summaryrefslogtreecommitdiffstats
path: root/meta-tpm
Commit message (Collapse)AuthorAgeFilesLines
* swtpm: fix parser error when using USERADDEXTENSION="useradd-staticids"Ahmed Abdelfattah2023-06-111-1/+1
| | | | | | | | pass the required argument to --home-dir fixes: Bugzilla-15034 Signed-off-by: Ahmed Abdelfattah <a.abfattah@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: update to 164-2020-192.1Andrew Geissler2023-06-031-4/+5
| | | | | | | | | | | | | This version supports openssl 3.1 The maintainer changed his tag versions hence the different looking version. The maintainer also has stopped releasing tar files and asked we directly grab from git. Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: remove tpm_x86.cfgMikko Rapeli2023-06-031-4/+0
| | | | | | | It's not used by linux-yocto bbappends in any configuration. Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: support tpm and tpm2 on all architecturesMikko Rapeli2023-06-031-10/+1
| | | | | | | | arm, arm64 and other machines can also have tpm and tpm2 devices and the config snippets tpm.scc and tpm2.scc work there too. Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libhoth_git.bb:SRCREV bump 1622e8a04..d769296220dJohn Edward Broadbent2023-05-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating libhoth to match version in openbmc https://gerrit.openbmc.org/c/openbmc/openbmc/+/63424 libhoth detailed changes: Willy Tu Expose header files expose USB APIs aranikam Add flash_spi_info command Add address mode flag for spi update/read Chris Evans Rename ec_ commands; permit old command names as an alias. Apply clang-format, and enable it as a check action. (#24) Sui Chen Add payload status Add console snapshot Daimeng Wang libhoth: automated mtd mailbox discovery libhoth: implement MTD transport libhoth: add MTD backend boilerplate API Yoan Andreev Dont check for non-snapshot console params Extern c wrap (#22) Build improvements (#18) Add basic abstraction to libhoth and SPIDEV support (#17) Vidya Satyamsetti Add extern Kor Nielsen htool console: Don't leave O_NONBLOCK set on stdin [fix] In legacy mailbox protocol, look at response size. [fix] Support legacy response buffers larger than 62 bytes. [feat] htool: Support Hoth-B devices. Add --baud_rate flag to "htool console". Setup github workflow to build project. Rename "htool console -l" to "htool console -n". Add --onlcr flag to "htool console". Make example visibility public. Fix BUILD file formatting. Remove out-of-date :enumerate and :ec_hello. Add libusb to bazel WORKSPACE. Fix undefined behavior in htool command handling. Signed-off-by: John Edward Broadbent <jebr@google.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: Insert addpylib declarationArmin Kuster2023-05-221-0/+2
| | | | | | | | | | | Yocto mickledore introduced the addpylib directive for explicitly adding layer paths to the PYTHONPATH. Standalone OEQA test suite discovery does not require this directive but it is required to import test cases from other layers, e.g. to extend and modify the test cases. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-security-tpm2: restore pkgs removed earlierArmin Kuster2023-05-061-0/+5
| | | | | | | | | commit: 0594aee packagegroup-security-tpm2.bb: remove dynamic pkgs is causing an issue with some users. Restore the packages and opted to fix via PACKAGE_ARCH = "${TUNE_PKGARCH}" Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: drop vendor from PACKAGECONFIGArmin Kuster2023-05-061-1/+1
| | | | | | | fixes: WARNING: tpm2-tss-4.0.1-r0 do_configure: QA Issue: tpm2-tss: invalid PACKAGECONFIG: vendor [invalid-packageconfig] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* maintainers.inc: rename to avoid clashes with oe-coreAlexander Kanavin2023-05-061-0/+0
| | | | | | | | | | Additional maintainer entries should be added to ones provided by oe-core, but not be replacing them, as that breaks oe-core tests. Another option is to place them directly into recipes. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: update to 0.9.6Armin Kuster2023-05-061-1/+1
| | | | | | include: CVE-2023-1017 & CVE-2023-1018 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: update to 0.8.0Armin Kuster2023-05-061-2/+2
| | | | | | includes CVE-2022-23645 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* recipes-tpm: use this for common tpm recipesArmin Kuster2023-05-068-0/+0
| | | | | | a bit of re-org Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm: rename recipes-tpm to recipes-tpm1Armin Kuster2023-05-0628-0/+0
| | | | | | a bit of re-org. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: Remove unnecessary and optional dependenciesPeter Kjellerstedt2023-05-061-4/+1
| | | | | | | | | | | | | | | * The dependency on autoconf-archive is only needed when building from the Git repository (and it should really be autoconf-archive-native). * Removing the build dependency on tpm2-abrmd does not change the output in any way, i.e., nothing is used from it. * The runtime dependency on libtss2 is added automatically by bitbake since /usr/bin/tpm2 is linked with libtss2-esys.so.0. * The runtime dependency on tpm2-abrmd is optional. Such dependencies are better handled at a higher level, e.g., by depending on packagegroup-security-tpm2. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: correct CVE productPeter Marko2023-03-261-0/+2
| | | | | | | | | | | | | | | | | Currently CVE-2023-22745 does not show up in kirkstone CVE report. This fixes that. Products from yocto's CVE check NVD database: sqlite> select * from products where product like "tpm2%"; CVE-2017-7524|tpm2-tools_project|tpm2.0-tools|||1.1.0|<= CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|||2.4.3|< CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|3.0.0|>=|3.0.1|< CVE-2021-3565|tpm2-tools_project|tpm2-tools|5.1|>=|5.1.1|< CVE-2021-3565|tpm2-tools_project|tpm2-tools|||4.3.2|< CVE-2023-22745|tpm2_software_stack_project|tpm2_software_stack|||4.0.0|<= Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm/layer: lower the priority from 10 to 6Jose Quaresma2023-03-201-1/+1
| | | | | | | | | | The priority change on sumo version without any description. Since then is very hard to add in other layers a new version of any recipe on this layer with such priority so these patch reverts the priority back to 6. Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: upgrade 2.4.1 -> 3.0.0Petr Gotthard2023-02-221-1/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: upgrade 1.8.0 -> 1.9.0Petr Gotthard2023-02-221-6/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-pkcs11/blob/1.9.0/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: upgrade 5.3 -> 5.5Petr Gotthard2023-02-221-6/+1
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-tools/blob/5.5/docs/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: upgrade 3.2.0 -> 4.0.1Petr Gotthard2023-02-222-13/+9
| | | | | | | | Changelog: https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: drop version from bbappendsMikko Rapeli2023-02-061-0/+0
| | | | | | | | | | | | | | | | | | | These bbappends apply to multiple kernel versions so no need to make them version dependent. Fixes recipe parsing when using meta-security master branch on kirkstone. In our custom layer we set layer compatibility for kirkstone and I understand why meta-security upstream would not want to do that: LAYERSERIES_COMPAT_security-layer += 'kirkstone' LAYERSERIES_COMPAT_parsec-layer += 'kirkstone' LAYERSERIES_COMPAT_tpm-layer += 'kirkstone' While I work towards supporting also yocto master branch and newer releases than kirkstone, I would appreciate if I would not have to branch off layers over minor details like this. Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm: bump linux-yocto to 6.x kernelArmin Kuster2023-01-281-0/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: update LAYERSERIES_COMPAT for mickledoreMartin Jansa2023-01-041-1/+1
| | | | | | | | * oe-core switched to mickedore in: https://git.openembedded.org/openembedded-core/commit/?id=57239d66b933c4313cf331d35d13ec2d0661c38f Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: update to 5.3Michael Haener2022-11-191-2/+2
|
* tpm2-openssl: update to 1.1.1Michael Haener2022-10-241-1/+1
| | | | | Signed-off-by: Michael Haener <michael.haener@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm: update the linux-yocto rule with the one from sanity-meta-tpm classMichael Haener2022-09-251-1/+1
|
* swtpm: update to 0.7.3Armin Kuster2022-08-022-24/+1
| | | | | | drop musl patch.Fix another way Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: update to 1682Armin Kuster2022-08-022-4/+4
| | | | | | fixes openssl 3.0 support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmswtpm2: fix UPSTREAM_CHECKArmin Kuster2022-08-021-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmtpm2tss: update version formatArmin Kuster2022-08-021-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtpm: upgrade 0.9.3 -> 0.9.5Armpit's Upgrade Helper2022-07-301-1/+1
|
* tpm2-tcti-uefi: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-abrmd: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-openssl: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tools: Add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-tss-engine: add UPSTREAM_CHECK_URIArmin Kuster2022-07-301-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ibmtpm2tss: fix SRC_URIArmin Kuster2022-07-301-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-security-tpm: add libhoth to pkg grpArmin Kuster2022-07-301-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-security: Add recipe for libhothJohn Edward Broadbent2022-07-301-0/+17
| | | | | | | | Libhoth is usb protocol implementation which is required for hoth class devices Signed-off-by: John Edward Broadbent <jebr@google.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa: meta-tpm shut swtpm down before and after testingArmin Kuster2022-06-232-0/+4
| | | | | | | fixes: swtpm: Could not open TCP socket: Address already in use Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: Post release codename changesArmin Kuster2022-06-071-1/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tpm2-pkcs11: we really need the symlinksArmin Kuster2022-06-071-9/+2
| | | | | | | MASK dev-so Drop un-needed install append steps. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/tpm2: fix and cleanup testsArmin Kuster2022-06-071-9/+16
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/swtpm: add swtpm runtimeArmin Kuster2022-06-071-0/+24
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: enable gnutlsArmin Kuster2022-06-071-2/+2
| | | | | | needed for cert support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* security-tpm2-image: add swtpmArmin Kuster2022-06-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* swtpm: enable seccomp if DISTRO is enabledArmin Kuster2022-06-071-0/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-parsec: Update Parsec runtime testsAnton Antonov2022-05-261-1/+3
| | | | | Signed-off-by: Anton Antonov <Anton.Antonov@arm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>