From b41d37c85163accee78a4c83b02f26be7217d9f6 Mon Sep 17 00:00:00 2001 From: w00559322 Date: Mon, 27 Jun 2022 16:06:02 +0800 Subject: [PATCH] backport openssl CVE-2022-0778 and CVE-2022-1292, protobuf CVE-2021-22570 --- adapt-openssl-CVE.patch | 25 ++++++++++ backport-CVE-2021-22570.patch | 75 +++++++++++++++++++++++++++++ backport-CVE-2022-0778.patch | 72 ++++++++++++++++++++++++++++ backport-CVE-2022-0778_test.patch | 61 +++++++++++++++++++++++ backport-CVE-2022-1292.patch | 80 +++++++++++++++++++++++++++++++ linux-sgx.spec | 16 ++++++- 6 files changed, 328 insertions(+), 1 deletion(-) create mode 100644 adapt-openssl-CVE.patch create mode 100644 backport-CVE-2021-22570.patch create mode 100644 backport-CVE-2022-0778.patch create mode 100644 backport-CVE-2022-0778_test.patch create mode 100644 backport-CVE-2022-1292.patch diff --git a/adapt-openssl-CVE.patch b/adapt-openssl-CVE.patch new file mode 100644 index 0000000..bb87cfd --- /dev/null +++ b/adapt-openssl-CVE.patch @@ -0,0 +1,25 @@ +From d13f8cbc7ec066b04cbe13ef6bf14b2b085fbc35 Mon Sep 17 00:00:00 2001 +From: houmingyong +Date: Sun, 5 Jun 2022 14:44:37 +0800 +Subject: [PATCH] decompress openssl sourece before build + +--- + .../intel-sgx-ssl-lin_2.15.1_1.1.1l/Linux/build_openssl.sh | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/Linux/build_openssl.sh b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/Linux/build_openssl.sh +index 7d77b79..43745b8 100755 +--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/Linux/build_openssl.sh ++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/Linux/build_openssl.sh +@@ -54,8 +54,6 @@ mkdir -p $SGXSSL_ROOT/package/lib64/ + + # build openssl modules, clean previous openssl dir if it exist + cd $SGXSSL_ROOT/../openssl_source || exit 1 +-rm -rf $OPENSSL_VERSION +-tar xvf $OPENSSL_VERSION.tar.gz || exit 1 + + # Remove AESBS to support only AESNI and VPAES + sed -i '/BSAES_ASM/d' $OPENSSL_VERSION/Configure +-- +2.23.0 + diff --git a/backport-CVE-2021-22570.patch b/backport-CVE-2021-22570.patch new file mode 100644 index 0000000..835576e --- /dev/null +++ b/backport-CVE-2021-22570.patch @@ -0,0 +1,75 @@ +From 77fd494f2acfd6b08f888f342ca721e3f0809b52 Mon Sep 17 00:00:00 2001 +From: wangxiaochao +Date: Fri, 18 Mar 2022 14:46:35 +0800 +Subject: [PATCH] fix CVE-2021-22570 + +Conflict:NA +Reference:https://gitee.com/src-openeuler/protobuf/pulls/64/files + +Signed-off-by: wangxiaochao +--- + .../src/google/protobuf/descriptor.cc | 20 +++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/external/protobuf/protobuf_code/src/google/protobuf/descriptor.cc b/external/protobuf/protobuf_code/src/google/protobuf/descriptor.cc +index 8998e1b..e6f7ec2 100644 +--- a/external/protobuf/protobuf_code/src/google/protobuf/descriptor.cc ++++ b/external/protobuf/protobuf_code/src/google/protobuf/descriptor.cc +@@ -2626,6 +2626,8 @@ void Descriptor::DebugString(int depth, std::string* contents, + const Descriptor::ReservedRange* range = reserved_range(i); + if (range->end == range->start + 1) { + strings::SubstituteAndAppend(contents, "$0, ", range->start); ++ } else if (range->end > FieldDescriptor::kMaxNumber) { ++ strings::SubstituteAndAppend(contents, "$0 to max, ", range->start); + } else { + strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start, + range->end - 1); +@@ -2829,6 +2831,8 @@ void EnumDescriptor::DebugString( + const EnumDescriptor::ReservedRange* range = reserved_range(i); + if (range->end == range->start) { + strings::SubstituteAndAppend(contents, "$0, ", range->start); ++ } else if (range->end == INT_MAX) { ++ strings::SubstituteAndAppend(contents, "$0 to max, ", range->start); + } else { + strings::SubstituteAndAppend(contents, "$0 to $1, ", range->start, + range->end); +@@ -4019,6 +4023,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name, + // Use its file as the parent instead. + if (parent == nullptr) parent = file_; + ++ if (full_name.find('\0') != std::string::npos) { ++ AddError(full_name, proto, DescriptorPool::ErrorCollector::NAME, ++ "\"" + full_name + "\" contains null character."); ++ return false; ++ } + if (tables_->AddSymbol(full_name, symbol)) { + if (!file_tables_->AddAliasUnderParent(parent, name, symbol)) { + // This is only possible if there was already an error adding something of +@@ -4059,6 +4068,11 @@ bool DescriptorBuilder::AddSymbol(const std::string& full_name, + void DescriptorBuilder::AddPackage(const std::string& name, + const Message& proto, + const FileDescriptor* file) { ++ if (name.find('\0') != std::string::npos) { ++ AddError(name, proto, DescriptorPool::ErrorCollector::NAME, ++ "\"" + name + "\" contains null character."); ++ return; ++ } + if (tables_->AddSymbol(name, Symbol(file))) { + // Success. Also add parent package, if any. + std::string::size_type dot_pos = name.find_last_of('.'); +@@ -4372,6 +4386,12 @@ FileDescriptor* DescriptorBuilder::BuildFileImpl( + } + result->pool_ = pool_; + ++ if (result->name().find('\0') != std::string::npos) { ++ AddError(result->name(), proto, DescriptorPool::ErrorCollector::NAME, ++ "\"" + result->name() + "\" contains null character."); ++ return nullptr; ++ } ++ + // Add to tables. + if (!tables_->AddFile(result)) { + AddError(proto.name(), proto, DescriptorPool::ErrorCollector::OTHER, +-- +2.23.0 + diff --git a/backport-CVE-2022-0778.patch b/backport-CVE-2022-0778.patch new file mode 100644 index 0000000..53d9052 --- /dev/null +++ b/backport-CVE-2022-0778.patch @@ -0,0 +1,72 @@ +From 4382b4d9446c34d29b12dedf6b93f35215b9dd3b Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Mon, 28 Feb 2022 18:26:21 +0100 +Subject: [PATCH] Fix possible infinite loop in BN_mod_sqrt() + +The calculation in some cases does not finish for non-prime p. + +This fixes CVE-2022-0778. + +Based on patch by David Benjamin . + +Reviewed-by: Paul Dale +Reviewed-by: Matt Caswell + +Reference: https://github.com/openssl/openssl/commit/3118eb64934499d93db3230748a452351d1d9a65 +Conflict: NA +--- + .../openssl-1.1.1l/crypto/bn/bn_sqrt.c | 30 +++++++++++-------- + 1 file changed, 18 insertions(+), 12 deletions(-) + +diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/bn/bn_sqrt.c b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/bn/bn_sqrt.c +index 1723d5d..53b0f55 100644 +--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/bn/bn_sqrt.c ++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/bn/bn_sqrt.c +@@ -14,7 +14,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) + /* + * Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks + * algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number +- * Theory", algorithm 1.5.1). 'p' must be prime! ++ * Theory", algorithm 1.5.1). 'p' must be prime, otherwise an error or ++ * an incorrect "result" will be returned. + */ + { + BIGNUM *ret = in; +@@ -301,18 +302,23 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) + goto vrfy; + } + +- /* find smallest i such that b^(2^i) = 1 */ +- i = 1; +- if (!BN_mod_sqr(t, b, p, ctx)) +- goto end; +- while (!BN_is_one(t)) { +- i++; +- if (i == e) { +- BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); +- goto end; ++ /* Find the smallest i, 0 < i < e, such that b^(2^i) = 1. */ ++ for (i = 1; i < e; i++) { ++ if (i == 1) { ++ if (!BN_mod_sqr(t, b, p, ctx)) ++ goto end; ++ ++ } else { ++ if (!BN_mod_mul(t, t, t, p, ctx)) ++ goto end; + } +- if (!BN_mod_mul(t, t, t, p, ctx)) +- goto end; ++ if (BN_is_one(t)) ++ break; ++ } ++ /* If not found, a is not a square or p is not prime. */ ++ if (i >= e) { ++ BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE); ++ goto end; + } + + /* t := y^2^(e - i - 1) */ +-- +2.23.0 + diff --git a/backport-CVE-2022-0778_test.patch b/backport-CVE-2022-0778_test.patch new file mode 100644 index 0000000..b9a1c80 --- /dev/null +++ b/backport-CVE-2022-0778_test.patch @@ -0,0 +1,61 @@ +From 6ec7f406d2141b78508b5df91597a61de2ac38ed Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Mon, 28 Feb 2022 18:26:35 +0100 +Subject: [PATCH] Add a negative testcase for BN_mod_sqrt + +Reviewed-by: Paul Dale +Reviewed-by: Matt Caswell + +Reference: https://github.com/openssl/openssl/commit/3ef5c3034e5c545f34d6929568f3f2b10ac4bdf0 +Conflict: NA +--- + .../openssl_source/openssl-1.1.1l/test/bntest.c | 11 ++++++++++- + .../test/recipes/10-test_bn_data/bnmod.txt | 12 ++++++++++++ + 2 files changed, 22 insertions(+), 1 deletion(-) + +diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/bntest.c b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/bntest.c +index 236501e..08c60a2 100644 +--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/bntest.c ++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/bntest.c +@@ -1685,8 +1685,17 @@ static int file_modsqrt(STANZA *s) + || !TEST_ptr(ret2 = BN_new())) + goto err; + ++ if (BN_is_negative(mod_sqrt)) { ++ /* A negative testcase */ ++ if (!TEST_ptr_null(BN_mod_sqrt(ret, a, p, ctx))) ++ goto err; ++ ++ st = 1; ++ goto err; ++ } ++ + /* There are two possible answers. */ +- if (!TEST_true(BN_mod_sqrt(ret, a, p, ctx)) ++ if (!TEST_ptr(BN_mod_sqrt(ret, a, p, ctx)) + || !TEST_true(BN_sub(ret2, p, ret))) + goto err; + +diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/recipes/10-test_bn_data/bnmod.txt b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/recipes/10-test_bn_data/bnmod.txt +index 5ea4d03..e28cc6b 100644 +--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/recipes/10-test_bn_data/bnmod.txt ++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/test/recipes/10-test_bn_data/bnmod.txt +@@ -2799,3 +2799,15 @@ P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f + ModSqrt = a1d52989f12f204d3d2167d9b1e6c8a6174c0c786a979a5952383b7b8bd186 + A = 2eee37cf06228a387788188e650bc6d8a2ff402931443f69156a29155eca07dcb45f3aac238d92943c0c25c896098716baa433f25bd696a142f5a69d5d937e81 + P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f ++ ++# Negative testcases for BN_mod_sqrt() ++ ++# This one triggers an infinite loop with unfixed implementation ++# It should just fail. ++ModSqrt = -1 ++A = 20a7ee ++P = 460201 ++ ++ModSqrt = -1 ++A = 65bebdb00a96fc814ec44b81f98b59fba3c30203928fa5214c51e0a97091645280c947b005847f239758482b9bfc45b066fde340d1fe32fc9c1bf02e1b2d0ed ++P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f +-- +2.23.0 + diff --git a/backport-CVE-2022-1292.patch b/backport-CVE-2022-1292.patch new file mode 100644 index 0000000..08294e3 --- /dev/null +++ b/backport-CVE-2022-1292.patch @@ -0,0 +1,80 @@ +From 9b495e8d9028ca893019c5b176d913051ea925ac Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 26 Apr 2022 12:40:24 +0200 +Subject: [PATCH] c_rehash: Do not use shell to invoke openssl + +Except on VMS where it is safe. + +This fixes CVE-2022-1292. + +Reviewed-by: Matthias St. Pierre +Reviewed-by: Matt Caswell + +Reference:https://git.openssl.org/gitweb/?p=openssl.git;a=patch;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 +Conflict:NA + +--- + .../openssl-1.1.1l/tools/c_rehash.in | 29 ++++++++++++++++--- + 1 file changed, 25 insertions(+), 4 deletions(-) + +diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in +index fa7c6c9..83c1cc8 100644 +--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in ++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in +@@ -152,6 +152,23 @@ sub check_file { + return ($is_cert, $is_crl); + } + ++sub compute_hash { ++ my $fh; ++ if ( $^O eq "VMS" ) { ++ # VMS uses the open through shell ++ # The file names are safe there and list form is unsupported ++ if (!open($fh, "-|", join(' ', @_))) { ++ print STDERR "Cannot compute hash on '$fname'\n"; ++ return; ++ } ++ } else { ++ if (!open($fh, "-|", @_)) { ++ print STDERR "Cannot compute hash on '$fname'\n"; ++ return; ++ } ++ } ++ return (<$fh>, <$fh>); ++} + + # Link a certificate to its subject name hash value, each hash is of + # the form . where n is an integer. If the hash value already exists +@@ -161,10 +178,12 @@ sub check_file { + + sub link_hash_cert { + my $fname = $_[0]; +- $fname =~ s/\"/\\\"/g; +- my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`; ++ my ($hash, $fprint) = compute_hash($openssl, "x509", $x509hash, ++ "-fingerprint", "-noout", ++ "-in", $fname); + chomp $hash; + chomp $fprint; ++ return if !$hash; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; +@@ -202,10 +221,12 @@ sub link_hash_cert { + + sub link_hash_crl { + my $fname = $_[0]; +- $fname =~ s/'/'\\''/g; +- my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`; ++ my ($hash, $fprint) = compute_hash($openssl, "crl", $crlhash, ++ "-fingerprint", "-noout", ++ "-in", $fname); + chomp $hash; + chomp $fprint; ++ return if !$hash; + $fprint =~ s/^.*=//; + $fprint =~ tr/://d; + my $suffix = 0; +-- +2.23.0 + diff --git a/linux-sgx.spec b/linux-sgx.spec index d309e9e..2290a08 100644 --- a/linux-sgx.spec +++ b/linux-sgx.spec @@ -1,6 +1,6 @@ Name: linux-sgx Version: 2.15.1 -Release: 3 +Release: 4 Summary: Intel(R) Software Guard Extensions for Linux* OS ExclusiveArch: x86_64 License: BSD-3-Clause @@ -21,6 +21,11 @@ Source11: https://github.com/intel/intel-sgx-ssl/archive/refs/tags/intel-s Patch0: 0001-disable-the-download-process-in-building.patch Patch1: 0002-fix-building-error-for-systemd.patch Patch2: add-secure-compilation-options.patch +Patch3: backport-CVE-2021-22570.patch +Patch4: backport-CVE-2022-0778.patch +Patch5: backport-CVE-2022-0778_test.patch +Patch6: backport-CVE-2022-1292.patch +Patch7: adapt-openssl-CVE.patch BuildRequires: gcc-c++ protobuf-devel libtool ocaml-ocamlbuild openssl openssl-devel cmake python curl-devel createrepo_c git nasm @@ -261,11 +266,17 @@ Intel(R) Software Guard Extensions Basic Headers %%setup -q -D -a 7 -n linux-sgx-sgx_%{version}/external/protobuf %%setup -q -D -a 8 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteGeneration %%setup -q -D -a 11 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/ +%%setup -q -D -a 10 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source %%setup -q -D -a 9 -n linux-sgx-sgx_%{version} %%patch0 -p1 %%patch1 -p1 %%patch2 -p1 +%%patch3 -p1 +%%patch4 -p1 +%%patch5 -p1 +%%patch6 -p1 +%%patch7 -p1 %build @@ -1022,6 +1033,9 @@ fi %files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers %changelog +* Mon Jun 27 2022 wangyu - 2.15.1-4 +- backport openssl CVE-2022-0778 and CVE-2022-1292, protobuf CVE-2021-22570 + * Wed Jun 22 2022 zhengxiaoxiao - 2.15.1-3 - sgx-aesm-service exclude /var/opt/aesmd/data -- Gitee