summaryrefslogtreecommitdiffstats
path: root/meta-tpm
Commit message (Collapse)AuthorAgeFilesLines
* recipes: update SRC_URI branch and protocolsYi Zhao2021-11-156-6/+6
| | | | | | | Update SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* trousers: fix init script with multi-tpm systemsMathieu Dubois-Briand2021-08-211-1/+1
| | | | Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
* layer.conf: add honister to LAYERSERIES_COMPATYi Zhao2021-08-091-1/+1
| | | | | | Drop other releases since they are not compatible anymore. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* meta-secure-core: Convert to new override syntaxYi Zhao2021-08-096-34/+34
| | | | | | Converting the metadata to use ":" as the override character instead of "_". Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* layer.conf: add hardknott to LAYERSERIES_COMPATYi Zhao2021-04-211-1/+1
| | | | | | Remove other releases since they are not compatible anymore. Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* conf/layer.conf: Add gatesgarth to LAYERSERIES_COMPATBartłomiej Burdukiewicz2020-12-091-1/+1
| | | | Signed-off-by: Bartłomiej Burdukiewicz <bartlomiej.burdukiewicz@gmail.com>
* trousers: fix build failure for gcc-10Chen Qi2020-09-231-0/+3
| | | | | | | gcc-10 uses '-fno-common' by default, causing build error of multiple definition. Use '-fcommon' to fix this problem. Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
* trousers: update to latest git revYi Zhao2020-09-011-1/+1
| | | | | | | | | | | | | | | | | | Security fixes: CVE-2020-24332 If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks CVE-2020-24330 If the tcsd daemon is started with root privileges, it fails to drop the root gid after it is no longer needed CVE-2020-24331 If the tcsd daemon is started with root privileges, the tss user has read and write access to the /etc/tcsd.conf file Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* conf/layer.conf: Add dunfell to LAYERSERIES_COMPATChristophe Priouzeau2020-05-271-1/+1
| | | | Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
* tpm-tools: inherit perlnative.bbclassKai Kang2020-02-131-1/+1
| | | | | | | | | | | | | | | tpm-tools calls pod2man to produce manual files. But pod2man has been removed from hosttools in oe-core. So it fails occasionally when in some certain condition .pod file is newer than corresponding man page files that man files need to be reproduced: | make[3]: Entering directory 'TOPDIR/tmp-glibc/work/ppc7400-wrs-linux/tpm-tools/1.3.9.1+gitAUTOINC+bdf9f1bc8f-r0/git/man/man8' | /bin/bash: pod2man: command not found | make[3]: *** [Makefile:575: tpm_nvwrite.8] Error 127 Inherit perlnative to fix such issue. Signed-off-by: Kai Kang <kai.kang@windriver.com>
* conf/layer.conf: Add zeus to LAYERSERIES_COMPAT (#121)muvarov2019-11-011-1/+1
| | | Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
* meta-secure-core: add linux-yocto-dev bbappendYi Zhao2019-08-131-0/+1
| | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* linux-yocto: upgrade bbappend from 4.% to 5.%Yi Zhao2019-08-132-0/+0
| | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* conf/layer.conf: Add warrior to LAYERSERIES_COMPATYi Zhao2019-04-231-1/+1
| | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
* layer.conf: update LAYERSERIES_COMPAT `sumo' -> `thud'Hongxu Jia2018-10-081-1/+1
| | | | | | | | Since `9ec5a8a layer.conf: Drop sumo from LAYERSERIES_CORENAMES' and `9867924 layer.conf: Add thud to LAYERSERIES_CORENAMES' applied in oe-core, update LAYERSERIES_COMPAT `sumo' -> `thud' Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* openssl-tpm-engine: rebase ↵Hongxu Jia2018-09-262-33/+41
| | | | | | 0005-tpm-openssl-tpm-engine-parse-an-encrypted-TPM-key-pa.patch to 0.5.0 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* openssl-tpm-engine: update SRC_URI and update to 0.5.0Armin Kuster2018-09-268-160/+142
| | | | | | | | | | | | | change to a fork that is being maintained and that enabled openssl 1.1 Refresh patches Drop one no longer needed Signed-off-by: Armin Kuster <akuster808@gmail.com> Backport from meta-security http://git.yoctoproject.org/cgit/cgit.cgi/meta-security/commit/?id=3bae06e29b60d71177cb63ad0b85bc5c46f7a144 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* trousers: support openssl 1.1.xHongxu Jia2018-09-261-1/+1
| | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* tpm-tools: support openssl 1.1.xHongxu Jia2018-09-262-7/+7
| | | | | | | | | | | - Support openssl 1.1.x - Fix compile warning |tpm_extendpcr.c:55:4: warning: 'strncpy' specified bound 4096 equals destination size [-Wstringop-truncation] | strncpy(in_filename, aArg, PATH_MAX); Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* tpm-tools: refresh patch to fix QA WARNINGHongxu Jia2018-09-261-20/+37
| | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* Clean up the stuffs for stable branchesJia Zhang2018-09-201-1/+1
| | | | | | | | | | | The following commits are reverted by the way: - seloader: Fix building for rocko (bc6bbe2) - meta-integrity: rpm: Add back in required patches for rocko (5fa9c85) Because they are only applicable to rocko. Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
* layer.conf: Mark as compatible with rockoTom Rini2018-07-251-1/+1
| | | | | | | As we also work with the 'rocko' release list that in our LAYERSERIES_COMPAT. Signed-off-by: Tom Rini <trini@konsulko.com>
* layer.conf: add LAYERSERIES_COMPATTrevor Woerner2018-05-261-0/+2
| | | | | | see https://patchwork.openembedded.org/patch/140542/ Signed-off-by: Trevor Woerner <twoerner@gmail.com>
* packagegroup-tpm: include tpm-quote-tools (#17)Wenzong Fan2017-09-121-0/+1
| | | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
* meta-secure-core: clean up ${COREBASE}/LICENSE and ${COREBASE}/meta/COPYING.MITJia Zhang2017-09-021-2/+1
| | | | | | | | ${COREBASE}/LICENSE is not a valid license file. So it is recommended to use '${COMMON_LICENSE_DIR}/MIT' for a MIT License file in LIC_FILES_CHKSUM. This will become an error in the future. Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* tpm : openssl-tpm-engine: parse an encrypted TPM key password from env (#15)limeng-linux2017-09-022-7/+285
| | | | | | | | | | | | | | when openssl-tpm-engine lib is used on an unattended device, there is no way to input TPM key password. So add this feature to support parse an encrypted(AES algorithm) TPM key password from env. The default decrypting AES password and salt is set in bb file. When we create a TPM key(TSS format), generate a 8 bytes random data as its password, and then we need to encrypt the password with the same AES password and salt in bb file. At last, we set a env as below: export TPM_KEY_ENC_PW=xxxxxxxx "xxxxxxxx" is the encrypted TPM key password for libtpm.so. Signed-off-by: Meng Li <Meng.Li@windriver.com>
* meta-tpm: tss 1.x always depends on openssl 1.0.xJia Zhang2017-08-203-3/+3
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* openssl-tpm-engine: fix cmdline parsing failure on arm platformLans Zhang2017-07-212-0/+35
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* trouser: a minor fix for debug packageLans Zhang2017-07-211-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: define the oe index nameLans Zhang2017-07-201-0/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* tpm-tools: update to the latest and code style fixupLans Zhang2017-07-205-45/+43
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* tss-testsuite: update to the latest and code style fixupLans Zhang2017-07-204-99/+66
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* tpm-quote-tools: update to the latest and code style fixupLans Zhang2017-07-202-26/+27
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* pcr-extend: update to the latest and code style fixupLans Zhang2017-07-202-21/+27
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* openssl-tpm-engine: update to the latest and code style fixupLans Zhang2017-07-201-37/+45
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-tpm: code style fixupLans Zhang2017-07-207-18/+56
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* trousers: update to the latest and code style fixupLans Zhang2017-07-204-120/+117
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Add the missing COPYING.MIT filesLans Zhang2017-07-131-0/+17
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* openssl-tpm-engine: parse an encrypted tpm SRK password from envMeng Li2017-06-232-0/+273
| | | | | | | | | | | | | | | | Before, we support reading SRK password from env TPM_SRK_PW, but it is a plain password and not secure. So, we improve it and support to get an encrypted (AES algorithm) SRK password from env, and then parse it. The default decrypting AES password and salt is set in bb file. When we initialize TPM, and set a SRK pw, and then we need to encrypt it with the same AES password and salt by AES algorithm. At last, we set a env as below: export TPM_SRK_ENC_PW=xxxxxxxx "xxxxxxxx" is the encrypted SRK password for libtpm.so. Signed-off-by: Meng Li <Meng.Li@windriver.com> Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: initial commitLans Zhang2017-06-2238-0/+3963
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-19 17:55:47 +0000