From 18252d9cf7cb14d915e12f1181f4bc2a299bda5f Mon Sep 17 00:00:00 2001 From: Russell Keith-Magee Date: Thu, 1 May 2025 07:13:18 +0800 Subject: [PATCH 1/3] Bump the HACL* revision. --- Modules/_hacl/Lib_Memzero0.c | 18 ++++++++++++++++-- Modules/_hacl/refresh.sh | 2 +- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/Modules/_hacl/Lib_Memzero0.c b/Modules/_hacl/Lib_Memzero0.c index 4dbf55eef58231..cd6d2df8e9e484 100644 --- a/Modules/_hacl/Lib_Memzero0.c +++ b/Modules/_hacl/Lib_Memzero0.c @@ -10,6 +10,20 @@ #if defined(__APPLE__) && defined(__MACH__) #include +// memset_s is available from macOS 10.9, iOS 7, watchOS 2, and on all tvOS and visionOS versions. +# if (defined(MAC_OS_X_VERSION_MIN_REQUIRED) && (MAC_OS_X_VERSION_MIN_REQUIRED >= __MAC_10_9)) +# define APPLE_HAS_MEMSET_S 1 +# elif (defined(IPHONE_OS_VERSION_MIN_REQUIRED) && (IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_7_0)) +# define APPLE_HAS_MEMSET_S 1 +# elif (defined(TARGET_OS_TV) && TARGET_OS_TV) +# define APPLE_HAS_MEMSET_S 1 +# elif (defined(WATCH_OS_VERSION_MIN_REQUIRED) && (WATCH_OS_VERSION_MIN_REQUIRED >= __WATCHOS_2_0)) +# define APPLE_HAS_MEMSET_S 1 +# elif (defined(TARGET_OS_VISION) && TARGET_OS_VISION) +# define APPLE_HAS_MEMSET_S 1 +# else +# define APPLE_HAS_MEMSET_S 0 +# endif #endif #if (defined(__APPLE__) && defined(__MACH__)) || defined(__linux__) || defined(__OpenBSD__) @@ -41,7 +55,7 @@ void Lib_Memzero0_memzero0(void *dst, uint64_t len) { #ifdef _WIN32 SecureZeroMemory(dst, len_); - #elif defined(__APPLE__) && defined(__MACH__) && defined(MAC_OS_X_VERSION_MIN_REQUIRED) && (MAC_OS_X_VERSION_MIN_REQUIRED >= 1090) + #elif defined(__APPLE__) && defined(__MACH__) && APPLE_HAS_MEMSET_S memset_s(dst, len_, 0, len_); #elif (defined(__linux__) && !defined(LINUX_NO_EXPLICIT_BZERO)) || defined(__FreeBSD__) || defined(__OpenBSD__) explicit_bzero(dst, len_); @@ -52,7 +66,7 @@ void Lib_Memzero0_memzero0(void *dst, uint64_t len) { #warning "Your platform does not support any safe implementation of memzero -- consider a pull request!" volatile unsigned char *volatile dst_ = (volatile unsigned char *volatile) dst; size_t i = 0U; - while (i < len) + while (i < len_) dst_[i++] = 0U; #endif } diff --git a/Modules/_hacl/refresh.sh b/Modules/_hacl/refresh.sh index b50c9288aa9e43..2eab41bb6e73ea 100755 --- a/Modules/_hacl/refresh.sh +++ b/Modules/_hacl/refresh.sh @@ -22,7 +22,7 @@ fi # Update this when updating to a new version after verifying that the changes # the update brings in are good. -expected_hacl_star_rev=322f6d58290e0ed7f4ecb84fcce12917aa0f594b +expected_hacl_star_rev=cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74 hacl_dir="$(realpath "$1")" cd "$(dirname "$0")" From d082146bc537d214f07b5721c4263191136c756e Mon Sep 17 00:00:00 2001 From: Russell Keith-Magee Date: Thu, 1 May 2025 07:24:49 +0800 Subject: [PATCH 2/3] Update SBOM manifest. --- Misc/sbom.spdx.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json index 5da77f158cbf38..93033ea51407cd 100644 --- a/Misc/sbom.spdx.json +++ b/Misc/sbom.spdx.json @@ -608,11 +608,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "80dae56879ed9bace476362ef251de48ce055a20" + "checksumValue": "c7fd386ae8b0430385ed0ba9a125ebf65c82840c" }, { "algorithm": "SHA256", - "checksumValue": "da84b6287e9aa1fc52e819a8ca10e79b51263f1dda6b4528ed8c0c74a11fb0ea" + "checksumValue": "e49ec69b37722c8809e55ddfc9eb17056be4438e087f9d9d4b6303309d49f6c7" } ], "fileName": "Modules/_hacl/Lib_Memzero0.c" @@ -1755,11 +1755,11 @@ "checksumValue": "502a0250fa08d2cbcc8b9e43831235a2c075de2eb180e7381ecb5d10b181971e" } ], - "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/322f6d58290e0ed7f4ecb84fcce12917aa0f594b.zip", + "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74.zip", "externalRefs": [ { "referenceCategory": "SECURITY", - "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:322f6d58290e0ed7f4ecb84fcce12917aa0f594b:*:*:*:*:*:*:*", + "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74:*:*:*:*:*:*:*", "referenceType": "cpe23Type" } ], @@ -1767,7 +1767,7 @@ "name": "hacl-star", "originator": "Organization: HACL* Developers", "primaryPackagePurpose": "SOURCE", - "versionInfo": "322f6d58290e0ed7f4ecb84fcce12917aa0f594b" + "versionInfo": "cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74" }, { "SPDXID": "SPDXRef-PACKAGE-macholib", From e7a0abd6cc22cf9b20330e57a7a7949fd8f6c9a2 Mon Sep 17 00:00:00 2001 From: Russell Keith-Magee Date: Thu, 1 May 2025 10:29:47 +0800 Subject: [PATCH 3/3] Update updated HACL* revision. --- Misc/sbom.spdx.json | 12 ++++++------ Modules/_hacl/Lib_Memzero0.c | 4 ++-- Modules/_hacl/refresh.sh | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json index 93033ea51407cd..4a697d047ca6e4 100644 --- a/Misc/sbom.spdx.json +++ b/Misc/sbom.spdx.json @@ -608,11 +608,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "c7fd386ae8b0430385ed0ba9a125ebf65c82840c" + "checksumValue": "c9651ef21479c4d8a3b04c5baa1902866dbb1cdf" }, { "algorithm": "SHA256", - "checksumValue": "e49ec69b37722c8809e55ddfc9eb17056be4438e087f9d9d4b6303309d49f6c7" + "checksumValue": "e039c82ba670606ca111573942baad800f75da467abbc74cd7d1fe175ebcdfaf" } ], "fileName": "Modules/_hacl/Lib_Memzero0.c" @@ -1752,14 +1752,14 @@ "checksums": [ { "algorithm": "SHA256", - "checksumValue": "502a0250fa08d2cbcc8b9e43831235a2c075de2eb180e7381ecb5d10b181971e" + "checksumValue": "02dfcf0c79d488b120d7f2c2a0f9206301c7927ed5106545e0b6f2aef88da76a" } ], - "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74.zip", + "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/7720f6d4fc0468a99d5ea6120976bcc271e42727.zip", "externalRefs": [ { "referenceCategory": "SECURITY", - "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74:*:*:*:*:*:*:*", + "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:7720f6d4fc0468a99d5ea6120976bcc271e42727:*:*:*:*:*:*:*", "referenceType": "cpe23Type" } ], @@ -1767,7 +1767,7 @@ "name": "hacl-star", "originator": "Organization: HACL* Developers", "primaryPackagePurpose": "SOURCE", - "versionInfo": "cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74" + "versionInfo": "7720f6d4fc0468a99d5ea6120976bcc271e42727" }, { "SPDXID": "SPDXRef-PACKAGE-macholib", diff --git a/Modules/_hacl/Lib_Memzero0.c b/Modules/_hacl/Lib_Memzero0.c index cd6d2df8e9e484..28abd1aa4e2d54 100644 --- a/Modules/_hacl/Lib_Memzero0.c +++ b/Modules/_hacl/Lib_Memzero0.c @@ -13,11 +13,11 @@ // memset_s is available from macOS 10.9, iOS 7, watchOS 2, and on all tvOS and visionOS versions. # if (defined(MAC_OS_X_VERSION_MIN_REQUIRED) && (MAC_OS_X_VERSION_MIN_REQUIRED >= __MAC_10_9)) # define APPLE_HAS_MEMSET_S 1 -# elif (defined(IPHONE_OS_VERSION_MIN_REQUIRED) && (IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_7_0)) +# elif (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && (__IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_7_0)) # define APPLE_HAS_MEMSET_S 1 # elif (defined(TARGET_OS_TV) && TARGET_OS_TV) # define APPLE_HAS_MEMSET_S 1 -# elif (defined(WATCH_OS_VERSION_MIN_REQUIRED) && (WATCH_OS_VERSION_MIN_REQUIRED >= __WATCHOS_2_0)) +# elif (defined(__WATCH_OS_VERSION_MIN_REQUIRED) && (__WATCH_OS_VERSION_MIN_REQUIRED >= __WATCHOS_2_0)) # define APPLE_HAS_MEMSET_S 1 # elif (defined(TARGET_OS_VISION) && TARGET_OS_VISION) # define APPLE_HAS_MEMSET_S 1 diff --git a/Modules/_hacl/refresh.sh b/Modules/_hacl/refresh.sh index 2eab41bb6e73ea..d91650b44bb4e7 100755 --- a/Modules/_hacl/refresh.sh +++ b/Modules/_hacl/refresh.sh @@ -22,7 +22,7 @@ fi # Update this when updating to a new version after verifying that the changes # the update brings in are good. -expected_hacl_star_rev=cfbd2e5de9a4b053f18cbef2cae92c4f46f28e74 +expected_hacl_star_rev=7720f6d4fc0468a99d5ea6120976bcc271e42727 hacl_dir="$(realpath "$1")" cd "$(dirname "$0")"