tpm2-tss: 4.0.1 -> 4.1.0

This commit is contained in:
Tim Biermann 2024-04-26 23:52:02 +02:00
parent 1a18e244d5
commit 61b5aaf21d
Signed by: tb
GPG Key ID: 42F8B4E30B673606
4 changed files with 44 additions and 102 deletions

View File

@ -3,7 +3,12 @@ drwxr-xr-x root/root etc/tpm2-tss/
-rw-r--r-- root/root etc/tpm2-tss/fapi-config.json
drwxr-xr-x root/root etc/tpm2-tss/fapi-profiles/
-rw-r--r-- root/root etc/tpm2-tss/fapi-profiles/P_ECCP256SHA256.json
-rw-r--r-- root/root etc/tpm2-tss/fapi-profiles/P_ECCP384SHA384.json
-rw-r--r-- root/root etc/tpm2-tss/fapi-profiles/P_RSA2048SHA256.json
-rw-r--r-- root/root etc/tpm2-tss/fapi-profiles/P_RSA3072SHA384.json
drwxr-xr-x root/root run/
drwxr-xr-x root/root run/tpm2-tss/
drwxr-xr-x root/root run/tpm2-tss/eventlog/
drwxr-xr-x root/root usr/
drwxr-xr-x root/root usr/include/
drwxr-xr-x root/root usr/include/tss2/
@ -17,10 +22,13 @@ drwxr-xr-x root/root usr/include/tss2/
-rw-r--r-- root/root usr/include/tss2/tss2_tcti.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_cmd.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_device.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_i2c_helper.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_libtpms.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_mssim.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_pcap.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_spi_helper.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_spi_ltt2go.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_spidev.h
-rw-r--r-- root/root usr/include/tss2/tss2_tcti_swtpm.h
-rw-r--r-- root/root usr/include/tss2/tss2_tctildr.h
-rw-r--r-- root/root usr/include/tss2/tss2_tpm2_types.h
@ -65,6 +73,11 @@ lrwxrwxrwx root/root usr/lib/libtss2-tcti-cmd.so.0 -> libtss2-tcti-cmd.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-device.so -> libtss2-tcti-device.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-device.so.0 -> libtss2-tcti-device.so.0.0.0
-rwxr-xr-x root/root usr/lib/libtss2-tcti-device.so.0.0.0
-rw-r--r-- root/root usr/lib/libtss2-tcti-i2c-helper.a
-rwxr-xr-x root/root usr/lib/libtss2-tcti-i2c-helper.la
lrwxrwxrwx root/root usr/lib/libtss2-tcti-i2c-helper.so -> libtss2-tcti-i2c-helper.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-i2c-helper.so.0 -> libtss2-tcti-i2c-helper.so.0.0.0
-rwxr-xr-x root/root usr/lib/libtss2-tcti-i2c-helper.so.0.0.0
-rw-r--r-- root/root usr/lib/libtss2-tcti-libtpms.a
-rwxr-xr-x root/root usr/lib/libtss2-tcti-libtpms.la
lrwxrwxrwx root/root usr/lib/libtss2-tcti-libtpms.so -> libtss2-tcti-libtpms.so.0.0.0
@ -85,6 +98,16 @@ lrwxrwxrwx root/root usr/lib/libtss2-tcti-pcap.so.0 -> libtss2-tcti-pcap.so.0.0.
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spi-helper.so -> libtss2-tcti-spi-helper.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spi-helper.so.0 -> libtss2-tcti-spi-helper.so.0.0.0
-rwxr-xr-x root/root usr/lib/libtss2-tcti-spi-helper.so.0.0.0
-rw-r--r-- root/root usr/lib/libtss2-tcti-spi-ltt2go.a
-rwxr-xr-x root/root usr/lib/libtss2-tcti-spi-ltt2go.la
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spi-ltt2go.so -> libtss2-tcti-spi-ltt2go.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spi-ltt2go.so.0 -> libtss2-tcti-spi-ltt2go.so.0.0.0
-rwxr-xr-x root/root usr/lib/libtss2-tcti-spi-ltt2go.so.0.0.0
-rw-r--r-- root/root usr/lib/libtss2-tcti-spidev.a
-rwxr-xr-x root/root usr/lib/libtss2-tcti-spidev.la
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spidev.so -> libtss2-tcti-spidev.so.0.0.0
lrwxrwxrwx root/root usr/lib/libtss2-tcti-spidev.so.0 -> libtss2-tcti-spidev.so.0.0.0
-rwxr-xr-x root/root usr/lib/libtss2-tcti-spidev.so.0.0.0
-rw-r--r-- root/root usr/lib/libtss2-tcti-swtpm.a
-rwxr-xr-x root/root usr/lib/libtss2-tcti-swtpm.la
lrwxrwxrwx root/root usr/lib/libtss2-tcti-swtpm.so -> libtss2-tcti-swtpm.so.0.0.0
@ -104,10 +127,13 @@ drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-sys.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-cmd.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-device.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-i2c-helper.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-libtpms.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-mssim.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-pcap.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-spi-helper.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-spi-ltt2go.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-spidev.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tcti-swtpm.pc
-rw-r--r-- root/root usr/lib/pkgconfig/tss2-tctildr.pc
drwxr-xr-x root/root usr/lib/udev/
@ -129,6 +155,17 @@ drwxr-xr-x root/root usr/share/man/man5/
drwxr-xr-x root/root usr/share/man/man7/
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-cmd.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-device.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-i2c-ftdi.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-i2c-helper.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-mssim.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-spi-ftdi.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-spi-helper.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-spi-ltt2go.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-spidev.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tcti-swtpm.7.gz
-rw-r--r-- root/root usr/share/man/man7/tss2-tctildr.7.gz
drwxr-xr-x root/root var/
drwxr-xr-x root/root var/lib/
drwxr-xr-x root/root var/lib/tpm2-tss/
drwxr-xr-x root/root var/lib/tpm2-tss/system/
drwxr-xr-x root/root var/lib/tpm2-tss/system/keystore/

View File

@ -1,7 +1,5 @@
untrusted comment: verify with /etc/ports/contrib.pub
RWSagIOpLGJF36MMU7BssbPYgJ0u4HFNKRf4MGC+QEHBzxjf3y+Oq5XtTN/+Ev+Bh++5m+ZUlr6Su4f6Yxl/5OqBwBhkh6XkbAA=
SHA256 (Pkgfile) = 7114d76946422a89f99d45cf2ffef677a1c0bffaaa3f863ac52ca3dba87ede37
SHA256 (.footprint) = 716d50a1d07edbf25ee8dbfc06a6d3133a390c9d575705bc6cc8ebf046f716bc
SHA256 (tpm2-tss-4.0.1.tar.gz) = 532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950
SHA256 (tss2-tcti-libtpms.map) = 41c37dc4b10b1e86023619150e5047739aeee93fd8f77315157d3eeb5fe6a981
SHA256 (218c0da8.patch) = 76797d64092709d9af8b1d93750bc5d1f1e861e5a9fa37c24e0f1473b874be80
RWSagIOpLGJF3/P+e7lxaYj6PQat4UcDMm343rcrE8PC4r27yHqNxlhnTYCuWUwOSMISKhdcxUPXhd2iz0JQEBHDOQpdx0ncvwo=
SHA256 (Pkgfile) = 08e0d0e6d82a30e8d253bfec1f9d74bd23be955cec5602e47e816fd676fdd00d
SHA256 (.footprint) = 4f2e0aaf40ed2bba85c7c6bc1e14760c77f49064ce7eb77569d1fcdc047dd200
SHA256 (tpm2-tss-4.1.0.tar.gz) = ac9c38e019aebe0d04a79e8f8db7ff805d23dcc7c45131c02960947576214329

View File

@ -1,88 +0,0 @@
From 218c0da8d9f675766b1de502a52e23a3aa52648e Mon Sep 17 00:00:00 2001
From: Juergen Repp <juergen_repp@web.de>
Date: Wed, 22 Mar 2023 10:54:59 +0100
Subject: [PATCH] FAPI: Skip test fapi-fix-provisioning-with template if no
certificate is available.
If the configure option --enable-self-generated-certificate is not used this
test can't be executed because no certificate will be stored in NV ram. The
test will be skipped if no certificate is available.
Fixes: #2558
Signed-off-by: Juergen Repp <juergen_repp@web.de>
---
.../fapi-provisioning-with-template.int.c | 40 ++++++++++++++++++-
1 file changed, 39 insertions(+), 1 deletion(-)
diff --git a/test/integration/fapi-provisioning-with-template.int.c b/test/integration/fapi-provisioning-with-template.int.c
index 54c724f5d..74184cdc8 100644
--- a/test/integration/fapi-provisioning-with-template.int.c
+++ b/test/integration/fapi-provisioning-with-template.int.c
@@ -4,6 +4,8 @@
#endif
#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
#include "tss2_esys.h"
#include "tss2_fapi.h"
@@ -31,6 +33,39 @@
* @retval EXIT_SKIP
*
*/
+static bool
+fapi_ek_certless()
+{
+ FILE *stream = NULL;
+ long config_size;
+ char *config = NULL;
+ char *fapi_config_file = getenv("TSS2_FAPICONF");
+
+ stream = fopen(fapi_config_file, "r");
+ if (!stream) {
+ LOG_ERROR("File %s does not exist", fapi_config_file);
+ return NULL;
+ }
+ fseek(stream, 0L, SEEK_END);
+ config_size = ftell(stream);
+ fclose(stream);
+ config = malloc(config_size + 1);
+ stream = fopen(fapi_config_file, "r");
+ ssize_t ret = read(fileno(stream), config, config_size);
+ if (ret != config_size) {
+ LOG_ERROR("IO error %s.", fapi_config_file);
+ return NULL;
+ }
+ config[config_size] = '\0';
+ if (strstr(config, "\"ek_cert_less\": \"yes\"") == NULL) {
+ SAFE_FREE(config);
+ return false;
+ } else {
+ SAFE_FREE(config);
+ return true;
+ }
+}
+
int
test_fapi_provision_template(FAPI_CONTEXT *context)
{
@@ -151,6 +186,9 @@ test_fapi_provision_template(FAPI_CONTEXT *context)
TPM2B_AUTH auth = { .size = 0, .buffer = {} };
TPM2B_MAX_NV_BUFFER nv_data;
+ if (fapi_ek_certless())
+ return EXIT_SKIP;
+
if (strcmp(FAPI_PROFILE, "P_ECC") == 0) {
nv_template_idx = ecc_nv_template_idx;
nv_nonce_idx = ecc_nv_nonce_idx;
@@ -169,7 +207,7 @@ test_fapi_provision_template(FAPI_CONTEXT *context)
r = Esys_Initialize(&esys_ctx, tcti, NULL);
goto_if_error(r, "Error Esys_Initialize", error);
- /*
+ /*
* Store template (marshaled TPMT_PUBLIC) in NV ram.
*/
r = Tss2_MU_TPMT_PUBLIC_Marshal(&in_public, &nv_data.buffer[0],

View File

@ -4,18 +4,13 @@
# Depends on: json-c cmocka libtpms
name=tpm2-tss
version=4.0.1
release=2
source=(https://github.com/tpm2-software/tpm2-tss/releases/download/$version/$name-$version.tar.gz
https://raw.githubusercontent.com/tpm2-software/tpm2-tss/e237e4d33cbf280292a480edd8ad061dcd3a37a2/lib/tss2-tcti-libtpms.map
218c0da8.patch)
version=4.1.0
release=1
source=(https://github.com/tpm2-software/tpm2-tss/releases/download/$version/$name-$version.tar.gz)
build() {
cd $name-$version
cp $SRC/tss2-tcti-libtpms.map lib
patch -Np1 -i $SRC/218c0da8.patch
./configure --prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \