diff options
author | Armin Kuster <akuster808@gmail.com> | 2017-05-07 22:39:03 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2017-05-14 07:56:43 -0700 |
commit | 4585f1e8c95435d60dd3a5287b25c7076347a3c9 (patch) | |
tree | 9be1977ee4fb8e0aff3f901db7da0e95cce3ac63 /meta-tpm | |
parent | 6eac21cf4a7653753d87772c497ac14b8b6e3e67 (diff) | |
download | meta-security-4585f1e8c95435d60dd3a5287b25c7076347a3c9.tar.gz |
tpm: move to a sub layer
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-tpm')
25 files changed, 1435 insertions, 0 deletions
diff --git a/meta-tpm/README b/meta-tpm/README new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/meta-tpm/README | |||
diff --git a/meta-tpm/conf/layer.conf b/meta-tpm/conf/layer.conf new file mode 100644 index 0000000..5085db5 --- /dev/null +++ b/meta-tpm/conf/layer.conf | |||
@@ -0,0 +1,13 @@ | |||
1 | # We have a conf and classes directory, add to BBPATH | ||
2 | BBPATH .= ":${LAYERDIR}" | ||
3 | |||
4 | # We have a recipes directory, add to BBFILES | ||
5 | BBFILES += "${LAYERDIR}/recipes*/*/*.bb ${LAYERDIR}/recipes*/*/*.bbappend ${LAYERDIR}/classes/*.bbclass" | ||
6 | |||
7 | BBFILE_COLLECTIONS += "tpm-layer" | ||
8 | BBFILE_PATTERN_tpm-layer = "^${LAYERDIR}/" | ||
9 | BBFILE_PRIORITY_tpm-layer = "6" | ||
10 | |||
11 | LAYERDEPENDS_tpm-layer = " \ | ||
12 | core \ | ||
13 | " | ||
diff --git a/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend b/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend new file mode 100644 index 0000000..e6b3c65 --- /dev/null +++ b/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend | |||
@@ -0,0 +1,5 @@ | |||
1 | # | ||
2 | # TPM kernel support | ||
3 | |||
4 | KERNEL_FEATURES_append += "${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' features/tpm/tpm.scc', '', d)}" | ||
5 | |||
diff --git a/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch b/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch new file mode 100644 index 0000000..9e1021a --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 09e7dd42e5201d079bad70e9f7cc6033ce1c7cad Mon Sep 17 00:00:00 2001 | ||
2 | From: Stefan Berger <stefanb@linux.vnet.ibm.com> | ||
3 | Date: Fri, 3 Feb 2017 10:58:22 -0500 | ||
4 | Subject: [PATCH] Convert another vdprintf to dprintf | ||
5 | |||
6 | Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> | ||
7 | Upstream-Status: Backport | ||
8 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
9 | |||
10 | --- | ||
11 | src/tpm_library.c | 2 +- | ||
12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
13 | |||
14 | Index: git/src/tpm_library.c | ||
15 | =================================================================== | ||
16 | --- git.orig/src/tpm_library.c | ||
17 | +++ git/src/tpm_library.c | ||
18 | @@ -427,7 +427,7 @@ void TPMLIB_LogPrintfA(unsigned int inde | ||
19 | indent = sizeof(spaces) - 1; | ||
20 | memset(spaces, ' ', indent); | ||
21 | spaces[indent] = 0; | ||
22 | - vdprintf(debug_fd, spaces, NULL); | ||
23 | + dprintf(debug_fd, "%s", spaces); | ||
24 | } | ||
25 | |||
26 | va_start(args, format); | ||
diff --git a/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch b/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch new file mode 100644 index 0000000..a71b5c1 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | From 6a9b4e5d70f770aa9ca31e3e6d3b1ae72c192070 Mon Sep 17 00:00:00 2001 | ||
2 | From: Stefan Berger <stefanb@linux.vnet.ibm.com> | ||
3 | Date: Tue, 31 Jan 2017 20:10:51 -0500 | ||
4 | Subject: [PATCH] Use format '%s' for call to dprintf | ||
5 | |||
6 | Fix the dprintf call to use a format parameter that otherwise causes | ||
7 | errors with gcc on certain platforms. | ||
8 | |||
9 | Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | replaces local patch | ||
13 | Signed-off-by: Armin Kuster <akuster@mvsita.com> | ||
14 | |||
15 | --- | ||
16 | src/tpm_library.c | 4 ++-- | ||
17 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
18 | |||
19 | Index: git/src/tpm_library.c | ||
20 | =================================================================== | ||
21 | --- git.orig/src/tpm_library.c | ||
22 | +++ git/src/tpm_library.c | ||
23 | @@ -405,8 +405,8 @@ int TPMLIB_LogPrintf(const char *format, | ||
24 | } | ||
25 | |||
26 | if (debug_prefix) | ||
27 | - dprintf(debug_fd, debug_prefix); | ||
28 | - dprintf(debug_fd, buffer); | ||
29 | + dprintf(debug_fd, "%s", debug_prefix); | ||
30 | + dprintf(debug_fd, "%s", buffer); | ||
31 | |||
32 | return i; | ||
33 | } | ||
diff --git a/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch b/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch new file mode 100644 index 0000000..fc13aa5 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | Upstream-Status: Pending | ||
2 | Signed-off-by: Armin kuster <akuster808@gmail.com> | ||
3 | |||
4 | Index: git/src/swtpm/ctrlchannel.c | ||
5 | =================================================================== | ||
6 | --- git.orig/src/swtpm/ctrlchannel.c | ||
7 | +++ git/src/swtpm/ctrlchannel.c | ||
8 | @@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm | ||
9 | uint32_t tpm_number = 0; | ||
10 | unsigned char *blob = NULL; | ||
11 | uint32_t blob_length = be32toh(pss->u.req.length); | ||
12 | - uint32_t remain = blob_length, offset = 0; | ||
13 | + ssize_t remain = (ssize_t) blob_length; | ||
14 | + uint32_t offset = 0; | ||
15 | TPM_RESULT res; | ||
16 | uint32_t flags = be32toh(pss->u.req.state_flags); | ||
17 | TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; | ||
18 | Index: git/src/swtpm_ioctl/tpm_ioctl.c | ||
19 | =================================================================== | ||
20 | --- git.orig/src/swtpm_ioctl/tpm_ioctl.c | ||
21 | +++ git/src/swtpm_ioctl/tpm_ioctl.c | ||
22 | @@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo | ||
23 | numbytes = write(file_fd, pgs.u.resp.data, | ||
24 | devtoh32(is_chardev, pgs.u.resp.length)); | ||
25 | |||
26 | - if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { | ||
27 | + if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { | ||
28 | fprintf(stderr, | ||
29 | "Could not write to file '%s': %s\n", | ||
30 | filename, strerror(errno)); | ||
31 | @@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo | ||
32 | had_error = true; | ||
33 | break; | ||
34 | } | ||
35 | - pss.u.req.length = htodev32(is_chardev, numbytes); | ||
36 | + pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); | ||
37 | |||
38 | /* the returnsize is zero on all intermediate packets */ | ||
39 | returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) | ||
40 | @@ -863,7 +863,7 @@ int main(int argc, char *argv[]) | ||
41 | return EXIT_FAILURE; | ||
42 | } | ||
43 | /* no tpm_result here */ | ||
44 | - printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); | ||
45 | + printf("ptm capability is 0x%llx\n", (uint64_t)devtoh64(is_chardev, cap)); | ||
46 | |||
47 | } else if (!strcmp(command, "-i")) { | ||
48 | init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); | ||
diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb new file mode 100644 index 0000000..f9624f6 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb | |||
@@ -0,0 +1,20 @@ | |||
1 | SUMMARY = "LIBPM - Software TPM Library" | ||
2 | LICENSE = "BSD-3-Clause" | ||
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=97e5eea8d700d76b3ddfd35c4c96485f" | ||
4 | |||
5 | SRCREV = "ad44846dda5a96e269ad2f78a532e01e9a2f02a1" | ||
6 | SRC_URI = " \ | ||
7 | git://github.com/stefanberger/libtpms.git \ | ||
8 | file://Convert-another-vdprintf-to-dprintf.patch \ | ||
9 | file://Use-format-s-for-call-to-dprintf.patch \ | ||
10 | " | ||
11 | |||
12 | S = "${WORKDIR}/git" | ||
13 | inherit autotools-brokensep pkgconfig | ||
14 | |||
15 | PACKAGECONFIG ?= "openssl" | ||
16 | PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" | ||
17 | |||
18 | PV = "1.0+git${SRCPV}" | ||
19 | |||
20 | BBCLASSEXTEND = "native" | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch new file mode 100644 index 0000000..e844045 --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | logging: Fix musl build issue with fcntl | ||
2 | |||
3 | error: #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl.h> [-Werror=cpp] | ||
4 | #warning redirecting incorrect #include <sys/fcntl.h> to <fcntl. | ||
5 | |||
6 | Upstream-Status: Pending | ||
7 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
8 | |||
9 | Index: git/src/swtpm/logging.c | ||
10 | =================================================================== | ||
11 | --- git.orig/src/swtpm/logging.c | ||
12 | +++ git/src/swtpm/logging.c | ||
13 | @@ -43,7 +43,7 @@ | ||
14 | #include <errno.h> | ||
15 | #include <string.h> | ||
16 | #include <sys/types.h> | ||
17 | -#include <sys/fcntl.h> | ||
18 | +#include <fcntl.h> | ||
19 | #include <stdio.h> | ||
20 | #include <stdlib.h> | ||
21 | #include <stdarg.h> | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch new file mode 100644 index 0000000..28aca4a --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From 85706ceb6877ade3b589d3c390abf5b3492bb718 Mon Sep 17 00:00:00 2001 | ||
2 | From: Armin Kuster <akuster808@gmail.com> | ||
3 | Date: Thu, 13 Oct 2016 02:03:56 -0700 | ||
4 | Subject: [PATCH] swtpm: add new package | ||
5 | |||
6 | Upstream-Status: Inappropriate [OE config] | ||
7 | |||
8 | Signed-off-by: Armin Kuster <akuster808@gmail.com> | ||
9 | |||
10 | Rebased to current tip. | ||
11 | |||
12 | Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> | ||
13 | |||
14 | --- | ||
15 | configure.ac | 32 ++++++++++---------------------- | ||
16 | 1 file changed, 10 insertions(+), 22 deletions(-) | ||
17 | |||
18 | diff --git a/configure.ac b/configure.ac | ||
19 | index c4a9c6d..6267f64 100644 | ||
20 | --- a/configure.ac | ||
21 | +++ b/configure.ac | ||
22 | @@ -395,29 +395,17 @@ CFLAGS="$CFLAGS -Wformat -Wformat-security" | ||
23 | dnl We have to make sure libtpms is using the same crypto library | ||
24 | dnl to avoid problems | ||
25 | AC_MSG_CHECKING([the crypto library libtpms is using]) | ||
26 | -dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ | ||
27 | - sed -n '/SEARCH_DIR/p' | \ | ||
28 | - sed 's/SEARCH_DIR("=\?\(@<:@^"@:>@\+\)"); */\1\n/g') | ||
29 | -for dir in $dirs $LIBRARY_PATH; do | ||
30 | - if test -r $dir/libtpms.so; then | ||
31 | - if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then | ||
32 | - libtpms_cryptolib="openssl" | ||
33 | - break | ||
34 | - fi | ||
35 | - if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then | ||
36 | - libtpms_cryptolib="freebl" | ||
37 | - break | ||
38 | - fi | ||
39 | +dir="$SEARCH_DIR" | ||
40 | +if test -r $dir/libtpms.so; then | ||
41 | + if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then | ||
42 | + libtpms_cryptolib="openssl" | ||
43 | + break | ||
44 | fi | ||
45 | - case $host_os in | ||
46 | - cygwin) | ||
47 | - if test -r $dir/libtpms.a; then | ||
48 | - if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then | ||
49 | - libtpms_cryptolib="openssl" | ||
50 | - fi | ||
51 | - fi | ||
52 | - esac | ||
53 | -done | ||
54 | + if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then | ||
55 | + libtpms_cryptolib="freebl" | ||
56 | + break | ||
57 | + fi | ||
58 | +fi | ||
59 | |||
60 | if test -z "$libtpms_cryptolib"; then | ||
61 | AC_MSG_ERROR([Could not determine libtpms crypto library.]) | ||
62 | -- | ||
63 | 2.1.4 | ||
64 | |||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch new file mode 100644 index 0000000..140585b --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | Upstream-Status: Pending | ||
2 | Signed-off-by Armin Kuster <akuster808@gmail> | ||
3 | |||
4 | Index: git/src/swtpm/ctrlchannel.c | ||
5 | =================================================================== | ||
6 | --- git.orig/src/swtpm/ctrlchannel.c | ||
7 | +++ git/src/swtpm/ctrlchannel.c | ||
8 | @@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm | ||
9 | uint32_t tpm_number = 0; | ||
10 | unsigned char *blob = NULL; | ||
11 | uint32_t blob_length = be32toh(pss->u.req.length); | ||
12 | - uint32_t remain = blob_length, offset = 0; | ||
13 | + ssize_t remain = (ssize_t) blob_length; | ||
14 | + uint32_t offset = 0; | ||
15 | TPM_RESULT res; | ||
16 | uint32_t flags = be32toh(pss->u.req.state_flags); | ||
17 | TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; | ||
18 | Index: git/src/swtpm_ioctl/tpm_ioctl.c | ||
19 | =================================================================== | ||
20 | --- git.orig/src/swtpm_ioctl/tpm_ioctl.c | ||
21 | +++ git/src/swtpm_ioctl/tpm_ioctl.c | ||
22 | @@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo | ||
23 | numbytes = write(file_fd, pgs.u.resp.data, | ||
24 | devtoh32(is_chardev, pgs.u.resp.length)); | ||
25 | |||
26 | - if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { | ||
27 | + if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { | ||
28 | fprintf(stderr, | ||
29 | "Could not write to file '%s': %s\n", | ||
30 | filename, strerror(errno)); | ||
31 | @@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo | ||
32 | had_error = true; | ||
33 | break; | ||
34 | } | ||
35 | - pss.u.req.length = htodev32(is_chardev, numbytes); | ||
36 | + pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); | ||
37 | |||
38 | /* the returnsize is zero on all intermediate packets */ | ||
39 | returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) | ||
40 | @@ -863,7 +863,7 @@ int main(int argc, char *argv[]) | ||
41 | return EXIT_FAILURE; | ||
42 | } | ||
43 | /* no tpm_result here */ | ||
44 | - printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); | ||
45 | + printf("ptm capability is 0x%llx\n", (long long unsigned)devtoh64(is_chardev, cap)); | ||
46 | |||
47 | } else if (!strcmp(command, "-i")) { | ||
48 | init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch b/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch new file mode 100644 index 0000000..d736bc6 --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | tpm_ioctl: fix musl for missing ioctl | ||
2 | |||
3 | tpm_ioctl.c: In function 'ioctl_to_cmd': | ||
4 | tpm_ioctl.c:86:26: error: '_IOC_NRSHIFT' undeclared (first use in this function) | ||
5 | return ((ioctlnum >> _IOC_NRSHIFT) & _IOC_NRMASK) + 1; | ||
6 | |||
7 | |||
8 | Upstream-status: | ||
9 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
10 | |||
11 | Index: git/src/swtpm_ioctl/tpm_ioctl.c | ||
12 | =================================================================== | ||
13 | --- git.orig/src/swtpm_ioctl/tpm_ioctl.c | ||
14 | +++ git/src/swtpm_ioctl/tpm_ioctl.c | ||
15 | @@ -58,6 +58,7 @@ | ||
16 | #include <fcntl.h> | ||
17 | #include <unistd.h> | ||
18 | #include <sys/ioctl.h> | ||
19 | +#include <asm/ioctl.h> | ||
20 | #include <getopt.h> | ||
21 | #include <sys/un.h> | ||
22 | #include <sys/types.h> | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb new file mode 100644 index 0000000..644f3ac --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb | |||
@@ -0,0 +1,53 @@ | |||
1 | SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools" | ||
2 | LICENSE = "MIT" | ||
3 | DEPENDS = "swtpm-native tpm-tools-native net-tools-native" | ||
4 | |||
5 | inherit native | ||
6 | |||
7 | # The whole point of the recipe is to make files available | ||
8 | # for use after the build is done, so don't clean up... | ||
9 | RM_WORK_EXCLUDE += "${PN}" | ||
10 | |||
11 | do_create_wrapper () { | ||
12 | # Wrap (almost) all swtpm binaries. Some get special wrappers and some | ||
13 | # are not needed. | ||
14 | for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name 'swtpm*' -perm /+x -type f`; do | ||
15 | exe=`basename $i` | ||
16 | case $exe in | ||
17 | swtpm_setup.sh) | ||
18 | cat >${WORKDIR}/swtpm_setup_oe.sh <<EOF | ||
19 | #! /bin/sh | ||
20 | # | ||
21 | # Wrapper around swtpm_setup.sh which adds parameters required to | ||
22 | # run the setup as non-root directly from the native sysroot. | ||
23 | |||
24 | PATH="${bindir}:${base_bindir}:${sbindir}:${base_sbindir}:\$PATH" | ||
25 | export PATH | ||
26 | |||
27 | # tcsd only allows to be run as root or tss. Pretend to be root... | ||
28 | exec env ${FAKEROOTENV} ${FAKEROOTCMD} swtpm_setup.sh --config ${STAGING_DIR_NATIVE}/etc/swtpm_setup.conf "\$@" | ||
29 | EOF | ||
30 | ;; | ||
31 | swtpm_setup) | ||
32 | true | ||
33 | ;; | ||
34 | *) | ||
35 | cat >${WORKDIR}/${exe}_oe.sh <<EOF | ||
36 | #! /bin/sh | ||
37 | # | ||
38 | # Wrapper around $exe which makes it easier to invoke | ||
39 | # the right binary. | ||
40 | |||
41 | PATH="${bindir}:${base_bindir}:${sbindir}:${base_sbindir}:\$PATH" | ||
42 | export PATH | ||
43 | |||
44 | exec ${exe} "\$@" | ||
45 | EOF | ||
46 | ;; | ||
47 | esac | ||
48 | done | ||
49 | |||
50 | chmod a+rx ${WORKDIR}/*.sh | ||
51 | } | ||
52 | |||
53 | addtask do_create_wrapper before do_build after do_prepare_recipe_sysroot | ||
diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb new file mode 100644 index 0000000..14f668b --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | |||
@@ -0,0 +1,57 @@ | |||
1 | SUMMARY = "SWTPM - Software TPM Emulator" | ||
2 | LICENSE = "BSD-3-Clause" | ||
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" | ||
4 | SECTION = "apps" | ||
5 | |||
6 | DEPENDS = "libtasn1 fuse expect socat glib-2.0 libtpm libtpm-native" | ||
7 | |||
8 | # configure checks for the tools already during compilation and | ||
9 | # then swtpm_setup needs them at runtime | ||
10 | DEPENDS += "tpm-tools-native expect-native socat-native" | ||
11 | RDEPENDS_${PN} += "tpm-tools" | ||
12 | |||
13 | SRCREV = "073e71f99eaa7a0ff9499339176af1af62c090b2" | ||
14 | SRC_URI = " \ | ||
15 | git://github.com/stefanberger/swtpm.git \ | ||
16 | file://fix_signed_issue.patch \ | ||
17 | file://fix_lib_search_path.patch \ | ||
18 | file://fix_fcntl_h.patch \ | ||
19 | file://ioctl_h.patch \ | ||
20 | " | ||
21 | |||
22 | S = "${WORKDIR}/git" | ||
23 | |||
24 | inherit autotools-brokensep pkgconfig | ||
25 | PARALLEL_MAKE = "" | ||
26 | |||
27 | TSS_USER="tss" | ||
28 | TSS_GROUP="tss" | ||
29 | |||
30 | PACKAGECONFIG ?= "openssl cuse" | ||
31 | PACKAGECONFIG += "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}" | ||
32 | PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" | ||
33 | PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls" | ||
34 | PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" | ||
35 | PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse" | ||
36 | |||
37 | EXTRA_OECONF += "--with-tss-user=${TSS_USER} --with-tss-group=${TSS_GROUP}" | ||
38 | |||
39 | export SEARCH_DIR = "${STAGING_LIBDIR_NATIVE}" | ||
40 | |||
41 | # dup bootstrap | ||
42 | do_configure_prepend () { | ||
43 | libtoolize --force --copy | ||
44 | autoheader | ||
45 | aclocal | ||
46 | automake --add-missing -c | ||
47 | autoconf | ||
48 | } | ||
49 | |||
50 | USERADD_PACKAGES = "${PN}" | ||
51 | GROUPADD_PARAM_${PN} = "--system ${TSS_USER}" | ||
52 | USERADD_PARAM_${PN} = "--system -g ${TSS_GROUP} --home-dir \ | ||
53 | --no-create-home --shell /bin/false ${BPN}" | ||
54 | |||
55 | RDEPENDS_${PN} = "libtpm expect socat bash" | ||
56 | |||
57 | BBCLASSEXTEND = "native nativesdk" | ||
diff --git a/meta-tpm/recipes-tpm/tpm-tools/files/tpm-tools-extendpcr.patch b/meta-tpm/recipes-tpm/tpm-tools/files/tpm-tools-extendpcr.patch new file mode 100644 index 0000000..ab5e683 --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm-tools/files/tpm-tools-extendpcr.patch | |||
@@ -0,0 +1,244 @@ | |||
1 | Index: tpm-tools-1.3.8/include/tpm_tspi.h | ||
2 | =================================================================== | ||
3 | --- tpm-tools-1.3.8.orig/include/tpm_tspi.h 2011-08-17 08:20:35.000000000 -0400 | ||
4 | +++ tpm-tools-1.3.8/include/tpm_tspi.h 2013-01-05 23:26:31.571598217 -0500 | ||
5 | @@ -117,6 +117,10 @@ | ||
6 | UINT32 *a_PcrSize, BYTE **a_PcrValue); | ||
7 | TSS_RESULT pcrcompositeSetPcrValue(TSS_HPCRS a_hPcrs, UINT32 a_Idx, | ||
8 | UINT32 a_PcrSize, BYTE *a_PcrValue); | ||
9 | +TSS_RESULT tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx, | ||
10 | + UINT32 a_DataSize, BYTE *a_Data, | ||
11 | + TSS_PCR_EVENT *a_Event, | ||
12 | + UINT32 *a_PcrSize, BYTE **a_PcrValue); | ||
13 | #ifdef TSS_LIB_IS_12 | ||
14 | TSS_RESULT unloadVersionInfo(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v); | ||
15 | TSS_RESULT pcrcompositeSetPcrLocality(TSS_HPCRS a_hPcrs, UINT32 localityValue); | ||
16 | Index: tpm-tools-1.3.8/lib/tpm_tspi.c | ||
17 | =================================================================== | ||
18 | --- tpm-tools-1.3.8.orig/lib/tpm_tspi.c 2011-08-17 08:20:35.000000000 -0400 | ||
19 | +++ tpm-tools-1.3.8/lib/tpm_tspi.c 2013-01-05 23:27:37.731593490 -0500 | ||
20 | @@ -594,6 +594,20 @@ | ||
21 | return result; | ||
22 | } | ||
23 | |||
24 | +TSS_RESULT | ||
25 | +tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx, | ||
26 | + UINT32 a_DataSize, BYTE *a_Data, | ||
27 | + TSS_PCR_EVENT *a_Event, | ||
28 | + UINT32 *a_PcrSize, BYTE **a_PcrValue) | ||
29 | +{ | ||
30 | + TSS_RESULT result = | ||
31 | + Tspi_TPM_PcrExtend(a_hTpm, a_Idx, a_DataSize, a_Data, a_Event, | ||
32 | + a_PcrSize, a_PcrValue); | ||
33 | + tspiResult("Tspi_TPM_PcrExtend", result); | ||
34 | + | ||
35 | + return result; | ||
36 | +} | ||
37 | + | ||
38 | #ifdef TSS_LIB_IS_12 | ||
39 | /* | ||
40 | * These getPasswd functions will wrap calls to the other functions and check to see if the TSS | ||
41 | Index: tpm-tools-1.3.8/src/cmds/Makefile.am | ||
42 | =================================================================== | ||
43 | --- tpm-tools-1.3.8.orig/src/cmds/Makefile.am 2011-08-15 13:52:08.000000000 -0400 | ||
44 | +++ tpm-tools-1.3.8/src/cmds/Makefile.am 2013-01-05 23:30:46.223593698 -0500 | ||
45 | @@ -22,6 +22,7 @@ | ||
46 | # | ||
47 | |||
48 | bin_PROGRAMS = tpm_sealdata \ | ||
49 | + tpm_extendpcr \ | ||
50 | tpm_unsealdata | ||
51 | |||
52 | if TSS_LIB_IS_12 | ||
53 | @@ -33,4 +34,5 @@ | ||
54 | LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal -lcrypto | ||
55 | |||
56 | tpm_sealdata_SOURCES = tpm_sealdata.c | ||
57 | +tpm_extendpcr_SOURCES = tpm_extendpcr.c | ||
58 | tpm_unsealdata_SOURCES = tpm_unsealdata.c | ||
59 | Index: tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c | ||
60 | =================================================================== | ||
61 | --- /dev/null 1970-01-01 00:00:00.000000000 +0000 | ||
62 | +++ tpm-tools-1.3.8/src/cmds/tpm_extendpcr.c 2013-01-05 23:37:43.403585514 -0500 | ||
63 | @@ -0,0 +1,181 @@ | ||
64 | +/* | ||
65 | + * The Initial Developer of the Original Code is International | ||
66 | + * Business Machines Corporation. Portions created by IBM | ||
67 | + * Corporation are Copyright (C) 2005, 2006 International Business | ||
68 | + * Machines Corporation. All Rights Reserved. | ||
69 | + * | ||
70 | + * This program is free software; you can redistribute it and/or modify | ||
71 | + * it under the terms of the Common Public License as published by | ||
72 | + * IBM Corporation; either version 1 of the License, or (at your option) | ||
73 | + * any later version. | ||
74 | + * | ||
75 | + * This program is distributed in the hope that it will be useful, | ||
76 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
77 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
78 | + * Common Public License for more details. | ||
79 | + * | ||
80 | + * You should have received a copy of the Common Public License | ||
81 | + * along with this program; if not, a copy can be viewed at | ||
82 | + * http://www.opensource.org/licenses/cpl1.0.php. | ||
83 | + */ | ||
84 | +#include <openssl/evp.h> | ||
85 | +#include <openssl/sha.h> | ||
86 | +#include <limits.h> | ||
87 | +#include "tpm_tspi.h" | ||
88 | +#include "tpm_utils.h" | ||
89 | +#include "tpm_seal.h" | ||
90 | + | ||
91 | +// #define TPM_EXTENDPCR_DEBUG | ||
92 | + | ||
93 | +static void help(const char *aCmd) | ||
94 | +{ | ||
95 | + logCmdHelp(aCmd); | ||
96 | + logCmdOption("-i, --infile FILE", | ||
97 | + _ | ||
98 | + ("Filename containing data to extend PCRs with. Default is STDIN.")); | ||
99 | + logCmdOption("-p, --pcr NUMBER", | ||
100 | + _("PCR to extend.")); | ||
101 | + | ||
102 | +} | ||
103 | + | ||
104 | +static char in_filename[PATH_MAX] = ""; | ||
105 | +static TSS_HPCRS hPcrs = NULL_HPCRS; | ||
106 | +static TSS_HTPM hTpm; | ||
107 | +static UINT32 selectedPcrs[24]; | ||
108 | +static UINT32 selectedPcrsLen = 0; | ||
109 | +TSS_HCONTEXT hContext = 0; | ||
110 | + | ||
111 | +static int parse(const int aOpt, const char *aArg) | ||
112 | +{ | ||
113 | + int rc = -1; | ||
114 | + | ||
115 | + switch (aOpt) { | ||
116 | + case 'i': | ||
117 | + if (aArg) { | ||
118 | + strncpy(in_filename, aArg, PATH_MAX); | ||
119 | + rc = 0; | ||
120 | + } | ||
121 | + break; | ||
122 | + case 'p': | ||
123 | + if (aArg) { | ||
124 | + selectedPcrs[selectedPcrsLen++] = atoi(aArg); | ||
125 | + rc = 0; | ||
126 | + } | ||
127 | + break; | ||
128 | + default: | ||
129 | + break; | ||
130 | + } | ||
131 | + return rc; | ||
132 | + | ||
133 | +} | ||
134 | + | ||
135 | +int main(int argc, char **argv) | ||
136 | +{ | ||
137 | + | ||
138 | + int iRc = -1; | ||
139 | + struct option opts[] = { | ||
140 | + {"infile", required_argument, NULL, 'i'}, | ||
141 | + {"pcr", required_argument, NULL, 'p'}, | ||
142 | + }; | ||
143 | + unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16]; | ||
144 | + int lineLen; | ||
145 | + UINT32 i; | ||
146 | + | ||
147 | + BIO *bin = NULL; | ||
148 | + | ||
149 | + initIntlSys(); | ||
150 | + | ||
151 | + if (genericOptHandler(argc, argv, "i:p:", opts, | ||
152 | + sizeof(opts) / sizeof(struct option), parse, | ||
153 | + help) != 0) | ||
154 | + goto out; | ||
155 | + | ||
156 | + if (contextCreate(&hContext) != TSS_SUCCESS) | ||
157 | + goto out; | ||
158 | + | ||
159 | + if (contextConnect(hContext) != TSS_SUCCESS) | ||
160 | + goto out_close; | ||
161 | + | ||
162 | + if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS) | ||
163 | + goto out_close; | ||
164 | + | ||
165 | + /* Create a BIO for the input file */ | ||
166 | + if ((bin = BIO_new(BIO_s_file())) == NULL) { | ||
167 | + logError(_("Unable to open input BIO\n")); | ||
168 | + goto out_close; | ||
169 | + } | ||
170 | + | ||
171 | + /* Assign the input file to the BIO */ | ||
172 | + if (strlen(in_filename) == 0) | ||
173 | + BIO_set_fp(bin, stdin, BIO_NOCLOSE); | ||
174 | + else if (!BIO_read_filename(bin, in_filename)) { | ||
175 | + logError(_("Unable to open input file: %s\n"), | ||
176 | + in_filename); | ||
177 | + goto out_close; | ||
178 | + } | ||
179 | + | ||
180 | + /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be | ||
181 | + * a 1.2 TSS/TPM */ | ||
182 | + if (selectedPcrsLen) { | ||
183 | + TSS_FLAG initFlag = 0; | ||
184 | + UINT32 pcrSize; | ||
185 | + BYTE *pcrValue; | ||
186 | + | ||
187 | + for (i = 0; i < selectedPcrsLen; i++) { | ||
188 | + if (selectedPcrs[i] > 15) { | ||
189 | +#ifdef TSS_LIB_IS_12 | ||
190 | + initFlag |= TSS_PCRS_STRUCT_INFO_LONG; | ||
191 | +#else | ||
192 | + logError(_("This version of %s was compiled for a v1.1 TSS, which " | ||
193 | + "can only seal\n data to PCRs 0-15. PCR %u is out of range" | ||
194 | + "\n"), argv[0], selectedPcrs[i]); | ||
195 | + goto out_close; | ||
196 | +#endif | ||
197 | + } | ||
198 | + } | ||
199 | + | ||
200 | + unsigned char msg[EVP_MAX_MD_SIZE]; | ||
201 | + unsigned int msglen; | ||
202 | + EVP_MD_CTX ctx; | ||
203 | + EVP_DigestInit(&ctx, EVP_sha1()); | ||
204 | + while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0) | ||
205 | + EVP_DigestUpdate(&ctx, line, lineLen); | ||
206 | + EVP_DigestFinal(&ctx, msg, &msglen); | ||
207 | + | ||
208 | + if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag, | ||
209 | + &hPcrs) != TSS_SUCCESS) | ||
210 | + goto out_close; | ||
211 | + | ||
212 | + for (i = 0; i < selectedPcrsLen; i++) { | ||
213 | +#ifdef TPM_EXTENDPCR_DEBUG | ||
214 | + if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS) | ||
215 | + goto out_close; | ||
216 | + | ||
217 | + unsigned int j; | ||
218 | + for (j = 0; j < pcrSize; j++) | ||
219 | + printf("%02X ", pcrValue[j]); | ||
220 | + printf("\n"); | ||
221 | +#endif | ||
222 | + | ||
223 | + if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS) | ||
224 | + goto out_close; | ||
225 | + | ||
226 | +#ifdef TPM_EXTENDPCR_DEBUG | ||
227 | + for (j = 0; j < pcrSize; j++) | ||
228 | + printf("%02X ", pcrValue[j]); | ||
229 | + printf("\n"); | ||
230 | +#endif | ||
231 | + } | ||
232 | + } | ||
233 | + | ||
234 | + iRc = 0; | ||
235 | + logSuccess(argv[0]); | ||
236 | + | ||
237 | +out_close: | ||
238 | + contextClose(hContext); | ||
239 | + | ||
240 | +out: | ||
241 | + if (bin) | ||
242 | + BIO_free(bin); | ||
243 | + return iRc; | ||
244 | +} | ||
diff --git a/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb b/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb new file mode 100644 index 0000000..f670bff --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb | |||
@@ -0,0 +1,35 @@ | |||
1 | SUMMARY = "The tpm-tools package contains commands to allow the platform administrator the ability to manage and diagnose the platform's TPM." | ||
2 | DESCRIPTION = " \ | ||
3 | The tpm-tools package contains commands to allow the platform administrator \ | ||
4 | the ability to manage and diagnose the platform's TPM. Additionally, the \ | ||
5 | package contains commands to utilize some of the capabilities available \ | ||
6 | in the TPM PKCS#11 interface implemented in the openCryptoki project. \ | ||
7 | " | ||
8 | SECTION = "tpm" | ||
9 | LICENSE = "CPL-1.0" | ||
10 | LIC_FILES_CHKSUM = "file://LICENSE;md5=059e8cd6165cb4c31e351f2b69388fd9" | ||
11 | |||
12 | DEPENDS = "libtspi openssl" | ||
13 | DEPENDS_class-native = "trousers-native" | ||
14 | |||
15 | SRCREV = "5c5126bedf2da97906358adcfb8c43c86e7dd0ee" | ||
16 | SRC_URI = " \ | ||
17 | git://git.code.sf.net/p/trousers/tpm-tools \ | ||
18 | file://tpm-tools-extendpcr.patch \ | ||
19 | " | ||
20 | |||
21 | PV = "1.3.9.1+git${SRCPV}" | ||
22 | |||
23 | inherit autotools-brokensep gettext | ||
24 | |||
25 | S = "${WORKDIR}/git" | ||
26 | |||
27 | do_configure_prepend () { | ||
28 | mkdir -p po | ||
29 | mkdir -p m4 | ||
30 | cp -R po_/* po/ | ||
31 | touch po/Makefile.in.in | ||
32 | touch m4/Makefile.am | ||
33 | } | ||
34 | |||
35 | BBCLASSEXTEND = "native" | ||
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb new file mode 100644 index 0000000..6f1141c --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb | |||
@@ -0,0 +1,20 @@ | |||
1 | SUMMARY = "Tools for TPM2." | ||
2 | DESCRIPTION = "tpm2.0-tools" | ||
3 | LICENSE = "BSD" | ||
4 | LIC_FILES_CHKSUM = "file://LICENSE;md5=91b7c548d73ea16537799e8060cea819" | ||
5 | SECTION = "tpm" | ||
6 | |||
7 | DEPENDS = "pkgconfig tpm2.0-tss openssl curl autoconf-archive" | ||
8 | |||
9 | # Mar 17, 2017 | ||
10 | SRCREV = "0b744d1b13ce57b4be547ae773d7db1cbccf9a04" | ||
11 | |||
12 | SRC_URI = "git://github.com/01org/tpm2.0-tools.git;protocol=git;branch=master;name=tpm2.0-tools;destsuffix=tpm2.0-tools" | ||
13 | |||
14 | S = "${WORKDIR}/tpm2.0-tools" | ||
15 | |||
16 | PV = "git${SRCPV}" | ||
17 | |||
18 | inherit autotools pkgconfig | ||
19 | |||
20 | |||
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 new file mode 100644 index 0000000..d383ad5 --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 | |||
@@ -0,0 +1,332 @@ | |||
1 | # =========================================================================== | ||
2 | # http://www.gnu.org/software/autoconf-archive/ax_pthread.html | ||
3 | # =========================================================================== | ||
4 | # | ||
5 | # SYNOPSIS | ||
6 | # | ||
7 | # AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) | ||
8 | # | ||
9 | # DESCRIPTION | ||
10 | # | ||
11 | # This macro figures out how to build C programs using POSIX threads. It | ||
12 | # sets the PTHREAD_LIBS output variable to the threads library and linker | ||
13 | # flags, and the PTHREAD_CFLAGS output variable to any special C compiler | ||
14 | # flags that are needed. (The user can also force certain compiler | ||
15 | # flags/libs to be tested by setting these environment variables.) | ||
16 | # | ||
17 | # Also sets PTHREAD_CC to any special C compiler that is needed for | ||
18 | # multi-threaded programs (defaults to the value of CC otherwise). (This | ||
19 | # is necessary on AIX to use the special cc_r compiler alias.) | ||
20 | # | ||
21 | # NOTE: You are assumed to not only compile your program with these flags, | ||
22 | # but also link it with them as well. e.g. you should link with | ||
23 | # $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS | ||
24 | # | ||
25 | # If you are only building threads programs, you may wish to use these | ||
26 | # variables in your default LIBS, CFLAGS, and CC: | ||
27 | # | ||
28 | # LIBS="$PTHREAD_LIBS $LIBS" | ||
29 | # CFLAGS="$CFLAGS $PTHREAD_CFLAGS" | ||
30 | # CC="$PTHREAD_CC" | ||
31 | # | ||
32 | # In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant | ||
33 | # has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name | ||
34 | # (e.g. PTHREAD_CREATE_UNDETACHED on AIX). | ||
35 | # | ||
36 | # Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the | ||
37 | # PTHREAD_PRIO_INHERIT symbol is defined when compiling with | ||
38 | # PTHREAD_CFLAGS. | ||
39 | # | ||
40 | # ACTION-IF-FOUND is a list of shell commands to run if a threads library | ||
41 | # is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it | ||
42 | # is not found. If ACTION-IF-FOUND is not specified, the default action | ||
43 | # will define HAVE_PTHREAD. | ||
44 | # | ||
45 | # Please let the authors know if this macro fails on any platform, or if | ||
46 | # you have any other suggestions or comments. This macro was based on work | ||
47 | # by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help | ||
48 | # from M. Frigo), as well as ac_pthread and hb_pthread macros posted by | ||
49 | # Alejandro Forero Cuervo to the autoconf macro repository. We are also | ||
50 | # grateful for the helpful feedback of numerous users. | ||
51 | # | ||
52 | # Updated for Autoconf 2.68 by Daniel Richard G. | ||
53 | # | ||
54 | # LICENSE | ||
55 | # | ||
56 | # Copyright (c) 2008 Steven G. Johnson <stevenj@alum.mit.edu> | ||
57 | # Copyright (c) 2011 Daniel Richard G. <skunk@iSKUNK.ORG> | ||
58 | # | ||
59 | # This program is free software: you can redistribute it and/or modify it | ||
60 | # under the terms of the GNU General Public License as published by the | ||
61 | # Free Software Foundation, either version 3 of the License, or (at your | ||
62 | # option) any later version. | ||
63 | # | ||
64 | # This program is distributed in the hope that it will be useful, but | ||
65 | # WITHOUT ANY WARRANTY; without even the implied warranty of | ||
66 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General | ||
67 | # Public License for more details. | ||
68 | # | ||
69 | # You should have received a copy of the GNU General Public License along | ||
70 | # with this program. If not, see <http://www.gnu.org/licenses/>. | ||
71 | # | ||
72 | # As a special exception, the respective Autoconf Macro's copyright owner | ||
73 | # gives unlimited permission to copy, distribute and modify the configure | ||
74 | # scripts that are the output of Autoconf when processing the Macro. You | ||
75 | # need not follow the terms of the GNU General Public License when using | ||
76 | # or distributing such scripts, even though portions of the text of the | ||
77 | # Macro appear in them. The GNU General Public License (GPL) does govern | ||
78 | # all other use of the material that constitutes the Autoconf Macro. | ||
79 | # | ||
80 | # This special exception to the GPL applies to versions of the Autoconf | ||
81 | # Macro released by the Autoconf Archive. When you make and distribute a | ||
82 | # modified version of the Autoconf Macro, you may extend this special | ||
83 | # exception to the GPL to apply to your modified version as well. | ||
84 | |||
85 | #serial 21 | ||
86 | |||
87 | AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) | ||
88 | AC_DEFUN([AX_PTHREAD], [ | ||
89 | AC_REQUIRE([AC_CANONICAL_HOST]) | ||
90 | AC_LANG_PUSH([C]) | ||
91 | ax_pthread_ok=no | ||
92 | |||
93 | # We used to check for pthread.h first, but this fails if pthread.h | ||
94 | # requires special compiler flags (e.g. on True64 or Sequent). | ||
95 | # It gets checked for in the link test anyway. | ||
96 | |||
97 | # First of all, check if the user has set any of the PTHREAD_LIBS, | ||
98 | # etcetera environment variables, and if threads linking works using | ||
99 | # them: | ||
100 | if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then | ||
101 | save_CFLAGS="$CFLAGS" | ||
102 | CFLAGS="$CFLAGS $PTHREAD_CFLAGS" | ||
103 | save_LIBS="$LIBS" | ||
104 | LIBS="$PTHREAD_LIBS $LIBS" | ||
105 | AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) | ||
106 | AC_TRY_LINK_FUNC([pthread_join], [ax_pthread_ok=yes]) | ||
107 | AC_MSG_RESULT([$ax_pthread_ok]) | ||
108 | if test x"$ax_pthread_ok" = xno; then | ||
109 | PTHREAD_LIBS="" | ||
110 | PTHREAD_CFLAGS="" | ||
111 | fi | ||
112 | LIBS="$save_LIBS" | ||
113 | CFLAGS="$save_CFLAGS" | ||
114 | fi | ||
115 | |||
116 | # We must check for the threads library under a number of different | ||
117 | # names; the ordering is very important because some systems | ||
118 | # (e.g. DEC) have both -lpthread and -lpthreads, where one of the | ||
119 | # libraries is broken (non-POSIX). | ||
120 | |||
121 | # Create a list of thread flags to try. Items starting with a "-" are | ||
122 | # C compiler flags, and other items are library names, except for "none" | ||
123 | # which indicates that we try without any flags at all, and "pthread-config" | ||
124 | # which is a program returning the flags for the Pth emulation library. | ||
125 | |||
126 | ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" | ||
127 | |||
128 | # The ordering *is* (sometimes) important. Some notes on the | ||
129 | # individual items follow: | ||
130 | |||
131 | # pthreads: AIX (must check this before -lpthread) | ||
132 | # none: in case threads are in libc; should be tried before -Kthread and | ||
133 | # other compiler flags to prevent continual compiler warnings | ||
134 | # -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) | ||
135 | # -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) | ||
136 | # lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) | ||
137 | # -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) | ||
138 | # -pthreads: Solaris/gcc | ||
139 | # -mthreads: Mingw32/gcc, Lynx/gcc | ||
140 | # -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it | ||
141 | # doesn't hurt to check since this sometimes defines pthreads too; | ||
142 | # also defines -D_REENTRANT) | ||
143 | # ... -mt is also the pthreads flag for HP/aCC | ||
144 | # pthread: Linux, etcetera | ||
145 | # --thread-safe: KAI C++ | ||
146 | # pthread-config: use pthread-config program (for GNU Pth library) | ||
147 | |||
148 | case ${host_os} in | ||
149 | solaris*) | ||
150 | |||
151 | # On Solaris (at least, for some versions), libc contains stubbed | ||
152 | # (non-functional) versions of the pthreads routines, so link-based | ||
153 | # tests will erroneously succeed. (We need to link with -pthreads/-mt/ | ||
154 | # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather | ||
155 | # a function called by this macro, so we could check for that, but | ||
156 | # who knows whether they'll stub that too in a future libc.) So, | ||
157 | # we'll just look for -pthreads and -lpthread first: | ||
158 | |||
159 | ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" | ||
160 | ;; | ||
161 | |||
162 | darwin*) | ||
163 | ax_pthread_flags="-pthread $ax_pthread_flags" | ||
164 | ;; | ||
165 | esac | ||
166 | |||
167 | # Clang doesn't consider unrecognized options an error unless we specify | ||
168 | # -Werror. We throw in some extra Clang-specific options to ensure that | ||
169 | # this doesn't happen for GCC, which also accepts -Werror. | ||
170 | |||
171 | AC_MSG_CHECKING([if compiler needs -Werror to reject unknown flags]) | ||
172 | save_CFLAGS="$CFLAGS" | ||
173 | ax_pthread_extra_flags="-Werror" | ||
174 | CFLAGS="$CFLAGS $ax_pthread_extra_flags -Wunknown-warning-option -Wsizeof-array-argument" | ||
175 | AC_COMPILE_IFELSE([AC_LANG_PROGRAM([int foo(void);],[foo()])], | ||
176 | [AC_MSG_RESULT([yes])], | ||
177 | [ax_pthread_extra_flags= | ||
178 | AC_MSG_RESULT([no])]) | ||
179 | CFLAGS="$save_CFLAGS" | ||
180 | |||
181 | if test x"$ax_pthread_ok" = xno; then | ||
182 | for flag in $ax_pthread_flags; do | ||
183 | |||
184 | case $flag in | ||
185 | none) | ||
186 | AC_MSG_CHECKING([whether pthreads work without any flags]) | ||
187 | ;; | ||
188 | |||
189 | -*) | ||
190 | AC_MSG_CHECKING([whether pthreads work with $flag]) | ||
191 | PTHREAD_CFLAGS="$flag" | ||
192 | ;; | ||
193 | |||
194 | pthread-config) | ||
195 | AC_CHECK_PROG([ax_pthread_config], [pthread-config], [yes], [no]) | ||
196 | if test x"$ax_pthread_config" = xno; then continue; fi | ||
197 | PTHREAD_CFLAGS="`pthread-config --cflags`" | ||
198 | PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" | ||
199 | ;; | ||
200 | |||
201 | *) | ||
202 | AC_MSG_CHECKING([for the pthreads library -l$flag]) | ||
203 | PTHREAD_LIBS="-l$flag" | ||
204 | ;; | ||
205 | esac | ||
206 | |||
207 | save_LIBS="$LIBS" | ||
208 | save_CFLAGS="$CFLAGS" | ||
209 | LIBS="$PTHREAD_LIBS $LIBS" | ||
210 | CFLAGS="$CFLAGS $PTHREAD_CFLAGS $ax_pthread_extra_flags" | ||
211 | |||
212 | # Check for various functions. We must include pthread.h, | ||
213 | # since some functions may be macros. (On the Sequent, we | ||
214 | # need a special flag -Kthread to make this header compile.) | ||
215 | # We check for pthread_join because it is in -lpthread on IRIX | ||
216 | # while pthread_create is in libc. We check for pthread_attr_init | ||
217 | # due to DEC craziness with -lpthreads. We check for | ||
218 | # pthread_cleanup_push because it is one of the few pthread | ||
219 | # functions on Solaris that doesn't have a non-functional libc stub. | ||
220 | # We try pthread_create on general principles. | ||
221 | AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h> | ||
222 | static void routine(void *a) { a = 0; } | ||
223 | static void *start_routine(void *a) { return a; }], | ||
224 | [pthread_t th; pthread_attr_t attr; | ||
225 | pthread_create(&th, 0, start_routine, 0); | ||
226 | pthread_join(th, 0); | ||
227 | pthread_attr_init(&attr); | ||
228 | pthread_cleanup_push(routine, 0); | ||
229 | pthread_cleanup_pop(0) /* ; */])], | ||
230 | [ax_pthread_ok=yes], | ||
231 | []) | ||
232 | |||
233 | LIBS="$save_LIBS" | ||
234 | CFLAGS="$save_CFLAGS" | ||
235 | |||
236 | AC_MSG_RESULT([$ax_pthread_ok]) | ||
237 | if test "x$ax_pthread_ok" = xyes; then | ||
238 | break; | ||
239 | fi | ||
240 | |||
241 | PTHREAD_LIBS="" | ||
242 | PTHREAD_CFLAGS="" | ||
243 | done | ||
244 | fi | ||
245 | |||
246 | # Various other checks: | ||
247 | if test "x$ax_pthread_ok" = xyes; then | ||
248 | save_LIBS="$LIBS" | ||
249 | LIBS="$PTHREAD_LIBS $LIBS" | ||
250 | save_CFLAGS="$CFLAGS" | ||
251 | CFLAGS="$CFLAGS $PTHREAD_CFLAGS" | ||
252 | |||
253 | # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. | ||
254 | AC_MSG_CHECKING([for joinable pthread attribute]) | ||
255 | attr_name=unknown | ||
256 | for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do | ||
257 | AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h>], | ||
258 | [int attr = $attr; return attr /* ; */])], | ||
259 | [attr_name=$attr; break], | ||
260 | []) | ||
261 | done | ||
262 | AC_MSG_RESULT([$attr_name]) | ||
263 | if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then | ||
264 | AC_DEFINE_UNQUOTED([PTHREAD_CREATE_JOINABLE], [$attr_name], | ||
265 | [Define to necessary symbol if this constant | ||
266 | uses a non-standard name on your system.]) | ||
267 | fi | ||
268 | |||
269 | AC_MSG_CHECKING([if more special flags are required for pthreads]) | ||
270 | flag=no | ||
271 | case ${host_os} in | ||
272 | aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; | ||
273 | osf* | hpux*) flag="-D_REENTRANT";; | ||
274 | solaris*) | ||
275 | if test "$GCC" = "yes"; then | ||
276 | flag="-D_REENTRANT" | ||
277 | else | ||
278 | # TODO: What about Clang on Solaris? | ||
279 | flag="-mt -D_REENTRANT" | ||
280 | fi | ||
281 | ;; | ||
282 | esac | ||
283 | AC_MSG_RESULT([$flag]) | ||
284 | if test "x$flag" != xno; then | ||
285 | PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" | ||
286 | fi | ||
287 | |||
288 | AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT], | ||
289 | [ax_cv_PTHREAD_PRIO_INHERIT], [ | ||
290 | AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <pthread.h>]], | ||
291 | [[int i = PTHREAD_PRIO_INHERIT;]])], | ||
292 | [ax_cv_PTHREAD_PRIO_INHERIT=yes], | ||
293 | [ax_cv_PTHREAD_PRIO_INHERIT=no]) | ||
294 | ]) | ||
295 | AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"], | ||
296 | [AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], [1], [Have PTHREAD_PRIO_INHERIT.])]) | ||
297 | |||
298 | LIBS="$save_LIBS" | ||
299 | CFLAGS="$save_CFLAGS" | ||
300 | |||
301 | # More AIX lossage: compile with *_r variant | ||
302 | if test "x$GCC" != xyes; then | ||
303 | case $host_os in | ||
304 | aix*) | ||
305 | AS_CASE(["x/$CC"], | ||
306 | [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6], | ||
307 | [#handle absolute path differently from PATH based program lookup | ||
308 | AS_CASE(["x$CC"], | ||
309 | [x/*], | ||
310 | [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])], | ||
311 | [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])]) | ||
312 | ;; | ||
313 | esac | ||
314 | fi | ||
315 | fi | ||
316 | |||
317 | test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" | ||
318 | |||
319 | AC_SUBST([PTHREAD_LIBS]) | ||
320 | AC_SUBST([PTHREAD_CFLAGS]) | ||
321 | AC_SUBST([PTHREAD_CC]) | ||
322 | |||
323 | # Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: | ||
324 | if test x"$ax_pthread_ok" = xyes; then | ||
325 | ifelse([$1],,[AC_DEFINE([HAVE_PTHREAD],[1],[Define if you have POSIX threads libraries and header files.])],[$1]) | ||
326 | : | ||
327 | else | ||
328 | ax_pthread_ok=no | ||
329 | $2 | ||
330 | fi | ||
331 | AC_LANG_POP | ||
332 | ])dnl AX_PTHREAD | ||
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch new file mode 100644 index 0000000..ecaca6e --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch | |||
@@ -0,0 +1,31 @@ | |||
1 | This fixes musl build issue do to missing FD_* defines. | ||
2 | Add sys/select.h | ||
3 | |||
4 | Upstream-Status: Pending | ||
5 | |||
6 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
7 | |||
8 | Index: TPM2.0-TSS/tcti/tcti_socket.cpp | ||
9 | =================================================================== | ||
10 | --- TPM2.0-TSS.orig/tcti/tcti_socket.cpp | ||
11 | +++ TPM2.0-TSS/tcti/tcti_socket.cpp | ||
12 | @@ -28,6 +28,7 @@ | ||
13 | #include <stdio.h> | ||
14 | #include <stdlib.h> // Needed for _wtoi | ||
15 | |||
16 | +#include "sys/select.h" | ||
17 | #include <sapi/tpm20.h> | ||
18 | #include <tcti/tcti_socket.h> | ||
19 | #include "sysapi_util.h" | ||
20 | Index: TPM2.0-TSS/resourcemgr/resourcemgr.c | ||
21 | =================================================================== | ||
22 | --- TPM2.0-TSS.orig/resourcemgr/resourcemgr.c | ||
23 | +++ TPM2.0-TSS/resourcemgr/resourcemgr.c | ||
24 | @@ -28,6 +28,7 @@ | ||
25 | #include <stdio.h> | ||
26 | #include <stdlib.h> // Needed for _wtoi | ||
27 | |||
28 | +#include "sys/select.h" | ||
29 | #include <sapi/tpm20.h> | ||
30 | #include <tcti/tcti_device.h> | ||
31 | #include <tcti/tcti_socket.h> | ||
diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb new file mode 100644 index 0000000..14ec0ab --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb | |||
@@ -0,0 +1,96 @@ | |||
1 | SUMMARY = "Software stack for TPM2." | ||
2 | DESCRIPTION = "tpm2.0-tss like woah." | ||
3 | LICENSE = "BSD-2-Clause" | ||
4 | LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" | ||
5 | SECTION = "tpm" | ||
6 | |||
7 | DEPENDS = "autoconf-archive pkgconfig" | ||
8 | |||
9 | SRCREV = "30794affab01598bbacfe1f167be7c068a0c0476" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | git://github.com/01org/TPM2.0-TSS.git;protocol=git;branch=master;name=TPM2.0-TSS;destsuffix=TPM2.0-TSS \ | ||
13 | file://ax_pthread.m4 \ | ||
14 | " | ||
15 | |||
16 | inherit autotools pkgconfig systemd | ||
17 | |||
18 | S = "${WORKDIR}/${@d.getVar('BPN',d).upper()}" | ||
19 | |||
20 | do_configure_prepend () { | ||
21 | mkdir -p ${S}/m4 | ||
22 | cp ${WORKDIR}/ax_pthread.m4 ${S}/m4 | ||
23 | # execute the bootstrap script | ||
24 | currentdir=$(pwd) | ||
25 | cd ${S} | ||
26 | ACLOCAL="aclocal --system-acdir=${STAGING_DATADIR}/aclocal" ./bootstrap | ||
27 | cd $currentdir | ||
28 | } | ||
29 | |||
30 | INHERIT += "extrausers" | ||
31 | EXTRA_USERS_PARAMS = "\ | ||
32 | useradd -p '' tss; \ | ||
33 | groupadd tss; \ | ||
34 | " | ||
35 | |||
36 | SYSTEMD_PACKAGES += "resourcemgr" | ||
37 | SYSTEMD_SERVICE_resourcemgr = "resourcemgr.service" | ||
38 | SYSTEMD_AUTO_ENABLE_resourcemgr = "enable" | ||
39 | |||
40 | do_patch[postfuncs] += "fix_systemd_unit" | ||
41 | fix_systemd_unit () { | ||
42 | sed -i -e 's;^ExecStart=.*/resourcemgr;ExecStart=${sbindir}/resourcemgr;' ${S}/contrib/resourcemgr.service | ||
43 | } | ||
44 | |||
45 | do_install_append() { | ||
46 | install -d ${D}${systemd_system_unitdir} | ||
47 | install -m0644 ${S}/contrib/resourcemgr.service ${D}${systemd_system_unitdir}/resourcemgr.service | ||
48 | } | ||
49 | |||
50 | PROVIDES = "${PACKAGES}" | ||
51 | PACKAGES = " \ | ||
52 | ${PN}-dbg \ | ||
53 | libtss2 \ | ||
54 | libtss2-dev \ | ||
55 | libtss2-staticdev \ | ||
56 | libtctidevice \ | ||
57 | libtctidevice-dev \ | ||
58 | libtctidevice-staticdev \ | ||
59 | libtctisocket \ | ||
60 | libtctisocket-dev \ | ||
61 | libtctisocket-staticdev \ | ||
62 | resourcemgr \ | ||
63 | " | ||
64 | |||
65 | FILES_libtss2 = " \ | ||
66 | ${libdir}/libsapi.so.0.0.0 \ | ||
67 | ${libdir}/libmarshal.so.0.0.0 \ | ||
68 | " | ||
69 | FILES_libtss2-dev = " \ | ||
70 | ${includedir}/sapi \ | ||
71 | ${includedir}/tcti/common.h \ | ||
72 | ${libdir}/libsapi.so* \ | ||
73 | ${libdir}/libmarshal.so* \ | ||
74 | ${libdir}/pkgconfig/sapi.pc \ | ||
75 | " | ||
76 | FILES_libtss2-staticdev = " \ | ||
77 | ${libdir}/libsapi.a \ | ||
78 | ${libdir}/libsapi.la \ | ||
79 | ${libdir}/libmarshal.a \ | ||
80 | ${libdir}/libmarshal.la \ | ||
81 | " | ||
82 | FILES_libtctidevice = "${libdir}/libtcti-device.so.0.0.0" | ||
83 | FILES_libtctidevice-dev = " \ | ||
84 | ${includedir}/tcti/tcti_device.h \ | ||
85 | ${libdir}/libtcti-device.so* \ | ||
86 | ${libdir}/pkgconfig/tcti-device.pc \ | ||
87 | " | ||
88 | FILES_libtctidevice-staticdev = "${libdir}/libtcti-device.*a" | ||
89 | FILES_libtctisocket = "${libdir}/libtcti-socket.so.0.0.0" | ||
90 | FILES_libtctisocket-dev = " \ | ||
91 | ${includedir}/tcti/tcti_socket.h \ | ||
92 | ${libdir}/libtcti-socket.so* \ | ||
93 | ${libdir}/pkgconfig/tcti-socket.pc \ | ||
94 | " | ||
95 | FILES_libtctisocket-staticdev = "${libdir}/libtcti-socket.*a" | ||
96 | FILES_resourcemgr = "${sbindir}/resourcemgr ${systemd_system_unitdir}/resourcemgr.service" | ||
diff --git a/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb b/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb new file mode 100644 index 0000000..a53d4c3 --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb | |||
@@ -0,0 +1,24 @@ | |||
1 | SUMMARY = "TPM 2.0 Simulator Extraction Script" | ||
2 | LICENSE = "BSD-2-Clause" | ||
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=1415f7be284540b81d9d28c67c1a6b8b" | ||
4 | |||
5 | DEPENDS += "python" | ||
6 | |||
7 | SRCREV = "93dc4412432013ed7bcabd42007754c68f6e362e" | ||
8 | SRC_URI = "git://github.com/stwagnr/tpm2simulator.git" | ||
9 | |||
10 | S = "${WORKDIR}/git" | ||
11 | OECMAKE_SOURCEPATH = "${S}/cmake" | ||
12 | |||
13 | PV = "116+git${SRCPV}" | ||
14 | |||
15 | inherit native lib_package cmake | ||
16 | |||
17 | EXTRA_OECMAKE = " \ | ||
18 | -DCMAKE_BUILD_TYPE=Debug \ | ||
19 | -DSPEC_VERSION=116 \ | ||
20 | " | ||
21 | |||
22 | do_configure_prepend () { | ||
23 | sed -i 's/^SET = False/SET = True/' ${S}/scripts/settings.py | ||
24 | } | ||
diff --git a/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch b/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch new file mode 100644 index 0000000..3f5a144 --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch | |||
@@ -0,0 +1,49 @@ | |||
1 | trousers: fix compiling with musl | ||
2 | |||
3 | use POSIX getpwent instead of getpwent_r | ||
4 | |||
5 | Upstream-Status: Submitted | ||
6 | |||
7 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
8 | |||
9 | Index: git/src/tspi/ps/tspps.c | ||
10 | =================================================================== | ||
11 | --- git.orig/src/tspi/ps/tspps.c | ||
12 | +++ git/src/tspi/ps/tspps.c | ||
13 | @@ -66,9 +66,6 @@ get_user_ps_path(char **file) | ||
14 | TSS_RESULT result; | ||
15 | char *file_name = NULL, *home_dir = NULL; | ||
16 | struct passwd *pwp; | ||
17 | -#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) | ||
18 | - struct passwd pw; | ||
19 | -#endif | ||
20 | struct stat stat_buf; | ||
21 | char buf[PASSWD_BUFSIZE]; | ||
22 | uid_t euid; | ||
23 | @@ -96,24 +93,15 @@ get_user_ps_path(char **file) | ||
24 | #else | ||
25 | setpwent(); | ||
26 | while (1) { | ||
27 | -#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) | ||
28 | - rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); | ||
29 | - if (rc) { | ||
30 | - LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", | ||
31 | - strerror(rc)); | ||
32 | - endpwent(); | ||
33 | - return TSPERR(TSS_E_INTERNAL_ERROR); | ||
34 | - } | ||
35 | - | ||
36 | -#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) | ||
37 | if ((pwp = getpwent()) == NULL) { | ||
38 | LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", | ||
39 | strerror(rc)); | ||
40 | endpwent(); | ||
41 | +#if (defined (__FreeBSD__) || defined (__OpenBSD__)) | ||
42 | MUTEX_UNLOCK(user_ps_path); | ||
43 | +#endif | ||
44 | return TSPERR(TSS_E_INTERNAL_ERROR); | ||
45 | } | ||
46 | -#endif | ||
47 | if (euid == pwp->pw_uid) { | ||
48 | home_dir = strdup(pwp->pw_dir); | ||
49 | break; | ||
diff --git a/meta-tpm/recipes-tpm/trousers/files/tcsd.service b/meta-tpm/recipes-tpm/trousers/files/tcsd.service new file mode 100644 index 0000000..787d4e9 --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/tcsd.service | |||
@@ -0,0 +1,10 @@ | |||
1 | [Unit] | ||
2 | Description=TCG Core Services Daemon | ||
3 | After=syslog.target | ||
4 | |||
5 | [Service] | ||
6 | Type=forking | ||
7 | ExecStart=@SBINDIR@/tcsd | ||
8 | |||
9 | [Install] | ||
10 | WantedBy=multi-user.target | ||
diff --git a/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules b/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules new file mode 100644 index 0000000..256babd --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules | |||
@@ -0,0 +1,2 @@ | |||
1 | # trousers daemon expects tpm device to be owned by tss user & group | ||
2 | KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss" | ||
diff --git a/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh new file mode 100644 index 0000000..0ecf7cc --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh | |||
@@ -0,0 +1,65 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | ### BEGIN INIT INFO | ||
4 | # Provides: tcsd trousers | ||
5 | # Required-Start: $local_fs $remote_fs $network | ||
6 | # Required-Stop: $local_fs $remote_fs $network | ||
7 | # Should-Start: | ||
8 | # Should-Stop: | ||
9 | # Default-Start: 2 3 4 5 | ||
10 | # Default-Stop: 0 1 6 | ||
11 | # Short-Description: starts tcsd | ||
12 | # Description: tcsd belongs to the TrouSerS TCG Software Stack | ||
13 | ### END INIT INFO | ||
14 | |||
15 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
16 | DAEMON=/usr/sbin/tcsd | ||
17 | NAME=tcsd | ||
18 | DESC="Trusted Computing daemon" | ||
19 | USER="tss" | ||
20 | |||
21 | test -x "${DAEMON}" || exit 0 | ||
22 | |||
23 | # Read configuration variable file if it is present | ||
24 | [ -r /etc/default/$NAME ] && . /etc/default/$NAME | ||
25 | |||
26 | case "${1}" in | ||
27 | start) | ||
28 | echo "Starting $DESC: " | ||
29 | |||
30 | if [ ! -e /dev/tpm* ] | ||
31 | then | ||
32 | echo "device driver not loaded, skipping." | ||
33 | exit 0 | ||
34 | fi | ||
35 | |||
36 | start-stop-daemon --start --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} -- ${DAEMON_OPTS} | ||
37 | RETVAL="$?" | ||
38 | echo "$NAME." | ||
39 | [ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid | ||
40 | exit $RETVAL | ||
41 | ;; | ||
42 | |||
43 | stop) | ||
44 | echo "Stopping $DESC: " | ||
45 | |||
46 | start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON} | ||
47 | RETVAL="$?" | ||
48 | echo "$NAME." | ||
49 | rm -f /var/run/${NAME}.pid | ||
50 | exit $RETVAL | ||
51 | ;; | ||
52 | |||
53 | restart|force-reload) | ||
54 | "${0}" stop | ||
55 | sleep 1 | ||
56 | "${0}" start | ||
57 | exit $? | ||
58 | ;; | ||
59 | *) | ||
60 | echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2 | ||
61 | exit 3 | ||
62 | ;; | ||
63 | esac | ||
64 | |||
65 | exit 0 | ||
diff --git a/meta-tpm/recipes-tpm/trousers/trousers_git.bb b/meta-tpm/recipes-tpm/trousers/trousers_git.bb new file mode 100644 index 0000000..352374c --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/trousers_git.bb | |||
@@ -0,0 +1,117 @@ | |||
1 | SUMMARY = "TrouSerS - An open-source TCG Software Stack implementation." | ||
2 | LICENSE = "BSD" | ||
3 | HOMEPAGE = "http://sourceforge.net/projects/trousers/" | ||
4 | LIC_FILES_CHKSUM = "file://README;startline=3;endline=4;md5=2af28fbed0832e4d83a9e6dd68bb4413" | ||
5 | SECTION = "security/tpm" | ||
6 | |||
7 | DEPENDS = "openssl" | ||
8 | |||
9 | SRCREV = "4b9a70d5789b0b74f43957a6c19ab2156a72d3e0" | ||
10 | PV = "0.3.14+git${SRCPV}" | ||
11 | |||
12 | SRC_URI = " \ | ||
13 | git://git.code.sf.net/p/trousers/trousers \ | ||
14 | file://trousers.init.sh \ | ||
15 | file://trousers-udev.rules \ | ||
16 | file://tcsd.service \ | ||
17 | file://get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch \ | ||
18 | " | ||
19 | |||
20 | S = "${WORKDIR}/git" | ||
21 | |||
22 | inherit autotools pkgconfig useradd update-rc.d ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)} | ||
23 | |||
24 | PACKAGECONFIG ?= "gmp " | ||
25 | PACKAGECONFIG[gmp] = "--with-gmp, --with-gmp=no, gmp" | ||
26 | PACKAGECONFIG[gtk] = "--with-gui=gtk, --with-gui=none, gtk+" | ||
27 | |||
28 | do_install () { | ||
29 | oe_runmake DESTDIR=${D} install | ||
30 | } | ||
31 | |||
32 | do_install_append() { | ||
33 | install -d ${D}${sysconfdir}/init.d | ||
34 | install -m 0755 ${WORKDIR}/trousers.init.sh ${D}${sysconfdir}/init.d/trousers | ||
35 | install -d ${D}${sysconfdir}/udev/rules.d | ||
36 | install -m 0644 ${WORKDIR}/trousers-udev.rules ${D}${sysconfdir}/udev/rules.d/45-trousers.rules | ||
37 | |||
38 | if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then | ||
39 | install -d ${D}${systemd_unitdir}/system | ||
40 | install -m 0644 ${WORKDIR}/tcsd.service ${D}${systemd_unitdir}/system/ | ||
41 | sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/tcsd.service | ||
42 | fi | ||
43 | } | ||
44 | |||
45 | CONFFILES_${PN} += "${sysconfig}/tcsd.conf" | ||
46 | |||
47 | PROVIDES = "${PACKAGES}" | ||
48 | PACKAGES = " \ | ||
49 | libtspi \ | ||
50 | libtspi-dbg \ | ||
51 | libtspi-dev \ | ||
52 | libtspi-doc \ | ||
53 | libtspi-staticdev \ | ||
54 | trousers \ | ||
55 | trousers-dbg \ | ||
56 | trousers-doc \ | ||
57 | " | ||
58 | |||
59 | # libtspi needs tcsd for most (all?) operations, so suggest to | ||
60 | # install that. | ||
61 | RRECOMMENDS_libtspi = "${PN}" | ||
62 | |||
63 | FILES_libtspi = " \ | ||
64 | ${libdir}/*.so.1 \ | ||
65 | ${libdir}/*.so.1.2.0 \ | ||
66 | " | ||
67 | FILES_libtspi-dbg = " \ | ||
68 | ${libdir}/.debug \ | ||
69 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tspi \ | ||
70 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trspi \ | ||
71 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/*.h \ | ||
72 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/tss \ | ||
73 | " | ||
74 | FILES_libtspi-dev = " \ | ||
75 | ${includedir} \ | ||
76 | ${libdir}/*.so \ | ||
77 | " | ||
78 | FILES_libtspi-doc = " \ | ||
79 | ${mandir}/man3 \ | ||
80 | " | ||
81 | FILES_libtspi-staticdev = " \ | ||
82 | ${libdir}/*.la \ | ||
83 | ${libdir}/*.a \ | ||
84 | " | ||
85 | FILES_${PN} = " \ | ||
86 | ${sbindir}/tcsd \ | ||
87 | ${sysconfdir} \ | ||
88 | ${localstatedir} \ | ||
89 | " | ||
90 | |||
91 | FILES_${PN}-dev += "${libdir}/trousers" | ||
92 | |||
93 | FILES_${PN}-dbg = " \ | ||
94 | ${sbindir}/.debug \ | ||
95 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcs \ | ||
96 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcsd \ | ||
97 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tddl \ | ||
98 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trousers \ | ||
99 | ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/trousers \ | ||
100 | " | ||
101 | FILES_${PN}-doc = " \ | ||
102 | ${mandir}/man5 \ | ||
103 | ${mandir}/man8 \ | ||
104 | " | ||
105 | |||
106 | INITSCRIPT_NAME = "trousers" | ||
107 | INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ." | ||
108 | |||
109 | USERADD_PACKAGES = "${PN}" | ||
110 | GROUPADD_PARAM_${PN} = "--system tss" | ||
111 | USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" | ||
112 | |||
113 | SYSTEMD_PACKAGES = "${PN}" | ||
114 | SYSTEMD_SERVICE_${PN} = "tcsd.service" | ||
115 | SYSTEMD_AUTO_ENABLE = "disable" | ||
116 | |||
117 | BBCLASSEXTEND = "native" | ||