[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] subdom: Fix -Werror=address failure in tmp_emulator

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 4 Aug 2023 09:23:43 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+o42d1VH0SFcRv35iYgNrFh//GjvXBLjsTkyv2Bq2aM=; b=OogiZfXETcJnCIsxs5eyFBoRCJsibeLyY1/x91iybgu99sz2GbK4XYhmadOjre1Goj6tPkTy1xy6qg121QqCMjUPOYztY1xut7uVCCVY10PLvCs8rWMvJIXhmEaTj4dP/B8vNqunS/Eo940yegOafbEaleHhY4axs/78aVi/6MDSErgKr0uWPcIRFSEO6mJit4VgNvDjx/GBN9P6mlEuLkdN7ELSql872lw3rBzy235NVbhTnMF33uckCO0BVolB7Z3iTnywtAxZ679jIHNU/FU/OaBQtTXN+e1t/Uylt4U3ldg2C/Dl/voSDUhTKHIMlUuvrh6p69E0vXxT5S4HVw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=apSjc5Ei0lOGj6XJyieqPtzjCcAsf5T5VIY9SiR80XtRQ/mMYZEpEKzZh3Rz8/Fz6SBcDus8OgPaP3QH3mu9YMRyfDIclxdVDevTq1CBy2LWVbhZG6XiGWXXub3Z6gbSlJ2wFlVFTboAyAM1gYGMP0xt7gLE8qxHrT9kzYjnUth/Xs/i9ix8uIpdXHtXz7ResOBuhV1+Qqwt2AYB/hFd3AzRzT+WRW8/hG9XXrYPis/CZJAMWSsZwKdqxOXF87yCvc2m7SwEpFycFhjVAMToxn1IphMYLAlIHQNDNCnCuNRFiJhFPkOX9de/ceehWwXLT3IKEa66hU2qHbOI7AAqUg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Jason Andryuk <jandryuk@xxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 04 Aug 2023 07:24:02 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 03.08.2023 22:36, Andrew Cooper wrote:
> The opensuse-tumbleweed build jobs currently fail with:
> 
>   /builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c: In 
> function 'rsa_private':
>   /builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c:56:7: 
> error: the comparison will always evaluate as 'true' for the address of 'p' 
> will never be NULL [-Werror=address]
>      56 |   if (!key->p || !key->q || !key->u) {
>         |       ^
>   In file included from 
> /builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c:17:
>   /builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.h:28:12: 
> note: 'p' declared here
>      28 |   tpm_bn_t p;
>         |            ^
> 
> This is because all tpm_bn_t's are 1-element arrays (of either a GMP or
> OpenSSL BIGNUM flavour).  The author was probably meaning to do value checks,
> but that's not what the code does.

Looking at the code, I'm not sure about this. There could as well have been
the intention to allow pointers there, then permitting them to be left at
NULL. Who knows where that code came from originally.

> Adjust it to compile.  No functional change.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> CC: Wei Liu <wl@xxxxxxx>
> CC: Julien Grall <julien@xxxxxxx>
> CC: Juergen Gross <jgross@xxxxxxxx>
> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
> CC: Jason Andryuk <jandryuk@xxxxxxxxx>
> CC: Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
> CC: Christopher Clark <christopher.w.clark@xxxxxxxxx>
> 
> While I've confirmed this to fix the build issue:
> 
>   https://gitlab.com/xen-project/people/andyhhp/xen/-/pipelines/955160430
> 
> I'm -1 overall to the change, and would prefer to disable vtpm-stubdom
> entirely.
> 
> It's TPM 1.2 only, using decades-old libs, and some stuff in the upstream
> https://github.com/PeterHuewe/tpm-emulator (which is still abandaonded as of
> 2018) is just as concerning as the basic error here in rsa_private().
> 
> vtpm-stubdom isn't credibly component of a Xen system, and we're wasting loads
> of CI cycles testing it...

Question is whether people might be using it, and I'm afraid that's a
question we can't answer. Would it be an alternative to disable vtpm in
this container's stubdom configure invocation? Obviously as other
containers have their compilers updated, the same issue may surface
there then ...

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.