libhoth: update to latest

Update libhoth SRCREV to its latest commit, and add patches to fix gcc 15 and build dependency issues. Since the last update was so long ago, the changelog is longer than seems reasonable to include here, please refer to: https://github.com/google/libhoth/commits/main/?since=2024-01-16&until=2025-07-03 Signed-off-by: Scott Murray <scott.murray@konsulko.com>
author: Scott Murray <scott.murray@konsulko.com> 2025-07-03 16:55:32 -0400
committer: Scott Murray <scott.murray@konsulko.com> 2025-07-04 12:41:20 -0400
commit: d1d23b0c5c1567ab07571e845a16a06f07ffc5fc (patch)
tree: ea62b7fdd0549c4b89b45b17e189f31f56c1e63c
parent: abddea907bee174d3690003a34e7661c03a47c2c (diff)
download: meta-security-d1d23b0c5c1567ab07571e845a16a06f07ffc5fc.tar.gz
3 files changed, 196 insertions, 2 deletions
diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch b/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch
new file mode 100644
index 0000000..5004c66
--- /dev/null
+++ b/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch
@@ -0,0 +1,151 @@
+From 59dfffdb03654e004d848e8f6639ba066f7786a1 Mon Sep 17 00:00:00 2001
+From: Scott Murray <scott.murray@konsulko.com>
+Date: Thu, 3 Jul 2025 17:41:16 -0400
+Subject: [PATCH 1/2] Fix building with gcc 15
+Correct function signatures of a few of the htool command functions
+to fix gcc 15 errors from incompatible function pointer types.
+Upstream-Status: Pending
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+---
+ examples/htool_key_rotation.c   | 6 +++---
+ examples/htool_key_rotation.h   | 6 +++---
+ examples/htool_payload.c        | 2 +-
+ examples/htool_payload.h        | 2 +-
+ examples/htool_payload_update.c | 2 +-
+ examples/htool_payload_update.h | 2 +-
+ examples/htool_statistics.c     | 2 +-
+ examples/htool_statistics.h     | 3 ++-
+ 8 files changed, 13 insertions(+), 12 deletions(-)
+diff --git a/examples/htool_key_rotation.c b/examples/htool_key_rotation.c
+index af7ef59..3b938cd 100644
+--- a/examples/htool_key_rotation.c
+++ b/examples/htool_key_rotation.c
+@@ -43,7 +43,7 @@ static const char *get_validation_method_string(uint32_t validation_method) {
+   }
+ }
+ 
+-int htool_key_rotation_get_status(void) {
+int htool_key_rotation_get_status(const struct htool_invocation* inv) {
+   struct libhoth_device *dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+@@ -65,7 +65,7 @@ int htool_key_rotation_get_status(void) {
+   return 0;
+ }
+ 
+-int htool_key_rotation_get_version(void) {
+int htool_key_rotation_get_version(const struct htool_invocation* inv) {
+   struct libhoth_device *dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+@@ -161,7 +161,7 @@ int htool_key_rotation_update(const struct htool_invocation *inv) {
+   return result;
+ }
+ 
+-int htool_key_rotation_payload_status() {
+int htool_key_rotation_payload_status(const struct htool_invocation* inv) {
+   struct libhoth_device *dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+diff --git a/examples/htool_key_rotation.h b/examples/htool_key_rotation.h
+index 1dbfc02..cbcde98 100644
+--- a/examples/htool_key_rotation.h
+++ b/examples/htool_key_rotation.h
+@@ -23,9 +23,9 @@ extern "C" {
+ #endif
+ 
+ struct htool_invocation;
+-int htool_key_rotation_get_status();
+-int htool_key_rotation_get_version();
+-int htool_key_rotation_payload_status();
+int htool_key_rotation_get_status(const struct htool_invocation* inv);
+int htool_key_rotation_get_version(const struct htool_invocation* inv);
+int htool_key_rotation_payload_status(const struct htool_invocation* inv);
+ int htool_key_rotation_read(const struct htool_invocation* inv);
+ int htool_key_rotation_read_chunk_type(const struct htool_invocation* inv);
+ int htool_key_rotation_update(const struct htool_invocation* inv);
+diff --git a/examples/htool_payload.c b/examples/htool_payload.c
+index cada560..5a87660 100644
+--- a/examples/htool_payload.c
+++ b/examples/htool_payload.c
+@@ -29,7 +29,7 @@
+ #include "protocol/payload_info.h"
+ #include "protocol/payload_status.h"
+ 
+-int htool_payload_status() {
+int htool_payload_status(const struct htool_invocation* inv) {
+   struct libhoth_device* dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+diff --git a/examples/htool_payload.h b/examples/htool_payload.h
+index f218034..82c77ac 100644
+--- a/examples/htool_payload.h
+++ b/examples/htool_payload.h
+@@ -24,7 +24,7 @@
+ extern "C" {
+ #endif
+ 
+-int htool_payload_status();
+int htool_payload_status(const struct htool_invocation* inv);
+ int htool_payload_info(const struct htool_invocation* inv);
+ 
+ #ifdef __cplusplus
+diff --git a/examples/htool_payload_update.c b/examples/htool_payload_update.c
+index 8e3beb3..6cf44f1 100644
+--- a/examples/htool_payload_update.c
+++ b/examples/htool_payload_update.c
+@@ -125,7 +125,7 @@ const char *payload_update_getstatus_half_string(uint8_t h) {
+   }
+ }
+ 
+-int htool_payload_update_getstatus() {
+int htool_payload_update_getstatus(const struct htool_invocation* inv) {
+   struct libhoth_device *dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+diff --git a/examples/htool_payload_update.h b/examples/htool_payload_update.h
+index f87c5e7..55c6b44 100644
+--- a/examples/htool_payload_update.h
+++ b/examples/htool_payload_update.h
+@@ -24,7 +24,7 @@ extern "C" {
+ 
+ struct htool_invocation;
+ int htool_payload_update(const struct htool_invocation* inv);
+-int htool_payload_update_getstatus();
+int htool_payload_update_getstatus(const struct htool_invocation* inv);
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/examples/htool_statistics.c b/examples/htool_statistics.c
+index 4c5b536..6bca31a 100644
+--- a/examples/htool_statistics.c
+++ b/examples/htool_statistics.c
+@@ -178,7 +178,7 @@ const char* PayloadUpdateErrorToString(uint16_t reason) {
+   }
+ }
+ 
+-int htool_statistics() {
+int htool_statistics(const struct htool_invocation* inv) {
+   struct libhoth_device* dev = htool_libhoth_device();
+   if (!dev) {
+     return -1;
+diff --git a/examples/htool_statistics.h b/examples/htool_statistics.h
+index 2dd59b6..fe54eda 100644
+--- a/examples/htool_statistics.h
+++ b/examples/htool_statistics.h
+@@ -19,7 +19,8 @@
+ extern "C" {
+ #endif
+ 
+-int htool_statistics();
+struct htool_invocation;
+int htool_statistics(const struct htool_invocation* inv);
+ 
+ #ifdef __cplusplus
+ }
+-- 
+2.50.0
diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch b/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch
new file mode 100644
index 0000000..ca98609
--- /dev/null
+++ b/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch
@@ -0,0 +1,36 @@
+From ee75dcb0ea9818a10a6f7f85a3b5ee37572a3b08 Mon Sep 17 00:00:00 2001
+From: Scott Murray <scott.murray@konsulko.com>
+Date: Thu, 3 Jul 2025 17:41:50 -0400
+Subject: [PATCH 2/2] Fix building without dbus backend
+Move libsystemd and libcap dependencies into conditional logic for
+dbus_backend option so that building without the backend works when
+libsystemd and libcap are not available in the build environment.
+This situation occurs when building with OpenEmbedded.
+Upstream-Status: Pending
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+---
+ transports/meson.build | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/transports/meson.build b/transports/meson.build
+index e9f30d4..5abd103 100644
+--- a/transports/meson.build
+++ b/transports/meson.build
+@@ -9,10 +9,10 @@ transport_srcs = [
+ 
+ incdir = include_directories('..')
+ libusb = dependency('libusb-1.0')
+-libsystemd = dependency('libsystemd')
+-libcap = dependency('libcap')
+ 
+ if get_option('dbus_backend')
+    libsystemd = dependency('libsystemd')
+    libcap = dependency('libcap')
+     libhoth_dbus = static_library(
+         'hoth_dbus',
+         'libhoth_dbus.c',
+-- 
+2.50.0
diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb b/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb
index 9d29f78..2608acf 100644
--- a/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb
+++ b/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb
@@ -6,10 +6,17 @@ HOMEPAGE = "https://github.com/google/libhoth"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-SRC_URI = "git://github.com/google/libhoth;protocol=https;branch=main"
+SRC_URI = "git://github.com/google/libhoth;protocol=https;branch=main \
-SRCREV = "e4827163741e0804f12ac96c81b8e97649be6795"
+           file://0001-Fix-building-with-gcc-15.patch \
+           file://0002-Fix-building-without-dbus-backend.patch \
+"
+SRCREV = "69661d3ea542604353c48a00beee9a6247b27686"
 DEPENDS += "libusb1"
 inherit pkgconfig meson
+PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'dbus', '', d)}"
+PACKAGECONFIG[dbus] = "-Ddbus_backend=true,-Ddbus_backend=false,systemd libcap"
author	Scott Murray <scott.murray@konsulko.com>	2025-07-03 16:55:32 -0400
committer	Scott Murray <scott.murray@konsulko.com>	2025-07-04 12:41:20 -0400
commit	d1d23b0c5c1567ab07571e845a16a06f07ffc5fc (patch)
tree	ea62b7fdd0549c4b89b45b17e189f31f56c1e63c
parent	abddea907bee174d3690003a34e7661c03a47c2c (diff)
download	meta-security-d1d23b0c5c1567ab07571e845a16a06f07ffc5fc.tar.gz

diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch b/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch new file mode 100644 index 0000000..5004c66 --- /dev/null +++ b/meta-tpm/recipes-tpm1/hoth/libhoth/0001-Fix-building-with-gcc-15.patch
@@ -0,0 +1,151 @@
		1	From 59dfffdb03654e004d848e8f6639ba066f7786a1 Mon Sep 17 00:00:00 2001
		2	From: Scott Murray <scott.murray@konsulko.com>
		3	Date: Thu, 3 Jul 2025 17:41:16 -0400
		4	Subject: [PATCH 1/2] Fix building with gcc 15
		5
		6	Correct function signatures of a few of the htool command functions
		7	to fix gcc 15 errors from incompatible function pointer types.
		8
		9	Upstream-Status: Pending
		10	Signed-off-by: Scott Murray <scott.murray@konsulko.com>
		11	---
		12	examples/htool_key_rotation.c \| 6 +++---
		13	examples/htool_key_rotation.h \| 6 +++---
		14	examples/htool_payload.c \| 2 +-
		15	examples/htool_payload.h \| 2 +-
		16	examples/htool_payload_update.c \| 2 +-
		17	examples/htool_payload_update.h \| 2 +-
		18	examples/htool_statistics.c \| 2 +-
		19	examples/htool_statistics.h \| 3 ++-
		20	8 files changed, 13 insertions(+), 12 deletions(-)
		21
		22	diff --git a/examples/htool_key_rotation.c b/examples/htool_key_rotation.c
		23	index af7ef59..3b938cd 100644
		24	--- a/examples/htool_key_rotation.c
		25	+++ b/examples/htool_key_rotation.c
		26	@@ -43,7 +43,7 @@ static const char *get_validation_method_string(uint32_t validation_method) {
		27	}
		28	}
		29
		30	-int htool_key_rotation_get_status(void) {
		31	+int htool_key_rotation_get_status(const struct htool_invocation* inv) {
		32	struct libhoth_device *dev = htool_libhoth_device();
		33	if (!dev) {
		34	return -1;
		35	@@ -65,7 +65,7 @@ int htool_key_rotation_get_status(void) {
		36	return 0;
		37	}
		38
		39	-int htool_key_rotation_get_version(void) {
		40	+int htool_key_rotation_get_version(const struct htool_invocation* inv) {
		41	struct libhoth_device *dev = htool_libhoth_device();
		42	if (!dev) {
		43	return -1;
		44	@@ -161,7 +161,7 @@ int htool_key_rotation_update(const struct htool_invocation *inv) {
		45	return result;
		46	}
		47
		48	-int htool_key_rotation_payload_status() {
		49	+int htool_key_rotation_payload_status(const struct htool_invocation* inv) {
		50	struct libhoth_device *dev = htool_libhoth_device();
		51	if (!dev) {
		52	return -1;
		53	diff --git a/examples/htool_key_rotation.h b/examples/htool_key_rotation.h
		54	index 1dbfc02..cbcde98 100644
		55	--- a/examples/htool_key_rotation.h
		56	+++ b/examples/htool_key_rotation.h
		57	@@ -23,9 +23,9 @@ extern "C" {
		58	#endif
		59
		60	struct htool_invocation;
		61	-int htool_key_rotation_get_status();
		62	-int htool_key_rotation_get_version();
		63	-int htool_key_rotation_payload_status();
		64	+int htool_key_rotation_get_status(const struct htool_invocation* inv);
		65	+int htool_key_rotation_get_version(const struct htool_invocation* inv);
		66	+int htool_key_rotation_payload_status(const struct htool_invocation* inv);
		67	int htool_key_rotation_read(const struct htool_invocation* inv);
		68	int htool_key_rotation_read_chunk_type(const struct htool_invocation* inv);
		69	int htool_key_rotation_update(const struct htool_invocation* inv);
		70	diff --git a/examples/htool_payload.c b/examples/htool_payload.c
		71	index cada560..5a87660 100644
		72	--- a/examples/htool_payload.c
		73	+++ b/examples/htool_payload.c
		74	@@ -29,7 +29,7 @@
		75	#include "protocol/payload_info.h"
		76	#include "protocol/payload_status.h"
		77
		78	-int htool_payload_status() {
		79	+int htool_payload_status(const struct htool_invocation* inv) {
		80	struct libhoth_device* dev = htool_libhoth_device();
		81	if (!dev) {
		82	return -1;
		83	diff --git a/examples/htool_payload.h b/examples/htool_payload.h
		84	index f218034..82c77ac 100644
		85	--- a/examples/htool_payload.h
		86	+++ b/examples/htool_payload.h
		87	@@ -24,7 +24,7 @@
		88	extern "C" {
		89	#endif
		90
		91	-int htool_payload_status();
		92	+int htool_payload_status(const struct htool_invocation* inv);
		93	int htool_payload_info(const struct htool_invocation* inv);
		94
		95	#ifdef __cplusplus
		96	diff --git a/examples/htool_payload_update.c b/examples/htool_payload_update.c
		97	index 8e3beb3..6cf44f1 100644
		98	--- a/examples/htool_payload_update.c
		99	+++ b/examples/htool_payload_update.c
		100	@@ -125,7 +125,7 @@ const char *payload_update_getstatus_half_string(uint8_t h) {
		101	}
		102	}
		103
		104	-int htool_payload_update_getstatus() {
		105	+int htool_payload_update_getstatus(const struct htool_invocation* inv) {
		106	struct libhoth_device *dev = htool_libhoth_device();
		107	if (!dev) {
		108	return -1;
		109	diff --git a/examples/htool_payload_update.h b/examples/htool_payload_update.h
		110	index f87c5e7..55c6b44 100644
		111	--- a/examples/htool_payload_update.h
		112	+++ b/examples/htool_payload_update.h
		113	@@ -24,7 +24,7 @@ extern "C" {
		114
		115	struct htool_invocation;
		116	int htool_payload_update(const struct htool_invocation* inv);
		117	-int htool_payload_update_getstatus();
		118	+int htool_payload_update_getstatus(const struct htool_invocation* inv);
		119
		120	#ifdef __cplusplus
		121	}
		122	diff --git a/examples/htool_statistics.c b/examples/htool_statistics.c
		123	index 4c5b536..6bca31a 100644
		124	--- a/examples/htool_statistics.c
		125	+++ b/examples/htool_statistics.c
		126	@@ -178,7 +178,7 @@ const char* PayloadUpdateErrorToString(uint16_t reason) {
		127	}
		128	}
		129
		130	-int htool_statistics() {
		131	+int htool_statistics(const struct htool_invocation* inv) {
		132	struct libhoth_device* dev = htool_libhoth_device();
		133	if (!dev) {
		134	return -1;
		135	diff --git a/examples/htool_statistics.h b/examples/htool_statistics.h
		136	index 2dd59b6..fe54eda 100644
		137	--- a/examples/htool_statistics.h
		138	+++ b/examples/htool_statistics.h
		139	@@ -19,7 +19,8 @@
		140	extern "C" {
		141	#endif
		142
		143	-int htool_statistics();
		144	+struct htool_invocation;
		145	+int htool_statistics(const struct htool_invocation* inv);
		146
		147	#ifdef __cplusplus
		148	}
		149	--
		150	2.50.0
		151


diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch b/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch new file mode 100644 index 0000000..ca98609 --- /dev/null +++ b/meta-tpm/recipes-tpm1/hoth/libhoth/0002-Fix-building-without-dbus-backend.patch
@@ -0,0 +1,36 @@
		1	From ee75dcb0ea9818a10a6f7f85a3b5ee37572a3b08 Mon Sep 17 00:00:00 2001
		2	From: Scott Murray <scott.murray@konsulko.com>
		3	Date: Thu, 3 Jul 2025 17:41:50 -0400
		4	Subject: [PATCH 2/2] Fix building without dbus backend
		5
		6	Move libsystemd and libcap dependencies into conditional logic for
		7	dbus_backend option so that building without the backend works when
		8	libsystemd and libcap are not available in the build environment.
		9	This situation occurs when building with OpenEmbedded.
		10
		11	Upstream-Status: Pending
		12	Signed-off-by: Scott Murray <scott.murray@konsulko.com>
		13	---
		14	transports/meson.build \| 4 ++--
		15	1 file changed, 2 insertions(+), 2 deletions(-)
		16
		17	diff --git a/transports/meson.build b/transports/meson.build
		18	index e9f30d4..5abd103 100644
		19	--- a/transports/meson.build
		20	+++ b/transports/meson.build
		21	@@ -9,10 +9,10 @@ transport_srcs = [
		22
		23	incdir = include_directories('..')
		24	libusb = dependency('libusb-1.0')
		25	-libsystemd = dependency('libsystemd')
		26	-libcap = dependency('libcap')
		27
		28	if get_option('dbus_backend')
		29	+ libsystemd = dependency('libsystemd')
		30	+ libcap = dependency('libcap')
		31	libhoth_dbus = static_library(
		32	'hoth_dbus',
		33	'libhoth_dbus.c',
		34	--
		35	2.50.0
		36


diff --git a/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb b/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb index 9d29f78..2608acf 100644 --- a/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb +++ b/meta-tpm/recipes-tpm1/hoth/libhoth_git.bb
@@ -6,10 +6,17 @@ HOMEPAGE = "https://github.com/google/libhoth"
6	LICENSE = "Apache-2.0"	6	LICENSE = "Apache-2.0"
7	LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"	7	LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
8		8
9	SRC_URI = "git://github.com/google/libhoth;protocol=https;branch=main"	9	SRC_URI = "git://github.com/google/libhoth;protocol=https;branch=main \
10	SRCREV = "e4827163741e0804f12ac96c81b8e97649be6795"	10	file://0001-Fix-building-with-gcc-15.patch \
		11	file://0002-Fix-building-without-dbus-backend.patch \
		12	"
		13	SRCREV = "69661d3ea542604353c48a00beee9a6247b27686"
11		14
12	DEPENDS += "libusb1"	15	DEPENDS += "libusb1"
13		16
14	inherit pkgconfig meson	17	inherit pkgconfig meson
15		18
		19	PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'dbus', '', d)}"
		20
		21	PACKAGECONFIG[dbus] = "-Ddbus_backend=true,-Ddbus_backend=false,systemd libcap"
		22