = $_[0]; +- $fname =~ s/'/'\\''/g; +- my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; ++ my ($hash, $fprint) = compute_hash($openssl, "crl", $crlhash, ++ "-fingerprint", "-noout", ++ "-in", $fname); + chomp $hash; + chomp $fprint; ++ return if !$hash; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; +-- +2.25.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2068-Fix-file-operations-in-c_rehash.patch b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2068-Fix-file-operations-in-c_rehash.patch new file mode 100644 index 000000000..04e75877a --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2068-Fix-file-operations-in-c_rehash.patch @@ -0,0 +1,257 @@ +From 9639817dac8bbbaa64d09efad7464ccc405527c7 Mon Sep 17 00:00:00 2001 +From: Daniel Fiala <daniel@openssl.org> +Date: Sun, 29 May 2022 20:11:24 +0200 +Subject: [PATCH] Fix file operations in c_rehash. + +CVE-2022-2068 + +Reviewed-by: Matt Caswell <matt@openssl.org> +Reviewed-by: Richard Levitte <levitte@openssl.org> +--- + tools/c_rehash.in | 216 +++++++++++++++++++++++----------------------- + 1 file changed, 107 insertions(+), 109 deletions(-) + +diff --git a/tools/c_rehash.in b/tools/c_rehash.in +index cfd18f5da1..9d2a6f6db7 100644 +--- a/tools/c_rehash.in ++++ b/tools/c_rehash.in +@@ -104,52 +104,78 @@ foreach (@dirlist) { + } + exit($errorcount); + ++sub copy_file { ++ my ($src_fname, $dst_fname) = @_; ++ ++ if (open(my $in, "<", $src_fname)) { ++ if (open(my $out, ">", $dst_fname)) { ++ print $out $_ while (<$in>); ++ close $out; ++ } else { ++ warn "Cannot open $dst_fname for write, $!"; ++ } ++ close $in; ++ } else { ++ warn "Cannot open $src_fname for read, $!"; ++ } ++} ++ + sub hash_dir { +- my %hashlist; +- print "Doing $_[0]\n"; +- chdir $_[0]; +- opendir(DIR, "."); +- my @flist = sort readdir(DIR); +- closedir DIR; +- if ( $removelinks ) { +- # Delete any existing symbolic links +- foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { +- if (-l $_) { +- print "unlink $_" if $verbose; +- unlink $_ || warn "Can't unlink $_, $!\n"; +- } +- } +- } +- FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { +- # Check to see if certificates and/or CRLs present. +- my ($cert, $crl) = check_file($fname); +- if (!$cert && !$crl) { +- print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; +- next; +- } +- link_hash_cert($fname) if ($cert); +- link_hash_crl($fname) if ($crl); +- } ++ my $dir = shift; ++ my %hashlist; ++ ++ print "Doing $dir\n"; ++ ++ if (!chdir $dir) { ++ print STDERR "WARNING: Cannot chdir to '$dir', $!\n"; ++ return; ++ } ++ ++ opendir(DIR, ".") || print STDERR "WARNING: Cannot opendir '.', $!\n"; ++ my @flist = sort readdir(DIR); ++ closedir DIR; ++ if ( $removelinks ) { ++ # Delete any existing symbolic links ++ foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) { ++ if (-l $_) { ++ print "unlink $_\n" if $verbose; ++ unlink $_ || warn "Can't unlink $_, $!\n"; ++ } ++ } ++ } ++ FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) { ++ # Check to see if certificates and/or CRLs present. ++ my ($cert, $crl) = check_file($fname); ++ if (!$cert && !$crl) { ++ print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n"; ++ next; ++ } ++ link_hash_cert($fname) if ($cert); ++ link_hash_crl($fname) if ($crl); ++ } ++ ++ chdir $pwd; + } + + sub check_file { +- my ($is_cert, $is_crl) = (0,0); +- my $fname = $_[0]; +- open IN, $fname; +- while(<IN>) { +- if (/^-----BEGIN (.*)-----/) { +- my $hdr = $1; +- if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { +- $is_cert = 1; +- last if ($is_crl); +- } elsif ($hdr eq "X509 CRL") { +- $is_crl = 1; +- last if ($is_cert); +- } +- } +- } +- close IN; +- return ($is_cert, $is_crl); ++ my ($is_cert, $is_crl) = (0,0); ++ my $fname = $_[0]; ++ ++ open(my $in, "<", $fname); ++ while(<$in>) { ++ if (/^-----BEGIN (.*)-----/) { ++ my $hdr = $1; ++ if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) { ++ $is_cert = 1; ++ last if ($is_crl); ++ } elsif ($hdr eq "X509 CRL") { ++ $is_crl = 1; ++ last if ($is_cert); ++ } ++ } ++ } ++ close $in; ++ return ($is_cert, $is_crl); + } + + sub compute_hash { +@@ -177,76 +203,48 @@ sub compute_hash { + # certificate fingerprints + + sub link_hash_cert { +- my $fname = $_[0]; +- my ($hash, $fprint) = compute_hash($openssl, "x509", $x509hash, +- "-fingerprint", "-noout", +- "-in", $fname); +- chomp $hash; +- chomp $fprint; +- return if !$hash; +- $fprint =~ s/^.*=//; +- $fprint =~ tr/://d; +- my $suffix = 0; +- # Search for an unused hash filename +- while(exists $hashlist{"$hash.$suffix"}) { +- # Hash matches: if fingerprint matches its a duplicate cert +- if ($hashlist{"$hash.$suffix"} eq $fprint) { +- print STDERR "WARNING: Skipping duplicate certificate $fname\n"; +- return; +- } +- $suffix++; +- } +- $hash .= ".$suffix"; +- if ($symlink_exists) { +- print "link $fname -> $hash\n" if $verbose; +- symlink $fname, $hash || warn "Can't symlink, $!"; +- } else { +- print "copy $fname -> $hash\n" if $verbose; +- if (open($in, "<", $fname)) { +- if (open($out,">", $hash)) { +- print $out $_ while (<$in>); +- close $out; +- } else { +- warn "can't open $hash for write, $!"; +- } +- close $in; +- } else { +- warn "can't open $fname for read, $!"; +- } +- } +- $hashlist{$hash} = $fprint; ++ link_hash($_[0], 'cert'); + } + + # Same as above except for a CRL. CRL links are of the form <hash>.r<n> + + sub link_hash_crl { +- my $fname = $_[0]; +- my ($hash, $fprint) = compute_hash($openssl, "crl", $crlhash, +- "-fingerprint", "-noout", +- "-in", $fname); +- chomp $hash; +- chomp $fprint; +- return if !$hash; +- $fprint =~ s/^.*=//; +- $fprint =~ tr/://d; +- my $suffix = 0; +- # Search for an unused hash filename +- while(exists $hashlist{"$hash.r$suffix"}) { +- # Hash matches: if fingerprint matches its a duplicate cert +- if ($hashlist{"$hash.r$suffix"} eq $fprint) { +- print STDERR "WARNING: Skipping duplicate CRL $fname\n"; +- return; +- } +- $suffix++; +- } +- $hash .= ".r$suffix"; +- if ($symlink_exists) { +- print "link $fname -> $hash\n" if $verbose; +- symlink $fname, $hash || warn "Can't symlink, $!"; +- } else { +- print "cp $fname -> $hash\n" if $verbose; +- system ("cp", $fname, $hash); +- warn "Can't copy, $!" if ($? >> 8) != 0; +- } +- $hashlist{$hash} = $fprint; ++ link_hash($_[0], 'crl'); ++} ++ ++sub link_hash { ++ my ($fname, $type) = @_; ++ my $is_cert = $type eq 'cert'; ++ ++ my ($hash, $fprint) = compute_hash($openssl, ++ $is_cert ? "x509" : "crl", ++ $is_cert ? $x509hash : $crlhash, ++ "-fingerprint", "-noout", ++ "-in", $fname); ++ chomp $hash; ++ chomp $fprint; ++ return if !$hash; ++ $fprint =~ s/^.*=//; ++ $fprint =~ tr/://d; ++ my $suffix = 0; ++ # Search for an unused hash filename ++ my $crlmark = $is_cert ? "" : "r"; ++ while(exists $hashlist{"$hash.$crlmark$suffix"}) { ++ # Hash matches: if fingerprint matches its a duplicate cert ++ if ($hashlist{"$hash.$crlmark$suffix"} eq $fprint) { ++ my $what = $is_cert ? 'certificate' : 'CRL'; ++ print STDERR "WARNING: Skipping duplicate $what $fname\n"; ++ return; ++ } ++ $suffix++; ++ } ++ $hash .= ".$crlmark$suffix"; ++ if ($symlink_exists) { ++ print "link $fname -> $hash\n" if $verbose; ++ symlink $fname, $hash || warn "Can't symlink, $!"; ++ } else { ++ print "copy $fname -> $hash\n" if $verbose; ++ copy_file($fname, $hash); ++ } ++ $hashlist{$hash} = $fprint; + } +-- +2.25.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2097-openssl-Fix-AES-OCB-encryptdecrypt-for-x86-AES-NI.patch b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2097-openssl-Fix-AES-OCB-encryptdecrypt-for-x86-AES-NI.patch new file mode 100644 index 000000000..aa5bbb604 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl/CVE-2022-2097-openssl-Fix-AES-OCB-encryptdecrypt-for-x86-AES-NI.patch @@ -0,0 +1,73 @@ +From 919925673d6c9cfed3c1085497f5dfbbed5fc431 Mon Sep 17 00:00:00 2001 +From: Alex Chernyakhovsky <achernya@google.com> +Date: Thu, 16 Jun 2022 12:00:22 +1000 +Subject: [PATCH] Fix AES OCB encrypt/decrypt for x86 AES-NI +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +aesni_ocb_encrypt and aesni_ocb_decrypt operate by having a fast-path +that performs operations on 6 16-byte blocks concurrently (the +"grandloop") and then proceeds to handle the "short" tail (which can +be anywhere from 0 to 5 blocks) that remain. + +As part of initialization, the assembly initializes $len to the true +length, less 96 bytes and converts it to a pointer so that the $inp +can be compared to it. Each iteration of "grandloop" checks to see if +there's a full 96-byte chunk to process, and if so, continues. Once +this has been exhausted, it falls through to "short", which handles +the remaining zero to five blocks. + +Unfortunately, the jump at the end of "grandloop" had a fencepost +error, doing a `jb` ("jump below") rather than `jbe` (jump below or +equal). This should be `jbe`, as $inp is pointing to the *end* of the +chunk currently being handled. If $inp == $len, that means that +there's a whole 96-byte chunk waiting to be handled. If $inp > $len, +then there's 5 or fewer 16-byte blocks left to be handled, and the +fall-through is intended. + +The net effect of `jb` instead of `jbe` is that the last 16-byte block +of the last 96-byte chunk was completely omitted. The contents of +`out` in this position were never written to. Additionally, since +those bytes were never processed, the authentication tag generated is +also incorrect. + +The same fencepost error, and identical logic, exists in both +aesni_ocb_encrypt and aesni_ocb_decrypt. + +This addresses CVE-2022-2097. + +Co-authored-by: Alejandro Sedeño <asedeno@google.com> +Co-authored-by: David Benjamin <davidben@google.com> + +Reviewed-by: Paul Dale <pauli@openssl.org> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +--- + crypto/aes/asm/aesni-x86.pl | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl +index fe2b26542a..812758e02e 100644 +--- a/crypto/aes/asm/aesni-x86.pl ++++ b/crypto/aes/asm/aesni-x86.pl +@@ -2027,7 +2027,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out); + &movdqu (&QWP(-16*2,$out,$inp),$inout4); + &movdqu (&QWP(-16*1,$out,$inp),$inout5); + &cmp ($inp,$len); # done yet? +- &jb (&label("grandloop")); ++ &jbe (&label("grandloop")); + + &set_label("short"); + &add ($len,16*6); +@@ -2453,7 +2453,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out); + &pxor ($rndkey1,$inout5); + &movdqu (&QWP(-16*1,$out,$inp),$inout5); + &cmp ($inp,$len); # done yet? +- &jb (&label("grandloop")); ++ &jbe (&label("grandloop")); + + &set_label("short"); + &add ($len,16*6); +-- +2.25.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1l.bb index ac5c81998..dc2a8ccff 100644 --- a/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1l.bb +++ b/meta-openbmc-mods/meta-common/recipes-connectivity/openssl/openssl_1.1.1l.bb @@ -18,6 +18,9 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://afalg.patch \ file://reproducible.patch \ file://CVE-2022-0778.patch \ + file://CVE-2022-1292-Fix-openssl-c_rehash.patch \ + file://CVE-2022-2068-Fix-file-operations-in-c_rehash.patch \ + file://CVE-2022-2097-openssl-Fix-AES-OCB-encryptdecrypt-for-x86-AES-NI.patch \ " SRC_URI:append:class-nativesdk = " \ |