summaryrefslogtreecommitdiffstats
path: root/meta-tpm
Commit message (Collapse)AuthorAgeFilesLines
* tpm2-tss: correct CVE productPeter Marko2023-03-261-0/+2
| | | | | | | | | | | | | | | | | Currently CVE-2023-22745 does not show up in kirkstone CVE report. This fixes that. Products from yocto's CVE check NVD database: sqlite> select * from products where product like "tpm2%"; CVE-2017-7524|tpm2-tools_project|tpm2.0-tools|||1.1.0|<= CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|||2.4.3|< CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|3.0.0|>=|3.0.1|< CVE-2021-3565|tpm2-tools_project|tpm2-tools|5.1|>=|5.1.1|< CVE-2021-3565|tpm2-tools_project|tpm2-tools|||4.3.2|< CVE-2023-22745|tpm2_software_stack_project|tpm2_software_stack|||4.0.0|<= Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm/layer: lower the priority from 10 to 6Jose Quaresma2023-03-201-1/+1
| | | | | | | | | | The priority change on sumo version without any description. Since then is very hard to add in other layers a new version of any recipe on this layer with such priority so these patch reverts the priority back to 6. Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: upgrade 2.4.1 -> 3.0.0Petr Gotthard2023-02-221-1/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: upgrade 1.8.0 -> 1.9.0Petr Gotthard2023-02-221-6/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-pkcs11/blob/1.9.0/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: upgrade 5.3 -> 5.5Petr Gotthard2023-02-221-6/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-tools/blob/5.5/docs/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: upgrade 3.2.0 -> 4.0.1Petr Gotthard2023-02-222-13/+9
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: drop version from bbappendsMikko Rapeli2023-02-061-0/+0
| | | | | | | | | | | | | | | | | | | These bbappends apply to multiple kernel versions so no need to make them version dependent. Fixes recipe parsing when using meta-security master branch on kirkstone. In our custom layer we set layer compatibility for kirkstone and I understand why meta-security upstream would not want to do that: LAYERSERIES_COMPAT_security-layer += 'kirkstone' LAYERSERIES_COMPAT_parsec-layer += 'kirkstone' LAYERSERIES_COMPAT_tpm-layer += 'kirkstone' While I work towards supporting also yocto master branch and newer releases than kirkstone, I would appreciate if I would not have to branch off layers over minor details like this. Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm: bump linux-yocto to 6.x kernelArmin Kuster2023-01-281-0/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: update LAYERSERIES_COMPAT for mickledoreMartin Jansa2023-01-041-1/+1
| | | | | | | | * oe-core switched to mickedore in: https://git.openembedded.org/openembedded-core/commit/?id=57239d66b933c4313cf331d35d13ec2d0661c38f Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: update to 5.3Michael Haener2022-11-191-2/+2
|
* tpm2-openssl: update to 1.1.1Michael Haener2022-10-241-1/+1
| | | | | Signed-off-by: Michael Haener <michael.haener@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm: update the linux-yocto rule with the one from sanity-meta-tpm classMichael Haener2022-09-251-1/+1
|
* swtpm: update to 0.7.3Armin Kuster2022-08-022-24/+1
| | | | | | drop musl patch.Fix another way Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: update to 1682Armin Kuster2022-08-022-4/+4
| | | | | | fixes openssl 3.0 support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: fix UPSTREAM_CHECKArmin Kuster2022-08-021-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmtpm2tss: update version formatArmin Kuster2022-08-021-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: upgrade 0.9.3 -> 0.9.5Armpit's Upgrade Helper2022-07-301-1/+1
|
* tpm2-tcti-uefi: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-openssl: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmtpm2tss: fix SRC_URIArmin Kuster2022-07-301-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-security-tpm: add libhoth to pkg grpArmin Kuster2022-07-301-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-security: Add recipe for libhothJohn Edward Broadbent2022-07-301-0/+17
| | | | | | | | Libhoth is usb protocol implementation which is required for hoth class devices Signed-off-by: John Edward Broadbent <jebr@google.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa: meta-tpm shut swtpm down before and after testingArmin Kuster2022-06-232-0/+4
| | | | | | | fixes: swtpm: Could not open TCP socket: Address already in use Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: Post release codename changesArmin Kuster2022-06-071-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: we really need the symlinksArmin Kuster2022-06-071-9/+2
| | | | | | | MASK dev-so Drop un-needed install append steps. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/tpm2: fix and cleanup testsArmin Kuster2022-06-071-9/+16
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/swtpm: add swtpm runtimeArmin Kuster2022-06-071-0/+24
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: enable gnutlsArmin Kuster2022-06-071-2/+2
| | | | | | needed for cert support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-tpm2-image: add swtpmArmin Kuster2022-06-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: enable seccomp if DISTRO is enabledArmin Kuster2022-06-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-parsec: Update Parsec runtime testsAnton Antonov2022-05-261-1/+3
| | | | | Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/cases/tpm2: fix and enhance test suiteArmin Kuster2022-05-231-12/+29
| | | | | | | | | | | | | | | | local.conf TEST_SUITES = "ssh ping tpm2" IMAGE_INSTALL:append = " swtpm tpm2-pkcs11" RESULTS: RESULTS - ping.PingTest.test_ping: PASSED (0.05s) RESULTS - ssh.SSHTest.test_ssh: PASSED (2.19s) RESULTS - tpm2.Tpm2Test.test_tpm2_pcrread: PASSED (1.06s) RESULTS - tpm2.Tpm2Test.test_tpm2_pkcs11: PASSED (1.17s) RESULTS - tpm2.Tpm2Test.test_tpm2_swtpm_reset: PASSED (0.59s) RESULTS - tpm2.Tpm2Test.test_tpm2_swtpm_socket: PASSED (307.72s) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: Add missing rdependsArmin Kuster2022-05-231-0/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: tpm2-pkcs11 module missingArmin Kuster2022-05-231-2/+7
| | | | | | Correctly fix symlink issue by putting module in -dev pkg. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* LICENSE: update to SPDX standard namesJoe Slater2022-04-132-2/+2
| | | | | | | Use convert-spdx-licenses.py to update LICENSE in recipes. Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: update to 1.8.0Petr Gotthard2022-04-135-1498/+7
| | | | | | | | | The build patches are now included in the upstream, the local binary checkes can be disabled with --disable-ptool-checks, the boostrap doesn't need to be called if the release .tar.gz is used. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: fix version string and build with openssl 3.0Petr Gotthard2022-04-131-6/+13
| | | | | | | | | | | Calling autoreconf outside git repo causes the version number to be null. This patch makes the version number fixed. Since Yocto now uses OpenSSL 3.0, the file packaging need to be updated. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: update to 2.4.1Petr Gotthard2022-04-131-4/+2
| | | | | | | | The version number is correctly assigned only when the release .tar.gz is used. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: update to 3.2.0Petr Gotthard2022-04-134-377/+22
| | | | | | | | | This deletes the patches that were unused for a long time, updates the tpm2-tss package and introduces a fix to the version number problem that got introduced with the 3.2.0 version. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-openssl: update to 1.1.0Petr Gotthard2022-04-132-11/+19
| | | | | | | | | | | | | Also, the recipe is fixed to correctly package the openssl provider. This new tpm2-openssl: - Fixed segmentation fault when a signature algorithm is beging initialized without a private key. - Fixed RSA/EC key equality checks. Works with OpenSSL 3.0.1. - Added support for the `TPM2OPENSSL_PARENT_AUTH` environment variable. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: fix missing version numberPetr Gotthard2022-04-131-0/+5
| | | | | | | | Calling autoreconf outside git repo causes the version number to be null. This patch makes the version number fixed. Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: fix user permsArmin Kuster2022-03-111-5/+4
| | | | | | [Yocto #14724] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm-tools: Fix pod2man raceArmin Kuster2022-03-111-1/+1
| | | | | | On some systems, pod2man is not available so add native depends. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: update to 0.9.2Armin Kuster2022-03-111-2/+2
| | | | | | includes: CVE-2021-3623 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: update to 0.7.1Armin Kuster2022-03-112-68/+2
| | | | | | | fixes: CVE-2022-23645. Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-05 11:43:50 +0000