main/jitterentropy-library: upgrade to 3.4.1

2026-05-05 20:36:40 +02:00 · 2023-04-27 02:59:22 +01:00 · 2023-04-27 02:59:22 +01:00 · 7a6fb314a8
commit 7a6fb314a8
parent 86b71c6481
5 changed files with 131 additions and 7 deletions
--- a/main/jitterentropy-library/01-disable-gcc-optimisation.patch
+++ b/main/jitterentropy-library/01-disable-gcc-optimisation.patch
@ -14,13 +14,13 @@ https://github.com/smuellerDD/jitterentropy-library/issues/55
 diff -aur a/Makefile b/Makefile
 --- a/Makefile
 +++ b/Makefile
-@@ -3,7 +3,8 @@
- CC ?= gcc
+@@ -4,7 +4,8 @@
 #Hardening
+ ENABLE_STACK_PROTECTOR ?= 1
 CFLAGS ?= -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -fPIE -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum
 -CFLAGS +=-Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
 +CFLAGS :=-Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion
 +CPPFLAGS :=
 LDFLAGS +=-Wl,-z,relro,-z,now -lpthread
 
- GCCVERSIONFORMAT := $(shell echo `$(CC) -dumpversion | sed 's/\./\n/g' | wc -l`)
+ # Enable internal timer support
--- a/main/jitterentropy-library/02-fix-s390x-stack-corruption.patch
+++ b/main/jitterentropy-library/02-fix-s390x-stack-corruption.patch
@ -0,0 +1,66 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+Output size of the STCKE command on s390x is 16 bytes, compared to 8
+bytes of the STCK command. This leads to a stack corruption in
+jent_get_nstime() on an s390x system.
+
+Upstream PR #95, already merged in master.
+
+---
+
+diff -aur a/jitterentropy-base-user.h b/jitterentropy-base-user.h
+--- a/jitterentropy-base-user.h
+++ b/jitterentropy-base-user.h
+@@ -129,13 +129,46 @@
+ 
+ static inline void jent_get_nstime(uint64_t *out)
+ {
+-	uint64_t clk;
+	/*
+	 * This is MVS+STCK code! Enable it with -S in the compiler.
+	 *
+	 * uint64_t clk;
+	 * __asm__ volatile("stck %0" : "=m" (clk) : : "cc");
+	 * *out = (uint64_t)(clk);
+	 */
+
+	/*
+	 * This is GCC+STCKE code. STCKE command and data format:
+	 * z/Architecture - Principles of Operation
+	 * http://publibz.boulder.ibm.com/epubs/pdf/dz9zr007.pdf
+	 *
+	 * The current value of bits 0-103 of the TOD clock is stored in bytes
+	 * 1-13 of the sixteen-byte output:
+	 *
+	 * bits 0-7: zeros (reserved for future extention)
+	 * bits 8-111: TOD Clock value
+	 * bits 112-127: Programmable Field
+	 *
+	 * Output bit 59 (TOD-Clock bit 51) effectively increments every
+	 * microsecond. Bits 60 to 111 of STCKE output are fractions of
+	 * a miscrosecond: bit 59 is 1.0us, bit 60 is .5us, bit 61 is .25us,
+	 * bit 62 is .125us, bit 63 is 62.5ns, etc.
+	 *
+	 * Some of these bits can be implemented, some not. 64 bits of
+	 * the TOD clock are implemented usually nowadays, these are
+	 * bits 8-71 of the output.
+	 *
+	 * The stepping value of TOD-clock bit position 63, if implemented,
+	 * is 2^-12 microseconds, or approximately 244 picoseconds. This value
+	 * is called a clock unit.
+	 */
+
+	uint8_t clk[16];
+ 
+-	/* this is MVS code! enable with -S in the compiler */
+-	/*__asm__ volatile("stck %0" : "=m" (clk) : : "cc"); */
+-	/* this is gcc */
+ 	asm volatile("stcke %0" : "=Q" (clk) : : "cc");
+-	*out = (uint64_t)(clk);
+
+	/* s390x is big-endian, so just perfom a byte-by-byte copy */
+	*out = *(uint64_t *)(clk + 1);
+ }
+ 
+ #elif defined(__powerpc)
--- a/main/jitterentropy-library/03-fix-dangling-pointer.patch
+++ b/main/jitterentropy-library/03-fix-dangling-pointer.patch
@ -0,0 +1,25 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+On a failure of jent_read_entropy() where the entropy collector will
+be reallocated, jent_entropy_collector_free() is used to release
+*ec, but *ec is not set to NULL. If a failure occurs in the
+following call to jent_entropy_collector_ex() then the function will
+return with a dangling pointer remaining in *ec. Set *ec to NULL
+after freeing to prevent this.
+
+Upstream PR #97, already merged in master.
+
+---
+
+diff -aur a/src/jitterentropy-base.c b/src/jitterentropy-base.c
+--- a/src/jitterentropy-base.c
+++ b/src/jitterentropy-base.c
+@@ -308,6 +308,7 @@
+ 			 * memory size
+ 			 */
+ 			jent_entropy_collector_free(*ec);
+			*ec = NULL;
+ 
+ 			/* Perform new health test with updated OSR */
+ 			if (jent_entropy_init_ex(osr, flags))
--- a/main/jitterentropy-library/04-fix-memory-leak.patch
+++ b/main/jitterentropy-library/04-fix-memory-leak.patch
@ -0,0 +1,27 @@
+From: Dermot Bradley <dermot_bradley@yahoo.com>
+Date: Mon, 10 Apr 2023 14:25 +0100
+
+In the error cleanup block of jent_entropy_collector_alloc_internal(),
+the hash_state should also be zeroed and freed.
+
+Conflicting flags of JENT_DISABLE_INTERNAL_TIMER and
+JENT_FORCE_INTERNAL_TIMER will cause a EHEALTH return from
+jent_notime_enable() and jump to the error cleanup block after
+hash_state has been allocated.
+
+Upstream PR #98, already merged in master.
+
+---
+
+diff -aur a/src/jitterentropy-base.c b/src/jitterentropy-base.c
+--- a/src/jitterentropy-base.c
+++ b/src/jitterentropy-base.c
+@@ -486,6 +486,8 @@
+ err:
+ 	if (entropy_collector->mem != NULL)
+ 		jent_zfree(entropy_collector->mem, memsize);
+	if (entropy_collector->hash_state != NULL)
+		sha3_dealloc(entropy_collector->hash_state);
+ 	jent_zfree(entropy_collector, sizeof(struct rand_data));
+ 	return NULL;
+ }
--- a/main/jitterentropy-library/APKBUILD
+++ b/main/jitterentropy-library/APKBUILD
@ -9,8 +9,8 @@ pkgname=jitterentropy-library
 # time and potentially upgrading jitterentropy-library alone could break
 # rng-tools' jitter functionality).
 #
-pkgver=3.3.1
-pkgrel=2
+pkgver=3.4.1
+pkgrel=0
 pkgdesc="Jitterentropy library"
 url="http://www.chronox.de/jent.html"
 arch="all"
@ -19,6 +19,9 @@ subpackages="$pkgname-dev $pkgname-doc"
 options="!check" # There are no testcases
 source="$pkgname-$pkgver.tar.gz::https://github.com/smuellerDD/jitterentropy-library/archive/v$pkgver.tar.gz
 	01-disable-gcc-optimisation.patch
+	02-fix-s390x-stack-corruption.patch
+	03-fix-dangling-pointer.patch
+	04-fix-memory-leak.patch
 	"

 build() {
@ -30,6 +33,9 @@ package() {
 }

 sha512sums="
-7dc17c377cf90d38057bbc135e00730a3f84bc66aeed83eca1ad1b0e1c2fb89c5346ec20bdf25d3ce27f1d21893d44e52c08e96175554c18dfa1934a8d4fd9f7  jitterentropy-library-3.3.1.tar.gz
-0a71265b503a1ce9758cb4e2bf8c806e1c427be80567fb530168e50e3aa324569edeba42dcb7dc3c7a147f1a0e360479b4af52cea2dd548b1096939f4f5b8aa6  01-disable-gcc-optimisation.patch
+c832b33c084a8c56fb9ee0c0f7397fa9206cbd6fcbea047495e543566fc0d9b5d8978c8668103203d87b5b70c0e177f9ef7cc614b3ce689b90fbb8b85e6fedbb  jitterentropy-library-3.4.1.tar.gz
+da19a711ca37081d05cefd46eff148dc6f44590b3b7375fbee9dd4bad453e2127256135d0f396ff614dc729fee2c80e0e567e19bb8829761cbd4a4c125341e4b  01-disable-gcc-optimisation.patch
+737848e0f2b43b81b2caf8f9600c616d6ad79a1c3a9bbc2346ae9e23f7dddf20ddb265caeb6be0e0bd70cc6e7d2eaf36aa457d2b45c86d9e8e2efa37ba9013b7  02-fix-s390x-stack-corruption.patch
+a3a4f0d66094c7d3139eef02437d17848fb5dcd338a84757f36eae71ba5c685cfe038d24cba990c2a940eccfcfdc6b3aaa780afa4ded33efe6f165d96df75c78  03-fix-dangling-pointer.patch
+1edd24b3deb171850dc06e25a579ca15db69ac28bb867c9210c8a600b4370afb82aa12511daddbe994d58997282dc8d486e538c5e7ceb5296a5387c88c1f120a  04-fix-memory-leak.patch
 "