mirror of
https://git.yoctoproject.org/meta-arm
synced 2026-07-18 04:27:08 +00:00
Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 23b572c40e | |||
| c4fd56386e | |||
| 313a5da55a |
@@ -16,4 +16,3 @@ target:
|
||||
- arm-systemready-ir-acs
|
||||
- arm-systemready-linux-distros-debian
|
||||
- arm-systemready-linux-distros-opensuse
|
||||
- arm-systemready-linux-distros-fedora
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
header:
|
||||
version: 16
|
||||
includes:
|
||||
- kas/arm-systemready-firmware.yml
|
||||
- kas/arm-systemready-linux-distros-unattended-installation.yml
|
||||
|
||||
target:
|
||||
- arm-systemready-linux-distros-fedora
|
||||
@@ -1,39 +0,0 @@
|
||||
from oeqa.runtime.case import OERuntimeTestCase
|
||||
|
||||
|
||||
class SystemReadyFedoraUnattendedTest(OERuntimeTestCase):
|
||||
def setUp(self):
|
||||
super().setUp()
|
||||
self.console = self.target.DEFAULT_CONSOLE
|
||||
|
||||
def test_fedora_unattended(self):
|
||||
# Turn on the FVP.
|
||||
self.target.transition('on')
|
||||
|
||||
# Timeout value = elapsed time * 2; where elapsed time was collected
|
||||
# from the elapsed time in the log.do_testimage for each function after
|
||||
# the build is finished on the development machine.
|
||||
self.target.expect(self.console,
|
||||
' Booting `Install Fedora 39\'',
|
||||
timeout=(2 * 60))
|
||||
bb.plain('Installation status: Loading the installer, kernel and initrd...')
|
||||
|
||||
self.target.expect(self.console,
|
||||
'Setting up the installation environment',
|
||||
timeout=(2 * 60 * 60))
|
||||
bb.plain('Installation status: Setting up the installation environment...')
|
||||
|
||||
self.target.expect(self.console,
|
||||
'Installing the software',
|
||||
timeout=(30 * 60))
|
||||
bb.plain('Installation status: Installing the software packages...')
|
||||
|
||||
# Waiting to respond to the boot loader prompt error message.
|
||||
self.target.expect(self.console,
|
||||
'Please respond \'yes\' or \'no\': ',
|
||||
timeout=(16 * 60 * 60))
|
||||
self.target.sendline(self.console, 'yes')
|
||||
|
||||
# Waiting till the installation is finished.
|
||||
self.target.expect(self.console, r'.*login: ', timeout=(5 * 60 * 60))
|
||||
bb.plain('Installation status: Fedora installation finished successfully.')
|
||||
-119
@@ -1,119 +0,0 @@
|
||||
require arm-systemready-linux-distros.inc
|
||||
|
||||
# The Fedora project does not provide a license manifest for the distributed ISO images.
|
||||
# The following list only contains the SPDX license identifiers found on the rpm
|
||||
# packages from the ISO image and is not exhaustive.
|
||||
# For more information about Fedora licenses, including the non-free ones, refer to
|
||||
# https://docs.fedoraproject.org/en-US/legal/fedora-linux-license/.
|
||||
LICENSE = "GPL-1.0-only & GPL-1.0-or-later & GPL-2.0-only & GPL-2.0-or-later & GPL-2.0-with-font-exception \
|
||||
& GPL-2.0-with-GCC-exception & GPL-3.0-only & GPL-3.0-or-later & GPL-3-with-bison-exception \
|
||||
& LGPL-2.0-only & LGPL-2.0-or-later & LGPL-2.1-only & LGPL-2.1-or-later & LGPL-3.0-only & LGPL-3.0-or-later \
|
||||
& 0BSD & BSD-2-Clause & BSD-3-Clause & BSD-3-Clause-Modification & BSD-4-Clause & BSD-4-Clause-UC \
|
||||
& ClArtistic & Artistic-2.0 & Artistic-1.0-Perl & Apache-2.0 & Apache-2.0-with-LLVM-exception & Zlib \
|
||||
& zlib-acknowledgement & Sleepycat & MIT & MIT-open-group & MIT-Modern-Variant & Unlicense & ISC \
|
||||
& AFL-2.1 & AGPL-3.0-only & AGPL-3.0-or-later & FSFAP & MPL-1.1 & MPL-2.0 & CC-BY-3.0 & CC-BY-4.0 \
|
||||
& CC-BY-SA-4.0 & CC0-1.0 & NCSA & APSL-2.0 & IJG & psutils & Sendmail & blessing & NTP & BSL-1.0 \
|
||||
& GFDL-1.1-or-later & GFDL-1.2-or-later & GFDL-1.3 & GFDL-1.3-or-later & GFDL-1.3-no-invariants-or-later \
|
||||
& NPL-1.1 & libtiff & Vim & curl & EUPL-1.1 & OFL-1.1 & OFL-1.1-RFN & FTL & Info-ZIP & Interbase-1.0 \
|
||||
& Unicode-DFS-2016 & SISSL & LPPL-1.3a & SGI-B-2.0 & PSF-2.0 & X11 & OLDAP-2.8 & PostgreSQL & OPUBL-1.0"
|
||||
|
||||
LIC_FILES_CHKSUM = "\
|
||||
file://${COMMON_LICENSE_DIR}/GPL-1.0-only;md5=e9e36a9de734199567a4d769498f743d \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-1.0-or-later;md5=30c0b8a5048cc2f4be5ff15ef0d8cf61 \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6 \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-2.0-or-later;md5=fed54355545ffd980b814dab4a3b312c \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-2.0-with-font-exception;md5=bf93e21a513f6f923474e62fb920434d \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-2.0-with-GCC-exception;md5=14c42911132e8c9008911385aede6449 \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-3.0-only;md5=c79ff39f19dfec6d293b95dea7b07891 \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-3.0-or-later;md5=1c76c4cc354acaac30ed4d5eefea7245 \
|
||||
file://${COMMON_LICENSE_DIR}/GPL-3-with-bison-exception;md5=6e1bac3dc21fcc4fa049cf5c407eb7a2 \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-2.0-only;md5=9427b8ccf5cf3df47c29110424c9641a \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-2.0-or-later;md5=6d2d9952d88b50a51a5c73dc431d06c7 \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-2.1-only;md5=1a6d268fd218675ffea8be556788b780 \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-2.1-or-later;md5=2a4f4fd2128ea2f65047ee63fbca9f68 \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-3.0-only;md5=bfccfe952269fff2b407dd11f2f3083b \
|
||||
file://${COMMON_LICENSE_DIR}/LGPL-3.0-or-later;md5=c51d3eef3be114124d11349ca0d7e117 \
|
||||
file://${COMMON_LICENSE_DIR}/0BSD;md5=f667a3c3830a55a17ec3067709f4526c \
|
||||
file://${COMMON_LICENSE_DIR}/BSD-2-Clause;md5=cb641bc04cda31daea161b1bc15da69f \
|
||||
file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9 \
|
||||
file://${COMMON_LICENSE_DIR}/BSD-3-Clause-Modification;md5=27b46022df7bdef61a1e404fc3573f83 \
|
||||
file://${COMMON_LICENSE_DIR}/BSD-4-Clause;md5=624d9e67e8ac41a78f6b6c2c55a83a2b \
|
||||
file://${COMMON_LICENSE_DIR}/BSD-4-Clause-UC;md5=1da3cf8ad50cd8d5d1de3cfc53196d01 \
|
||||
file://${COMMON_LICENSE_DIR}/ClArtistic;md5=f633bbf0697ec33066b83adfa9ebe51d \
|
||||
file://${COMMON_LICENSE_DIR}/Artistic-2.0;md5=8bbc66f0ba93cec26ef526117e280266 \
|
||||
file://${COMMON_LICENSE_DIR}/Artistic-1.0-Perl;md5=8feedd169dbd5738981843bd7d931f9f \
|
||||
file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10 \
|
||||
file://${COMMON_LICENSE_DIR}/Apache-2.0-with-LLVM-exception;md5=0bcd48c3bdfef0c9d9fd17726e4b7dab \
|
||||
file://${COMMON_LICENSE_DIR}/Zlib;md5=87f239f408daca8a157858e192597633 \
|
||||
file://${COMMON_LICENSE_DIR}/zlib-acknowledgement;md5=c76c64e2cf99efcfb5e2b26aa86b12e6 \
|
||||
file://${COMMON_LICENSE_DIR}/Sleepycat;md5=1cbb64231c94198653282f3ccab88ffb \
|
||||
file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
|
||||
file://${COMMON_LICENSE_DIR}/MIT-open-group;md5=a7c50bba311e4b09d48a526eedcef837 \
|
||||
file://${COMMON_LICENSE_DIR}/MIT-Modern-Variant;md5=272dea2b67586002978254bc04648ab2 \
|
||||
file://${COMMON_LICENSE_DIR}/Unlicense;md5=7246f848faa4e9c9fc0ea91122d6e680 \
|
||||
file://${COMMON_LICENSE_DIR}/ISC;md5=f3b90e78ea0cffb20bf5cca7947a896d \
|
||||
file://${COMMON_LICENSE_DIR}/AFL-2.1;md5=e40039b90e182a056bcd9ad3e47ddd71 \
|
||||
file://${COMMON_LICENSE_DIR}/AGPL-3.0-only;md5=73f1eb20517c55bf9493b7dd6e480788 \
|
||||
file://${COMMON_LICENSE_DIR}/AGPL-3.0-or-later;md5=a4af3f9f0c0fc9de318e4df46665906e \
|
||||
file://${COMMON_LICENSE_DIR}/FSFAP;md5=232368338ef6dc99de71c2e05ff12176 \
|
||||
file://${COMMON_LICENSE_DIR}/MPL-1.1;md5=1d38e87ed8d522c49f04e1efe0fab3ab \
|
||||
file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad \
|
||||
file://${COMMON_LICENSE_DIR}/CC-BY-3.0;md5=dfa02b5755629022e267f10b9c0a2ab7 \
|
||||
file://${COMMON_LICENSE_DIR}/CC-BY-4.0;md5=9b33bbd06fb58995fb0e299cd38d1838 \
|
||||
file://${COMMON_LICENSE_DIR}/CC-BY-SA-4.0;md5=4084714af41157e38872e798eb3fe1b1 \
|
||||
file://${COMMON_LICENSE_DIR}/CC0-1.0;md5=0ceb3372c9595f0a8067e55da801e4a1 \
|
||||
file://${COMMON_LICENSE_DIR}/NCSA;md5=1b5fdec70ee13ad8a91667f16c1959d7 \
|
||||
file://${COMMON_LICENSE_DIR}/APSL-2.0;md5=f9e4701d9a216a87ba145bbe25f54c58 \
|
||||
file://${COMMON_LICENSE_DIR}/IJG;md5=d9fc5ebaa95c14466091d25e0d34e688 \
|
||||
file://${COMMON_LICENSE_DIR}/psutils;md5=29046009c1f269661e7b74196fb8f6a0 \
|
||||
file://${COMMON_LICENSE_DIR}/Sendmail;md5=8037c42e05a5d4bfce06a44729fb6f1a \
|
||||
file://${COMMON_LICENSE_DIR}/blessing;md5=d5407b61870d6dc19d0bdc04ae4cc654 \
|
||||
file://${COMMON_LICENSE_DIR}/NTP;md5=0926fd147301b2a65e45e21adb3a6f14 \
|
||||
file://${COMMON_LICENSE_DIR}/BSL-1.0;md5=65a7df9ad57aacf825fd252c4c33288c \
|
||||
file://${COMMON_LICENSE_DIR}/GFDL-1.1-or-later;md5=03322744a1a73f36ebf29f98cced39a4 \
|
||||
file://${COMMON_LICENSE_DIR}/GFDL-1.2-or-later;md5=9f58808219e9a42ff1228309d6f83dc6 \
|
||||
file://${COMMON_LICENSE_DIR}/GFDL-1.3;md5=1083add59b39991c748ea70a92166959 \
|
||||
file://${COMMON_LICENSE_DIR}/GFDL-1.3-or-later;md5=e0771ae6a62dc8a2e50b1d450fea66b7 \
|
||||
file://${COMMON_LICENSE_DIR}/GFDL-1.3-no-invariants-or-later;md5=e0771ae6a62dc8a2e50b1d450fea66b7 \
|
||||
file://${COMMON_LICENSE_DIR}/NPL-1.1;md5=f9c017c062c1b02462efb915d9f2cb63 \
|
||||
file://${COMMON_LICENSE_DIR}/libtiff;md5=b99383975855adc28712577c9cd56485 \
|
||||
file://${COMMON_LICENSE_DIR}/Vim;md5=676d28582e2dca824e7e309a9865eeb1 \
|
||||
file://${COMMON_LICENSE_DIR}/curl;md5=f7adb1397db248527ffed14d947e445c \
|
||||
file://${COMMON_LICENSE_DIR}/EUPL-1.1;md5=3f12b8134016fd7ba5a010afd690abaa \
|
||||
file://${COMMON_LICENSE_DIR}/OFL-1.1;md5=fac3a519e5e9eb96316656e0ca4f2b90 \
|
||||
file://${COMMON_LICENSE_DIR}/OFL-1.1-RFN;md5=2680fce30f17e5fed9bcebd9336e5b78 \
|
||||
file://${COMMON_LICENSE_DIR}/FTL;md5=f0bf6b09ee8b02121ed10709d9e49d8b \
|
||||
file://${COMMON_LICENSE_DIR}/Info-ZIP;md5=83a1c8ea099b3b58beb6e55dcbe4c15f \
|
||||
file://${COMMON_LICENSE_DIR}/Interbase-1.0;md5=f65304bc0e87e6700fe1e4ab5affdc6f \
|
||||
file://${COMMON_LICENSE_DIR}/Unicode-DFS-2016;md5=907371994d651afe53e98adc27824669 \
|
||||
file://${COMMON_LICENSE_DIR}/SISSL;md5=fded06bff75eb4a2899bd051e2e128f5 \
|
||||
file://${COMMON_LICENSE_DIR}/LPPL-1.3a;md5=8e2e8e1428b39cd78927c2ad28734ff7 \
|
||||
file://${COMMON_LICENSE_DIR}/SGI-B-2.0;md5=5f5dd7bd973dff1594131b1e9c7981f1 \
|
||||
file://${COMMON_LICENSE_DIR}/PSF-2.0;md5=76c1502273262a5ebefb50dfb20d7c4f \
|
||||
file://${COMMON_LICENSE_DIR}/X11;md5=87f08485cf6ba3c63a00eda8ecba7f1d \
|
||||
file://${COMMON_LICENSE_DIR}/OLDAP-2.8;md5=bb28ada4fbb5c3f52c233899b2e410a5 \
|
||||
file://${COMMON_LICENSE_DIR}/PostgreSQL;md5=a9c78964f52e27f4c01140a1a16da8e2 \
|
||||
file://${COMMON_LICENSE_DIR}/OPUBL-1.0;md5=99367d4750dbf0ae6cc74209ddd52f6d \
|
||||
"
|
||||
|
||||
ARM_SYSTEMREADY_LINUX_DISTRO_INSTALL_SIZE = "6144"
|
||||
|
||||
TEST_SUITES = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "arm_systemready_fedora_unattended", "", d)}"
|
||||
|
||||
ISO_LABEL = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "Fedora-S-dvd-aarch64-39", "", d)}"
|
||||
BOOT_CATALOG = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "boot.catalog", "", d)}"
|
||||
BOOT_IMAGE = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "EFI/BOOT/BOOTAA64.EFI", "", d)}"
|
||||
EFI_IMAGE = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "images/efiboot.img", "", d)}"
|
||||
|
||||
PV = "39.1.5"
|
||||
SRC_URI = "https://download.fedoraproject.org/pub/fedora/linux/releases/39/Server/aarch64/iso/Fedora-Server-dvd-aarch64-39-1.5.iso;unpack=0;downloadfilename=${ISO_IMAGE_NAME}.iso"
|
||||
SRC_URI[sha256sum] = "d19dc2a39758155fa53e6fd555d0d173ccc8175b55dea48002d499f39cb30ce0"
|
||||
|
||||
modifyiso() {
|
||||
UNATTENDED_CONF_DIR="${THISDIR}/unattended-boot-conf/Fedora"
|
||||
|
||||
cp "${UNATTENDED_CONF_DIR}/ks.cfg" ${EXTRACTED_ISO_TEMP_DIR}
|
||||
sed -i 's/set default="1"/set default="0"/g' "${EXTRACTED_ISO_TEMP_DIR}/EFI/BOOT/grub.cfg"
|
||||
sed -i 's/set timeout=60/set timeout=0/g' "${EXTRACTED_ISO_TEMP_DIR}/EFI/BOOT/grub.cfg"
|
||||
sed -i '0,/vmlinuz/s/vmlinuz/& inst.ks=hd:LABEL=Fedora-S-dvd-aarch64-39:\/ks.cfg/' "${EXTRACTED_ISO_TEMP_DIR}/EFI/BOOT/grub.cfg"
|
||||
}
|
||||
-39
@@ -1,39 +0,0 @@
|
||||
# Generated by Anaconda 39.32.6
|
||||
# Generated by pykickstart v3.48
|
||||
#version=DEVEL
|
||||
# Use text mode install
|
||||
text
|
||||
|
||||
# Keyboard layouts
|
||||
keyboard --vckeymap=us --xlayouts='us'
|
||||
# System language
|
||||
lang en_GB.UTF-8
|
||||
|
||||
# Use CDROM installation media
|
||||
cdrom
|
||||
|
||||
%packages --excludedocs --ignoremissing
|
||||
@core --nodefaults
|
||||
|
||||
%end
|
||||
|
||||
# Run the Setup Agent on first boot
|
||||
firstboot --enable
|
||||
# Do not configure the X Window System
|
||||
skipx
|
||||
|
||||
# System bootloader configuration
|
||||
bootloader --location=mbr --boot-drive=vda
|
||||
autopart
|
||||
# Partition clearing information
|
||||
clearpart --all --initlabel --drives=vda
|
||||
|
||||
# System timezone
|
||||
timezone Europe/London --utc
|
||||
|
||||
# Root password
|
||||
rootpw --lock
|
||||
user --groups=wheel --name=user --password=unsafe --gecos="usr1"
|
||||
|
||||
# Reboot after installation with an attempt to eject the installation media
|
||||
reboot --eject
|
||||
@@ -0,0 +1,51 @@
|
||||
From fcacaa1f80c601907299b8f9de8b57cc35cd5a68 Mon Sep 17 00:00:00 2001
|
||||
From: Etienne Carriere <etienne.carriere@st.com>
|
||||
Date: Wed, 21 Jan 2026 13:55:33 +0100
|
||||
Subject: [PATCH 1/3] ta: pkcs11: check output buffer size on get attribute
|
||||
value
|
||||
|
||||
Check client output buffer input size and update its output
|
||||
size on PKCS11_CMD_GET_ATTRIBUTE_VALUE command.
|
||||
|
||||
CVE: CVE-2026-33317
|
||||
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/commit/e031c4e562023fd9f199e39fd2e85797e4cbdca9]
|
||||
|
||||
Fixes: 783c1515c2f9 ("ta: pkcs11: Add support for getting object size and attribute value")
|
||||
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
|
||||
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
|
||||
---
|
||||
ta/pkcs11/src/object.c | 10 ++++++++++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
diff --git a/ta/pkcs11/src/object.c b/ta/pkcs11/src/object.c
|
||||
index c9a95e1b2..ba3be7a71 100644
|
||||
--- a/ta/pkcs11/src/object.c
|
||||
+++ b/ta/pkcs11/src/object.c
|
||||
@@ -800,6 +800,15 @@ enum pkcs11_rc entry_get_attribute_value(struct pkcs11_client *client,
|
||||
goto out;
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * We will update the template with relevant data, without resizing it.
|
||||
+ * Upon completion, it will be copied to client output buffer.
|
||||
+ */
|
||||
+ if (out->memref.size < sizeof(*template) + template->attrs_size) {
|
||||
+ rc = PKCS11_CKR_ARGUMENTS_BAD;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
/* Iterate over attributes and set their values */
|
||||
/*
|
||||
* 1. If the specified attribute (i.e., the attribute specified by the
|
||||
@@ -912,6 +921,7 @@ enum pkcs11_rc entry_get_attribute_value(struct pkcs11_client *client,
|
||||
rc = PKCS11_CKR_BUFFER_TOO_SMALL;
|
||||
|
||||
/* Move updated template to out buffer */
|
||||
+ out->memref.size = sizeof(*template) + template->attrs_size;
|
||||
TEE_MemMove(out->memref.buffer, template, out->memref.size);
|
||||
|
||||
DMSG("PKCS11 session %"PRIu32": get attributes %#"PRIx32,
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -0,0 +1,52 @@
|
||||
From 7e57efa90820489f123708f8ae5ee13706e8f4ce Mon Sep 17 00:00:00 2001
|
||||
From: Etienne Carriere <etienne.carriere@st.com>
|
||||
Date: Wed, 21 Jan 2026 13:58:09 +0100
|
||||
Subject: [PATCH 2/3] ta: pkcs11: check template consistency on get attribute
|
||||
value
|
||||
|
||||
Check client template holds consistent attribute area sizes
|
||||
value on PKCS11_CMD_GET_ATTRIBUTE_SIZE.
|
||||
|
||||
CVE: CVE-2026-33317
|
||||
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/commit/16926d5a46934c46e6656246b4fc18385a246900]
|
||||
|
||||
Fixes: 783c1515c2f9 ("ta: pkcs11: Add support for getting object size and attribute value")
|
||||
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
|
||||
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
|
||||
---
|
||||
ta/pkcs11/src/object.c | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ta/pkcs11/src/object.c b/ta/pkcs11/src/object.c
|
||||
index ba3be7a71..470eeb247 100644
|
||||
--- a/ta/pkcs11/src/object.c
|
||||
+++ b/ta/pkcs11/src/object.c
|
||||
@@ -840,12 +840,23 @@ enum pkcs11_rc entry_get_attribute_value(struct pkcs11_client *client,
|
||||
for (; cur < end; cur += len) {
|
||||
struct pkcs11_attribute_head *cli_ref = (void *)cur;
|
||||
struct pkcs11_attribute_head cli_head = { };
|
||||
+ uintptr_t cli_end = 0;
|
||||
void *data_ptr = NULL;
|
||||
|
||||
+ if ((char *)(cli_ref + 1) > end) {
|
||||
+ rc = PKCS11_CKR_ARGUMENTS_BAD;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
/* Make copy of header so that is aligned properly. */
|
||||
TEE_MemMove(&cli_head, cli_ref, sizeof(cli_head));
|
||||
|
||||
- len = sizeof(*cli_ref) + cli_head.size;
|
||||
+ if (ADD_OVERFLOW(sizeof(*cli_ref), cli_head.size, &len) ||
|
||||
+ ADD_OVERFLOW((uintptr_t)cur, len, &cli_end) ||
|
||||
+ (char *)cli_end > end) {
|
||||
+ rc = PKCS11_CKR_ARGUMENTS_BAD;
|
||||
+ goto out;
|
||||
+ }
|
||||
|
||||
/* Treat hidden attributes as missing attributes */
|
||||
if (attribute_is_hidden(&cli_head)) {
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -0,0 +1,46 @@
|
||||
From 75c1a999d6b51520234276b207ceefbd5e18ed02 Mon Sep 17 00:00:00 2001
|
||||
From: Etienne Carriere <etienne.carriere@st.com>
|
||||
Date: Wed, 21 Jan 2026 14:03:26 +0100
|
||||
Subject: [PATCH 3/3] ta: pkcs11: fix attribute output size if too small on get
|
||||
attribute value
|
||||
|
||||
Correct the size field output value for attributes fetched with
|
||||
PKCS11_CMD_GET_ATTRIBUTE_VALUE where a too short buffer was provided.
|
||||
As per the PKCS#11 specification, in such case, the related attributes
|
||||
size field should be filled with CK_UNAVAILABLE_INFORMATION and the
|
||||
function to return an non-true-error code like CKR_BUFFER_TOO_SMALL.
|
||||
The implementation complied for the return value but was loading the
|
||||
required attribute data value size instead in CK_UNAVAILABLE_INFORMATION
|
||||
in the attribute size field.
|
||||
|
||||
CVE: CVE-2026-33317
|
||||
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/commit/149e8d7ecc4ef8bb00ab4a37fd2ccede6d79e1ca]
|
||||
|
||||
Fixes: 783c1515c2f9 ("ta: pkcs11: Add support for getting object size and attribute value")
|
||||
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
|
||||
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
|
||||
---
|
||||
ta/pkcs11/src/object.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ta/pkcs11/src/object.c b/ta/pkcs11/src/object.c
|
||||
index 470eeb247..ed2ce2a95 100644
|
||||
--- a/ta/pkcs11/src/object.c
|
||||
+++ b/ta/pkcs11/src/object.c
|
||||
@@ -900,8 +900,11 @@ enum pkcs11_rc entry_get_attribute_value(struct pkcs11_client *client,
|
||||
attr_type_invalid = 1;
|
||||
break;
|
||||
case PKCS11_CKR_BUFFER_TOO_SMALL:
|
||||
- if (data_ptr)
|
||||
+ if (data_ptr) {
|
||||
+ cli_head.size =
|
||||
+ PKCS11_CK_UNAVAILABLE_INFORMATION;
|
||||
buffer_too_small = 1;
|
||||
+ }
|
||||
break;
|
||||
default:
|
||||
rc = PKCS11_CKR_GENERAL_ERROR;
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
From 2fdf0aa10bd23c0e4633efa087a27ff07f79015f Mon Sep 17 00:00:00 2001
|
||||
From: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
Date: Thu, 22 Jan 2026 14:19:36 +0100
|
||||
Subject: [PATCH] core: crypto_api: fix underflow in emsa_pkcs1_v1_5_encode()
|
||||
|
||||
Guard against an integer underflow in emsa_pkcs1_v1_5_encode() that can
|
||||
occur when calculating the padding field in the EMA-PKCS1-v1_5 encoding.
|
||||
|
||||
CVE: CVE-2026-33662
|
||||
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/commit/caeaa2ae551666068894005387cca4113b10873f]
|
||||
|
||||
Fixes: f5a70e3efb80 ("drivers: crypto: generic resources for crypto device driver - RSA")
|
||||
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>
|
||||
Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
|
||||
---
|
||||
core/drivers/crypto/crypto_api/acipher/rsassa.c | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/core/drivers/crypto/crypto_api/acipher/rsassa.c b/core/drivers/crypto/crypto_api/acipher/rsassa.c
|
||||
index 0f71b84cc..01f8d7dc9 100644
|
||||
--- a/core/drivers/crypto/crypto_api/acipher/rsassa.c
|
||||
+++ b/core/drivers/crypto/crypto_api/acipher/rsassa.c
|
||||
@@ -45,9 +45,10 @@ static TEE_Result emsa_pkcs1_v1_5_encode(struct drvcrypt_rsa_ssa *ssa_data,
|
||||
* Calculate the PS size
|
||||
* EM Size (modulus size) - 3 bytes - DigestInfo DER format size
|
||||
*/
|
||||
- ps_size = ssa_data->key.n_size - 3;
|
||||
- ps_size -= ssa_data->digest_size;
|
||||
- ps_size -= 10 + hash_oid->asn1_length;
|
||||
+ if (SUB_OVERFLOW(ssa_data->key.n_size, 3, &ps_size) ||
|
||||
+ SUB_OVERFLOW(ps_size, ssa_data->digest_size, &ps_size) ||
|
||||
+ SUB_OVERFLOW(ps_size, 10 + hash_oid->asn1_length, &ps_size))
|
||||
+ return TEE_ERROR_BAD_PARAMETERS;
|
||||
|
||||
CRYPTO_TRACE("PS size = %zu (n %zu)", ps_size, ssa_data->key.n_size);
|
||||
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -7,4 +7,8 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
|
||||
SRCREV = "18b424c23aa5a798dfe2e4d20b4bde3919dc4e99"
|
||||
SRC_URI += " \
|
||||
file://0003-optee-enable-clang-support.patch \
|
||||
file://CVE-2026-33317-1.patch \
|
||||
file://CVE-2026-33317-2.patch \
|
||||
file://CVE-2026-33317-3.patch \
|
||||
file://CVE-2026-33662.patch \
|
||||
"
|
||||
|
||||
Reference in New Issue
Block a user