From 4e46d5c283592cf90ff5ffe26003875df62fcb81 Mon Sep 17 00:00:00 2001 From: Piraty Date: Sun, 16 Jun 2019 23:32:51 +0200 Subject: [PATCH] argon2: add upstream patches * Wait for already running threads if a thread creation failed. * use explicit_bzero() to clear memory --- srcpkgs/argon2/patches/explicit-bzero.patch | 34 ++++++++++++++++ .../patches/wait-for-running-threads.patch | 40 +++++++++++++++++++ srcpkgs/argon2/template | 2 +- 3 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/argon2/patches/explicit-bzero.patch create mode 100644 srcpkgs/argon2/patches/wait-for-running-threads.patch diff --git a/srcpkgs/argon2/patches/explicit-bzero.patch b/srcpkgs/argon2/patches/explicit-bzero.patch new file mode 100644 index 00000000000..ad58d1beeba --- /dev/null +++ b/srcpkgs/argon2/patches/explicit-bzero.patch @@ -0,0 +1,34 @@ +# the idea is picked up from upstream/master +# (80dca8559b929a9a08f4344d7dcda0d61677ef9a) +# but the patch is simplified to always use `explicit_bzero()`, so it works +# with musl too + +--- src/core.c ++++ src/core.c +@@ -25,6 +25,9 @@ + #endif + #define VC_GE_2005(version) (version >= 1400) + ++/* for explicit_bzero() */ ++#define _DEFAULT_SOURCE ++ + #include + #include + #include +@@ -121,16 +124,7 @@ + } + + void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) { +-#if defined(_MSC_VER) && VC_GE_2005(_MSC_VER) +- SecureZeroMemory(v, n); +-#elif defined memset_s +- memset_s(v, n, 0, n); +-#elif defined(__OpenBSD__) + explicit_bzero(v, n); +-#else +- static void *(*const volatile memset_sec)(void *, int, size_t) = &memset; +- memset_sec(v, 0, n); +-#endif + } + + /* Memory clear flag defaults to true. */ diff --git a/srcpkgs/argon2/patches/wait-for-running-threads.patch b/srcpkgs/argon2/patches/wait-for-running-threads.patch new file mode 100644 index 00000000000..8c2e21eb583 --- /dev/null +++ b/srcpkgs/argon2/patches/wait-for-running-threads.patch @@ -0,0 +1,40 @@ +# picked from upstream/master + +From cfa4385e728116989ad88b4be7c23b4868422778 Mon Sep 17 00:00:00 2001 +From: Milan Broz +Date: Mon, 11 Mar 2019 21:21:57 +0100 +Subject: [PATCH] Wait for already running threads if a thread creation failed. + +On memory-constrained systems (like cgroups limited processes) +thread creation often fails. + +The code needs to wait for already running threads on error path; +otherwise these threads can access deallocated memory +(and cause a segfault or another crash). +--- + src/core.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/core.c b/src/core.c +index 8361175..65f0537 100644 +--- src/core.c ++++ src/core.c +@@ -310,7 +310,7 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) { + + for (r = 0; r < instance->passes; ++r) { + for (s = 0; s < ARGON2_SYNC_POINTS; ++s) { +- uint32_t l; ++ uint32_t l, ll; + + /* 2. Calling threads */ + for (l = 0; l < instance->lanes; ++l) { +@@ -335,6 +335,9 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) { + sizeof(argon2_position_t)); + if (argon2_thread_create(&thread[l], &fill_segment_thr, + (void *)&thr_data[l])) { ++ /* Wait for already running threads */ ++ for (ll = 0; ll < l; ++ll) ++ argon2_thread_join(thread[ll]); + rc = ARGON2_THREAD_FAIL; + goto fail; + } diff --git a/srcpkgs/argon2/template b/srcpkgs/argon2/template index d3d0864cf01..66b895aa237 100644 --- a/srcpkgs/argon2/template +++ b/srcpkgs/argon2/template @@ -1,7 +1,7 @@ # Template file for 'argon2' pkgname=argon2 version=20171227 -revision=3 +revision=4 wrksrc="phc-winner-argon2-${version}" build_style=gnu-makefile make_use_env=yes