summaryrefslogtreecommitdiffstats
path: root/meta-tpm
Commit message (Collapse)AuthorAgeFilesLines
* tpm2-tools: update to 4.1.3dunfell-nextRalph Siemsen2022-03-171-5/+5
| | | | | | | | | | | | | | | | | | Minor version bump from 4.1.1 to 4.1.3, containing two fixes: 4.1.3 - 2020-06-02 * tpm2_create: Fix issue with userauth attribute being cleared if policy is specified. 4.1.2 - 2020-05-18 * Fix missing handle maps for ESY3 handle breaks. See #1994. https://github.com/tpm2-software/tpm2-tools/pull/1994 Details of changes https://github.com/tpm2-software/tpm2-tools/commits/4.1.X Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: backport fix for CVE-2021-3565Ralph Siemsen2022-03-172-0/+51
| | | | | | | | | | | | | | | | tpm2_import used a fixed AES key for the inner wrapper, which means that a MITM attack would be able to unwrap the imported key. Even the use of an encrypted session will not prevent this. The TPM only encrypts the first parameter which is the fixed symmetric key. To fix this, ensure the key size is 16 bytes or bigger and use OpenSSL to generate a secure random AES key. Upstream commit (with offset adjusted) https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515 Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* README: updated branch for DunfellArmin Kuster2020-10-171-4/+4
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: fix QA warningArmin Kuster2020-10-161-1/+2
| | | | | | ibmswtpm2 doesn't have GNU_HASH (didn't pass LDFLAGS?) [ldflags Signed-off-by: Armin Kuster <akuster808@gmail.com>
* trousers: Several Security fixesArmin Kuster2020-08-242-0/+95
| | | | | | | | | | | | | | | | | | | Source: meta-security MR: 105088 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/meta-security/commit/?id=787ba6faeaa8823a4d87e5edd15581cb4e12fa70 ChangeID: b55bccb002b9eb2c49dfe380406e2597bb1ade90 Description: Fixes: CVE-2020-24332 CVE-2020-24330 CVE-2020-24331 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 787ba6faeaa8823a4d87e5edd15581cb4e12fa70) Signed-off-by: Armin Kuster <akuster@mvista.com>
* packagegroup-security-tpm2: Depend on preferred provider for cryptsetupJeremy Puhlman2020-07-141-1/+2
| | | | | Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-devJeremy Puhlman2020-07-141-0/+5
| | | | | | | | | | | | | | | | | | | | | | | Without this we get weird conflict when you include dev packages: rror: Transaction check error: file /usr/include/libcryptsetup.h conflicts between attempted installs of cryptsetup-tpm-incubator-dev-0.9.9-r0.corei7_64 and lib32-cryptsetup-dev-2.3.2-r0.1.i586 file /usr/lib64/libcryptsetup.so conflicts between attempted installs of cryptsetup-tpm-incubator-dev-0.9.9-r0.corei7_64 and cryptsetup-dev-2.3.2-r0.1.corei7_64 file /usr/lib64/pkgconfig/libcryptsetup.pc conflicts between attempted installs of cryptsetup-tpm-incubator-dev-0.9.9-r0.corei7_64 and cryptsetup-dev-2.3.2-r0.1.corei7_64 file /usr/lib/libcryptsetup.so conflicts between attempted installs of lib32-cryptsetup-tpm-incubator-dev-0.9.9-r0.i586 and lib32-cryptsetup-dev-2.3.2-r0.1.i586 file /usr/lib/pkgconfig/libcryptsetup.pc conflicts between attempted installs of lib32-cryptsetup-tpm-incubator-dev-0.9.9-r0.i586 and lib32-cryptsetup-dev-2.3.2-r0.1.i586 Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: update LAYERSERIES_COMPAT for dunfellMartin Jansa2020-03-271-1/+1
| | | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: update the bbappend to 5.xAndré Draszik2020-03-081-0/+0
| | | | | | | | | | | | | | | As linux-yocto upgraded to 5.x in oe-core, update the bbappend to 5.x to remove the warning ERROR: No recipes available for: .../meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_4.%.bbappend This patch hasn't been verified any further than allowing bitbake to complete with a non-linux-yocto kernel. In particular options could be different, or new ones needed / desired. Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: fix build issue over pod2manArmin Kuster2020-03-051-1/+1
| | | | | | | | | /bin/bash: pod2man: command not found | Makefile:585: recipe for target 'TPMLIB_CancelCommand.3' failed inherit perlnative to fix Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: update to 1563Armin Kuster2020-02-103-24/+53
| | | | | | | | | fix build issue [v2] Fix subject line Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: update to 2.3.2Armin Kuster2020-02-101-9/+9
| | | | | | clean up reciped. drop git fetching Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: fix build issue for i386 machineArmin Kuster2020-02-104-12/+77
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: update to 4.1.1Armin Kuster2020-02-102-14/+17
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: fix configure errorArmin Kuster2020-02-011-0/+1
| | | | | | checking for whether to build with seccomp profile... configure: error: "Is libseccomp-devel installed? -- could not get cflags for libseccomp" Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: Port command line options to new version.Philip Tricca2019-12-071-1/+1
| | | | | | | | These have changed upstream. Signed-off-by: Philip Tricca <flihp@twobit.org> Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd-init.sh: fix for /dev/tpmrmXTrevor Woerner2019-12-071-1/+1
| | | | | | | | | | | | Newer kernels, in addition to the traditional /dev/tpmX device nodes, are now also creating /dev/tpmrmX device nodes. This causes this script to get confused and abort, meaning tpm2-abrmd does not get started during boot. Fix for https://github.com/flihp/meta-measured/issues/56 Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-security: add layer index calloutsArmin Kuster2019-12-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-totp: update to 0.2.0Armin Kuster2019-12-052-39/+3
| | | | | | | LIC_FILES_CHKSUM update to be true BSD-3-clause text Drop patch included Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: update to tip to us tss-tools 4.0.xArmin Kuster2019-12-051-2/+2
| | | | | | LIC_FILES_CHKSUM update to be true BSD-3-clause text Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: update to 4.0.1Armin Kuster2019-12-052-15/+14
| | | | | | | | LIC_FILES_CHKSUM added new copyrights Migrate to https d/l from git clone Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd": update to 2.3.0Armin Kuster2019-12-051-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: update to tipArmin Kuster2019-12-051-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.1.bb: add new udev dir to FILES ↵Norbert Kaminski2019-11-271-1/+3
| | | | | | | | | | | | and append EXTRA_OECONF The tpm2 tool freezes in a XEN distro. It stores the udev rules in /lib/udev directory, thus these changes append the FILES and EXTRA_OECONF to make tpm2 work properly. Signed-off-by: Norbert Kaminski <norbert.kaminski@3mdeb.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cryptsetup tpm incubator: fix installed vs shippedChristophe PRIOUZEAU2019-11-271-0/+1
| | | | | | | | Fix [installed-vs-shipped] by adding /usr/lib/tmpfiles.d on FILES. Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: Update for zeus seriesArmin Kuster2019-10-111-1/+1
| | | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Acked-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: update to tipArmin Kuster2019-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: update to tipArmin Kuster2019-09-121-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-totp: update to 0.1.2Armin Kuster2019-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: update to 1.0.1Armin Kuster2019-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: update to 2.3.0Armin Kuster2019-09-122-87/+2
| | | | | | drop patch already in update Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: update to 2.2.0Armin Kuster2019-09-121-2/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: update to 0.2.0Armin Kuster2019-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: update to 0.7.0Armin Kuster2019-09-121-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cryptsetup-tpm-incubator: fix QA error RDEPENDSArmin Kuster2019-09-071-1/+1
| | | | | | ERROR: cryptsetup-tpm-incubator-0.9.9-r0 do_package_qa: QA Issue: /usr/lib/libcryptsetup.so.12.3.0 contained in package cryptsetup-tpm-incubator requires libdevmapper.so.1.02(DM_1_02_97)(64bit), but no providers found in RDEPENDS_cryptsetup-tpm-incubator? [file-rdeps] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: build and install examplesDmitry Eremin-Solenikov2019-08-041-0/+13
| | | | | | | | Examples are usefull to actually check TPM2 from UEFI shell. Add them to tpm2-tcti-uefi package. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: stop inserting host directories into build pathDmitry Eremin-Solenikov2019-08-042-0/+28
| | | | | | | Do not insert /usr/lib and /usr/lib64 into LDFLAGS. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: fix configure argumentsDmitry Eremin-Solenikov2019-08-041-1/+8
| | | | | | | Pass correct location of EFI's crt0 and ld script. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: add autoconf-archive-native dependencyDmitry Eremin-Solenikov2019-08-041-1/+1
| | | | | | | Add dependency on autoconf-archive-native to receive AX_* macro definitions. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: fix compilation when using updated AX_CODE_COVERAGE macroDmitry Eremin-Solenikov2019-08-042-1/+86
| | | | | | | | | New autoconf-archive comes with updated AX_CODE_COVERAGE macro, which is not compatible with current tpm2-tss source base. Apply upstream patch to fix this incompatibility. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-security-tpm2: stop including tpm2-tcti-uefiDmitry Eremin-Solenikov2019-08-041-3/+0
| | | | | | | | tpm2-tcti-uefi is a EFI module, so it should not be included in the rootfs. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: update to 1.0.0Armin Kuster2019-06-261-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-totp: update to offical release v0.1.1Armin Kuster2019-06-262-17/+18
| | | | | | Clean up recipe to match actual app Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: update to 2.2.3Armin Kuster2019-06-261-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: update to 3.2.0Armin Kuster2019-06-261-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tcti-uefi: update to tipArmin Kuster2019-06-261-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11/tpm2-pkcs11: update to tipArmin Kuster2019-06-261-2/+2
| | | | | | license-check-sum: Add SPDX format Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm image: split out tpm2Armin Kuster2019-06-261-4/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2 images: create tpm2 image and fix packagegroupArmin Kuster2019-06-262-1/+22
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* runtime: tpm2 fix names in packagecheckArmin Kuster2019-06-261-2/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-07 23:04:00 +0000