!48 CVE 修复

From: @houmingyong 
Reviewed-by: @BornThisWay 
Signed-off-by: @BornThisWay

backport-CVE-2022-2068-Fix-file-operations-in-c_rehash.patch

@@ -0,0 +1,259 @@
+From 9639817dac8bbbaa64d09efad7464ccc405527c7 Mon Sep 17 00:00:00 2001
+From: Daniel Fiala <daniel@openssl.org>
+Date: Sun, 29 May 2022 20:11:24 +0200
+Subject: [PATCH] Fix file operations in c_rehash.
+
+CVE-2022-2068
+
+Reviewed-by: Matt Caswell <matt@openssl.org>
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+
+Reference: https://github.com/openssl/openssl/commit/9639817dac8bbbaa64d09efad7464ccc405527c7
+Conflict: NA
+---
+ external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in | 216 +++++++++++++++++++++++-----------------------
+ 1 file changed, 107 insertions(+), 109 deletions(-)
+
+diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in
+index cfd18f5da1..9d2a6f6db7 100644
+--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in
++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/tools/c_rehash.in
+@@ -104,52 +104,78 @@ foreach (@dirlist) {
+ }
+ exit($errorcount);
+ 
++sub copy_file {
++    my ($src_fname, $dst_fname) = @_;
++
++    if (open(my $in, "<", $src_fname)) {
++        if (open(my $out, ">", $dst_fname)) {
++            print $out $_ while (<$in>);
++            close $out;
++        } else {
++            warn "Cannot open $dst_fname for write, $!";
++        }
++        close $in;
++    } else {
++        warn "Cannot open $src_fname for read, $!";
++    }
++}
++
+ sub hash_dir {
+-	my %hashlist;
+-	print "Doing $_[0]\n";
+-	chdir $_[0];
+-	opendir(DIR, ".");
+-	my @flist = sort readdir(DIR);
+-	closedir DIR;
+-	if ( $removelinks ) {
+-		# Delete any existing symbolic links
+-		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
+-			if (-l $_) {
+-				print "unlink $_" if $verbose;
+-				unlink $_ || warn "Can't unlink $_, $!\n";
+-			}
+-		}
+-	}
+-	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
+-		# Check to see if certificates and/or CRLs present.
+-		my ($cert, $crl) = check_file($fname);
+-		if (!$cert && !$crl) {
+-			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+-			next;
+-		}
+-		link_hash_cert($fname) if ($cert);
+-		link_hash_crl($fname) if ($crl);
+-	}
++    my $dir = shift;
++    my %hashlist;
++
++    print "Doing $dir\n";
++
++    if (!chdir $dir) {
++        print STDERR "WARNING: Cannot chdir to '$dir', $!\n";
++        return;
++    }
++
++    opendir(DIR, ".") || print STDERR "WARNING: Cannot opendir '.', $!\n";
++    my @flist = sort readdir(DIR);
++    closedir DIR;
++    if ( $removelinks ) {
++        # Delete any existing symbolic links
++        foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
++            if (-l $_) {
++                print "unlink $_\n" if $verbose;
++                unlink $_ || warn "Can't unlink $_, $!\n";
++            }
++        }
++    }
++    FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
++        # Check to see if certificates and/or CRLs present.
++        my ($cert, $crl) = check_file($fname);
++        if (!$cert && !$crl) {
++            print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
++            next;
++        }
++        link_hash_cert($fname) if ($cert);
++        link_hash_crl($fname) if ($crl);
++    }
++
++    chdir $pwd;
+ }
+ 
+ sub check_file {
+-	my ($is_cert, $is_crl) = (0,0);
+-	my $fname = $_[0];
+-	open IN, $fname;
+-	while(<IN>) {
+-		if (/^-----BEGIN (.*)-----/) {
+-			my $hdr = $1;
+-			if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+-				$is_cert = 1;
+-				last if ($is_crl);
+-			} elsif ($hdr eq "X509 CRL") {
+-				$is_crl = 1;
+-				last if ($is_cert);
+-			}
+-		}
+-	}
+-	close IN;
+-	return ($is_cert, $is_crl);
++    my ($is_cert, $is_crl) = (0,0);
++    my $fname = $_[0];
++
++    open(my $in, "<", $fname);
++    while(<$in>) {
++        if (/^-----BEGIN (.*)-----/) {
++            my $hdr = $1;
++            if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
++                $is_cert = 1;
++                last if ($is_crl);
++            } elsif ($hdr eq "X509 CRL") {
++                $is_crl = 1;
++                last if ($is_cert);
++            }
++        }
++    }
++    close $in;
++    return ($is_cert, $is_crl);
+ }
+ 
+ sub compute_hash {
+@@ -177,76 +203,48 @@ sub compute_hash {
+ # certificate fingerprints
+ 
+ sub link_hash_cert {
+-		my $fname = $_[0];
+-		my ($hash, $fprint) = compute_hash($openssl, "x509", $x509hash,
+-						   "-fingerprint", "-noout",
+-						   "-in", $fname);
+-		chomp $hash;
+-		chomp $fprint;
+-		return if !$hash;
+-		$fprint =~ s/^.*=//;
+-		$fprint =~ tr/://d;
+-		my $suffix = 0;
+-		# Search for an unused hash filename
+-		while(exists $hashlist{"$hash.$suffix"}) {
+-			# Hash matches: if fingerprint matches its a duplicate cert
+-			if ($hashlist{"$hash.$suffix"} eq $fprint) {
+-				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
+-				return;
+-			}
+-			$suffix++;
+-		}
+-		$hash .= ".$suffix";
+-		if ($symlink_exists) {
+-			print "link $fname -> $hash\n" if $verbose;
+-			symlink $fname, $hash || warn "Can't symlink, $!";
+-		} else {
+-			print "copy $fname -> $hash\n" if $verbose;
+-                        if (open($in, "<", $fname)) {
+-                            if (open($out,">", $hash)) {
+-                                print $out $_ while (<$in>);
+-                                close $out;
+-                            } else {
+-                                warn "can't open $hash for write, $!";
+-                            }
+-                            close $in;
+-                        } else {
+-                            warn "can't open $fname for read, $!";
+-                        }
+-		}
+-		$hashlist{$hash} = $fprint;
++    link_hash($_[0], 'cert');
+ }
+ 
+ # Same as above except for a CRL. CRL links are of the form <hash>.r<n>
+ 
+ sub link_hash_crl {
+-		my $fname = $_[0];
+-		my ($hash, $fprint) = compute_hash($openssl, "crl", $crlhash,
+-						   "-fingerprint", "-noout",
+-						   "-in", $fname);
+-		chomp $hash;
+-		chomp $fprint;
+-		return if !$hash;
+-		$fprint =~ s/^.*=//;
+-		$fprint =~ tr/://d;
+-		my $suffix = 0;
+-		# Search for an unused hash filename
+-		while(exists $hashlist{"$hash.r$suffix"}) {
+-			# Hash matches: if fingerprint matches its a duplicate cert
+-			if ($hashlist{"$hash.r$suffix"} eq $fprint) {
+-				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
+-				return;
+-			}
+-			$suffix++;
+-		}
+-		$hash .= ".r$suffix";
+-		if ($symlink_exists) {
+-			print "link $fname -> $hash\n" if $verbose;
+-			symlink $fname, $hash || warn "Can't symlink, $!";
+-		} else {
+-			print "cp $fname -> $hash\n" if $verbose;
+-			system ("cp", $fname, $hash);
+-                        warn "Can't copy, $!" if ($? >> 8) != 0;
+-		}
+-		$hashlist{$hash} = $fprint;
++    link_hash($_[0], 'crl');
++}
++
++sub link_hash {
++    my ($fname, $type) = @_;
++    my $is_cert = $type eq 'cert';
++
++    my ($hash, $fprint) = compute_hash($openssl,
++                                       $is_cert ? "x509" : "crl",
++                                       $is_cert ? $x509hash : $crlhash,
++                                       "-fingerprint", "-noout",
++                                       "-in", $fname);
++    chomp $hash;
++    chomp $fprint;
++    return if !$hash;
++    $fprint =~ s/^.*=//;
++    $fprint =~ tr/://d;
++    my $suffix = 0;
++    # Search for an unused hash filename
++    my $crlmark = $is_cert ? "" : "r";
++    while(exists $hashlist{"$hash.$crlmark$suffix"}) {
++        # Hash matches: if fingerprint matches its a duplicate cert
++        if ($hashlist{"$hash.$crlmark$suffix"} eq $fprint) {
++            my $what = $is_cert ? 'certificate' : 'CRL';
++            print STDERR "WARNING: Skipping duplicate $what $fname\n";
++            return;
++        }
++        $suffix++;
++    }
++    $hash .= ".$crlmark$suffix";
++    if ($symlink_exists) {
++        print "link $fname -> $hash\n" if $verbose;
++        symlink $fname, $hash || warn "Can't symlink, $!";
++    } else {
++        print "copy $fname -> $hash\n" if $verbose;
++        copy_file($fname, $hash);
++    }
++    $hashlist{$hash} = $fprint;
+ }
+-- 
+2.23.0

backport-CVE-2022-2097-Fix-AES-OCB-encrypt-decrypt-for-x86-AES-NI.patch

@@ -0,0 +1,76 @@
+From 919925673d6c9cfed3c1085497f5dfbbed5fc431 Mon Sep 17 00:00:00 2001
+From: Alex Chernyakhovsky <achernya@google.com>
+Date: Thu, 16 Jun 2022 12:00:22 +1000
+Subject: [PATCH] Fix AES OCB encrypt/decrypt for x86 AES-NI
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+aesni_ocb_encrypt and aesni_ocb_decrypt operate by having a fast-path
+that performs operations on 6 16-byte blocks concurrently (the
+"grandloop") and then proceeds to handle the "short" tail (which can
+be anywhere from 0 to 5 blocks) that remain.
+
+As part of initialization, the assembly initializes $len to the true
+length, less 96 bytes and converts it to a pointer so that the $inp
+can be compared to it. Each iteration of "grandloop" checks to see if
+there's a full 96-byte chunk to process, and if so, continues. Once
+this has been exhausted, it falls through to "short", which handles
+the remaining zero to five blocks.
+
+Unfortunately, the jump at the end of "grandloop" had a fencepost
+error, doing a `jb` ("jump below") rather than `jbe` (jump below or
+equal). This should be `jbe`, as $inp is pointing to the *end* of the
+chunk currently being handled. If $inp == $len, that means that
+there's a whole 96-byte chunk waiting to be handled. If $inp > $len,
+then there's 5 or fewer 16-byte blocks left to be handled, and the
+fall-through is intended.
+
+The net effect of `jb` instead of `jbe` is that the last 16-byte block
+of the last 96-byte chunk was completely omitted. The contents of
+`out` in this position were never written to. Additionally, since
+those bytes were never processed, the authentication tag generated is
+also incorrect.
+
+The same fencepost error, and identical logic, exists in both
+aesni_ocb_encrypt and aesni_ocb_decrypt.
+
+This addresses CVE-2022-2097.
+
+Co-authored-by: Alejandro Sedeño <asedeno@google.com>
+Co-authored-by: David Benjamin <davidben@google.com>
+
+Reviewed-by: Paul Dale <pauli@openssl.org>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+
+Reference:https://github.com/openssl/openssl/commit/919925673d6c9cfed3c1085497f5dfbbed5fc431
+Conflict: NA
+---
+ external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/aes/asm/aesni-x86.pl | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/aes/asm/aesni-x86.pl b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/aes/asm/aesni-x86.pl
+index fe2b26542a..812758e02e 100644
+--- a/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/aes/asm/aesni-x86.pl
++++ b/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source/openssl-1.1.1l/crypto/aes/asm/aesni-x86.pl
+@@ -2027,7 +2027,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out);
+ 	&movdqu		(&QWP(-16*2,$out,$inp),$inout4);
+ 	&movdqu		(&QWP(-16*1,$out,$inp),$inout5);
+ 	&cmp		($inp,$len);			# done yet?
+-	&jb		(&label("grandloop"));
++	&jbe		(&label("grandloop"));
+ 
+ &set_label("short");
+ 	&add		($len,16*6);
+@@ -2453,7 +2453,7 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out);
+ 	&pxor		($rndkey1,$inout5);
+ 	&movdqu		(&QWP(-16*1,$out,$inp),$inout5);
+ 	&cmp		($inp,$len);			# done yet?
+-	&jb		(&label("grandloop"));
++	&jbe		(&label("grandloop"));
+ 
+ &set_label("short");
+ 	&add		($len,16*6);
+-- 
+2.27.0
+

linux-sgx.spec

@@ -1,6 +1,6 @@
 Name:           linux-sgx
 Version:        2.15.1
-Release:        4
+Release:        5
 Summary:        Intel(R) Software Guard Extensions for Linux* OS
 ExclusiveArch:	x86_64
 License:        BSD-3-Clause
@@ -26,6 +26,8 @@ Patch4:         backport-CVE-2022-0778.patch
 Patch5:         backport-CVE-2022-0778_test.patch
 Patch6:         backport-CVE-2022-1292.patch
 Patch7:         adapt-openssl-CVE.patch
+Patch8:         backport-CVE-2022-2068-Fix-file-operations-in-c_rehash.patch
+Patch9:         backport-CVE-2022-2097-Fix-AES-OCB-encrypt-decrypt-for-x86-AES-NI.patch
 
 BuildRequires:  gcc-c++ protobuf-devel libtool ocaml-ocamlbuild openssl openssl-devel cmake python curl-devel createrepo_c git nasm
 
@@ -277,6 +279,8 @@ Intel(R) Software Guard Extensions Basic Headers
 %%patch5 -p1
 %%patch6 -p1
 %%patch7 -p1
+%%patch8 -p1
+%%patch9 -p1
 
 %build
 
@@ -1033,6 +1037,9 @@ fi
 %files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
 
 %changelog
+* Sat Aug 27 2022 houmingyong<houmingyong@huawei.com> - 2.15.1-5
+- backport openssl CVE-2022-2068 and CVE-2022-2097
+
 * Mon Jun 27 2022 wangyu <wangyu283@huawei.com> - 2.15.1-4
 - backport openssl CVE-2022-0778 and CVE-2022-1292, protobuf CVE-2021-22570