From 225a352bd48eaeba0689b9758c27d72c09ba3936 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 28 Feb 2024 17:05:42 -0800 Subject: [PATCH 1/3] Fixes for building with "-Wpedantic". ZD 17592 --- .github/workflows/make-test-swtpm.yml | 6 + src/tpm2_tis.c | 24 ++-- wolftpm/tpm2.h | 153 +++++++++++++------------- 3 files changed, 96 insertions(+), 87 deletions(-) diff --git a/.github/workflows/make-test-swtpm.yml b/.github/workflows/make-test-swtpm.yml index f8fe9995..e61e8528 100644 --- a/.github/workflows/make-test-swtpm.yml +++ b/.github/workflows/make-test-swtpm.yml @@ -132,6 +132,12 @@ jobs: - name: make debug io run: make +# build pedantic + - name: configure pedantic + run: ./configure CFLAGS="-Wpedantic" + - name: make pedantic + run: make + # capture logs on failure - name: Upload failure logs if: failure() diff --git a/src/tpm2_tis.c b/src/tpm2_tis.c index 0c0a8ed0..da6d04c4 100644 --- a/src/tpm2_tis.c +++ b/src/tpm2_tis.c @@ -47,18 +47,18 @@ enum tpm_tis_status { TPM_STS_RESP_RETRY = 0x02, }; -enum tpm_tis_int_flags { - TPM_GLOBAL_INT_ENABLE = 0x80000000, - TPM_INTF_BURST_COUNT_STATIC = 0x100, - TPM_INTF_CMD_READY_INT = 0x080, - TPM_INTF_INT_EDGE_FALLING = 0x040, - TPM_INTF_INT_EDGE_RISING = 0x020, - TPM_INTF_INT_LEVEL_LOW = 0x010, - TPM_INTF_INT_LEVEL_HIGH = 0x008, - TPM_INTF_LOC_CHANGE_INT = 0x004, - TPM_INTF_STS_VALID_INT = 0x002, - TPM_INTF_DATA_AVAIL_INT = 0x001, -}; +/* enum tpm_tis_int_flags */ +#define TPM_GLOBAL_INT_ENABLE 0x80000000UL +#define TPM_INTF_BURST_COUNT_STATIC 0x100 +#define TPM_INTF_CMD_READY_INT 0x080 +#define TPM_INTF_INT_EDGE_FALLING 0x040 +#define TPM_INTF_INT_EDGE_RISING 0x020 +#define TPM_INTF_INT_LEVEL_LOW 0x010 +#define TPM_INTF_INT_LEVEL_HIGH 0x008 +#define TPM_INTF_LOC_CHANGE_INT 0x004 +#define TPM_INTF_STS_VALID_INT 0x002 +#define TPM_INTF_DATA_AVAIL_INT 0x001 + #ifndef TPM_BASE_ADDRESS #define TPM_BASE_ADDRESS (0xD40000u) diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h index 63288ae1..74d21349 100644 --- a/wolftpm/tpm2.h +++ b/wolftpm/tpm2.h @@ -66,15 +66,13 @@ typedef UINT32 TPM_GENERATED; /* ENUMERATIONS */ /* ---------------------------------------------------------------------------*/ -enum { - TPM_SPEC_FAMILY = 0x322E3000, - TPM_SPEC_LEVEL = 0, - TPM_SPEC_VERSION = 138, - TPM_SPEC_YEAR = 2016, - TPM_SPEC_DAY_OF_YEAR = 273, - - TPM_GENERATED_VALUE = 0xff544347, -}; +#define TPM_SPEC_FAMILY 0x322E3000 +#define TPM_SPEC_LEVEL 0 +#define TPM_SPEC_VERSION 138 +#define TPM_SPEC_YEAR 2016 +#define TPM_SPEC_DAY_OF_YEAR 273 + +#define TPM_GENERATED_VALUE 0xff544347 typedef enum { @@ -649,37 +647,38 @@ typedef enum { typedef UINT32 TPM_RH; /* Handle Value Constants */ -typedef enum { - HR_HANDLE_MASK = 0x00FFFFFF, - HR_RANGE_MASK = 0xFF000000, - HR_SHIFT = 24, - HR_PCR = ((UINT32)TPM_HT_PCR << HR_SHIFT), - HR_HMAC_SESSION = ((UINT32)TPM_HT_HMAC_SESSION << HR_SHIFT), - HR_POLICY_SESSION = ((UINT32)TPM_HT_POLICY_SESSION << HR_SHIFT), - HR_TRANSIENT = ((UINT32)TPM_HT_TRANSIENT << HR_SHIFT), - HR_PERSISTENT = ((UINT32)TPM_HT_PERSISTENT << HR_SHIFT), - HR_NV_INDEX = ((UINT32)TPM_HT_NV_INDEX << HR_SHIFT), - HR_PERMANENT = ((UINT32)TPM_HT_PERMANENT << HR_SHIFT), - PCR_FIRST = (HR_PCR + 0), - PCR_LAST = (PCR_FIRST + IMPLEMENTATION_PCR-1), - HMAC_SESSION_FIRST = (HR_HMAC_SESSION + 0), - HMAC_SESSION_LAST = (HMAC_SESSION_FIRST+MAX_ACTIVE_SESSIONS-1), - LOADED_SESSION_FIRST = HMAC_SESSION_FIRST, - LOADED_SESSION_LAST = HMAC_SESSION_LAST, - POLICY_SESSION_FIRST = (HR_POLICY_SESSION + 0), - POLICY_SESSION_LAST = (POLICY_SESSION_FIRST+MAX_ACTIVE_SESSIONS-1), - TRANSIENT_FIRST = (HR_TRANSIENT + 0), - ACTIVE_SESSION_FIRST = POLICY_SESSION_FIRST, - ACTIVE_SESSION_LAST = POLICY_SESSION_LAST, - TRANSIENT_LAST = (TRANSIENT_FIRST+MAX_LOADED_OBJECTS-1), - PERSISTENT_FIRST = (HR_PERSISTENT + 0), - PERSISTENT_LAST = (PERSISTENT_FIRST + 0x00FFFFFF), - PLATFORM_PERSISTENT = (PERSISTENT_FIRST + 0x00800000), - NV_INDEX_FIRST = (HR_NV_INDEX + 0), - NV_INDEX_LAST = (NV_INDEX_FIRST + 0x00FFFFFF), - PERMANENT_FIRST = TPM_RH_FIRST, - PERMANENT_LAST = TPM_RH_LAST, -} TPM_HC_T; +/* Using defines, not "enum TPM_HC_T" to avoid pedantic error: + * "ISO C restricts enumerator values to range of 'int'" + */ +#define HR_HANDLE_MASK 0x00FFFFFFUL +#define HR_RANGE_MASK 0xFF000000UL +#define HR_SHIFT 24 +#define HR_PCR ((UINT32)TPM_HT_PCR << HR_SHIFT) +#define HR_HMAC_SESSION ((UINT32)TPM_HT_HMAC_SESSION << HR_SHIFT) +#define HR_POLICY_SESSION ((UINT32)TPM_HT_POLICY_SESSION << HR_SHIFT) +#define HR_TRANSIENT ((UINT32)TPM_HT_TRANSIENT << HR_SHIFT) +#define HR_PERSISTENT ((UINT32)TPM_HT_PERSISTENT << HR_SHIFT) +#define HR_NV_INDEX ((UINT32)TPM_HT_NV_INDEX << HR_SHIFT) +#define HR_PERMANENT ((UINT32)TPM_HT_PERMANENT << HR_SHIFT) +#define PCR_FIRST (HR_PCR + 0) +#define PCR_LAST (PCR_FIRST + IMPLEMENTATION_PCR-1) +#define HMAC_SESSION_FIRST (HR_HMAC_SESSION + 0) +#define HMAC_SESSION_LAST (HMAC_SESSION_FIRST+MAX_ACTIVE_SESSIONS-1) +#define LOADED_SESSION_FIRST HMAC_SESSION_FIRST +#define LOADED_SESSION_LAST HMAC_SESSION_LAST +#define POLICY_SESSION_FIRST (HR_POLICY_SESSION + 0) +#define POLICY_SESSION_LAST (POLICY_SESSION_FIRST+MAX_ACTIVE_SESSIONS-1) +#define TRANSIENT_FIRST (HR_TRANSIENT + 0) +#define ACTIVE_SESSION_FIRST POLICY_SESSION_FIRST +#define ACTIVE_SESSION_LAST POLICY_SESSION_LAST +#define TRANSIENT_LAST (TRANSIENT_FIRST+MAX_LOADED_OBJECTS-1) +#define PERSISTENT_FIRST (HR_PERSISTENT + 0) +#define PERSISTENT_LAST (PERSISTENT_FIRST + 0x00FFFFFFUL) +#define PLATFORM_PERSISTENT (PERSISTENT_FIRST + 0x00800000UL) +#define NV_INDEX_FIRST (HR_NV_INDEX + 0) +#define NV_INDEX_LAST (NV_INDEX_FIRST + 0x00FFFFFFUL) +#define PERMANENT_FIRST TPM_RH_FIRST +#define PERMANENT_LAST TPM_RH_LAST typedef UINT32 TPM_HC; @@ -741,13 +740,14 @@ enum TPMA_PERMANENT_mask { }; typedef UINT32 TPMA_STARTUP_CLEAR; -enum TPMA_STARTUP_CLEAR_mask { - TPMA_STARTUP_CLEAR_phEnable = 0x00000001, - TPMA_STARTUP_CLEAR_shEnable = 0x00000002, - TPMA_STARTUP_CLEAR_ehEnable = 0x00000004, - TPMA_STARTUP_CLEAR_phEnableNV = 0x00000008, - TPMA_STARTUP_CLEAR_orderly = 0x80000000, -}; +/* Using defines, not "enum TPMA_STARTUP_CLEAR_mask" to avoid pedantic error: + * "ISO C restricts enumerator values to range of 'int'" + */ +#define TPMA_STARTUP_CLEAR_phEnable 0x00000001UL +#define TPMA_STARTUP_CLEAR_shEnable 0x00000002UL +#define TPMA_STARTUP_CLEAR_ehEnable 0x00000004UL +#define TPMA_STARTUP_CLEAR_phEnableNV 0x00000008UL +#define TPMA_STARTUP_CLEAR_orderly 0x80000000UL typedef UINT32 TPMA_MEMORY; enum TPMA_MEMORY_mask { @@ -1493,10 +1493,12 @@ typedef struct TPM2B_ID_OBJECT { /* NV Storage Structures */ typedef UINT32 TPM_NV_INDEX; -enum TPM_NV_INDEX_mask { - TPM_NV_INDEX_index = 0x00FFFFFF, - TPM_NV_INDEX_RH_NV = 0xFF000000, -}; +/* Using defines, not "enum TPM_NV_INDEX_mask" to avoid pedantic error: + * "ISO C restricts enumerator values to range of 'int'" + */ +#define TPM_NV_INDEX_index 0x00FFFFFFUL +#define TPM_NV_INDEX_RH_NV 0xFF000000UL + typedef enum TPM_NT { TPM_NT_ORDINARY = 0x0, @@ -1514,30 +1516,31 @@ typedef struct TPMS_NV_PIN_COUNTER_PARAMETERS { } TPMS_NV_PIN_COUNTER_PARAMETERS; typedef UINT32 TPMA_NV; -enum TPMA_NV_mask { - TPMA_NV_PPWRITE = 0x00000001, - TPMA_NV_OWNERWRITE = 0x00000002, - TPMA_NV_AUTHWRITE = 0x00000004, - TPMA_NV_POLICYWRITE = 0x00000008, - TPMA_NV_TPM_NT = 0x000000F0, - TPMA_NV_POLICY_DELETE = 0x00000400, - TPMA_NV_WRITELOCKED = 0x00000800, - TPMA_NV_WRITEALL = 0x00001000, - TPMA_NV_WRITEDEFINE = 0x00002000, - TPMA_NV_WRITE_STCLEAR = 0x00004000, - TPMA_NV_GLOBALLOCK = 0x00008000, - TPMA_NV_PPREAD = 0x00010000, - TPMA_NV_OWNERREAD = 0x00020000, - TPMA_NV_AUTHREAD = 0x00040000, - TPMA_NV_POLICYREAD = 0x00080000, - TPMA_NV_NO_DA = 0x02000000, - TPMA_NV_ORDERLY = 0x04000000, - TPMA_NV_CLEAR_STCLEAR = 0x08000000, - TPMA_NV_READLOCKED = 0x10000000, - TPMA_NV_WRITTEN = 0x20000000, - TPMA_NV_PLATFORMCREATE = 0x40000000, - TPMA_NV_READ_STCLEAR = 0x80000000, -}; +/* Using defines, not "enum TPMA_NV_mask" to avoid pedantic error: + * "ISO C restricts enumerator values to range of 'int'" + */ +#define TPMA_NV_PPWRITE 0x00000001UL +#define TPMA_NV_OWNERWRITE 0x00000002UL +#define TPMA_NV_AUTHWRITE 0x00000004UL +#define TPMA_NV_POLICYWRITE 0x00000008UL +#define TPMA_NV_TPM_NT 0x000000F0UL +#define TPMA_NV_POLICY_DELETE 0x00000400UL +#define TPMA_NV_WRITELOCKED 0x00000800UL +#define TPMA_NV_WRITEALL 0x00001000UL +#define TPMA_NV_WRITEDEFINE 0x00002000UL +#define TPMA_NV_WRITE_STCLEAR 0x00004000UL +#define TPMA_NV_GLOBALLOCK 0x00008000UL +#define TPMA_NV_PPREAD 0x00010000UL +#define TPMA_NV_OWNERREAD 0x00020000UL +#define TPMA_NV_AUTHREAD 0x00040000UL +#define TPMA_NV_POLICYREAD 0x00080000UL +#define TPMA_NV_NO_DA 0x02000000UL +#define TPMA_NV_ORDERLY 0x04000000UL +#define TPMA_NV_CLEAR_STCLEAR 0x08000000UL +#define TPMA_NV_READLOCKED 0x10000000UL +#define TPMA_NV_WRITTEN 0x20000000UL +#define TPMA_NV_PLATFORMCREATE 0x40000000UL +#define TPMA_NV_READ_STCLEAR 0x80000000UL typedef struct TPMS_NV_PUBLIC { TPMI_RH_NV_INDEX nvIndex; From 35bf0b9649d241caa0a9cc3bf0a68ab381f0fe1f Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 29 Feb 2024 08:20:51 -0800 Subject: [PATCH 2/3] Use C style comments. --- wolftpm/tpm2.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h index 74d21349..25864616 100644 --- a/wolftpm/tpm2.h +++ b/wolftpm/tpm2.h @@ -1122,7 +1122,7 @@ typedef struct TPMT_SYM_DEF { TPMI_ALG_SYM algorithm; TPMU_SYM_KEY_BITS keyBits; TPMU_SYM_MODE mode; - //TPMU_SYM_DETAILS details; + /*TPMU_SYM_DETAILS details;*/ /* not used */ } TPMT_SYM_DEF; typedef TPMT_SYM_DEF TPMT_SYM_DEF_OBJECT; From 53bf0f4a0fce40bc64e5baa054a0b6916ced34eb Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 29 Feb 2024 09:21:14 -0800 Subject: [PATCH 3/3] For the TLS examples and SWTPM interface that use POSIX sockets make sure `netdb.h` is included. Previously wolfSSL always included netdb.h, but now it requires `HAVE_NETDB_H`. --- CMakeLists.txt | 41 +++++++++++++++++++++++++++++++++++++++++ Makefile.am | 1 + cmake/README.md | 5 +++++ cmake/config.in | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ cmake/include.am | 2 ++ configure.ac | 1 + 6 files changed, 98 insertions(+) create mode 100644 cmake/README.md create mode 100644 cmake/config.in create mode 100644 cmake/include.am diff --git a/CMakeLists.txt b/CMakeLists.txt index 3960176b..4424505c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -47,6 +47,27 @@ target_compile_definitions(wolftpm PRIVATE "BUILDING_WOLFTPM" ) +include(CheckIncludeFile) +check_include_file("fcntl.h" HAVE_FCNTL_H) +check_include_file("netdb.h" HAVE_NETDB_H) +check_include_file("time.h" HAVE_TIME_H) +check_include_file("sys/ioctl.h" HAVE_SYS_IOCTL_H) +check_include_file("sys/socket.h" HAVE_SYS_SOCKET_H) +check_include_file("sys/time.h" HAVE_SYS_TIME_H) +check_include_file("errno.h" HAVE_ERRNO_H) +check_include_file("stdint.h" HAVE_STDINT_H) +check_include_file("stdlib.h" HAVE_STDLIB_H) +check_include_file("string.h" HAVE_STRING_H) +check_include_file("sys/stat.h" HAVE_SYS_STAT_H) +check_include_file("sys/types.h" HAVE_SYS_TYPES_H) +check_include_file("unistd.h" HAVE_UNISTD_H) + +include(CheckFunctionExists) +check_function_exists("gethostbyname" HAVE_GETHOSTBYNAME) +check_function_exists("getaddrinfo" HAVE_GETADDRINFO) +check_function_exists("gettimeofday" HAVE_GETTIMEOFDAY) + + # TODO # * wrapper @@ -245,6 +266,26 @@ file(APPEND ${OPTION_FILE} "#endif\n\n\n") file(APPEND ${OPTION_FILE} "#endif /* WOLFTPM_OPTIONS_H */\n\n") + +# generate config.h +message("Generating config header...") +set(WOLFTPM_CONFIG_H "yes" CACHE STRING +"Enable generation of config.h and define HAVE_CONFIG_H (default: enabled)") +set_property(CACHE WOLFTPM_DEBUG + PROPERTY STRINGS "yes;no") +if(WOLFTPM_CONFIG_H) + add_definitions("-DHAVE_CONFIG_H") + configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmake/config.in" + "${CMAKE_CURRENT_BINARY_DIR}/config.h" ) + # If config.h exists, delete it to avoid a mixup with build/config.h + if (EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/config.h") + file(REMOVE "${CMAKE_CURRENT_SOURCE_DIR}/config.h") + endif() +endif() + + + + if (WOLFTPM_EXAMPLES) add_tpm_example(activate_credential attestation/activate_credential.c) add_tpm_example(make_credential attestation/make_credential.c) diff --git a/Makefile.am b/Makefile.am index 6a316e3c..90c1148d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -41,6 +41,7 @@ include tests/include.am include docs/include.am include wrapper/include.am include hal/include.am +include cmake/include.am EXTRA_DIST+= README.md EXTRA_DIST+= ChangeLog.md diff --git a/cmake/README.md b/cmake/README.md new file mode 100644 index 00000000..a138be53 --- /dev/null +++ b/cmake/README.md @@ -0,0 +1,5 @@ +# wolfTPM CMake + +This directory contains some supplementary files for the [CMakeLists.txt](../CMakeLists.txt) in the root. + +See also cmake notes in the [INSTALL](../INSTALL) documentation file. diff --git a/cmake/config.in b/cmake/config.in new file mode 100644 index 00000000..8a0bc31f --- /dev/null +++ b/cmake/config.in @@ -0,0 +1,48 @@ +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_FCNTL_H @HAVE_FCNTL_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_NETDB_H @HAVE_NETDB_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_TIME_H @HAVE_TIME_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_SYS_IOCTL_H @HAVE_SYS_IOCTL_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_SYS_SOCKET_H @HAVE_SYS_SOCKET_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_SYS_TIME_H @HAVE_SYS_TIME_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_ERRNO_H @HAVE_ERRNO_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_STDINT_H @HAVE_STDINT_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_STDLIB_H @HAVE_STDLIB_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_STRING_H @HAVE_STRING_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_SYS_STAT_H @HAVE_SYS_STAT_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_SYS_TYPES_H @HAVE_SYS_TYPES_H@ + +/* Define to 1 if you have the header file. */ +#cmakedefine HAVE_UNISTD_H @HAVE_UNISTD_H@ + + +/* Define to 1 if you have the `getaddrinfo' function. */ +#cmakedefine HAVE_GETADDRINFO @HAVE_GETADDRINFO@ + +/* Define to 1 if you have the `gethostbyname' function. */ +#cmakedefine HAVE_GETHOSTBYNAME @HAVE_GETHOSTBYNAME@ + +/* Define to 1 if you have the `gettimeofday' function. */ +#cmakedefine HAVE_GETTIMEOFDAY @HAVE_GETTIMEOFDAY@ diff --git a/cmake/include.am b/cmake/include.am new file mode 100644 index 00000000..ceec20a6 --- /dev/null +++ b/cmake/include.am @@ -0,0 +1,2 @@ +EXTRA_DIST += cmake/README.md +EXTRA_DIST += cmake/config.in diff --git a/configure.ac b/configure.ac index 134e6b79..7d2101e6 100644 --- a/configure.ac +++ b/configure.ac @@ -60,6 +60,7 @@ AC_CHECK_SIZEOF([long long], 8) AC_CHECK_SIZEOF([long], 4) # Check headers/libs +AC_CHECK_HEADERS([netdb.h]) AC_CHECK_FUNCS([gethostbyname getaddrinfo gettimeofday inet_ntoa memset socket]) AC_CHECK_LIB([network],[socket])