diff --git a/CHANGELOG.md b/CHANGELOG.md index e31dc4928..e5f448caa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) -## [3.1.0-rc2] - 2021-05-10 +## [3.1.0] - 2021-05-17 ### Fixed - Fixed possible access outside the array in ifapi_calculate_tree. - Fix CVE-2020-24455 FAPI PolicyPCR not instatiating correctly diff --git a/configure.ac b/configure.ac index eed09cd72..7963d178d 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ # All rights reserved. AC_INIT([tpm2-tss], - [3.1.0-rc2], + [3.1.0], [https://github.com/tpm2-software/tpm2-tss/issues], [], [https://github.com/tpm2-software/tpm2-tss]) diff --git a/script/gen_fuzz.py b/script/gen_fuzz.py index a5b6e6407..305388b6d 100755 --- a/script/gen_fuzz.py +++ b/script/gen_fuzz.py @@ -5,7 +5,7 @@ import itertools # Makefile-fuzz-generated.am is created from this template. -MAKEFILE_FUZZ = '''# SPDX-License-Identifier: BSD-2-Clause +MAKEFILE_FUZZ = """# SPDX-License-Identifier: BSD-2-Clause # Copyright (c) 2018 Intel Corporation # All rights reserved. @@ -13,18 +13,18 @@ TESTS_FUZZ = %s %s endif # ENABLE_TCTI_FUZZING -''' +""" # Each fuzz target in Makefile-fuzz-generated.am is created from this template. -MAKEFILE_FUZZ_TARGET = ''' +MAKEFILE_FUZZ_TARGET = """ noinst_PROGRAMS += test/fuzz/%s.fuzz test_fuzz_%s_fuzz_CPPFLAGS = $(FUZZ_CPPFLAGS) test_fuzz_%s_fuzz_LDADD = $(FUZZLDADD) nodist_test_fuzz_%s_fuzz_SOURCES = test/fuzz/main-sys.cpp \\ test/fuzz/%s.fuzz.cpp -DISTCLEANFILES += test/fuzz/%s.fuzz.cpp''' +DISTCLEANFILES += test/fuzz/%s.fuzz.cpp""" # Common include definitions needed for fuzzing an SYS call -SYS_TEMPLATE_HEADER = '''/* SPDX-License-Identifier: BSD-2-Clause */ +SYS_TEMPLATE_HEADER = """/* SPDX-License-Identifier: BSD-2-Clause */ /*********************************************************************** * Copyright (c) 2018, Intel Corporation * @@ -64,17 +64,22 @@ extern "C" int test_invoke ( - TSS2_SYS_CONTEXT *sysContext)''' + TSS2_SYS_CONTEXT *sysContext)""" # Template to call a SYS _Complete function which takes no arguments -SYS_COMPLETE_TEMPLATE_NO_ARGS = SYS_TEMPLATE_HEADER + ''' +SYS_COMPLETE_TEMPLATE_NO_ARGS = ( + SYS_TEMPLATE_HEADER + + """ { %s (sysContext); return EXIT_SUCCESS; } -''' +""" +) # Template to call a SYS _Complete function which takes arguments -SYS_COMPLETE_TEMPLATE_HAS_ARGS = SYS_TEMPLATE_HEADER + ''' +SYS_COMPLETE_TEMPLATE_HAS_ARGS = ( + SYS_TEMPLATE_HEADER + + """ { %s @@ -85,9 +90,12 @@ return EXIT_SUCCESS; } -''' +""" +) # Template to call a SYS _Prepare function -SYS_PREPARE_TEMPLATE_HAS_ARGS = SYS_TEMPLATE_HEADER + ''' +SYS_PREPARE_TEMPLATE_HAS_ARGS = ( + SYS_TEMPLATE_HEADER + + """ { int ret; %s @@ -108,101 +116,114 @@ return EXIT_SUCCESS; } -''' +""" +) + def gen_file(function): - ''' + """ Generate a cpp file used as the fuzz target given the function definition from a header file. - ''' + """ # Parse the function name from the function definition - function_name = function.split('\n')[0]\ - .replace('TSS2_RC', '')\ - .replace('(', '')\ - .strip() + function_name = ( + function.split("\n")[0].replace("TSS2_RC", "").replace("(", "").strip() + ) # Parse the function arguments into an array. Do not include sysContext. - args = [arg.strip() \ - for arg in function[function.index('(') + 1:function.index(');')]\ - .split(',') \ - if not 'TSS2_SYS_CONTEXT' in arg] + args = [ + arg.strip() + for arg in function[function.index("(") + 1 : function.index(");")].split(",") + if not "TSS2_SYS_CONTEXT" in arg + ] # Prepare and Complete functions require different methods of generation. # Call the appropriate function to generate a cpp target specific to that # type of function. - if '_Complete' in function_name: + if "_Complete" in function_name: return gen_complete(function, function_name, args) - if '_Prepare' in function_name: + if "_Prepare" in function_name: return gen_prepare(function, function_name, args) - raise NotImplementedError('Unknown function type %r' % (function_name,)) + raise NotImplementedError("Unknown function type %r" % (function_name,)) + def gen_complete(function, function_name, args): - ''' + """ Generate the cpp fuzz target for a SYS _Complete call - ''' + """ if not args: # Fill in the no args template. Simple case. return function_name, SYS_COMPLETE_TEMPLATE_NO_ARGS % (function_name) # Generate the cpp variable definitions. - arg_definitions = (';\n' + ' ' * 4).join([ - arg.replace('*', '') for arg in args]) + ';' + arg_definitions = (";\n" + " " * 4).join( + [arg.replace("*", "") for arg in args] + ) + ";" # Generate the cpp arguments. For arguments that are pointers find replace * # with & so that we pass a pointer to the definition which has been # allocated on the stack. - arg_call = (',\n' + ' ' * 8).join([ - arg.replace('*', '&').split()[-1] for arg in args]) + arg_call = (",\n" + " " * 8).join( + [arg.replace("*", "&").split()[-1] for arg in args] + ) # Fill in the template - return function_name, SYS_COMPLETE_TEMPLATE_HAS_ARGS % (arg_definitions, - function_name, - arg_call) + return ( + function_name, + SYS_COMPLETE_TEMPLATE_HAS_ARGS % (arg_definitions, function_name, arg_call), + ) + def gen_prepare(function, function_name, args): - ''' + """ Generate the cpp fuzz target for a SYS _Prepare call - ''' + """ if not args: return function_name, None # Generate the cpp variable definitions. Make sure to initialize to empty # structs (works for initializing anything) or cpp compiler will complain. - arg_definitions = (' = {0};\n' + ' ' * 4).join([ - arg.replace('*', '').replace('const', '') for arg in args]) + ' = {0};' + arg_definitions = (" = {0};\n" + " " * 4).join( + [arg.replace("*", "").replace("const", "") for arg in args] + ) + " = {0};" # Generate the cpp arguments. For arguments that are pointers find replace * # with & so that we pass a pointer to the definition which has been # allocated on the stack. - arg_call = (',\n' + ' ' * 8).join([ - arg.replace('*', '&').split()[-1] for arg in args]) + arg_call = (",\n" + " " * 8).join( + [arg.replace("*", "&").split()[-1] for arg in args] + ) # Generate the call to fuzz_fill. The call should be the sysContext, double # the number of arguments for the _Prepare call, and then for each _Prepare # argument pass two to fuzz_fill, the sizeof the _Prepare argument, and a # pointer to it. - fill_fuzz_args = (',\n' + ' ' * 8).join([ - ('sizeof (%s), &%s' % \ - tuple([arg.replace('*', '').split()[-1]] * 2)) \ - for arg in args]) + fill_fuzz_args = (",\n" + " " * 8).join( + [ + ("sizeof (%s), &%s" % tuple([arg.replace("*", "").split()[-1]] * 2)) + for arg in args + ] + ) # Fill in the template - return function_name, SYS_PREPARE_TEMPLATE_HAS_ARGS % (arg_definitions, - len(args) * 2, - fill_fuzz_args, - function_name, - arg_call) + return ( + function_name, + SYS_PREPARE_TEMPLATE_HAS_ARGS + % (arg_definitions, len(args) * 2, fill_fuzz_args, function_name, arg_call), + ) + def functions_from_include(header): - ''' + """ Parse out and yield each function definition from a header file. - ''' - with open(header, 'r') as header_fd: - current_function = '' + """ + with open(header, "r") as header_fd: + current_function = "" for line in header_fd: # Functions we are interested in start with _Complete or _Prepare - if '_Complete' in line or '_Prepare' in line: + if "_Complete" in line or "_Prepare" in line: # Set the current_function to this line current_function = line - elif current_function and ');' in line: + elif current_function and ");" in line: # When we reach the closing parenthesis yield the function yield current_function + line.rstrip() - current_function = '' + current_function = "" elif current_function: # Add all the arguments to the function current_function += line + def gen_files(header): # Generate a fuzz target cpp file from each function in the header file for current_function in functions_from_include(header): @@ -213,28 +234,38 @@ def gen_files(header): # Yield the function name and the contents of its generated file yield function_name, contents + def main(): - parser = argparse.ArgumentParser(description='Generate libfuzzer for sys') - parser.add_argument('--header', default='include/tss2/tss2_sys.h', - help='Header file to look in (default include/tss2/tss2_sys.h)') + parser = argparse.ArgumentParser(description="Generate libfuzzer for sys") + parser.add_argument( + "--header", + default="include/tss2/tss2_sys.h", + help="Header file to look in (default include/tss2/tss2_sys.h)", + ) args = parser.parse_args() functions = dict(gen_files(args.header)) # Write the generated target to the file for its function name for function_name, contents in functions.items(): - filepath = os.path.join('test', 'fuzz', function_name + '.fuzz.cpp') - with open(filepath, 'w') as fuzzer_fd: + filepath = os.path.join("test", "fuzz", function_name + ".fuzz.cpp") + with open(filepath, "w") as fuzzer_fd: fuzzer_fd.write(contents) # Fill in the Makefile-fuzz-generated.am template using the function names. # Create a list of the compiled fuzz targets - files = ' \\\n '.join(['test/fuzz/%s.fuzz' % (function) \ - for function in functions]) + files = " \\\n ".join( + ["test/fuzz/%s.fuzz" % (function) for function in functions] + ) # Create the Makefile targets for each generated file - targets = '\n'.join([MAKEFILE_FUZZ_TARGET % tuple(list(itertools.chain(\ - ([function] * 6)))) for function in functions]) + targets = "\n".join( + [ + MAKEFILE_FUZZ_TARGET % tuple(list(itertools.chain(([function] * 6)))) + for function in functions + ] + ) # Write out the Makefile-fuzz-generated.am file - with open('Makefile-fuzz-generated.am', 'w') as makefile_fd: + with open("Makefile-fuzz-generated.am", "w") as makefile_fd: makefile_fd.write(MAKEFILE_FUZZ % (files, targets)) -if __name__ == '__main__': + +if __name__ == "__main__": main() diff --git a/sphinx/conf.py b/sphinx/conf.py index 2b7cfd1c6..7fa75a9a7 100644 --- a/sphinx/conf.py +++ b/sphinx/conf.py @@ -16,12 +16,13 @@ import subprocess # Create (unused) root file -index_rst = open('index.rst', 'w') -index_rst.write('.. toctree::\n :maxdepth: 2') +index_rst = open("index.rst", "w") +index_rst.write(".. toctree::\n :maxdepth: 2") index_rst.close() # Build doxygen documentation -subprocess.call(r""" +subprocess.call( + r""" cd .. version="master" echo "Version: $version" @@ -31,17 +32,19 @@ s/@VERSION@/$version/g" Doxyfile.in > Doxyfile SRCDIR='.' PROJECT='tpm2-tss' VERSION='2.3.0-dev' PERL_PATH='/usr/bin/perl' HAVE_DOT='NO' GENERATE_MAN='YES' GENERATE_RTF='YES' GENERATE_XML='NO' GENERATE_HTMLHELP='NO' GENERATE_CHI='NO' GENERATE_HTML='YES' GENERATE_LATEX='NO' DOCDIR=doxygen-doc doxygen Doxyfile cd sphinx - """, shell=True) + """, + shell=True, +) # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) +# sys.path.insert(0, os.path.abspath('.')) # -- General configuration ------------------------------------------------ # If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' +# needs_sphinx = '1.0' # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom @@ -49,32 +52,32 @@ extensions = [] # Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] +templates_path = ["_templates"] # The suffix(es) of source filenames. # You can specify multiple suffix as a list of string: # source_suffix = ['.rst', '.md'] -source_suffix = '.rst' +source_suffix = ".rst" # The encoding of source files. -#source_encoding = 'utf-8-sig' +# source_encoding = 'utf-8-sig' # The master toctree document. -master_doc = 'index' +master_doc = "index" # General information about the project. -project = 'tpm2-tss' -copyright = '2019, open source community' -author = 'open source community' +project = "tpm2-tss" +copyright = "2019, open source community" +author = "open source community" # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. -version = '' +version = "" # The full version, including alpha/beta/rc tags. -release = '' +release = "" # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. @@ -85,37 +88,37 @@ # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: -#today = '' +# today = '' # Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' +# today_fmt = '%B %d, %Y' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. -exclude_patterns = ['_build'] +exclude_patterns = ["_build"] # The reST default role (used for this markup: `text`) to use for all # documents. -#default_role = None +# default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True +# add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). -#add_module_names = True +# add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. -#show_authors = False +# show_authors = False # The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' +pygments_style = "sphinx" # A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] +# modindex_common_prefix = [] # If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False +# keep_warnings = False # If true, `todo` and `todoList` produce output, else they produce nothing. todo_include_todos = False @@ -125,156 +128,155 @@ # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. -html_theme = 'alabaster' +html_theme = "alabaster" # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. -#html_theme_options = {} +# html_theme_options = {} # Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] +# html_theme_path = [] # The name for this set of Sphinx documents. If None, it defaults to # " v documentation". -#html_title = None +# html_title = None # A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None +# html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. -#html_logo = None +# html_logo = None # The name of an image file (relative to this directory) to use as a favicon of # the docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. -#html_favicon = None +# html_favicon = None # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] +html_static_path = ["_static"] # Add any extra paths that contain custom files (such as robots.txt or # .htaccess) here, relative to this directory. These files are copied # directly to the root of the documentation. -html_extra_path = ['../doxygen-doc/html'] +html_extra_path = ["../doxygen-doc/html"] # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' +# html_last_updated_fmt = '%b %d, %Y' # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. -#html_use_smartypants = True +# html_use_smartypants = True # Custom sidebar templates, maps document names to template names. -#html_sidebars = {} +# html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. -#html_additional_pages = {} +# html_additional_pages = {} # If false, no module index is generated. -#html_domain_indices = True +# html_domain_indices = True # If false, no index is generated. -#html_use_index = True +# html_use_index = True # If true, the index is split into individual pages for each letter. -#html_split_index = False +# html_split_index = False # If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True +# html_show_sourcelink = True # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True +# html_show_sphinx = True # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True +# html_show_copyright = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. -#html_use_opensearch = '' +# html_use_opensearch = '' # This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None +# html_file_suffix = None # Language to be used for generating the HTML full-text search index. # Sphinx supports the following languages: # 'da', 'de', 'en', 'es', 'fi', 'fr', 'h', 'it', 'ja' # 'nl', 'no', 'pt', 'ro', 'r', 'sv', 'tr' -#html_search_language = 'en' +# html_search_language = 'en' # A dictionary with options for the search language support, empty by default. # Now only 'ja' uses this config value -#html_search_options = {'type': 'default'} +# html_search_options = {'type': 'default'} # The name of a javascript file (relative to the configuration directory) that # implements a search results scorer. If empty, the default will be used. -#html_search_scorer = 'scorer.js' +# html_search_scorer = 'scorer.js' # Output file base name for HTML help builder. -htmlhelp_basename = 'tpm2-tssdoc' +htmlhelp_basename = "tpm2-tssdoc" # -- Options for LaTeX output --------------------------------------------- latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', - -# Latex figure (float) alignment -#'figure_align': 'htbp', + # The paper size ('letterpaper' or 'a4paper'). + #'papersize': 'letterpaper', + # The font size ('10pt', '11pt' or '12pt'). + #'pointsize': '10pt', + # Additional stuff for the LaTeX preamble. + #'preamble': '', + # Latex figure (float) alignment + #'figure_align': 'htbp', } # Grouping the document tree into LaTeX files. List of tuples # (source start file, target name, title, # author, documentclass [howto, manual, or own class]). latex_documents = [ - (master_doc, 'tpm2-tss.tex', 'tpm2-tss Documentation', - 'open source community', 'manual'), + ( + master_doc, + "tpm2-tss.tex", + "tpm2-tss Documentation", + "open source community", + "manual", + ), ] # The name of an image file (relative to this directory) to place at the top of # the title page. -#latex_logo = None +# latex_logo = None # For "manual" documents, if this is true, then toplevel headings are parts, # not chapters. -#latex_use_parts = False +# latex_use_parts = False # If true, show page references after internal links. -#latex_show_pagerefs = False +# latex_show_pagerefs = False # If true, show URL addresses after external links. -#latex_show_urls = False +# latex_show_urls = False # Documents to append as an appendix to all manuals. -#latex_appendices = [] +# latex_appendices = [] # If false, no module index is generated. -#latex_domain_indices = True +# latex_domain_indices = True # -- Options for manual page output --------------------------------------- # One entry per manual page. List of tuples # (source start file, name, description, authors, manual section). -man_pages = [ - (master_doc, 'tpm2-tss', 'tpm2-tss Documentation', - [author], 1) -] +man_pages = [(master_doc, "tpm2-tss", "tpm2-tss Documentation", [author], 1)] # If true, show URL addresses after external links. -#man_show_urls = False +# man_show_urls = False # -- Options for Texinfo output ------------------------------------------- @@ -283,19 +285,25 @@ # (source start file, target name, title, author, # dir menu entry, description, category) texinfo_documents = [ - (master_doc, 'tpm2-tss', 'tpm2-tss Documentation', - author, 'tpm2-tss', 'One line description of project.', - 'Miscellaneous'), + ( + master_doc, + "tpm2-tss", + "tpm2-tss Documentation", + author, + "tpm2-tss", + "One line description of project.", + "Miscellaneous", + ), ] # Documents to append as an appendix to all manuals. -#texinfo_appendices = [] +# texinfo_appendices = [] # If false, no module index is generated. -#texinfo_domain_indices = True +# texinfo_domain_indices = True # How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' +# texinfo_show_urls = 'footnote' # If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False +# texinfo_no_detailmenu = False