From nobody Sat May 4 21:04:38 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1508267814557632.1074177158844; Tue, 17 Oct 2017 12:16:54 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id DB9FD202E5CD3; Tue, 17 Oct 2017 12:13:16 -0700 (PDT) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B1C7321F38849 for ; Tue, 17 Oct 2017 12:13:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 527D88E395; Tue, 17 Oct 2017 19:16:51 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id B93047C563; Tue, 17 Oct 2017 19:16:49 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 527D88E395 Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=lersek@redhat.com From: Laszlo Ersek To: edk2-devel-01 Date: Tue, 17 Oct 2017 21:16:46 +0200 Message-Id: <20171017191646.26065-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 17 Oct 2017 19:16:51 +0000 (UTC) Subject: [edk2] [PATCH] SecurityPkg/AuthVariableLib: fix GCC build error X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Long Qin , Gary Lin , Leif Lindholm , Chao Zhang , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Commit 53c6ff180327 ("SecurityPkg:AuthVariableLib:Implement ECR1707 for Private Auth Variable", 2017-09-12) introduced the following build failure under several GCC toolchain versions: > SecurityPkg/Library/AuthVariableLib/AuthService.c: In function > 'CalculatePrivAuthVarSignChainSHA256Digest': > SecurityPkg/Library/AuthVariableLib/AuthService.c:1567:58: error: > pointer targets in passing argument 3 of 'X509GetCommonName' differ in > signedness [-Werror=3Dpointer-sign] > Status =3D X509GetCommonName(SignerCert, SignerCertSize, CertCommonNam= e, &CertCommonNameSize); > ^~~~~~~~~~~~~~ > In file included from > SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h:34:0, > from > SecurityPkg/Library/AuthVariableLib/AuthService.c:32: > CryptoPkg/Include/Library/BaseCryptLib.h:2202:1: note: expected 'CHAR8 * > {aka char *}' but argument is of type 'UINT8 * {aka unsigned char *}' > X509GetCommonName ( > ^~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors Fix it by changing the type of "CertCommonName" to array-of-CHAR8. Locations where "CertCommonName" is used in the CalculatePrivAuthVarSignChainSHA256Digest() function: - it is taken the size of -- not impacted by this patch; - passed to X509GetCommonName() as an argument -- the patch fixes the build error; - passed to Sha256Update() as argument for "IN CONST VOID *Data" -- not impacted by the patch; - passed to AsciiStrLen() as argument -- drop the now-superfluous explicit cast. Since we are touching the Sha256Update() function call, fix the coding style too: - the line is overlong, so break each argument to its own line; - insert a space between "AsciiStrLen" and the opening paren "(". Cc: Ard Biesheuvel Cc: Chao Zhang Cc: Gary Lin Cc: Leif Lindholm Cc: Long Qin Reported-by: Gary Lin Suggested-by: Gary Lin Suggested-by: Long Qin Fixes: 53c6ff18032737fabb644a9e0c781d91a6830248 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek Reviewed-by: Ard Biesheuvel Reviewed-by: Leif Lindholm --- Notes: The GCC build has been broken for too long by now; I'll push the patch as soon as I get any Reviewed-by. SecurityPkg/Library/AuthVariableLib/AuthService.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c index 7188ff600823..2966811fa7ff 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -1554,7 +1554,7 @@ CalculatePrivAuthVarSignChainSHA256Digest( { UINT8 *TbsCert; UINTN TbsCertSize; - UINT8 CertCommonName[128]; + CHAR8 CertCommonName[128]; UINTN CertCommonNameSize; BOOLEAN CryptoStatus; EFI_STATUS Status; @@ -1590,7 +1590,11 @@ CalculatePrivAuthVarSignChainSHA256Digest( // // '\0' is forced in CertCommonName. No overflow issue // - CryptoStatus =3D Sha256Update (mHashCtx, CertCommonName, AsciiStrLen((CH= AR8 *)CertCommonName)); + CryptoStatus =3D Sha256Update ( + mHashCtx, + CertCommonName, + AsciiStrLen (CertCommonName) + ); if (!CryptoStatus) { return EFI_ABORTED; } --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel