| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
pass the required argument to --home-dir
fixes: Bugzilla-15034
Signed-off-by: Ahmed Abdelfattah <a.abfattah@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This version supports openssl 3.1
The maintainer changed his tag versions hence the different looking
version.
The maintainer also has stopped releasing tar files and asked we
directly grab from git.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
It's not used by linux-yocto bbappends in any configuration.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
arm, arm64 and other machines can also have tpm and tpm2 devices
and the config snippets tpm.scc and tpm2.scc work there too.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating libhoth to match version in openbmc
https://gerrit.openbmc.org/c/openbmc/openbmc/+/63424
libhoth detailed changes:
Willy Tu
Expose header files expose USB APIs
aranikam
Add flash_spi_info command
Add address mode flag for spi update/read
Chris Evans
Rename ec_ commands; permit old command names as an alias.
Apply clang-format, and enable it as a check action. (#24)
Sui Chen
Add payload status
Add console snapshot
Daimeng Wang
libhoth: automated mtd mailbox discovery
libhoth: implement MTD transport
libhoth: add MTD backend boilerplate API
Yoan Andreev
Dont check for non-snapshot console params
Extern c wrap (#22)
Build improvements (#18)
Add basic abstraction to libhoth and SPIDEV support (#17)
Vidya Satyamsetti
Add extern
Kor Nielsen
htool console: Don't leave O_NONBLOCK set on stdin
[fix] In legacy mailbox protocol, look at response size.
[fix] Support legacy response buffers larger than 62 bytes.
[feat] htool: Support Hoth-B devices.
Add --baud_rate flag to "htool console".
Setup github workflow to build project.
Rename "htool console -l" to "htool console -n".
Add --onlcr flag to "htool console".
Make example visibility public.
Fix BUILD file formatting.
Remove out-of-date :enumerate and :ec_hello.
Add libusb to bazel WORKSPACE.
Fix undefined behavior in htool command handling.
Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Yocto mickledore introduced the addpylib directive for explicitly adding
layer paths to the PYTHONPATH.
Standalone OEQA test suite discovery does not require this directive but
it is required to import test cases from other layers, e.g. to extend
and modify the test cases.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
commit: 0594aee packagegroup-security-tpm2.bb: remove dynamic pkgs
is causing an issue with some users. Restore the packages and opted
to fix via PACKAGE_ARCH = "${TUNE_PKGARCH}"
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
fixes:
WARNING: tpm2-tss-4.0.1-r0 do_configure: QA Issue: tpm2-tss: invalid PACKAGECONFIG: vendor [invalid-packageconfig]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Additional maintainer entries should be added to ones provided by oe-core,
but not be replacing them, as that breaks oe-core tests.
Another option is to place them directly into recipes.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
include: CVE-2023-1017 & CVE-2023-1018
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
includes CVE-2022-23645
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
a bit of re-org
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
a bit of re-org.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The dependency on autoconf-archive is only needed when building from
the Git repository (and it should really be autoconf-archive-native).
* Removing the build dependency on tpm2-abrmd does not change the output
in any way, i.e., nothing is used from it.
* The runtime dependency on libtss2 is added automatically by bitbake
since /usr/bin/tpm2 is linked with libtss2-esys.so.0.
* The runtime dependency on tpm2-abrmd is optional. Such dependencies
are better handled at a higher level, e.g., by depending on
packagegroup-security-tpm2.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently CVE-2023-22745 does not show up in kirkstone CVE report.
This fixes that.
Products from yocto's CVE check NVD database:
sqlite> select * from products where product like "tpm2%";
CVE-2017-7524|tpm2-tools_project|tpm2.0-tools|||1.1.0|<=
CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|||2.4.3|<
CVE-2020-24455|tpm2_software_stack_project|tpm2_software_stack|3.0.0|>=|3.0.1|<
CVE-2021-3565|tpm2-tools_project|tpm2-tools|5.1|>=|5.1.1|<
CVE-2021-3565|tpm2-tools_project|tpm2-tools|||4.3.2|<
CVE-2023-22745|tpm2_software_stack_project|tpm2_software_stack|||4.0.0|<=
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
The priority change on sumo version without any description.
Since then is very hard to add in other layers a new version
of any recipe on this layer with such priority so these patch
reverts the priority back to 6.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-pkcs11/blob/1.9.0/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-tools/blob/5.5/docs/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Changelog:
https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These bbappends apply to multiple kernel versions so no
need to make them version dependent. Fixes recipe parsing when
using meta-security master branch on kirkstone. In our custom layer we
set layer compatibility for kirkstone and I understand why meta-security
upstream would not want to do that:
LAYERSERIES_COMPAT_security-layer += 'kirkstone'
LAYERSERIES_COMPAT_parsec-layer += 'kirkstone'
LAYERSERIES_COMPAT_tpm-layer += 'kirkstone'
While I work towards supporting also yocto master branch and newer
releases than kirkstone, I would appreciate if I would not have to
branch off layers over minor details like this.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
* oe-core switched to mickedore in:
https://git.openembedded.org/openembedded-core/commit/?id=57239d66b933c4313cf331d35d13ec2d0661c38f
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Michael Haener <michael.haener@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
drop musl patch.Fix another way
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
fixes openssl 3.0 support
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Libhoth is usb protocol implementation which is required for hoth class
devices
Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
fixes:
swtpm: Could not open TCP socket: Address already in use
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
| |
MASK dev-so
Drop un-needed install append steps.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
| |
needed for cert support
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|