Группа :: Система/Настройка/Оборудование
Пакет: tpm2-tss
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: tpm2-tss-4.0.1-alt1.patch
Скачать
Скачать
.gear/rules | 4 +
.../tags/70c615a04be80fd6955c8907de4c8c9257d4036e | 25 +++
.gear/tags/list | 1 +
.gear/tpm2-tss.spec | 167 +++++++++++++++++++++
.gear/tpm2-tss.watch | 3 +
.gear/upstream/remotes | 3 +
Makefile.am | 73 +--------
bootstrap | 2 +-
configure.ac | 17 ---
9 files changed, 205 insertions(+), 90 deletions(-)
diff --git a/.gear/rules b/.gear/rules
new file mode 100644
index 00000000..4c622e77
--- /dev/null
+++ b/.gear/rules
@@ -0,0 +1,4 @@
+tar: @version@:.
+diff: @version@:. .
+spec: .gear/tpm2-tss.spec
+copy: .gear/tpm2-tss.watch
diff --git a/.gear/tags/70c615a04be80fd6955c8907de4c8c9257d4036e b/.gear/tags/70c615a04be80fd6955c8907de4c8c9257d4036e
new file mode 100644
index 00000000..000966c5
--- /dev/null
+++ b/.gear/tags/70c615a04be80fd6955c8907de4c8c9257d4036e
@@ -0,0 +1,25 @@
+object 8b404ee7e5886c71aa53accb4ad38823724f7b13
+type commit
+tag 4.0.1
+tagger William Roberts <william.c.roberts@intel.com> 1674499137 -0600
+
+[4.0.1] - 2023-01-23
+
+Fixed:
+ - A buffer overflow in tss2-rc as CVE-2023-22745.
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEW0grjj4Z2nyXjh0BbeLpB44fUMEFAmPO1F8ACgkQbeLpB44f
+UMG0CxAAjkvLpRdCxYL1XR020GLC58biQMtViwJULUqVSOm1AVb8uLxNK1ArYKC3
+pqqyO4Z8G5yA7lVOkN57/b3k7nVDzHeg6XdM5Su5ozng7Lidpx1xf8tQ3lGz1Wq1
+TFemOXHzgGUk7GjohXRXuBIlc4nCw8P/ADEFYjvwfjyrd4Dh90jIKlFy9k+8KjnO
++cJ/Chzpgs6jnGawSSGZAQIikRUAoKIMcE7dGk1X+41JbLoD6S6Aemg9jgsJaPxv
+emwIcDfHHq3WzxvyPVyOsC4APuFInXne03kBpOtOT07fcnA81xi7wdw1YWu0Cd8M
+nt3Vkxbz/izYtSkRM7OVU44A0JlaBNt9TZy43pc6m70mKHoramhhUQ0VFHPSFKHE
+4QIdWGdxWS4ug8P5HBEyvMBtoOwuHS2X7jxgKQhfB34DkgL6LZqgQhq0JNe4ftDq
+sJsRDa1u6TFO+RCsVzL5843W9NyI7GG44SzOdeZ1mHboiFFhue1kzNwHJO7OJhJc
+Q4SwMBS0JIh1H5Xw5HO4B2TTlQG2bDGiU80OuWC0gb4U71awuYJwoBFjvDSyYWhv
+PGVcNY3RSK3ey8IZ5KJyhrfFPp9l1FZ/ubo8Ll3zK6Eg7ZmnDEOf6SKS7OSZluTE
+xmM0ZQF4TPZ1qiPFuJa3vM7brj7QvGd003Za0jTuHjGL4LAoGSw=
+=ZEnN
+-----END PGP SIGNATURE-----
diff --git a/.gear/tags/list b/.gear/tags/list
new file mode 100644
index 00000000..09bd0034
--- /dev/null
+++ b/.gear/tags/list
@@ -0,0 +1 @@
+70c615a04be80fd6955c8907de4c8c9257d4036e 4.0.1
diff --git a/.gear/tpm2-tss.spec b/.gear/tpm2-tss.spec
new file mode 100644
index 00000000..21735895
--- /dev/null
+++ b/.gear/tpm2-tss.spec
@@ -0,0 +1,167 @@
+%define udevrules_prefix 60-
+%define soname 0
+%define _localstatedir /var
+%def_disable check
+
+Name: tpm2-tss
+Version: 4.0.1
+Release: alt1
+Summary: TPM2.0 Software Stack
+# The entire source code is under BSD except implementation.h and tpmb.h which
+# is under TCGL(Trusted Computing Group License).
+License: BSD-2-Clause
+Url: https://github.com/tpm2-software/tpm2-tss
+Source0: %name-%version.tar
+Source1: %name.watch
+Patch: %name-%version-%release.patch
+Group: System/Configuration/Hardware
+BuildRequires: gcc-c++
+BuildRequires: doxygen
+BuildRequires: autoconf-archive
+BuildRequires: libtool
+BuildRequires: pkgconfig
+BuildRequires: libsystemd-devel
+BuildRequires: libgcrypt-devel
+BuildRequires: openssl-devel
+BuildRequires: libjson-c-devel
+BuildRequires: libcurl-devel
+BuildRequires: libuuid-devel
+%if_enabled check
+BuildRequires: libuthash-devel
+BuildRequires: procps
+BuildRequires: libcmocka-devel
+%endif
+
+%description
+tpm2-tss is a software stack supporting Trusted Platform Module(TPM) 2.0 system
+APIs. It sits between TPM driver and applications, providing TPM2.0 specified
+APIs for applications to access TPM module through kernel TPM drivers.
+
+%package -n lib%name%soname
+Summary: TPM2.0 Software Stack
+Group: System/Configuration/Hardware
+Requires: lib%name-common = %EVR
+
+%description -n lib%name%soname
+tpm2-tss is a software stack supporting Trusted Platform Module(TPM) 2.0 system
+APIs. It sits between TPM driver and applications, providing TPM2.0 specified
+APIs for applications to access TPM module through kernel TPM drivers.
+
+%package -n lib%name-common
+Summary: Common files for TPM2.0 Software Stack
+Group: System/Configuration/Hardware
+
+%description -n lib%name-common
+This package contains common files required to work witj libtpm2-tss.
+
+%package -n lib%name-devel
+Summary: Headers and libraries for building apps that use tpm2-tss
+Group: Development/C
+Requires: lib%name%soname = %EVR
+
+%description -n lib%name-devel
+This package contains headers and libraries required to build applications that
+use tpm2-tss.
+
+%prep
+%setup
+%patch -p1
+echo "%version" > VERSION
+
+%build
+./bootstrap
+%autoreconf
+# Use built-in tpm-udev.rules, with specified installation path and prefix.
+%configure \
+ --disable-static \
+ --disable-silent-rules \
+ --with-udevrulesdir=%_udevrulesdir \
+ --with-udevrulesprefix=%udevrules_prefix \
+ --with-runstatedir=/run \
+ --with-sysusersdir=/lib/sysusers.d \
+ --with-tmpfilesdir=%_tmpfilesdir \
+%if_enabled check
+ --enable-unit \
+%endif
+ %nil
+
+%make_build
+
+%check
+%make_build check
+
+%install
+%makeinstall_std
+mkdir -p %buildroot%_sharedstatedir/%name/system/keystore
+
+%pre -n lib%name-common
+groupadd -r -f tss >/dev/null 2>&1 ||:
+useradd -g tss -c 'TPM2 Software Stack User' \
+ -d /var/empty -s /dev/null -r -l -M tss >/dev/null 2>&1 ||:
+
+%files -n lib%name%soname
+%_libdir/*.so.*
+
+%files -n lib%name-common
+%doc README.md CHANGELOG.md LICENSE
+%dir %_sysconfdir/%name
+%config(noreplace) %_sysconfdir/%name/*
+%_udevrulesdir/%{udevrules_prefix}tpm-udev.rules+%_tmpfilesdir/*
+%_man5dir/*
+/lib/sysusers.d/*
+%dir %_sharedstatedir/%name
+%dir %_sharedstatedir/%name/system
+%attr(2775,tss,tss) %dir %_sharedstatedir/%name/system/keystore
+
+%files -n lib%name-devel
+%_includedir/tss2
+%_libdir/*.so
+%_pkgconfigdir/*
+%_man3dir/*
+%_man7dir/*
+
+%changelog
+* Sat Feb 18 2023 Alexey Shabalin <shaba@altlinux.org> 4.0.1-alt1
+- 4.0.1 (Fixes: CVE-2023-22745)
+
+* Thu Mar 24 2022 Alexey Shabalin <shaba@altlinux.org> 3.2.0-alt1
+- new version 3.2.0
+
+* Tue Jul 06 2021 Alexey Shabalin <shaba@altlinux.org> 3.1.0-alt1
+- new version 3.1.0 (Fixes: CVE-2020-24455)
+- Revert "Added dependency from systemd-stateless"
+- Drop execute adduser, groupadd and other root utils in Makefile
+- Disable check (fail 1 from 41)
+
+* Fri Jan 22 2021 Danil Shein <dshein@altlinux.org> 3.0.3-alt1
+- 3.0.3
+
+* Tue Dec 01 2020 Danil Shein <dshein@altlinux.org> 3.0.2-alt1
+- update version to 3.0.2
+- enable unit tests
+
+* Thu Oct 08 2020 Anton Farygin <rider@altlinux.ru> 2.4.3-alt1
+- 2.4.3 (fixes: CVE-2020-24455)
+
+* Thu Aug 20 2020 Anton Farygin <rider@altlinux.ru> 2.4.2-alt1
+- 2.4.2
+
+* Wed Jul 15 2020 Anton Farygin <rider@altlinux.ru> 2.4.1-alt1
+- 2.4.1
+
+* Wed Mar 25 2020 Alexey Shabalin <shaba@altlinux.org> 2.4.0-alt1
+- 2.4.0
+
+* Thu Mar 12 2020 Anton Farygin <rider@altlinux.ru> 2.3.3-alt1
+- 2.3.3
+
+* Fri Jan 10 2020 Anton Farygin <rider@altlinux.ru> 2.3.2-alt1
+- 2.3.2
+
+* Tue Nov 05 2019 Alexey Shabalin <shaba@altlinux.org> 2.3.1-alt2
+- add tss user and group (ALT #37279)
+
+* Mon Sep 16 2019 Anton Farygin <rider@altlinux.ru> 2.3.1-alt1
+- first build for ALT, based on specfile from Fedora
+
diff --git a/.gear/tpm2-tss.watch b/.gear/tpm2-tss.watch
new file mode 100644
index 00000000..304bb18a
--- /dev/null
+++ b/.gear/tpm2-tss.watch
@@ -0,0 +1,3 @@
+version=2
+opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/tpm2-tss-$1\.tar\.gz/ \
+ https://github.com/01org/TPM2.0-TSS/tags .*/v?(\d\S*)\.tar\.gz
diff --git a/.gear/upstream/remotes b/.gear/upstream/remotes
new file mode 100644
index 00000000..fcada94a
--- /dev/null
+++ b/.gear/upstream/remotes
@@ -0,0 +1,3 @@
+[remote "upstream"]
+ url = https://github.com/tpm2-software/tpm2-tss.git
+ fetch = +refs/heads/*:refs/remotes/upstream/*
diff --git a/Makefile.am b/Makefile.am
index 2c81cfa9..8c3ce860 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -736,59 +736,10 @@ define make_parent_dir
if [ ! -d $(dir $1) ]; then mkdir -p $(dir $1); fi
endef
-define make_tss_user_and_group
- if test -z "${DESTDIR}"; then \- if type -p groupadd > /dev/null; then \
- id -g tss 2>/dev/null || groupadd --system tss; \
- else \
- id -g tss 2>/dev/null || \
- addgroup --system tss; \
- fi && \
- if type -p useradd > /dev/null; then \
- id -u tss 2>/dev/null || \
- useradd --system --home-dir / --shell `type -p nologin` \
- --no-create-home -g tss tss; \
- else \
- id -u tss 2>/dev/null || \
- adduser --system --home / --shell `type -p nologin` \
- --no-create-home --ingroup tss tss; \
- fi; \
- fi
-endef
-
-define make_tss_dir
- ($(call make_parent_dir,$1))
-endef
-
-define set_tss_permissions
- (chown -R tss:tss "$1") && \
- (chmod -R 2775 "$1") && \
- (setfacl -m default:group:tss:rwx "$1")
-endef
-
-define make_fapi_dirs
- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \
- ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/))
-endef
-
-define set_fapi_permissions
- if test -z "${DESTDIR}"; then \ e- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \
- ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \
- fi
-endef
-
define check_dir
if [ ! -d "$1" ]; then echo "WARNING Directory $1 could not be created"; fi
endef
-define check_fapi_dirs
- if test -z "${DESTDIR}"; then \- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \
- ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \
- fi;
-endef
-
### Man Pages
man3_MANS = \
man/man3/Tss2_Tcti_Cmd_Init.3 \
@@ -831,29 +782,7 @@ endif #FAPI
EXTRA_DIST += dist/tpm-udev.rules
-install-dirs:
-if HOSTOS_LINUX
-if SYSD_SYSUSERS
- @test -n "$(DESTDIR)" || echo "systemd-sysusers $(sysusersdir)/tpm2-tss.conf"
- @test -n "$(DESTDIR)" || ( systemd-sysusers $(sysusersdir)/tpm2-tss.conf || echo "WARNING Failed to create the tss user and group" )
-else
- @echo "call make_tss_user_and_group"
- @$(call make_tss_user_and_group) || echo "WARNING Failed to create the tss user and group"
-endif
-if SYSD_TMPFILES
- @test -n "$(DESTDIR)" || echo "systemd-tmpfiles --create $(tmpfilesdir)/tpm2-tss-fapi.conf"
- @test -n "$(DESTDIR)" || ( systemd-tmpfiles --create $(tmpfilesdir)/tpm2-tss-fapi.conf|| echo "WARNING Failed to create the FAPI directories with the correct permissions" )
- @test -z "$(DESTDIR)" || echo "(call make_fapi_dirs)"
- @test -z "$(DESTDIR)" || $(call make_fapi_dirs)
-else
- @echo "(call make_fapi_dirs) && (call set_fapi_permissions)"
- @-$(call make_fapi_dirs) && $(call set_fapi_permissions) || echo "WARNING Failed to create the FAPI directories with the correct permissions"
-endif
- @test -n "$(DESTDIR)" || echo "call check_fapi_dirs"
- @test -n "$(DESTDIR)" || $(call check_fapi_dirs)
-endif
-
-install-data-hook: install-dirs
+install-data-hook:
-if [ ! -z "$(udevrulesprefix)" ]; then \
mv $(DESTDIR)$(udevrulesdir)/tpm-udev.rules $(DESTDIR)$(udevrulesdir)/$(udevrulesprefix)tpm-udev.rules; \
fi
diff --git a/bootstrap b/bootstrap
index c25c9a37..bca01b96 100755
--- a/bootstrap
+++ b/bootstrap
@@ -1,7 +1,7 @@
#!/bin/sh
set -e
-git describe --tags --always --dirty > VERSION
+#git describe --tags --always --dirty > VERSION
# generate list of source files for use in Makefile.am
# if you add new source files, you must run ./bootstrap again
diff --git a/configure.ac b/configure.ac
index b6550278..01a0f648 100644
--- a/configure.ac
+++ b/configure.ac
@@ -548,23 +548,6 @@ AS_IF([test "x$enable_self_generated_certificate" = xyes],
AS_IF([test "x$enable_integration" = "xyes" && test "x$enable_self_generated_certificate" != "xyes" && test "x$integration_tcti" != "xdevice"],
[AC_MSG_WARN([Running integration tests without EK certificate verification, use --enable-self-generated-certificate for full test coverage])])
-# Check for systemd helper tools used by make install
-AC_CHECK_PROG(systemd_sysusers, systemd-sysusers, yes)
-AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes")
-AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes)
-AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes")
-
-# Check all tools used by make install
-AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"],
- [ AC_CHECK_PROG(useradd, useradd, yes)
- AC_CHECK_PROG(groupadd, groupadd, yes)
- AC_CHECK_PROG(adduser, adduser, yes)
- AC_CHECK_PROG(addgroup, addgroup, yes)
- AS_IF([test "x$addgroup" != "xyes" && test "x$groupadd" != "xyes" ],
- [AC_MSG_ERROR([addgroup or groupadd are needed.])])
- AS_IF([test "x$adduser" != "xyes" && test "x$useradd" != "xyes" ],
- [AC_MSG_ERROR([adduser or useradd are needed.])])])
-
AC_SUBST([PATH])
dnl --------- Doxy Gen -----------------------