* [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
@ 2022-01-09 14:39 Heinrich Schuchardt
2022-01-10 15:00 ` Alex G.
2022-01-10 18:47 ` Tom Rini
0 siblings, 2 replies; 11+ messages in thread
From: Heinrich Schuchardt @ 2022-01-09 14:39 UTC (permalink / raw)
To: Tom Rini
Cc: Simon Glass, Alexandru Gagniuc, Donald Chan, Marc Kleine-Budde,
u-boot, Heinrich Schuchardt
The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
Our code drops the const qualifier leading to
In file included from tools/lib/rsa/rsa-sign.c:1:
./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
./tools/../lib/rsa/rsa-sign.c:631:13: warning:
assignment discards ‘const’ qualifier from pointer target type
[-Wdiscarded-qualifiers]
631 | rsa = EVP_PKEY_get0_RSA(pkey);
| ^
Add a type conversion.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
lib/rsa/rsa-sign.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 44f21416ce..3b6e5f0f86 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
if (ret)
goto err_get_pub_key;
- rsa = EVP_PKEY_get0_RSA(pkey);
+ rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
if (ret)
goto err_get_params;
--
2.33.1
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-09 14:39 [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers Heinrich Schuchardt
@ 2022-01-10 15:00 ` Alex G.
2022-01-10 15:06 ` Tom Rini
2022-01-10 16:48 ` Simon Glass
2022-01-10 18:47 ` Tom Rini
1 sibling, 2 replies; 11+ messages in thread
From: Alex G. @ 2022-01-10 15:00 UTC (permalink / raw)
To: Heinrich Schuchardt, Tom Rini
Cc: Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> Our code drops the const qualifier leading to
>
> In file included from tools/lib/rsa/rsa-sign.c:1:
> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> assignment discards ‘const’ qualifier from pointer target type
> [-Wdiscarded-qualifiers]
> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> | ^
>
> Add a type conversion.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> lib/rsa/rsa-sign.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> index 44f21416ce..3b6e5f0f86 100644
> --- a/lib/rsa/rsa-sign.c
> +++ b/lib/rsa/rsa-sign.c
> @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
> if (ret)
> goto err_get_pub_key;
>
> - rsa = EVP_PKEY_get0_RSA(pkey);
> + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
I think it's the wrong path to discard const qualifiers, whether
unwillingly or by type punning. I suggest making 'rsa' a "const RSA *"
and fixing the downstream users to do the same.
Alex
> ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
> if (ret)
> goto err_get_params;
>
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 15:00 ` Alex G.
@ 2022-01-10 15:06 ` Tom Rini
2022-01-10 16:11 ` Heinrich Schuchardt
2022-01-10 16:48 ` Simon Glass
1 sibling, 1 reply; 11+ messages in thread
From: Tom Rini @ 2022-01-10 15:06 UTC (permalink / raw)
To: Alex G.
Cc: Heinrich Schuchardt, Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
[-- Attachment #1: Type: text/plain, Size: 1926 bytes --]
On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
>
>
> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
> > The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> > Our code drops the const qualifier leading to
> >
> > In file included from tools/lib/rsa/rsa-sign.c:1:
> > ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> > ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> > assignment discards ‘const’ qualifier from pointer target type
> > [-Wdiscarded-qualifiers]
> > 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> > | ^
> >
> > Add a type conversion.
> >
> > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > ---
> > lib/rsa/rsa-sign.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > index 44f21416ce..3b6e5f0f86 100644
> > --- a/lib/rsa/rsa-sign.c
> > +++ b/lib/rsa/rsa-sign.c
> > @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
> > if (ret)
> > goto err_get_pub_key;
> > - rsa = EVP_PKEY_get0_RSA(pkey);
> > + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>
> I think it's the wrong path to discard const qualifiers, whether unwillingly
> or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
> downstream users to do the same.
So, how do we trigger this warning, exactly? The line here has been in
place for several releases, but only with fe68a67a5f11 and removing
legacy paths did this become the only option. Of course, CI isn't
kicking this problem right now. But CI is Ubuntu 18.04, and while post
v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
with something recent like 20.04, or Debian 11 or what will be Ubuntu
22.04.
Should we take the cast now, and fix this up properly post release?
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 15:06 ` Tom Rini
@ 2022-01-10 16:11 ` Heinrich Schuchardt
2022-01-10 16:12 ` Tom Rini
0 siblings, 1 reply; 11+ messages in thread
From: Heinrich Schuchardt @ 2022-01-10 16:11 UTC (permalink / raw)
To: Tom Rini, Alex G.; +Cc: Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
On 1/10/22 16:06, Tom Rini wrote:
> On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
>>
>>
>> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
>>> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
>>> Our code drops the const qualifier leading to
>>>
>>> In file included from tools/lib/rsa/rsa-sign.c:1:
>>> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
>>> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
>>> assignment discards ‘const’ qualifier from pointer target type
>>> [-Wdiscarded-qualifiers]
>>> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
>>> | ^
>>>
>>> Add a type conversion.
>>>
>>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>>> ---
>>> lib/rsa/rsa-sign.c | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
>>> index 44f21416ce..3b6e5f0f86 100644
>>> --- a/lib/rsa/rsa-sign.c
>>> +++ b/lib/rsa/rsa-sign.c
>>> @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
>>> if (ret)
>>> goto err_get_pub_key;
>>> - rsa = EVP_PKEY_get0_RSA(pkey);
>>> + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>>
>> I think it's the wrong path to discard const qualifiers, whether unwillingly
>> or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
>> downstream users to do the same.
>
> So, how do we trigger this warning, exactly? The line here has been in
> place for several releases, but only with fe68a67a5f11 and removing
> legacy paths did this become the only option. Of course, CI isn't
> kicking this problem right now. But CI is Ubuntu 18.04, and while post
> v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
> with something recent like 20.04, or Debian 11 or what will be Ubuntu
> 22.04.
>
> Should we take the cast now, and fix this up properly post release?
>
I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building
sandbox_defconfig shows the warning.
Best regards
Heinrich
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 16:11 ` Heinrich Schuchardt
@ 2022-01-10 16:12 ` Tom Rini
2022-01-10 16:22 ` Heinrich Schuchardt
0 siblings, 1 reply; 11+ messages in thread
From: Tom Rini @ 2022-01-10 16:12 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Alex G., Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
[-- Attachment #1: Type: text/plain, Size: 2461 bytes --]
On Mon, Jan 10, 2022 at 05:11:29PM +0100, Heinrich Schuchardt wrote:
> On 1/10/22 16:06, Tom Rini wrote:
> > On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
> > >
> > >
> > > On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
> > > > The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> > > > Our code drops the const qualifier leading to
> > > >
> > > > In file included from tools/lib/rsa/rsa-sign.c:1:
> > > > ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> > > > ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> > > > assignment discards ‘const’ qualifier from pointer target type
> > > > [-Wdiscarded-qualifiers]
> > > > 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> > > > | ^
> > > >
> > > > Add a type conversion.
> > > >
> > > > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > > > ---
> > > > lib/rsa/rsa-sign.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > > > index 44f21416ce..3b6e5f0f86 100644
> > > > --- a/lib/rsa/rsa-sign.c
> > > > +++ b/lib/rsa/rsa-sign.c
> > > > @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
> > > > if (ret)
> > > > goto err_get_pub_key;
> > > > - rsa = EVP_PKEY_get0_RSA(pkey);
> > > > + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
> > >
> > > I think it's the wrong path to discard const qualifiers, whether unwillingly
> > > or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
> > > downstream users to do the same.
> >
> > So, how do we trigger this warning, exactly? The line here has been in
> > place for several releases, but only with fe68a67a5f11 and removing
> > legacy paths did this become the only option. Of course, CI isn't
> > kicking this problem right now. But CI is Ubuntu 18.04, and while post
> > v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
> > with something recent like 20.04, or Debian 11 or what will be Ubuntu
> > 22.04.
> >
> > Should we take the cast now, and fix this up properly post release?
>
> I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building
> sandbox_defconfig shows the warning.
Right, so what will be 22.04. I'm OK I think taking the cast for today
if you'll clean up the code as suggested for post release.
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 16:12 ` Tom Rini
@ 2022-01-10 16:22 ` Heinrich Schuchardt
2022-01-10 16:29 ` Tom Rini
0 siblings, 1 reply; 11+ messages in thread
From: Heinrich Schuchardt @ 2022-01-10 16:22 UTC (permalink / raw)
To: Tom Rini; +Cc: Alex G., Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
On 1/10/22 17:12, Tom Rini wrote:
> On Mon, Jan 10, 2022 at 05:11:29PM +0100, Heinrich Schuchardt wrote:
>> On 1/10/22 16:06, Tom Rini wrote:
>>> On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
>>>>
>>>>
>>>> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
>>>>> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
>>>>> Our code drops the const qualifier leading to
>>>>>
>>>>> In file included from tools/lib/rsa/rsa-sign.c:1:
>>>>> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
>>>>> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
>>>>> assignment discards ‘const’ qualifier from pointer target type
>>>>> [-Wdiscarded-qualifiers]
>>>>> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
>>>>> | ^
>>>>>
>>>>> Add a type conversion.
>>>>>
>>>>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>>>>> ---
>>>>> lib/rsa/rsa-sign.c | 2 +-
>>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
>>>>> index 44f21416ce..3b6e5f0f86 100644
>>>>> --- a/lib/rsa/rsa-sign.c
>>>>> +++ b/lib/rsa/rsa-sign.c
>>>>> @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
>>>>> if (ret)
>>>>> goto err_get_pub_key;
>>>>> - rsa = EVP_PKEY_get0_RSA(pkey);
>>>>> + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>>>>
>>>> I think it's the wrong path to discard const qualifiers, whether unwillingly
>>>> or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
>>>> downstream users to do the same.
>>>
>>> So, how do we trigger this warning, exactly? The line here has been in
>>> place for several releases, but only with fe68a67a5f11 and removing
>>> legacy paths did this become the only option. Of course, CI isn't
>>> kicking this problem right now. But CI is Ubuntu 18.04, and while post
>>> v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
>>> with something recent like 20.04, or Debian 11 or what will be Ubuntu
>>> 22.04.
>>>
>>> Should we take the cast now, and fix this up properly post release?
>>
>> I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building
>> sandbox_defconfig shows the warning.
>
> Right, so what will be 22.04. I'm OK I think taking the cast for today
> if you'll clean up the code as suggested for post release.
>
In 3a8b919932fdf07b6f I added #define OPENSSL_API_COMPAT 0x10101000L.
Would we also have to move to the current API? But that might create
problems in old releases.
Best regards
Heinrich
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 16:22 ` Heinrich Schuchardt
@ 2022-01-10 16:29 ` Tom Rini
2022-01-10 16:46 ` Heinrich Schuchardt
0 siblings, 1 reply; 11+ messages in thread
From: Tom Rini @ 2022-01-10 16:29 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Alex G., Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
[-- Attachment #1: Type: text/plain, Size: 3122 bytes --]
On Mon, Jan 10, 2022 at 05:22:15PM +0100, Heinrich Schuchardt wrote:
> On 1/10/22 17:12, Tom Rini wrote:
> > On Mon, Jan 10, 2022 at 05:11:29PM +0100, Heinrich Schuchardt wrote:
> > > On 1/10/22 16:06, Tom Rini wrote:
> > > > On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
> > > > >
> > > > >
> > > > > On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
> > > > > > The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> > > > > > Our code drops the const qualifier leading to
> > > > > >
> > > > > > In file included from tools/lib/rsa/rsa-sign.c:1:
> > > > > > ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> > > > > > ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> > > > > > assignment discards ‘const’ qualifier from pointer target type
> > > > > > [-Wdiscarded-qualifiers]
> > > > > > 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> > > > > > | ^
> > > > > >
> > > > > > Add a type conversion.
> > > > > >
> > > > > > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > > > > > ---
> > > > > > lib/rsa/rsa-sign.c | 2 +-
> > > > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > > > >
> > > > > > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > > > > > index 44f21416ce..3b6e5f0f86 100644
> > > > > > --- a/lib/rsa/rsa-sign.c
> > > > > > +++ b/lib/rsa/rsa-sign.c
> > > > > > @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
> > > > > > if (ret)
> > > > > > goto err_get_pub_key;
> > > > > > - rsa = EVP_PKEY_get0_RSA(pkey);
> > > > > > + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
> > > > >
> > > > > I think it's the wrong path to discard const qualifiers, whether unwillingly
> > > > > or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
> > > > > downstream users to do the same.
> > > >
> > > > So, how do we trigger this warning, exactly? The line here has been in
> > > > place for several releases, but only with fe68a67a5f11 and removing
> > > > legacy paths did this become the only option. Of course, CI isn't
> > > > kicking this problem right now. But CI is Ubuntu 18.04, and while post
> > > > v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
> > > > with something recent like 20.04, or Debian 11 or what will be Ubuntu
> > > > 22.04.
> > > >
> > > > Should we take the cast now, and fix this up properly post release?
> > >
> > > I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building
> > > sandbox_defconfig shows the warning.
> >
> > Right, so what will be 22.04. I'm OK I think taking the cast for today
> > if you'll clean up the code as suggested for post release.
> >
>
> In 3a8b919932fdf07b6f I added #define OPENSSL_API_COMPAT 0x10101000L.
Which is OpenSSL 1.1.0 API, right?
> Would we also have to move to the current API? But that might create
> problems in old releases.
How old of a release would it be a problem for? We dropped support for
older than 1.1.0 with fe68a67a5f11.
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 16:29 ` Tom Rini
@ 2022-01-10 16:46 ` Heinrich Schuchardt
0 siblings, 0 replies; 11+ messages in thread
From: Heinrich Schuchardt @ 2022-01-10 16:46 UTC (permalink / raw)
To: Tom Rini; +Cc: Alex G., Simon Glass, Donald Chan, Marc Kleine-Budde, u-boot
On 1/10/22 17:29, Tom Rini wrote:
> On Mon, Jan 10, 2022 at 05:22:15PM +0100, Heinrich Schuchardt wrote:
>> On 1/10/22 17:12, Tom Rini wrote:
>>> On Mon, Jan 10, 2022 at 05:11:29PM +0100, Heinrich Schuchardt wrote:
>>>> On 1/10/22 16:06, Tom Rini wrote:
>>>>> On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote:
>>>>>>
>>>>>>
>>>>>> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
>>>>>>> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
>>>>>>> Our code drops the const qualifier leading to
>>>>>>>
>>>>>>> In file included from tools/lib/rsa/rsa-sign.c:1:
>>>>>>> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
>>>>>>> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
>>>>>>> assignment discards ‘const’ qualifier from pointer target type
>>>>>>> [-Wdiscarded-qualifiers]
>>>>>>> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
>>>>>>> | ^
>>>>>>>
>>>>>>> Add a type conversion.
>>>>>>>
>>>>>>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>>>>>>> ---
>>>>>>> lib/rsa/rsa-sign.c | 2 +-
>>>>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>>>
>>>>>>> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
>>>>>>> index 44f21416ce..3b6e5f0f86 100644
>>>>>>> --- a/lib/rsa/rsa-sign.c
>>>>>>> +++ b/lib/rsa/rsa-sign.c
>>>>>>> @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
>>>>>>> if (ret)
>>>>>>> goto err_get_pub_key;
>>>>>>> - rsa = EVP_PKEY_get0_RSA(pkey);
>>>>>>> + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>>>>>>
>>>>>> I think it's the wrong path to discard const qualifiers, whether unwillingly
>>>>>> or by type punning. I suggest making 'rsa' a "const RSA *" and fixing the
>>>>>> downstream users to do the same.
>>>>>
>>>>> So, how do we trigger this warning, exactly? The line here has been in
>>>>> place for several releases, but only with fe68a67a5f11 and removing
>>>>> legacy paths did this become the only option. Of course, CI isn't
>>>>> kicking this problem right now. But CI is Ubuntu 18.04, and while post
>>>>> v2022.01 we should at least move up to 20.04, I'm guessing this gets hit
>>>>> with something recent like 20.04, or Debian 11 or what will be Ubuntu
>>>>> 22.04.
>>>>>
>>>>> Should we take the cast now, and fix this up properly post release?
>>>>
>>>> I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building
>>>> sandbox_defconfig shows the warning.
>>>
>>> Right, so what will be 22.04. I'm OK I think taking the cast for today
>>> if you'll clean up the code as suggested for post release.
>>>
>>
>> In 3a8b919932fdf07b6f I added #define OPENSSL_API_COMPAT 0x10101000L.
>
> Which is OpenSSL 1.1.0 API, right?
>
>> Would we also have to move to the current API? But that might create
>> problems in old releases.
>
> How old of a release would it be a problem for? We dropped support for
> older than 1.1.0 with fe68a67a5f11.
>
According to
https://www.openssl.org/policies/releasestrat.html
Open SSL version 1.1.1 will be supported until 2023-09-11 (LTS).
We will have to keep OPENSSL_API_COMPAT up to that date.
For building against OpenSSL 3 without warning we need to fix the
problem with const. And yes propagating const throughout our code will
be a cleaner solution.
Best regards
Heinrich
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 15:00 ` Alex G.
2022-01-10 15:06 ` Tom Rini
@ 2022-01-10 16:48 ` Simon Glass
2022-01-10 16:52 ` Heinrich Schuchardt
1 sibling, 1 reply; 11+ messages in thread
From: Simon Glass @ 2022-01-10 16:48 UTC (permalink / raw)
To: Alex G.
Cc: Heinrich Schuchardt, Tom Rini, Donald Chan, Marc Kleine-Budde,
U-Boot Mailing List
Hi,
On Mon, 10 Jan 2022 at 08:00, Alex G. <mr.nuke.me@gmail.com> wrote:
>
>
>
> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
> > The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> > Our code drops the const qualifier leading to
> >
> > In file included from tools/lib/rsa/rsa-sign.c:1:
> > ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> > ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> > assignment discards ‘const’ qualifier from pointer target type
> > [-Wdiscarded-qualifiers]
> > 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> > | ^
> >
> > Add a type conversion.
> >
> > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> > ---
> > lib/rsa/rsa-sign.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
> > index 44f21416ce..3b6e5f0f86 100644
> > --- a/lib/rsa/rsa-sign.c
> > +++ b/lib/rsa/rsa-sign.c
> > @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
> > if (ret)
> > goto err_get_pub_key;
> >
> > - rsa = EVP_PKEY_get0_RSA(pkey);
> > + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>
> I think it's the wrong path to discard const qualifiers, whether
> unwillingly or by type punning. I suggest making 'rsa' a "const RSA *"
> and fixing the downstream users to do the same.
It looks like just a case of changing some function signatures in that
file. Heinrich, what do you think?
Regards,
SImon
>
> Alex
>
> > ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
> > if (ret)
> > goto err_get_params;
> >
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-10 16:48 ` Simon Glass
@ 2022-01-10 16:52 ` Heinrich Schuchardt
0 siblings, 0 replies; 11+ messages in thread
From: Heinrich Schuchardt @ 2022-01-10 16:52 UTC (permalink / raw)
To: Simon Glass
Cc: Tom Rini, Donald Chan, Marc Kleine-Budde, U-Boot Mailing List, Alex G.
On 1/10/22 17:48, Simon Glass wrote:
> Hi,
>
> On Mon, 10 Jan 2022 at 08:00, Alex G. <mr.nuke.me@gmail.com> wrote:
>>
>>
>>
>> On 1/9/22 8:39 AM, Heinrich Schuchardt wrote:
>>> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
>>> Our code drops the const qualifier leading to
>>>
>>> In file included from tools/lib/rsa/rsa-sign.c:1:
>>> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
>>> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
>>> assignment discards ‘const’ qualifier from pointer target type
>>> [-Wdiscarded-qualifiers]
>>> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
>>> | ^
>>>
>>> Add a type conversion.
>>>
>>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>>> ---
>>> lib/rsa/rsa-sign.c | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
>>> index 44f21416ce..3b6e5f0f86 100644
>>> --- a/lib/rsa/rsa-sign.c
>>> +++ b/lib/rsa/rsa-sign.c
>>> @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
>>> if (ret)
>>> goto err_get_pub_key;
>>>
>>> - rsa = EVP_PKEY_get0_RSA(pkey);
>>> + rsa = (RSA *)EVP_PKEY_get0_RSA(pkey);
>>
>> I think it's the wrong path to discard const qualifiers, whether
>> unwillingly or by type punning. I suggest making 'rsa' a "const RSA *"
>> and fixing the downstream users to do the same.
>
> It looks like just a case of changing some function signatures in that
> file. Heinrich, what do you think?
Alex' suggestion is fine. I just did not want to create a lot of changes
on release day.
Best regards
Heinrich
>
> Regards,
> SImon
>
>
>
>>
>> Alex
>>
>>> ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
>>> if (ret)
>>> goto err_get_params;
>>>
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers
2022-01-09 14:39 [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers Heinrich Schuchardt
2022-01-10 15:00 ` Alex G.
@ 2022-01-10 18:47 ` Tom Rini
1 sibling, 0 replies; 11+ messages in thread
From: Tom Rini @ 2022-01-10 18:47 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Simon Glass, Alexandru Gagniuc, Donald Chan, Marc Kleine-Budde, u-boot
[-- Attachment #1: Type: text/plain, Size: 699 bytes --]
On Sun, Jan 09, 2022 at 03:39:40PM +0100, Heinrich Schuchardt wrote:
> The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *.
> Our code drops the const qualifier leading to
>
> In file included from tools/lib/rsa/rsa-sign.c:1:
> ./tools/../lib/rsa/rsa-sign.c: In function ‘rsa_add_verify_data’:
> ./tools/../lib/rsa/rsa-sign.c:631:13: warning:
> assignment discards ‘const’ qualifier from pointer target type
> [-Wdiscarded-qualifiers]
> 631 | rsa = EVP_PKEY_get0_RSA(pkey);
> | ^
>
> Add a type conversion.
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Applied to u-boot/master, thanks!
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2022-01-10 18:47 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-09 14:39 [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers Heinrich Schuchardt
2022-01-10 15:00 ` Alex G.
2022-01-10 15:06 ` Tom Rini
2022-01-10 16:11 ` Heinrich Schuchardt
2022-01-10 16:12 ` Tom Rini
2022-01-10 16:22 ` Heinrich Schuchardt
2022-01-10 16:29 ` Tom Rini
2022-01-10 16:46 ` Heinrich Schuchardt
2022-01-10 16:48 ` Simon Glass
2022-01-10 16:52 ` Heinrich Schuchardt
2022-01-10 18:47 ` Tom Rini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.