[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] subdom: Fix -Werror=address failure in tmp_emulator
- To: George Dunlap <george.dunlap@xxxxxxxxx>
- From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 16 Aug 2023 15:22:22 -0400
- Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692213746; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=EDY2UApggJSyiNdpbh+UfkvA86j6vNhYh1symwk1CIM=; b=P6VFTaJE1F6iuMnrweoddCXCtnzG/+6kSmwSl9ck1kO0vplP5KxbVR1MohluYlyccqHR+Ya0RkF3b79ygRjafXv2k2Pfo0GKSZXPZjB3FccPlzs4nDQUKUSaUF7xoSqixx8FphnHHrtdc5MAKMfGkwfcrS4qxQkcJWy5SiTUFIU=
- Arc-seal: i=1; a=rsa-sha256; t=1692213746; cv=none; d=zohomail.com; s=zohoarc; b=SaptQORi7JwYfZwg/CuAHBx2TzydsGFDORh8ABA8LSHgUmhYLQUUmwyd3Ma4WqrySvXauH5lf/R54orp7gvKO8Nthju9wFkPXMgF4Az86IBj+TnIS1N0Bb5Qpsm11EnN8YP8uV0qonu62LiQxYLnX0h8tjuXRhnDTiUtj/H52v4=
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Jason Andryuk <jandryuk@xxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>
- Delivery-date: Wed, 16 Aug 2023 19:22:40 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 8/14/23 07:25, George Dunlap wrote:
On Tue, Aug 8, 2023 at 10:27 PM Daniel P. Smith
<dpsmith@xxxxxxxxxxxxxxxxxxxx <mailto:dpsmith@xxxxxxxxxxxxxxxxxxxx>> wrote:
On 8/3/23 16:36, Andrew Cooper wrote:
> The opensuse-tumbleweed build jobs currently fail with:
>
>
/builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c: In
function 'rsa_private':
>
/builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c:56:7: error: the comparison will always evaluate as 'true' for the address of 'p' will never be NULL [-Werror=address]
> 56 | if (!key->p || !key->q || !key->u) {
> | ^
> In file included from
/builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.c:17:
>
/builds/xen-project/xen/stubdom/tpm_emulator-x86_64/crypto/rsa.h:28:12: note: 'p' declared here
> 28 | tpm_bn_t p;
> | ^
>
> This is because all tpm_bn_t's are 1-element arrays (of either a
GMP or
> OpenSSL BIGNUM flavour). The author was probably meaning to do
value checks,
> but that's not what the code does.
>
> Adjust it to compile. No functional change.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx
<mailto:andrew.cooper3@xxxxxxxxxx>>
> ---
> CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx
<mailto:George.Dunlap@xxxxxxxxxxxxx>>
> CC: Jan Beulich <JBeulich@xxxxxxxx <mailto:JBeulich@xxxxxxxx>>
> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx
<mailto:sstabellini@xxxxxxxxxx>>
> CC: Wei Liu <wl@xxxxxxx <mailto:wl@xxxxxxx>>
> CC: Julien Grall <julien@xxxxxxx <mailto:julien@xxxxxxx>>
> CC: Juergen Gross <jgross@xxxxxxxx <mailto:jgross@xxxxxxxx>>
> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx
<mailto:marmarek@xxxxxxxxxxxxxxxxxxxxxx>>
> CC: Jason Andryuk <jandryuk@xxxxxxxxx <mailto:jandryuk@xxxxxxxxx>>
> CC: Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx
<mailto:dpsmith@xxxxxxxxxxxxxxxxxxxx>>
> CC: Christopher Clark <christopher.w.clark@xxxxxxxxx
<mailto:christopher.w.clark@xxxxxxxxx>>
>
> While I've confirmed this to fix the build issue:
>
>
https://gitlab.com/xen-project/people/andyhhp/xen/-/pipelines/955160430
<https://gitlab.com/xen-project/people/andyhhp/xen/-/pipelines/955160430>
>
> I'm -1 overall to the change, and would prefer to disable
vtpm-stubdom
> entirely.
>
> It's TPM 1.2 only, using decades-old libs, and some stuff in the
upstream
> https://github.com/PeterHuewe/tpm-emulator
<https://github.com/PeterHuewe/tpm-emulator> (which is still
abandaonded as of
> 2018) is just as concerning as the basic error here in rsa_private().
For semantics sake, the Guest PV interface is 1.2 compliant but the PV
backend, vtpmmgr, is capable of using TPM2.0.
> vtpm-stubdom isn't credibly component of a Xen system, and we're
wasting loads
> of CI cycles testing it...
Unfortunately, I cannot disagree here. This is the only proper vTPM,
from a trustworthy architecture perspective, that I know of existing
today. Until I can find someone willing to fund updating the
implementation and moving it to being an emulated vTPM and not a PV
interface, it is likely to stay in this state for some time.
Did you mean "I cannot *agree* here"? "Cannot disagree" means you agree
that we're "wasting loads of CI cycles testing it", but the second
sentence seems to imply that it's (currently) irreplacable.
The architecture/design is what I don't want to see lost, the
implementation itself, IMHO, has severely bit rotted. So what I was
trying to say is that while it is an important reference design, I
cannot disagree with the sentiment that building the broken
implementation is wasting a significant amount of CI resources, both
network and CPU time. IOW, I am probably the only one that would
potentially make any noise if a patch was submitted to make it default
disabled, and I am saying here that I would not do so.
v/r,
dps
|
