fix broken RDRAND causes infinite looping

backport-Detect-broken-RDRAND-during-initialization.patch

@@ -0,0 +1,70 @@
+From 4d36b0287d3ab0912ba8a4790340ca099960b2b0 Mon Sep 17 00:00:00 2001
+From: Tudor Brindus <me@tbrindus.ca>
+Date: Fri, 1 May 2020 21:09:22 -0400
+Subject: [PATCH] Detect broken RDRAND during initialization
+
+Some CPUs advertise RDRAND in CPUID, but return 0xFFFFFFFF
+unconditionally. To avoid locking up later, test RDRAND during
+initialization, and if it returns 0xFFFFFFFF, mark it as nonexistent.
+
+Fixes #588.
+
+Conflict:NA
+Reference:https://github.com/json-c/json-c/commit/4d36b0287d3ab0912ba8a4790340ca099960b2b0
+---
+ random_seed.c | 37 +++++++++++++++++++++++++++++++++----
+ 1 file changed, 33 insertions(+), 4 deletions(-)
+
+diff --git a/random_seed.c b/random_seed.c
+index 97d9547..b97dbd1 100644
+--- a/random_seed.c
++++ b/random_seed.c
+@@ -53,12 +53,41 @@ static void do_cpuid(int regs[], int h)
+ 
+ #if HAS_X86_CPUID
+ 
++static int get_rdrand_seed(void);
++
++// Valid values are -1 (haven't tested), 0 (no), and 1 (yes).
++static int _has_rdrand = -1;
++
+ static int has_rdrand(void)
+ {
+-    // CPUID.01H:ECX.RDRAND[bit 30] == 1
+-    int regs[4];
+-    do_cpuid(regs, 1);
+-    return (regs[2] & (1 << 30)) != 0;
++	if (_has_rdrand == -1)
++	{
++		// CPUID.01H:ECX.RDRAND[bit 30] == 1
++		int regs[4];
++		do_cpuid(regs, 1);
++		if (!(regs[2] & (1 << 30)))
++		{
++			_has_rdrand = 0;
++		} else
++		{
++			// Some CPUs advertise RDRAND in CPUID, but return 0xFFFFFFFF
++			// unconditionally. To avoid locking up later, test RDRAND here. If over
++			// 10 trials RDRAND has returned the same value, declare it broken.
++			_has_rdrand = 0;
++			int prev = get_rdrand_seed();
++			for (int i = 0; i < 10; i++) {
++				int temp = get_rdrand_seed();
++				if (temp != prev) {
++					_has_rdrand = 1;
++					break;
++				}
++
++				prev = temp;
++			}
++		}
++	}
++
++	return _has_rdrand;
+ }
+ 
+ #endif
+-- 
+2.27.0
+

backport-drop-the-rdrand-test-loops.patch

@@ -0,0 +1,118 @@
+From 80863140263be5f2dc630938ed8f0066f8a1ab43 Mon Sep 17 00:00:00 2001
+From: Eric Haszlakiewicz <erh+git@nimenees.com>
+Date: Mon, 4 May 2020 01:29:02 +0000
+Subject: [PATCH] Issue #589: drop the rdrand test loops to just 3, tweak
+ comments and add some links to bug reports, and decrease the nesting level of
+ the has_rdrand() function.
+
+Conflict:NA
+Reference:https://github.com/json-c/json-c/commit/80863140263be5f2dc630938ed8f0066f8a1ab43
+---
+ random_seed.c | 63 +++++++++++++++++++++++++++++++--------------------
+ 1 file changed, 38 insertions(+), 25 deletions(-)
+
+diff --git a/random_seed.c b/random_seed.c
+index b97dbd1..8bbc467 100644
+--- a/random_seed.c
++++ b/random_seed.c
+@@ -55,36 +55,45 @@ static void do_cpuid(int regs[], int h)
+ 
+ static int get_rdrand_seed(void);
+ 
+-// Valid values are -1 (haven't tested), 0 (no), and 1 (yes).
++/* Valid values are -1 (haven't tested), 0 (no), and 1 (yes). */
+ static int _has_rdrand = -1;
+ 
+ static int has_rdrand(void)
+ {
+-	if (_has_rdrand == -1)
++	if (_has_rdrand != -1)
+ 	{
+-		// CPUID.01H:ECX.RDRAND[bit 30] == 1
+-		int regs[4];
+-		do_cpuid(regs, 1);
+-		if (!(regs[2] & (1 << 30)))
+-		{
+-			_has_rdrand = 0;
+-		} else
++		return _has_rdrand;
++	}
++
++	/* CPUID.01H:ECX.RDRAND[bit 30] == 1 */
++	int regs[4];
++	do_cpuid(regs, 1);
++	if (!(regs[2] & (1 << 30)))
++	{
++		_has_rdrand = 0;
++		return 0;
++	}
++
++	/*
++	 * Some CPUs advertise RDRAND in CPUID, but return 0xFFFFFFFF
++	 * unconditionally. To avoid locking up later, test RDRAND here. If over
++	 * 3 trials RDRAND has returned the same value, declare it broken.
++	 * Example CPUs are AMD Ryzen 3000 series
++	 * and much older AMD APUs, such as the E1-1500
++	 * https://github.com/systemd/systemd/issues/11810
++	 * https://linuxreviews.org/RDRAND_stops_returning_random_values_on_older_AMD_CPUs_after_suspend
++	 */
++	_has_rdrand = 0;
++	int prev = get_rdrand_seed();
++	for (int i = 0; i < 3; i++)
++	{
++		int temp = get_rdrand_seed();
++		if (temp != prev)
+ 		{
+-			// Some CPUs advertise RDRAND in CPUID, but return 0xFFFFFFFF
+-			// unconditionally. To avoid locking up later, test RDRAND here. If over
+-			// 10 trials RDRAND has returned the same value, declare it broken.
+-			_has_rdrand = 0;
+-			int prev = get_rdrand_seed();
+-			for (int i = 0; i < 10; i++) {
+-				int temp = get_rdrand_seed();
+-				if (temp != prev) {
+-					_has_rdrand = 1;
+-					break;
+-				}
+-
+-				prev = temp;
+-			}
++			_has_rdrand = 1;
++			break;
+ 		}
++		prev = temp;
+ 	}
+ 
+ 	return _has_rdrand;
+@@ -102,7 +111,7 @@ static int get_rdrand_seed(void)
+ {
+     DEBUG_SEED("get_rdrand_seed");
+     int _eax;
+-    // rdrand eax
++    /* rdrand eax */
+     __asm__ __volatile__("1: .byte 0x0F\n"
+                          "   .byte 0xC7\n"
+                          "   .byte 0xF0\n"
+@@ -138,7 +147,7 @@ static int get_rdrand_seed(void)
+ 	DEBUG_SEED("get_rdrand_seed");
+ 	int _eax;
+ retry:
+-	// rdrand eax
++	/* rdrand eax */
+ 	__asm _emit 0x0F __asm _emit 0xC7 __asm _emit 0xF0
+ 	__asm jnc retry
+ 	__asm mov _eax, eax
+@@ -208,6 +217,10 @@ static int get_dev_random_seed(void)
+ #define HAVE_CRYPTGENRANDOM 1
+ 
+ #include <windows.h>
++
++/* Caution: these blank lines must remain so clang-format doesn't reorder
++   includes to put windows.h after wincrypt.h */
++
+ #include <wincrypt.h>
+ #ifndef __GNUC__
+ #pragma comment(lib, "advapi32.lib")
+-- 
+2.27.0
+

json-c.spec

@@ -6,7 +6,7 @@
 
 Name:           json-c
 Version:        0.13.1
-Release:        8
+Release:        9
 Summary:        JSON implementation in C
 
 License:        MIT
@@ -14,9 +14,9 @@ URL:            https://github.com/%{name}/%{name}
 Source0:        %{url}/archive/%{name}-%{version}-%{reldate}.tar.gz
 
 # Cherry-picked from upstream.
-Patch0:         %{url}/commit/da4b34355da023c439e96bc6ca31886cd69d6bdb.patch#/%{name}-0.13.1-parse_test_UTF8_BOM.patch
-Patch1:         %{url}/commit/f8c632f579c71012f9aca81543b880a579f634fc.patch#/%{name}-0.13.1-fix_incorrect_casts_in_calls_to_ctype_functions.patch
-Patch2:         %{url}/commit/8bd62177e796386fb6382db101c90b57b6138afe.patch#/%{name}-0.13.1-fix_typos.patch
+Patch0:		json-c-0.13.1-parse_test_UTF8_BOM.patch
+Patch1:		json-c-0.13.1-fix_incorrect_casts_in_calls_to_ctype_functions.patch
+Patch2:		json-c-0.13.1-fix_typos.patch
 
 Patch6000:      0012-json_object_private-Use-unsigned-32-bit-integer-type.patch
 Patch6001:      0040-Fixed-misalignment-in-JSON-string-due-to-space-after.patch
@@ -27,6 +27,8 @@ Patch6004:      0002-Issue-486-append-a-missing-.0-to-negative-double-val.patch
 Patch9000:      bugfix-json-c-support_aarch64.patch
 Patch6005:	json-c-bugfix-against-INT64_MAX.patch
 Patch6006:	CVE-2020-12762.patch
+Patch6007:	backport-Detect-broken-RDRAND-during-initialization.patch
+Patch6008:	backport-drop-the-rdrand-test-loops.patch
 BuildRequires:  libtool
 
 %description
@@ -110,7 +112,10 @@ end
 %doc %{_pkgdocdir}
 
 %changelog
-* Mon Jul 21 2020 wangye <wangye70@huawei.com> - 0.13.1-8
+* Thu Sep 9 2021 liuyumeng <liuyumeng5@huawei.com> - 0.13.1-9
+- fix broken RDRAND causes infinite looping
+
+* Tue Jul 21 2020 wangye <wangye70@huawei.com> - 0.13.1-8
 - fix hardlink path
 
 * Fri May 22 2020 ruanweidong <ruanweidong1@huawei.com> - 0.13.1-7