From 03ab35df93b91f9fc416677f22ac8c36d1604ca4 Mon Sep 17 00:00:00 2001 From: Packit Service Date: Dec 09 2020 11:59:32 +0000 Subject: Prepare for a new update Reverting patches so we can apply the latest update and changes can be seen in the spec file and sources. --- diff --git a/configure b/configure index 7643af8..145be42 100755 --- a/configure +++ b/configure @@ -12294,9 +12294,6 @@ fi # before this can be enabled. hardcode_into_libs=yes - # Add ABI-specific directories to the system library path. - sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib" - # Ideally, we could use ldconfig to report *all* directores which are # searched for libraries, however this is still not possible. Aside from not # being certain /sbin/ldconfig is available, command @@ -12305,7 +12302,7 @@ fi # appending ld.so.conf contents (and includes) to the search path. if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra" + sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c index f86e8be..e346067 100644 --- a/lib/luks2/luks2_json_metadata.c +++ b/lib/luks2/luks2_json_metadata.c @@ -594,9 +594,9 @@ static bool validate_segment_intervals(struct crypt_device *cd, static int hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) { json_object *jobj_segments, *jobj_digests, *jobj_offset, *jobj_size, *jobj_type, *jobj_flags, *jobj; + struct interval *intervals; uint64_t offset, size; int i, r, count, first_backup = -1; - struct interval *intervals = NULL; if (!json_object_object_get_ex(hdr_jobj, "segments", &jobj_segments)) { log_dbg(cd, "Missing segments section."); @@ -676,18 +676,10 @@ static int hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) return 1; } - /* avoid needlessly large allocation when first backup segment is invalid */ - if (first_backup >= count) { - log_dbg(cd, "Gap between last regular segment and backup segment at key %d.", first_backup); - return 1; - } - if (first_backup < 0) first_backup = count; - if ((size_t)first_backup < SIZE_MAX / sizeof(*intervals)) - intervals = malloc(first_backup * sizeof(*intervals)); - + intervals = malloc(first_backup * sizeof(*intervals)); if (!intervals) { log_dbg(cd, "Not enough memory."); return 1; diff --git a/tests/Makefile.localtest b/tests/Makefile.localtest index da2183e..29a62f3 100644 --- a/tests/Makefile.localtest +++ b/tests/Makefile.localtest @@ -5,7 +5,7 @@ CPPFLAGS=-I../lib/ -I../lib/luks1 -DHAVE_DECL_DM_TASK_RETRY_REMOVE -DKERNEL_KEYRING -DHAVE_SYS_SYSMACROS_H -DNO_CRYPTSETUP_PATH CFLAGS=-O2 -g -Wall LDLIBS=-lcryptsetup -ldevmapper -TESTS=$(filter-out verity-compat-test, $(wildcard *-test *-test2)) api-test api-test-2 +TESTS=$(wildcard *-test *-test2) api-test api-test-2 differ: differ.o $(CC) -o $@ $^ diff --git a/tests/generators/generate-luks2-segment-wrong-backup-key-0.img.sh b/tests/generators/generate-luks2-segment-wrong-backup-key-0.img.sh deleted file mode 100755 index 2499a5e..0000000 --- a/tests/generators/generate-luks2-segment-wrong-backup-key-0.img.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -. lib.sh - -# -# *** Description *** -# -# generate primary header with wrong backup segment id -# -# secondary header is corrupted on purpose as well -# - -# $1 full target dir -# $2 full source luks2 image - -function prepare() -{ - cp $SRC_IMG $TGT_IMG - test -d $TMPDIR || mkdir $TMPDIR - read_luks2_json0 $TGT_IMG $TMPDIR/json0 - read_luks2_bin_hdr0 $TGT_IMG $TMPDIR/hdr0 - read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr1 -} - -function generate() -{ - # create illegal backup segment key (used to be bug in 32bit implementations) - json_str=$(jq -c '.segments[(.segments | length + 1 | tostring)] = { "type" : "linear", "offset" : "512", "size" : "512", "flags":["backup-x"]}' $TMPDIR/json0) - test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 - - write_luks2_json "$json_str" $TMPDIR/json0 - - merge_bin_hdr_with_json $TMPDIR/hdr0 $TMPDIR/json0 $TMPDIR/area0 - erase_checksum $TMPDIR/area0 - chks0=$(calc_sha256_checksum_file $TMPDIR/area0) - write_checksum $chks0 $TMPDIR/area0 - write_luks2_hdr0 $TMPDIR/area0 $TGT_IMG - kill_bin_hdr $TMPDIR/hdr1 - write_luks2_hdr1 $TMPDIR/hdr1 $TGT_IMG -} - -function check() -{ - read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr_res1 - local str_res1=$(head -c 6 $TMPDIR/hdr_res1) - test "$str_res1" = "VACUUM" || exit 2 - - read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 - jq -c 'if .segments | length < 2 - then error("Unexpected segments count") else empty end' $TMPDIR/json_res0 || exit 5 -} - -function cleanup() -{ - rm -f $TMPDIR/* - rm -fd $TMPDIR -} - -test $# -eq 2 || exit 1 - -TGT_IMG=$1/$(test_img_name $0) -SRC_IMG=$2 - -prepare -generate -check -cleanup diff --git a/tests/generators/generate-luks2-segment-wrong-backup-key-1.img.sh b/tests/generators/generate-luks2-segment-wrong-backup-key-1.img.sh deleted file mode 100755 index 702fe71..0000000 --- a/tests/generators/generate-luks2-segment-wrong-backup-key-1.img.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -. lib.sh - -# -# *** Description *** -# -# generate primary header with wrong backup segment id -# -# secondary header is corrupted on purpose as well -# - -# $1 full target dir -# $2 full source luks2 image - -function prepare() -{ - cp $SRC_IMG $TGT_IMG - test -d $TMPDIR || mkdir $TMPDIR - read_luks2_json0 $TGT_IMG $TMPDIR/json0 - read_luks2_bin_hdr0 $TGT_IMG $TMPDIR/hdr0 - read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr1 -} - -function generate() -{ - # create illegal backup segment key (used to be bug in 32bit implementations) - json_str=$(jq -c '(.segments."0".offset | tonumber) as $i | .segments[range(1;65) | tostring] = { "type" : "linear", "offset" : ($i + 512 | tostring), "size" : "512" } | .segments."268435472" = { "type":"linear","offset":"512","size":"512","flags":["backup-x"]}' $TMPDIR/json0) - test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 - - write_luks2_json "$json_str" $TMPDIR/json0 - - merge_bin_hdr_with_json $TMPDIR/hdr0 $TMPDIR/json0 $TMPDIR/area0 - erase_checksum $TMPDIR/area0 - chks0=$(calc_sha256_checksum_file $TMPDIR/area0) - write_checksum $chks0 $TMPDIR/area0 - write_luks2_hdr0 $TMPDIR/area0 $TGT_IMG - kill_bin_hdr $TMPDIR/hdr1 - write_luks2_hdr1 $TMPDIR/hdr1 $TGT_IMG -} - -function check() -{ - read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr_res1 - local str_res1=$(head -c 6 $TMPDIR/hdr_res1) - test "$str_res1" = "VACUUM" || exit 2 - - read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 - jq -c 'if .segments | length < 64 - then error("Unexpected segments count") else empty end' $TMPDIR/json_res0 || exit 5 -} - -function cleanup() -{ - rm -f $TMPDIR/* - rm -fd $TMPDIR -} - -test $# -eq 2 || exit 1 - -TGT_IMG=$1/$(test_img_name $0) -SRC_IMG=$2 - -prepare -generate -check -cleanup diff --git a/tests/luks2-validation-test b/tests/luks2-validation-test index 04183fb..52945ba 100755 --- a/tests/luks2-validation-test +++ b/tests/luks2-validation-test @@ -199,8 +199,6 @@ RUN luks2-segment-unknown-type.img "R" "Validation rejected segment with all m RUN luks2-segment-two.img "R" "Validation rejected two valid segments" RUN luks2-segment-wrong-flags.img "F" "Failed to detect invalid flags field" RUN luks2-segment-wrong-flags-element.img "F" "Failed to detect invalid flags content" -RUN luks2-segment-wrong-backup-key-0.img "F" "Failed to detect gap in backup segments" -RUN luks2-segment-wrong-backup-key-1.img "F" "Failed to detect gap in backup segments" echo "[6] Test metadata size and keyslots size (config section)" RUN luks2-invalid-keyslots-size-c0.img "F" "Failed to detect too large keyslots_size in config section"