From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3EDA1C433EF for ; Mon, 10 Jan 2022 16:29:15 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3BF5381982; Mon, 10 Jan 2022 17:29:13 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=konsulko.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=konsulko.com header.i=@konsulko.com header.b="EO/f8K1Z"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5783D81432; Mon, 10 Jan 2022 17:29:11 +0100 (CET) Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 812EB82C6D for ; Mon, 10 Jan 2022 17:29:08 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=konsulko.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=trini@konsulko.com Received: by mail-qt1-x830.google.com with SMTP id h4so3104883qth.11 for ; Mon, 10 Jan 2022 08:29:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=qHuCCc9MSYMimUtvrfRqdYnlV2baCyewzHKiD/V0rJA=; b=EO/f8K1ZCPEKnCWDPNYHA36yQheKnu7xwDaccAogZSlFaSS9xu8Vb1IotMvjMSSGZW JP2Tu0yahlklerAjkxhCWUEkR7AS1JrqdgGj0zH0x0JLIHcm3RXPKiCtdiefkBNnmRZt +lefjwulYiUF6uQ25ZitVcxzbAlAVXZ51hC9g= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=qHuCCc9MSYMimUtvrfRqdYnlV2baCyewzHKiD/V0rJA=; b=WNt4yBZhxoSb7Y1FAH4lmcA1TaBAQQ0zIpPLIFheFs8mOb+4b4un+UwZAnkdGvKGft hFrQp1joA6u/Au1GEV7rx4Sr4iW9AT6jXkXdjC1k7Jwh5xuNQYPlFnZzPTBgtf1S4Se1 WbZfMik9cvQfKxscmEKqKg43VqJB2kxuWcEmTVbR7NsnMtlFluWQSLvJS8z9XcpSj8zx Jl/xDBs4LprGE+RYL7ijyh8uiNRjSBSwPqyKARLU8H9hn5nDTA+G26xjA6jKx31M9jPG hLVbY5CLP0+B0gdJlJ7VO9KLYh4DyUeSn4+uCpdp6HrrB4/Sp2Yn2NGqhhxzoXWM/mcW hCSg== X-Gm-Message-State: AOAM530pl/pkcLRhYiOdYpwPgdOIrnCmNiwnM3/TL0rGFQr63TKv+nJx 3SbNCd8JHbSL36SWHO/+3wWTTQ== X-Google-Smtp-Source: ABdhPJyPzkHXXA4DEj60cPK0QHwLgzoxEZOHmaaY+W6MARn9DgsgHQZa40wpcI5bROs7JnMOeUV19A== X-Received: by 2002:ac8:7406:: with SMTP id p6mr398839qtq.245.1641832147271; Mon, 10 Jan 2022 08:29:07 -0800 (PST) Received: from bill-the-cat (2603-6081-7b01-cbda-dc90-a0ce-b038-cf88.res6.spectrum.com. [2603:6081:7b01:cbda:dc90:a0ce:b038:cf88]) by smtp.gmail.com with ESMTPSA id bi27sm1111896qkb.80.2022.01.10.08.29.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Jan 2022 08:29:06 -0800 (PST) Date: Mon, 10 Jan 2022 11:29:04 -0500 From: Tom Rini To: Heinrich Schuchardt Cc: "Alex G." , Simon Glass , Donald Chan , Marc Kleine-Budde , u-boot@lists.denx.de Subject: Re: [PATCH] lib/rsa: avoid -Wdiscarded-qualifiers Message-ID: <20220110162904.GY2773246@bill-the-cat> References: <20220109143940.167046-1-heinrich.schuchardt@canonical.com> <61f8f122-59cb-686d-440f-250aa428dfc9@gmail.com> <20220110150655.GV2773246@bill-the-cat> <20220110161252.GX2773246@bill-the-cat> <908a41d2-0e18-ea41-88f5-ebff4a937cd0@canonical.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="tTT8uKUqXpp8EAd/" Content-Disposition: inline In-Reply-To: <908a41d2-0e18-ea41-88f5-ebff4a937cd0@canonical.com> X-Clacks-Overhead: GNU Terry Pratchett X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean --tTT8uKUqXpp8EAd/ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 10, 2022 at 05:22:15PM +0100, Heinrich Schuchardt wrote: > On 1/10/22 17:12, Tom Rini wrote: > > On Mon, Jan 10, 2022 at 05:11:29PM +0100, Heinrich Schuchardt wrote: > > > On 1/10/22 16:06, Tom Rini wrote: > > > > On Mon, Jan 10, 2022 at 09:00:29AM -0600, Alex G. wrote: > > > > >=20 > > > > >=20 > > > > > On 1/9/22 8:39 AM, Heinrich Schuchardt wrote: > > > > > > The return type of EVP_PKEY_get0_RSA() is const struct rsa_st *. > > > > > > Our code drops the const qualifier leading to > > > > > >=20 > > > > > > In file included from tools/lib/rsa/rsa-sign.c:1: > > > > > > ./tools/../lib/rsa/rsa-sign.c: In function =E2=80=98rsa_add_ver= ify_data=E2=80=99: > > > > > > ./tools/../lib/rsa/rsa-sign.c:631:13: warning: > > > > > > assignment discards =E2=80=98const=E2=80=99 qualifier from poin= ter target type > > > > > > [-Wdiscarded-qualifiers] > > > > > > 631 | rsa =3D EVP_PKEY_get0_RSA(pkey); > > > > > > | ^ > > > > > >=20 > > > > > > Add a type conversion. > > > > > >=20 > > > > > > Signed-off-by: Heinrich Schuchardt > > > > > > --- > > > > > > lib/rsa/rsa-sign.c | 2 +- > > > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > >=20 > > > > > > diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c > > > > > > index 44f21416ce..3b6e5f0f86 100644 > > > > > > --- a/lib/rsa/rsa-sign.c > > > > > > +++ b/lib/rsa/rsa-sign.c > > > > > > @@ -628,7 +628,7 @@ int rsa_add_verify_data(struct image_sign_i= nfo *info, void *keydest) > > > > > > if (ret) > > > > > > goto err_get_pub_key; > > > > > > - rsa =3D EVP_PKEY_get0_RSA(pkey); > > > > > > + rsa =3D (RSA *)EVP_PKEY_get0_RSA(pkey); > > > > >=20 > > > > > I think it's the wrong path to discard const qualifiers, whether = unwillingly > > > > > or by type punning. I suggest making 'rsa' a "const RSA *" and fi= xing the > > > > > downstream users to do the same. > > > >=20 > > > > So, how do we trigger this warning, exactly? The line here has bee= n in > > > > place for several releases, but only with fe68a67a5f11 and removing > > > > legacy paths did this become the only option. Of course, CI isn't > > > > kicking this problem right now. But CI is Ubuntu 18.04, and while = post > > > > v2022.01 we should at least move up to 20.04, I'm guessing this get= s hit > > > > with something recent like 20.04, or Debian 11 or what will be Ubun= tu > > > > 22.04. > > > >=20 > > > > Should we take the cast now, and fix this up properly post release? > > >=20 > > > I am using OpenSSLv3 as delivered by Ubuntu Jammy. Building > > > sandbox_defconfig shows the warning. > >=20 > > Right, so what will be 22.04. I'm OK I think taking the cast for today > > if you'll clean up the code as suggested for post release. > >=20 >=20 > In 3a8b919932fdf07b6f I added #define OPENSSL_API_COMPAT 0x10101000L. Which is OpenSSL 1.1.0 API, right? > Would we also have to move to the current API? But that might create > problems in old releases. How old of a release would it be a problem for? We dropped support for older than 1.1.0 with fe68a67a5f11. --=20 Tom --tTT8uKUqXpp8EAd/ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEGjx/cOCPqxcHgJu/FHw5/5Y0tywFAmHcXsoACgkQFHw5/5Y0 tywHjgv/VEcujofU/Ij3C80NkOXx2O0irl6GZHWlGQOVAyb88hbqNfCqm/sz4RtX ebxeLx8dV9lb1vaOEzbSAgamGELNmEXPBaArGT9PnFAaAQC39EckS9EuoPJl4gke dIwCgcz/dYBndwmYE8EIuHU85THdATNK+Ncx/BSkMpInV6yO8KHeLET+FDrAHEl3 J7HnWn9cHA7V2raj8bzqflhfk2658oXF8obSENNm2Ode5wSYTi050wJ6Vst5V5Gj t9zIbSICkJE6j8kvAcaDuiAawtdxhvNACQvhgil9CAIbezxySTu15HBSsFftCWgs 3qg/UuEqG3FYXwaWqzhLFRHk2nhYjdHjVHqxfw3bk+uUKKhqg+arwxvffXSr8vWs hEWOBVoVJhmYtCXQrpcvSGiqEcuRwIQvoU//pnEfRbG4UTHUMZlYOTyFbobXYjkO qOIL/7wQcsJdBH6NoAWBZWwPYFhCRyRFO1nRwa0YzZOITPln5mxE6cO+dsgLK9UB HL99roow =P+QK -----END PGP SIGNATURE----- --tTT8uKUqXpp8EAd/--