diff options
author | Patrick Ohly <patrick.ohly@intel.com> | 2017-12-06 09:34:51 +0100 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2017-12-10 15:03:55 -0800 |
commit | 16812dac9647721aeee0bf0ef815dbc0a7151c38 (patch) | |
tree | 63a85d43ff44b6de1a3a0f5b6670fbdc845fcecb | |
parent | d95d99386c211e86ec3aa67cec98f86d5b45091c (diff) | |
download | meta-security-16812dac9647721aeee0bf0ef815dbc0a7151c38.tar.gz |
swtpm/libtpm: update to latest master
This allows dropping some patches for issues that were addressed
upstream. It also brings in support for connecting swtpm to qemu
without relying on CUSE.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb | 4 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch | 24 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch | 20 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch | 48 | ||||
-rw-r--r-- | meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | 14 |
5 files changed, 35 insertions, 75 deletions
diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb index f9624f6..b29ec6b 100644 --- a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb +++ b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb | |||
@@ -2,11 +2,9 @@ SUMMARY = "LIBPM - Software TPM Library" | |||
2 | LICENSE = "BSD-3-Clause" | 2 | LICENSE = "BSD-3-Clause" |
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=97e5eea8d700d76b3ddfd35c4c96485f" | 3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=97e5eea8d700d76b3ddfd35c4c96485f" |
4 | 4 | ||
5 | SRCREV = "ad44846dda5a96e269ad2f78a532e01e9a2f02a1" | 5 | SRCREV = "3388d45082bdc588c6fc0672f44d6d7d0aaa86ff" |
6 | SRC_URI = " \ | 6 | SRC_URI = " \ |
7 | git://github.com/stefanberger/libtpms.git \ | 7 | git://github.com/stefanberger/libtpms.git \ |
8 | file://Convert-another-vdprintf-to-dprintf.patch \ | ||
9 | file://Use-format-s-for-call-to-dprintf.patch \ | ||
10 | " | 8 | " |
11 | 9 | ||
12 | S = "${WORKDIR}/git" | 10 | S = "${WORKDIR}/git" |
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch index e844045..3d16431 100644 --- a/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch | |||
@@ -1,4 +1,7 @@ | |||
1 | logging: Fix musl build issue with fcntl | 1 | From 8750a6c3f0b4d9e7e45b4079150d29eb44774e9c Mon Sep 17 00:00:00 2001 |
2 | From: Armin Kuster <akuster@mvista.com> | ||
3 | Date: Tue, 14 Mar 2017 22:59:36 -0700 | ||
4 | Subject: [PATCH 2/4] logging: Fix musl build issue with fcntl | ||
2 | 5 | ||
3 | error: #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl.h> [-Werror=cpp] | 6 | error: #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl.h> [-Werror=cpp] |
4 | #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl. | 7 | #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl. |
@@ -6,16 +9,23 @@ logging: Fix musl build issue with fcntl | |||
6 | Upstream-Status: Pending | 9 | Upstream-Status: Pending |
7 | Signed-off-by: Armin Kuster <akuster@mvista.com> | 10 | Signed-off-by: Armin Kuster <akuster@mvista.com> |
8 | 11 | ||
9 | Index: git/src/swtpm/logging.c | 12 | --- |
10 | =================================================================== | 13 | src/swtpm/logging.c | 2 +- |
11 | --- git.orig/src/swtpm/logging.c | 14 | 1 file changed, 1 insertion(+), 1 deletion(-) |
12 | +++ git/src/swtpm/logging.c | 15 | |
13 | @@ -43,7 +43,7 @@ | 16 | diff --git a/src/swtpm/logging.c b/src/swtpm/logging.c |
17 | index f16cab6..7da8606 100644 | ||
18 | --- a/src/swtpm/logging.c | ||
19 | +++ b/src/swtpm/logging.c | ||
20 | @@ -45,7 +45,7 @@ | ||
14 | #include <errno.h> | 21 | #include <errno.h> |
15 | #include <string.h> | 22 | #include <string.h> |
16 | #include <sys/types.h> | 23 | #include <sys/types.h> |
17 | -#include <sys/fcntl.h> | 24 | -#include <sys/fcntl.h> |
18 | +#include <fcntl.h> | 25 | +#include <fcntl.h> |
26 | #include <sys/stat.h> | ||
19 | #include <stdio.h> | 27 | #include <stdio.h> |
20 | #include <stdlib.h> | 28 | #include <stdlib.h> |
21 | #include <stdarg.h> | 29 | -- |
30 | 2.11.0 | ||
31 | |||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch index 28aca4a..60958f7 100644 --- a/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch | |||
@@ -1,7 +1,7 @@ | |||
1 | From 85706ceb6877ade3b589d3c390abf5b3492bb718 Mon Sep 17 00:00:00 2001 | 1 | From 672bb4ee625da3141ba6cecb0601c7563de4c483 Mon Sep 17 00:00:00 2001 |
2 | From: Armin Kuster <akuster808@gmail.com> | 2 | From: Armin Kuster <akuster808@gmail.com> |
3 | Date: Thu, 13 Oct 2016 02:03:56 -0700 | 3 | Date: Thu, 13 Oct 2016 02:03:56 -0700 |
4 | Subject: [PATCH] swtpm: add new package | 4 | Subject: [PATCH 1/4] swtpm: add new package |
5 | 5 | ||
6 | Upstream-Status: Inappropriate [OE config] | 6 | Upstream-Status: Inappropriate [OE config] |
7 | 7 | ||
@@ -12,20 +12,21 @@ Rebased to current tip. | |||
12 | Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> | 12 | Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> |
13 | 13 | ||
14 | --- | 14 | --- |
15 | configure.ac | 32 ++++++++++---------------------- | 15 | configure.ac | 34 ++++++++++------------------------ |
16 | 1 file changed, 10 insertions(+), 22 deletions(-) | 16 | 1 file changed, 10 insertions(+), 24 deletions(-) |
17 | 17 | ||
18 | diff --git a/configure.ac b/configure.ac | 18 | diff --git a/configure.ac b/configure.ac |
19 | index c4a9c6d..6267f64 100644 | 19 | index abf5be1..85ed6ac 100644 |
20 | --- a/configure.ac | 20 | --- a/configure.ac |
21 | +++ b/configure.ac | 21 | +++ b/configure.ac |
22 | @@ -395,29 +395,17 @@ CFLAGS="$CFLAGS -Wformat -Wformat-security" | 22 | @@ -395,31 +395,17 @@ CFLAGS="$CFLAGS -Wformat -Wformat-security" |
23 | dnl We have to make sure libtpms is using the same crypto library | 23 | dnl We have to make sure libtpms is using the same crypto library |
24 | dnl to avoid problems | 24 | dnl to avoid problems |
25 | AC_MSG_CHECKING([the crypto library libtpms is using]) | 25 | AC_MSG_CHECKING([the crypto library libtpms is using]) |
26 | -dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ | 26 | -dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ |
27 | - sed -n '/SEARCH_DIR/p' | \ | 27 | - sed -n '/SEARCH_DIR/p' | \ |
28 | - sed 's/SEARCH_DIR("=\?\(@<:@^"@:>@\+\)"); */\1\n/g') | 28 | - sed 's/SEARCH_DIR("\(@<:@^"@:>@*\)"); */\1 /g' | \ |
29 | - sed 's|=/|/|g') | ||
29 | -for dir in $dirs $LIBRARY_PATH; do | 30 | -for dir in $dirs $LIBRARY_PATH; do |
30 | - if test -r $dir/libtpms.so; then | 31 | - if test -r $dir/libtpms.so; then |
31 | - if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then | 32 | - if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then |
@@ -43,12 +44,13 @@ index c4a9c6d..6267f64 100644 | |||
43 | + break | 44 | + break |
44 | fi | 45 | fi |
45 | - case $host_os in | 46 | - case $host_os in |
46 | - cygwin) | 47 | - cygwin|openbsd*) |
47 | - if test -r $dir/libtpms.a; then | 48 | - if test -r $dir/libtpms.a; then |
48 | - if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then | 49 | - if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then |
49 | - libtpms_cryptolib="openssl" | 50 | - libtpms_cryptolib="openssl" |
50 | - fi | 51 | - fi |
51 | - fi | 52 | - fi |
53 | - ;; | ||
52 | - esac | 54 | - esac |
53 | -done | 55 | -done |
54 | + if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then | 56 | + if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then |
@@ -60,5 +62,5 @@ index c4a9c6d..6267f64 100644 | |||
60 | if test -z "$libtpms_cryptolib"; then | 62 | if test -z "$libtpms_cryptolib"; then |
61 | AC_MSG_ERROR([Could not determine libtpms crypto library.]) | 63 | AC_MSG_ERROR([Could not determine libtpms crypto library.]) |
62 | -- | 64 | -- |
63 | 2.1.4 | 65 | 2.11.0 |
64 | 66 | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch deleted file mode 100644 index 140585b..0000000 --- a/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch +++ /dev/null | |||
@@ -1,48 +0,0 @@ | |||
1 | Upstream-Status: Pending | ||
2 | Signed-off-by Armin Kuster <akuster808@gmail> | ||
3 | |||
4 | Index: git/src/swtpm/ctrlchannel.c | ||
5 | =================================================================== | ||
6 | --- git.orig/src/swtpm/ctrlchannel.c | ||
7 | +++ git/src/swtpm/ctrlchannel.c | ||
8 | @@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm | ||
9 | uint32_t tpm_number = 0; | ||
10 | unsigned char *blob = NULL; | ||
11 | uint32_t blob_length = be32toh(pss->u.req.length); | ||
12 | - uint32_t remain = blob_length, offset = 0; | ||
13 | + ssize_t remain = (ssize_t) blob_length; | ||
14 | + uint32_t offset = 0; | ||
15 | TPM_RESULT res; | ||
16 | uint32_t flags = be32toh(pss->u.req.state_flags); | ||
17 | TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; | ||
18 | Index: git/src/swtpm_ioctl/tpm_ioctl.c | ||
19 | =================================================================== | ||
20 | --- git.orig/src/swtpm_ioctl/tpm_ioctl.c | ||
21 | +++ git/src/swtpm_ioctl/tpm_ioctl.c | ||
22 | @@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo | ||
23 | numbytes = write(file_fd, pgs.u.resp.data, | ||
24 | devtoh32(is_chardev, pgs.u.resp.length)); | ||
25 | |||
26 | - if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { | ||
27 | + if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { | ||
28 | fprintf(stderr, | ||
29 | "Could not write to file '%s': %s\n", | ||
30 | filename, strerror(errno)); | ||
31 | @@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo | ||
32 | had_error = true; | ||
33 | break; | ||
34 | } | ||
35 | - pss.u.req.length = htodev32(is_chardev, numbytes); | ||
36 | + pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); | ||
37 | |||
38 | /* the returnsize is zero on all intermediate packets */ | ||
39 | returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) | ||
40 | @@ -863,7 +863,7 @@ int main(int argc, char *argv[]) | ||
41 | return EXIT_FAILURE; | ||
42 | } | ||
43 | /* no tpm_result here */ | ||
44 | - printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); | ||
45 | + printf("ptm capability is 0x%llx\n", (long long unsigned)devtoh64(is_chardev, cap)); | ||
46 | |||
47 | } else if (!strcmp(command, "-i")) { | ||
48 | init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb index 952de1a..7476020 100644 --- a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | |||
@@ -10,14 +10,12 @@ DEPENDS = "libtasn1 expect socat glib-2.0 libtpm libtpm-native" | |||
10 | DEPENDS += "tpm-tools-native expect-native socat-native" | 10 | DEPENDS += "tpm-tools-native expect-native socat-native" |
11 | RDEPENDS_${PN} += "tpm-tools" | 11 | RDEPENDS_${PN} += "tpm-tools" |
12 | 12 | ||
13 | SRCREV = "073e71f99eaa7a0ff9499339176af1af62c090b2" | 13 | SRCREV = "4f4f2f0a7e3195f6df8d235d58630a08e69403d8" |
14 | SRC_URI = " \ | 14 | SRC_URI = "git://github.com/stefanberger/swtpm.git \ |
15 | git://github.com/stefanberger/swtpm.git \ | 15 | file://fix_lib_search_path.patch \ |
16 | file://fix_signed_issue.patch \ | 16 | file://fix_fcntl_h.patch \ |
17 | file://fix_lib_search_path.patch \ | 17 | file://ioctl_h.patch \ |
18 | file://fix_fcntl_h.patch \ | 18 | " |
19 | file://ioctl_h.patch \ | ||
20 | " | ||
21 | 19 | ||
22 | S = "${WORKDIR}/git" | 20 | S = "${WORKDIR}/git" |
23 | 21 | ||