tpm2-tss:update version to 3.2.2

backport-CVE-2023-22745.patch

@@ -1,139 +0,0 @@
-From 306490c8d848c367faa2d9df81f5e69dab46ffb5 Mon Sep 17 00:00:00 2001
-From: William Roberts <william.c.roberts@intel.com>
-Date: Thu, 19 Jan 2023 11:53:06 -0600
-Subject: [PATCH] tss2_rc: ensure layer number is in bounds
-
-The layer handler array was defined as 255, the max number of uint8,
-which is the size of the layer field, however valid values are 0-255
-allowing for 256 possibilities and thus the array was off by one and
-needed to be sized to 256 entries. Update the size and add tests.
-
-Note: previous implementations incorrectly dropped bits on unknown error
-output, ie TSS2_RC of 0xFFFFFF should yeild a string of 255:0xFFFFFF,
-but earlier implementations returned 255:0xFFFF, dropping the middle
-bits, this patch fixes that.
-
-Fixes: CVE-2023-22745
-
-Signed-off-by: William Roberts <william.c.roberts@intel.com>
----
- src/tss2-rc/tss2_rc.c    | 31 +++++++++++++++++++++----------
- test/unit/test_tss2_rc.c | 21 ++++++++++++++++++++-
- 2 files changed, 41 insertions(+), 11 deletions(-)
-
-diff --git a/src/tss2-rc/tss2_rc.c b/src/tss2-rc/tss2_rc.c
-index 15ced56..4e14659 100644
---- a/src/tss2-rc/tss2_rc.c
-+++ b/src/tss2-rc/tss2_rc.c
-@@ -1,5 +1,8 @@
- /* SPDX-License-Identifier: BSD-2-Clause */
--
-+#ifdef HAVE_CONFIG_H
-+#include "config.h"
-+#endif
-+#include <assert.h>
- #include <stdarg.h>
- #include <stdbool.h>
- #include <stdio.h>
-@@ -834,7 +837,7 @@ tss_err_handler (TSS2_RC rc)
- static struct {
-     char name[TSS2_ERR_LAYER_NAME_MAX];
-     TSS2_RC_HANDLER handler;
--} layer_handler[TPM2_ERROR_TSS2_RC_LAYER_COUNT] = {
-+} layer_handler[TPM2_ERROR_TSS2_RC_LAYER_COUNT + 1] = {
-     ADD_HANDLER("tpm" , tpm2_ehandler),
-     ADD_NULL_HANDLER,                       /* layer 1  is unused */
-     ADD_NULL_HANDLER,                       /* layer 2  is unused */
-@@ -869,7 +872,7 @@ unknown_layer_handler(TSS2_RC rc)
-     static __thread char buf[32];
- 
-     clearbuf(buf);
--    catbuf(buf, "0x%X", tpm2_error_get(rc));
-+    catbuf(buf, "0x%X", rc);
- 
-     return buf;
- }
-@@ -966,19 +969,27 @@ Tss2_RC_Decode(TSS2_RC rc)
-         catbuf(buf, "%u:", layer);
-     }
- 
--    handler = !handler ? unknown_layer_handler : handler;
--
-     /*
-      * Handlers only need the error bits. This way they don't
-      * need to concern themselves with masking off the layer
-      * bits or anything else.
-      */
--    UINT16 err_bits = tpm2_error_get(rc);
--    const char *e = err_bits ? handler(err_bits) : "success";
--    if (e) {
--        catbuf(buf, "%s", e);
-+    if (handler) {
-+        UINT16 err_bits = tpm2_error_get(rc);
-+        const char *e = err_bits ? handler(err_bits) : "success";
-+        if (e) {
-+            catbuf(buf, "%s", e);
-+        } else {
-+            catbuf(buf, "0x%X", err_bits);
-+        }
-     } else {
--        catbuf(buf, "0x%X", err_bits);
-+        /*
-+         * we don't want to drop any bits if we don't know what to do with it
-+         * so drop the layer byte since we we already have that.
-+         */
-+        const char *e = unknown_layer_handler(rc >> 8);
-+        assert(e);
-+        catbuf(buf, "%s", e);
-     }
- 
-     return buf;
-diff --git a/test/unit/test_tss2_rc.c b/test/unit/test_tss2_rc.c
-index f4249b7..6d8428b 100644
---- a/test/unit/test_tss2_rc.c
-+++ b/test/unit/test_tss2_rc.c
-@@ -199,7 +199,7 @@ test_custom_handler(void **state)
-      * Test an unknown layer
-      */
-     e = Tss2_RC_Decode(rc);
--    assert_string_equal(e, "1:0x2A");
-+    assert_string_equal(e, "1:0x100");
- }
- 
- static void
-@@ -282,6 +282,23 @@ test_tcti(void **state)
-     assert_string_equal(e, "tcti:Fails to connect to next lower layer");
- }
- 
-+static void
-+test_all_FFs(void **state)
-+{
-+    (void) state;
-+
-+    const char *e = Tss2_RC_Decode(0xFFFFFFFF);
-+    assert_string_equal(e, "255:0xFFFFFF");
-+}
-+
-+static void
-+test_all_FFs_set_handler(void **state)
-+{
-+    (void) state;
-+    Tss2_RC_SetHandler(0xFF, "garbage", custom_err_handler);
-+    Tss2_RC_SetHandler(0xFF, NULL, NULL);
-+}
-+
- /* link required symbol, but tpm2_tool.c declares it AND main, which
-  * we have a main below for cmocka tests.
-  */
-@@ -313,6 +330,8 @@ main(int argc, char* argv[])
-             cmocka_unit_test(test_esys),
-             cmocka_unit_test(test_mu),
-             cmocka_unit_test(test_tcti),
-+            cmocka_unit_test(test_all_FFs),
-+            cmocka_unit_test(test_all_FFs_set_handler)
-     };
- 
-     return cmocka_run_group_tests(tests, NULL, NULL);
--- 
-2.27.0
-

tpm2-tss.spec

@@ -1,13 +1,11 @@
 Name:          tpm2-tss
-Version:       3.2.1
-Release:       3
+Version:       3.2.2
+Release:       1
 Summary:       TPM2.0 Software Stack
 License:       BSD
 URL:           https://github.com/tpm2-software/tpm2-tss
 Source0:       https://github.com/tpm2-software/tpm2-tss/releases/download/%{version}/%{name}-%{version}.tar.gz
 
-Patch1: backport-CVE-2023-22745.patch
-
 BuildRequires: gcc-c++ autoconf-archive libtool pkgconfig systemd libgcrypt-devel openssl-devel doxygen json-c-devel libcurl-devel
 BuildRequires: curl >= 7.80.0 libcmocka-devel iproute uthash-devel swtpm
 
@@ -73,6 +71,12 @@ make check
 %{_mandir}/man*/*
 
 %changelog
+* Tue Jul 18 2023 jinlun <jinlun@huawei.com> - 3.2.2-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:update version to 3.2.2
+
 * Tue Mar 21 2023 jinlun <jinlun@huawei.com> - 3.2.1-3
 - Type:bugfix
 - ID:NA