From 4585f1e8c95435d60dd3a5287b25c7076347a3c9 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sun, 7 May 2017 22:39:03 -0700 Subject: tpm: move to a sub layer Signed-off-by: Armin Kuster --- meta-tpm/README | 0 meta-tpm/conf/layer.conf | 13 + .../recipes-kernel/linux/linux-yocto_4.10.bbappend | 5 + .../Convert-another-vdprintf-to-dprintf.patch | 26 ++ .../files/Use-format-s-for-call-to-dprintf.patch | 33 ++ .../libtpm/files/fix_signed_issue.patch | 48 +++ meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb | 20 ++ meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch | 21 ++ .../swtpm/files/fix_lib_search_path.patch | 64 ++++ .../recipes-tpm/swtpm/files/fix_signed_issue.patch | 48 +++ meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch | 22 ++ .../recipes-tpm/swtpm/swtpm-wrappers-native.bb | 53 ++++ meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | 57 ++++ .../tpm-tools/files/tpm-tools-extendpcr.patch | 244 +++++++++++++++ meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb | 35 +++ .../recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb | 20 ++ .../tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 | 332 +++++++++++++++++++++ .../tpm2.0-tss/fix_musl_select_include.patch | 31 ++ meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb | 96 ++++++ .../tpm2simulator/tpm2simulator-native_116.bb | 24 ++ ...path-use-POSIX-getpwent-instead-of-getpwe.patch | 49 +++ meta-tpm/recipes-tpm/trousers/files/tcsd.service | 10 + .../recipes-tpm/trousers/files/trousers-udev.rules | 2 + .../recipes-tpm/trousers/files/trousers.init.sh | 65 ++++ meta-tpm/recipes-tpm/trousers/trousers_git.bb | 117 ++++++++ recipes-kernel/linux/linux-yocto_4.10.bbappend | 3 - .../Convert-another-vdprintf-to-dprintf.patch | 26 -- .../files/Use-format-s-for-call-to-dprintf.patch | 33 -- recipes-tpm/libtpm/files/fix_signed_issue.patch | 48 --- recipes-tpm/libtpm/libtpm_1.0.bb | 20 -- recipes-tpm/swtpm/files/fix_fcntl_h.patch | 21 -- recipes-tpm/swtpm/files/fix_lib_search_path.patch | 64 ---- recipes-tpm/swtpm/files/fix_signed_issue.patch | 48 --- recipes-tpm/swtpm/files/ioctl_h.patch | 22 -- recipes-tpm/swtpm/swtpm-wrappers-native.bb | 53 ---- recipes-tpm/swtpm/swtpm_1.0.bb | 57 ---- .../tpm-tools/files/tpm-tools-extendpcr.patch | 244 --------------- recipes-tpm/tpm-tools/tpm-tools_git.bb | 35 --- recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb | 20 -- recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 | 332 --------------------- .../tpm2.0-tss/fix_musl_select_include.patch | 31 -- recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb | 96 ------ .../tpm2simulator/tpm2simulator-native_116.bb | 24 -- ...path-use-POSIX-getpwent-instead-of-getpwe.patch | 49 --- recipes-tpm/trousers/files/tcsd.service | 10 - recipes-tpm/trousers/files/trousers-udev.rules | 2 - recipes-tpm/trousers/files/trousers.init.sh | 65 ---- recipes-tpm/trousers/trousers_git.bb | 117 -------- 48 files changed, 1435 insertions(+), 1420 deletions(-) create mode 100644 meta-tpm/README create mode 100644 meta-tpm/conf/layer.conf create mode 100644 meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend create mode 100644 meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch create mode 100644 meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch create mode 100644 meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch create mode 100644 meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb create mode 100644 meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch create mode 100644 meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch create mode 100644 meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch create mode 100644 meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch create mode 100644 meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb create mode 100644 meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb create mode 100644 meta-tpm/recipes-tpm/tpm-tools/files/tpm-tools-extendpcr.patch create mode 100644 meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb create mode 100644 meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb create mode 100644 meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 create mode 100644 meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch create mode 100644 meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb create mode 100644 meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb create mode 100644 meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch create mode 100644 meta-tpm/recipes-tpm/trousers/files/tcsd.service create mode 100644 meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules create mode 100644 meta-tpm/recipes-tpm/trousers/files/trousers.init.sh create mode 100644 meta-tpm/recipes-tpm/trousers/trousers_git.bb delete mode 100644 recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch delete mode 100644 recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch delete mode 100644 recipes-tpm/libtpm/files/fix_signed_issue.patch delete mode 100644 recipes-tpm/libtpm/libtpm_1.0.bb delete mode 100644 recipes-tpm/swtpm/files/fix_fcntl_h.patch delete mode 100644 recipes-tpm/swtpm/files/fix_lib_search_path.patch delete mode 100644 recipes-tpm/swtpm/files/fix_signed_issue.patch delete mode 100644 recipes-tpm/swtpm/files/ioctl_h.patch delete mode 100644 recipes-tpm/swtpm/swtpm-wrappers-native.bb delete mode 100644 recipes-tpm/swtpm/swtpm_1.0.bb delete mode 100644 recipes-tpm/tpm-tools/files/tpm-tools-extendpcr.patch delete mode 100644 recipes-tpm/tpm-tools/tpm-tools_git.bb delete mode 100644 recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb delete mode 100644 recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 delete mode 100644 recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch delete mode 100644 recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb delete mode 100644 recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb delete mode 100644 recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch delete mode 100644 recipes-tpm/trousers/files/tcsd.service delete mode 100644 recipes-tpm/trousers/files/trousers-udev.rules delete mode 100644 recipes-tpm/trousers/files/trousers.init.sh delete mode 100644 recipes-tpm/trousers/trousers_git.bb diff --git a/meta-tpm/README b/meta-tpm/README new file mode 100644 index 0000000..e69de29 diff --git a/meta-tpm/conf/layer.conf b/meta-tpm/conf/layer.conf new file mode 100644 index 0000000..5085db5 --- /dev/null +++ b/meta-tpm/conf/layer.conf @@ -0,0 +1,13 @@ +# We have a conf and classes directory, add to BBPATH +BBPATH .= ":${LAYERDIR}" + +# We have a recipes directory, add to BBFILES +BBFILES += "${LAYERDIR}/recipes*/*/*.bb ${LAYERDIR}/recipes*/*/*.bbappend ${LAYERDIR}/classes/*.bbclass" + +BBFILE_COLLECTIONS += "tpm-layer" +BBFILE_PATTERN_tpm-layer = "^${LAYERDIR}/" +BBFILE_PRIORITY_tpm-layer = "6" + +LAYERDEPENDS_tpm-layer = " \ + core \ +" diff --git a/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend b/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend new file mode 100644 index 0000000..e6b3c65 --- /dev/null +++ b/meta-tpm/recipes-kernel/linux/linux-yocto_4.10.bbappend @@ -0,0 +1,5 @@ +# +# TPM kernel support + +KERNEL_FEATURES_append += "${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' features/tpm/tpm.scc', '', d)}" + diff --git a/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch b/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch new file mode 100644 index 0000000..9e1021a --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch @@ -0,0 +1,26 @@ +From 09e7dd42e5201d079bad70e9f7cc6033ce1c7cad Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Fri, 3 Feb 2017 10:58:22 -0500 +Subject: [PATCH] Convert another vdprintf to dprintf + +Signed-off-by: Stefan Berger +Upstream-Status: Backport +Signed-off-by: Armin Kuster + +--- + src/tpm_library.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: git/src/tpm_library.c +=================================================================== +--- git.orig/src/tpm_library.c ++++ git/src/tpm_library.c +@@ -427,7 +427,7 @@ void TPMLIB_LogPrintfA(unsigned int inde + indent = sizeof(spaces) - 1; + memset(spaces, ' ', indent); + spaces[indent] = 0; +- vdprintf(debug_fd, spaces, NULL); ++ dprintf(debug_fd, "%s", spaces); + } + + va_start(args, format); diff --git a/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch b/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch new file mode 100644 index 0000000..a71b5c1 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch @@ -0,0 +1,33 @@ +From 6a9b4e5d70f770aa9ca31e3e6d3b1ae72c192070 Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Tue, 31 Jan 2017 20:10:51 -0500 +Subject: [PATCH] Use format '%s' for call to dprintf + +Fix the dprintf call to use a format parameter that otherwise causes +errors with gcc on certain platforms. + +Signed-off-by: Stefan Berger + +Upstream-Status: Backport +replaces local patch +Signed-off-by: Armin Kuster + +--- + src/tpm_library.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +Index: git/src/tpm_library.c +=================================================================== +--- git.orig/src/tpm_library.c ++++ git/src/tpm_library.c +@@ -405,8 +405,8 @@ int TPMLIB_LogPrintf(const char *format, + } + + if (debug_prefix) +- dprintf(debug_fd, debug_prefix); +- dprintf(debug_fd, buffer); ++ dprintf(debug_fd, "%s", debug_prefix); ++ dprintf(debug_fd, "%s", buffer); + + return i; + } diff --git a/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch b/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch new file mode 100644 index 0000000..fc13aa5 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/files/fix_signed_issue.patch @@ -0,0 +1,48 @@ +Upstream-Status: Pending +Signed-off-by: Armin kuster + +Index: git/src/swtpm/ctrlchannel.c +=================================================================== +--- git.orig/src/swtpm/ctrlchannel.c ++++ git/src/swtpm/ctrlchannel.c +@@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm + uint32_t tpm_number = 0; + unsigned char *blob = NULL; + uint32_t blob_length = be32toh(pss->u.req.length); +- uint32_t remain = blob_length, offset = 0; ++ ssize_t remain = (ssize_t) blob_length; ++ uint32_t offset = 0; + TPM_RESULT res; + uint32_t flags = be32toh(pss->u.req.state_flags); + TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; +Index: git/src/swtpm_ioctl/tpm_ioctl.c +=================================================================== +--- git.orig/src/swtpm_ioctl/tpm_ioctl.c ++++ git/src/swtpm_ioctl/tpm_ioctl.c +@@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo + numbytes = write(file_fd, pgs.u.resp.data, + devtoh32(is_chardev, pgs.u.resp.length)); + +- if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { ++ if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { + fprintf(stderr, + "Could not write to file '%s': %s\n", + filename, strerror(errno)); +@@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo + had_error = true; + break; + } +- pss.u.req.length = htodev32(is_chardev, numbytes); ++ pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); + + /* the returnsize is zero on all intermediate packets */ + returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) +@@ -863,7 +863,7 @@ int main(int argc, char *argv[]) + return EXIT_FAILURE; + } + /* no tpm_result here */ +- printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); ++ printf("ptm capability is 0x%llx\n", (uint64_t)devtoh64(is_chardev, cap)); + + } else if (!strcmp(command, "-i")) { + init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); diff --git a/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb new file mode 100644 index 0000000..f9624f6 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb @@ -0,0 +1,20 @@ +SUMMARY = "LIBPM - Software TPM Library" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=97e5eea8d700d76b3ddfd35c4c96485f" + +SRCREV = "ad44846dda5a96e269ad2f78a532e01e9a2f02a1" +SRC_URI = " \ + git://github.com/stefanberger/libtpms.git \ + file://Convert-another-vdprintf-to-dprintf.patch \ + file://Use-format-s-for-call-to-dprintf.patch \ + " + +S = "${WORKDIR}/git" +inherit autotools-brokensep pkgconfig + +PACKAGECONFIG ?= "openssl" +PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" + +PV = "1.0+git${SRCPV}" + +BBCLASSEXTEND = "native" diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch new file mode 100644 index 0000000..e844045 --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_fcntl_h.patch @@ -0,0 +1,21 @@ +logging: Fix musl build issue with fcntl + + error: #warning redirecting incorrect #include to [-Werror=cpp] + #warning redirecting incorrect #include to + +Index: git/src/swtpm/logging.c +=================================================================== +--- git.orig/src/swtpm/logging.c ++++ git/src/swtpm/logging.c +@@ -43,7 +43,7 @@ + #include + #include + #include +-#include ++#include + #include + #include + #include diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch new file mode 100644 index 0000000..28aca4a --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_lib_search_path.patch @@ -0,0 +1,64 @@ +From 85706ceb6877ade3b589d3c390abf5b3492bb718 Mon Sep 17 00:00:00 2001 +From: Armin Kuster +Date: Thu, 13 Oct 2016 02:03:56 -0700 +Subject: [PATCH] swtpm: add new package + +Upstream-Status: Inappropriate [OE config] + +Signed-off-by: Armin Kuster + +Rebased to current tip. + +Signed-off-by: Patrick Ohly + +--- + configure.ac | 32 ++++++++++---------------------- + 1 file changed, 10 insertions(+), 22 deletions(-) + +diff --git a/configure.ac b/configure.ac +index c4a9c6d..6267f64 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -395,29 +395,17 @@ CFLAGS="$CFLAGS -Wformat -Wformat-security" + dnl We have to make sure libtpms is using the same crypto library + dnl to avoid problems + AC_MSG_CHECKING([the crypto library libtpms is using]) +-dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ +- sed -n '/SEARCH_DIR/p' | \ +- sed 's/SEARCH_DIR("=\?\(@<:@^"@:>@\+\)"); */\1\n/g') +-for dir in $dirs $LIBRARY_PATH; do +- if test -r $dir/libtpms.so; then +- if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then +- libtpms_cryptolib="openssl" +- break +- fi +- if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then +- libtpms_cryptolib="freebl" +- break +- fi ++dir="$SEARCH_DIR" ++if test -r $dir/libtpms.so; then ++ if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then ++ libtpms_cryptolib="openssl" ++ break + fi +- case $host_os in +- cygwin) +- if test -r $dir/libtpms.a; then +- if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then +- libtpms_cryptolib="openssl" +- fi +- fi +- esac +-done ++ if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then ++ libtpms_cryptolib="freebl" ++ break ++ fi ++fi + + if test -z "$libtpms_cryptolib"; then + AC_MSG_ERROR([Could not determine libtpms crypto library.]) +-- +2.1.4 + diff --git a/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch b/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch new file mode 100644 index 0000000..140585b --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/fix_signed_issue.patch @@ -0,0 +1,48 @@ +Upstream-Status: Pending +Signed-off-by Armin Kuster + +Index: git/src/swtpm/ctrlchannel.c +=================================================================== +--- git.orig/src/swtpm/ctrlchannel.c ++++ git/src/swtpm/ctrlchannel.c +@@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm + uint32_t tpm_number = 0; + unsigned char *blob = NULL; + uint32_t blob_length = be32toh(pss->u.req.length); +- uint32_t remain = blob_length, offset = 0; ++ ssize_t remain = (ssize_t) blob_length; ++ uint32_t offset = 0; + TPM_RESULT res; + uint32_t flags = be32toh(pss->u.req.state_flags); + TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; +Index: git/src/swtpm_ioctl/tpm_ioctl.c +=================================================================== +--- git.orig/src/swtpm_ioctl/tpm_ioctl.c ++++ git/src/swtpm_ioctl/tpm_ioctl.c +@@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo + numbytes = write(file_fd, pgs.u.resp.data, + devtoh32(is_chardev, pgs.u.resp.length)); + +- if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { ++ if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { + fprintf(stderr, + "Could not write to file '%s': %s\n", + filename, strerror(errno)); +@@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo + had_error = true; + break; + } +- pss.u.req.length = htodev32(is_chardev, numbytes); ++ pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); + + /* the returnsize is zero on all intermediate packets */ + returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) +@@ -863,7 +863,7 @@ int main(int argc, char *argv[]) + return EXIT_FAILURE; + } + /* no tpm_result here */ +- printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); ++ printf("ptm capability is 0x%llx\n", (long long unsigned)devtoh64(is_chardev, cap)); + + } else if (!strcmp(command, "-i")) { + init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); diff --git a/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch b/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch new file mode 100644 index 0000000..d736bc6 --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/files/ioctl_h.patch @@ -0,0 +1,22 @@ +tpm_ioctl: fix musl for missing ioctl + +tpm_ioctl.c: In function 'ioctl_to_cmd': +tpm_ioctl.c:86:26: error: '_IOC_NRSHIFT' undeclared (first use in this function) + return ((ioctlnum >> _IOC_NRSHIFT) & _IOC_NRMASK) + 1; + + +Upstream-status: +Signed-off-by: Armin Kuster + +Index: git/src/swtpm_ioctl/tpm_ioctl.c +=================================================================== +--- git.orig/src/swtpm_ioctl/tpm_ioctl.c ++++ git/src/swtpm_ioctl/tpm_ioctl.c +@@ -58,6 +58,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb new file mode 100644 index 0000000..644f3ac --- /dev/null +++ b/meta-tpm/recipes-tpm/swtpm/swtpm-wrappers-native.bb @@ -0,0 +1,53 @@ +SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools" +LICENSE = "MIT" +DEPENDS = "swtpm-native tpm-tools-native net-tools-native" + +inherit native + +# The whole point of the recipe is to make files available +# for use after the build is done, so don't clean up... +RM_WORK_EXCLUDE += "${PN}" + +do_create_wrapper () { + # Wrap (almost) all swtpm binaries. Some get special wrappers and some + # are not needed. + for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name 'swtpm*' -perm /+x -type f`; do + exe=`basename $i` + case $exe in + swtpm_setup.sh) + cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh < ++#include ++#include ++#include "tpm_tspi.h" ++#include "tpm_utils.h" ++#include "tpm_seal.h" ++ ++// #define TPM_EXTENDPCR_DEBUG ++ ++static void help(const char *aCmd) ++{ ++ logCmdHelp(aCmd); ++ logCmdOption("-i, --infile FILE", ++ _ ++ ("Filename containing data to extend PCRs with. Default is STDIN.")); ++ logCmdOption("-p, --pcr NUMBER", ++ _("PCR to extend.")); ++ ++} ++ ++static char in_filename[PATH_MAX] = ""; ++static TSS_HPCRS hPcrs = NULL_HPCRS; ++static TSS_HTPM hTpm; ++static UINT32 selectedPcrs[24]; ++static UINT32 selectedPcrsLen = 0; ++TSS_HCONTEXT hContext = 0; ++ ++static int parse(const int aOpt, const char *aArg) ++{ ++ int rc = -1; ++ ++ switch (aOpt) { ++ case 'i': ++ if (aArg) { ++ strncpy(in_filename, aArg, PATH_MAX); ++ rc = 0; ++ } ++ break; ++ case 'p': ++ if (aArg) { ++ selectedPcrs[selectedPcrsLen++] = atoi(aArg); ++ rc = 0; ++ } ++ break; ++ default: ++ break; ++ } ++ return rc; ++ ++} ++ ++int main(int argc, char **argv) ++{ ++ ++ int iRc = -1; ++ struct option opts[] = { ++ {"infile", required_argument, NULL, 'i'}, ++ {"pcr", required_argument, NULL, 'p'}, ++ }; ++ unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16]; ++ int lineLen; ++ UINT32 i; ++ ++ BIO *bin = NULL; ++ ++ initIntlSys(); ++ ++ if (genericOptHandler(argc, argv, "i:p:", opts, ++ sizeof(opts) / sizeof(struct option), parse, ++ help) != 0) ++ goto out; ++ ++ if (contextCreate(&hContext) != TSS_SUCCESS) ++ goto out; ++ ++ if (contextConnect(hContext) != TSS_SUCCESS) ++ goto out_close; ++ ++ if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS) ++ goto out_close; ++ ++ /* Create a BIO for the input file */ ++ if ((bin = BIO_new(BIO_s_file())) == NULL) { ++ logError(_("Unable to open input BIO\n")); ++ goto out_close; ++ } ++ ++ /* Assign the input file to the BIO */ ++ if (strlen(in_filename) == 0) ++ BIO_set_fp(bin, stdin, BIO_NOCLOSE); ++ else if (!BIO_read_filename(bin, in_filename)) { ++ logError(_("Unable to open input file: %s\n"), ++ in_filename); ++ goto out_close; ++ } ++ ++ /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be ++ * a 1.2 TSS/TPM */ ++ if (selectedPcrsLen) { ++ TSS_FLAG initFlag = 0; ++ UINT32 pcrSize; ++ BYTE *pcrValue; ++ ++ for (i = 0; i < selectedPcrsLen; i++) { ++ if (selectedPcrs[i] > 15) { ++#ifdef TSS_LIB_IS_12 ++ initFlag |= TSS_PCRS_STRUCT_INFO_LONG; ++#else ++ logError(_("This version of %s was compiled for a v1.1 TSS, which " ++ "can only seal\n data to PCRs 0-15. PCR %u is out of range" ++ "\n"), argv[0], selectedPcrs[i]); ++ goto out_close; ++#endif ++ } ++ } ++ ++ unsigned char msg[EVP_MAX_MD_SIZE]; ++ unsigned int msglen; ++ EVP_MD_CTX ctx; ++ EVP_DigestInit(&ctx, EVP_sha1()); ++ while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0) ++ EVP_DigestUpdate(&ctx, line, lineLen); ++ EVP_DigestFinal(&ctx, msg, &msglen); ++ ++ if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag, ++ &hPcrs) != TSS_SUCCESS) ++ goto out_close; ++ ++ for (i = 0; i < selectedPcrsLen; i++) { ++#ifdef TPM_EXTENDPCR_DEBUG ++ if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS) ++ goto out_close; ++ ++ unsigned int j; ++ for (j = 0; j < pcrSize; j++) ++ printf("%02X ", pcrValue[j]); ++ printf("\n"); ++#endif ++ ++ if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS) ++ goto out_close; ++ ++#ifdef TPM_EXTENDPCR_DEBUG ++ for (j = 0; j < pcrSize; j++) ++ printf("%02X ", pcrValue[j]); ++ printf("\n"); ++#endif ++ } ++ } ++ ++ iRc = 0; ++ logSuccess(argv[0]); ++ ++out_close: ++ contextClose(hContext); ++ ++out: ++ if (bin) ++ BIO_free(bin); ++ return iRc; ++} diff --git a/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb b/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb new file mode 100644 index 0000000..f670bff --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm-tools/tpm-tools_git.bb @@ -0,0 +1,35 @@ +SUMMARY = "The tpm-tools package contains commands to allow the platform administrator the ability to manage and diagnose the platform's TPM." +DESCRIPTION = " \ + The tpm-tools package contains commands to allow the platform administrator \ + the ability to manage and diagnose the platform's TPM. Additionally, the \ + package contains commands to utilize some of the capabilities available \ + in the TPM PKCS#11 interface implemented in the openCryptoki project. \ + " +SECTION = "tpm" +LICENSE = "CPL-1.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=059e8cd6165cb4c31e351f2b69388fd9" + +DEPENDS = "libtspi openssl" +DEPENDS_class-native = "trousers-native" + +SRCREV = "5c5126bedf2da97906358adcfb8c43c86e7dd0ee" +SRC_URI = " \ + git://git.code.sf.net/p/trousers/tpm-tools \ + file://tpm-tools-extendpcr.patch \ + " + +PV = "1.3.9.1+git${SRCPV}" + +inherit autotools-brokensep gettext + +S = "${WORKDIR}/git" + +do_configure_prepend () { + mkdir -p po + mkdir -p m4 + cp -R po_/* po/ + touch po/Makefile.in.in + touch m4/Makefile.am +} + +BBCLASSEXTEND = "native" diff --git a/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb new file mode 100644 index 0000000..6f1141c --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb @@ -0,0 +1,20 @@ +SUMMARY = "Tools for TPM2." +DESCRIPTION = "tpm2.0-tools" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=91b7c548d73ea16537799e8060cea819" +SECTION = "tpm" + +DEPENDS = "pkgconfig tpm2.0-tss openssl curl autoconf-archive" + +# Mar 17, 2017 +SRCREV = "0b744d1b13ce57b4be547ae773d7db1cbccf9a04" + +SRC_URI = "git://github.com/01org/tpm2.0-tools.git;protocol=git;branch=master;name=tpm2.0-tools;destsuffix=tpm2.0-tools" + +S = "${WORKDIR}/tpm2.0-tools" + +PV = "git${SRCPV}" + +inherit autotools pkgconfig + + diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 new file mode 100644 index 0000000..d383ad5 --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 @@ -0,0 +1,332 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_pthread.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) +# +# DESCRIPTION +# +# This macro figures out how to build C programs using POSIX threads. It +# sets the PTHREAD_LIBS output variable to the threads library and linker +# flags, and the PTHREAD_CFLAGS output variable to any special C compiler +# flags that are needed. (The user can also force certain compiler +# flags/libs to be tested by setting these environment variables.) +# +# Also sets PTHREAD_CC to any special C compiler that is needed for +# multi-threaded programs (defaults to the value of CC otherwise). (This +# is necessary on AIX to use the special cc_r compiler alias.) +# +# NOTE: You are assumed to not only compile your program with these flags, +# but also link it with them as well. e.g. you should link with +# $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS +# +# If you are only building threads programs, you may wish to use these +# variables in your default LIBS, CFLAGS, and CC: +# +# LIBS="$PTHREAD_LIBS $LIBS" +# CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +# CC="$PTHREAD_CC" +# +# In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant +# has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name +# (e.g. PTHREAD_CREATE_UNDETACHED on AIX). +# +# Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the +# PTHREAD_PRIO_INHERIT symbol is defined when compiling with +# PTHREAD_CFLAGS. +# +# ACTION-IF-FOUND is a list of shell commands to run if a threads library +# is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it +# is not found. If ACTION-IF-FOUND is not specified, the default action +# will define HAVE_PTHREAD. +# +# Please let the authors know if this macro fails on any platform, or if +# you have any other suggestions or comments. This macro was based on work +# by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help +# from M. Frigo), as well as ac_pthread and hb_pthread macros posted by +# Alejandro Forero Cuervo to the autoconf macro repository. We are also +# grateful for the helpful feedback of numerous users. +# +# Updated for Autoconf 2.68 by Daniel Richard G. +# +# LICENSE +# +# Copyright (c) 2008 Steven G. Johnson +# Copyright (c) 2011 Daniel Richard G. +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 21 + +AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) +AC_DEFUN([AX_PTHREAD], [ +AC_REQUIRE([AC_CANONICAL_HOST]) +AC_LANG_PUSH([C]) +ax_pthread_ok=no + +# We used to check for pthread.h first, but this fails if pthread.h +# requires special compiler flags (e.g. on True64 or Sequent). +# It gets checked for in the link test anyway. + +# First of all, check if the user has set any of the PTHREAD_LIBS, +# etcetera environment variables, and if threads linking works using +# them: +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) + AC_TRY_LINK_FUNC([pthread_join], [ax_pthread_ok=yes]) + AC_MSG_RESULT([$ax_pthread_ok]) + if test x"$ax_pthread_ok" = xno; then + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" + fi + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" +fi + +# We must check for the threads library under a number of different +# names; the ordering is very important because some systems +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the +# libraries is broken (non-POSIX). + +# Create a list of thread flags to try. Items starting with a "-" are +# C compiler flags, and other items are library names, except for "none" +# which indicates that we try without any flags at all, and "pthread-config" +# which is a program returning the flags for the Pth emulation library. + +ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" + +# The ordering *is* (sometimes) important. Some notes on the +# individual items follow: + +# pthreads: AIX (must check this before -lpthread) +# none: in case threads are in libc; should be tried before -Kthread and +# other compiler flags to prevent continual compiler warnings +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) +# -pthreads: Solaris/gcc +# -mthreads: Mingw32/gcc, Lynx/gcc +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it +# doesn't hurt to check since this sometimes defines pthreads too; +# also defines -D_REENTRANT) +# ... -mt is also the pthreads flag for HP/aCC +# pthread: Linux, etcetera +# --thread-safe: KAI C++ +# pthread-config: use pthread-config program (for GNU Pth library) + +case ${host_os} in + solaris*) + + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + + ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" + ;; + + darwin*) + ax_pthread_flags="-pthread $ax_pthread_flags" + ;; +esac + +# Clang doesn't consider unrecognized options an error unless we specify +# -Werror. We throw in some extra Clang-specific options to ensure that +# this doesn't happen for GCC, which also accepts -Werror. + +AC_MSG_CHECKING([if compiler needs -Werror to reject unknown flags]) +save_CFLAGS="$CFLAGS" +ax_pthread_extra_flags="-Werror" +CFLAGS="$CFLAGS $ax_pthread_extra_flags -Wunknown-warning-option -Wsizeof-array-argument" +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([int foo(void);],[foo()])], + [AC_MSG_RESULT([yes])], + [ax_pthread_extra_flags= + AC_MSG_RESULT([no])]) +CFLAGS="$save_CFLAGS" + +if test x"$ax_pthread_ok" = xno; then +for flag in $ax_pthread_flags; do + + case $flag in + none) + AC_MSG_CHECKING([whether pthreads work without any flags]) + ;; + + -*) + AC_MSG_CHECKING([whether pthreads work with $flag]) + PTHREAD_CFLAGS="$flag" + ;; + + pthread-config) + AC_CHECK_PROG([ax_pthread_config], [pthread-config], [yes], [no]) + if test x"$ax_pthread_config" = xno; then continue; fi + PTHREAD_CFLAGS="`pthread-config --cflags`" + PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" + ;; + + *) + AC_MSG_CHECKING([for the pthreads library -l$flag]) + PTHREAD_LIBS="-l$flag" + ;; + esac + + save_LIBS="$LIBS" + save_CFLAGS="$CFLAGS" + LIBS="$PTHREAD_LIBS $LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS $ax_pthread_extra_flags" + + # Check for various functions. We must include pthread.h, + # since some functions may be macros. (On the Sequent, we + # need a special flag -Kthread to make this header compile.) + # We check for pthread_join because it is in -lpthread on IRIX + # while pthread_create is in libc. We check for pthread_attr_init + # due to DEC craziness with -lpthreads. We check for + # pthread_cleanup_push because it is one of the few pthread + # functions on Solaris that doesn't have a non-functional libc stub. + # We try pthread_create on general principles. + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include + static void routine(void *a) { a = 0; } + static void *start_routine(void *a) { return a; }], + [pthread_t th; pthread_attr_t attr; + pthread_create(&th, 0, start_routine, 0); + pthread_join(th, 0); + pthread_attr_init(&attr); + pthread_cleanup_push(routine, 0); + pthread_cleanup_pop(0) /* ; */])], + [ax_pthread_ok=yes], + []) + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + AC_MSG_RESULT([$ax_pthread_ok]) + if test "x$ax_pthread_ok" = xyes; then + break; + fi + + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" +done +fi + +# Various other checks: +if test "x$ax_pthread_ok" = xyes; then + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + + # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. + AC_MSG_CHECKING([for joinable pthread attribute]) + attr_name=unknown + for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include ], + [int attr = $attr; return attr /* ; */])], + [attr_name=$attr; break], + []) + done + AC_MSG_RESULT([$attr_name]) + if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then + AC_DEFINE_UNQUOTED([PTHREAD_CREATE_JOINABLE], [$attr_name], + [Define to necessary symbol if this constant + uses a non-standard name on your system.]) + fi + + AC_MSG_CHECKING([if more special flags are required for pthreads]) + flag=no + case ${host_os} in + aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; + osf* | hpux*) flag="-D_REENTRANT";; + solaris*) + if test "$GCC" = "yes"; then + flag="-D_REENTRANT" + else + # TODO: What about Clang on Solaris? + flag="-mt -D_REENTRANT" + fi + ;; + esac + AC_MSG_RESULT([$flag]) + if test "x$flag" != xno; then + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" + fi + + AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT], + [ax_cv_PTHREAD_PRIO_INHERIT], [ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], + [[int i = PTHREAD_PRIO_INHERIT;]])], + [ax_cv_PTHREAD_PRIO_INHERIT=yes], + [ax_cv_PTHREAD_PRIO_INHERIT=no]) + ]) + AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"], + [AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], [1], [Have PTHREAD_PRIO_INHERIT.])]) + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + # More AIX lossage: compile with *_r variant + if test "x$GCC" != xyes; then + case $host_os in + aix*) + AS_CASE(["x/$CC"], + [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6], + [#handle absolute path differently from PATH based program lookup + AS_CASE(["x$CC"], + [x/*], + [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])], + [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])]) + ;; + esac + fi +fi + +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + +AC_SUBST([PTHREAD_LIBS]) +AC_SUBST([PTHREAD_CFLAGS]) +AC_SUBST([PTHREAD_CC]) + +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: +if test x"$ax_pthread_ok" = xyes; then + ifelse([$1],,[AC_DEFINE([HAVE_PTHREAD],[1],[Define if you have POSIX threads libraries and header files.])],[$1]) + : +else + ax_pthread_ok=no + $2 +fi +AC_LANG_POP +])dnl AX_PTHREAD diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch new file mode 100644 index 0000000..ecaca6e --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch @@ -0,0 +1,31 @@ +This fixes musl build issue do to missing FD_* defines. +Add sys/select.h + +Upstream-Status: Pending + +Signed-off-by: Armin Kuster + +Index: TPM2.0-TSS/tcti/tcti_socket.cpp +=================================================================== +--- TPM2.0-TSS.orig/tcti/tcti_socket.cpp ++++ TPM2.0-TSS/tcti/tcti_socket.cpp +@@ -28,6 +28,7 @@ + #include + #include // Needed for _wtoi + ++#include "sys/select.h" + #include + #include + #include "sysapi_util.h" +Index: TPM2.0-TSS/resourcemgr/resourcemgr.c +=================================================================== +--- TPM2.0-TSS.orig/resourcemgr/resourcemgr.c ++++ TPM2.0-TSS/resourcemgr/resourcemgr.c +@@ -28,6 +28,7 @@ + #include + #include // Needed for _wtoi + ++#include "sys/select.h" + #include + #include + #include diff --git a/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb new file mode 100644 index 0000000..14ec0ab --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb @@ -0,0 +1,96 @@ +SUMMARY = "Software stack for TPM2." +DESCRIPTION = "tpm2.0-tss like woah." +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" +SECTION = "tpm" + +DEPENDS = "autoconf-archive pkgconfig" + +SRCREV = "30794affab01598bbacfe1f167be7c068a0c0476" + +SRC_URI = " \ + git://github.com/01org/TPM2.0-TSS.git;protocol=git;branch=master;name=TPM2.0-TSS;destsuffix=TPM2.0-TSS \ + file://ax_pthread.m4 \ +" + +inherit autotools pkgconfig systemd + +S = "${WORKDIR}/${@d.getVar('BPN',d).upper()}" + +do_configure_prepend () { + mkdir -p ${S}/m4 + cp ${WORKDIR}/ax_pthread.m4 ${S}/m4 + # execute the bootstrap script + currentdir=$(pwd) + cd ${S} + ACLOCAL="aclocal --system-acdir=${STAGING_DATADIR}/aclocal" ./bootstrap + cd $currentdir +} + +INHERIT += "extrausers" +EXTRA_USERS_PARAMS = "\ + useradd -p '' tss; \ + groupadd tss; \ + " + +SYSTEMD_PACKAGES += "resourcemgr" +SYSTEMD_SERVICE_resourcemgr = "resourcemgr.service" +SYSTEMD_AUTO_ENABLE_resourcemgr = "enable" + +do_patch[postfuncs] += "fix_systemd_unit" +fix_systemd_unit () { + sed -i -e 's;^ExecStart=.*/resourcemgr;ExecStart=${sbindir}/resourcemgr;' ${S}/contrib/resourcemgr.service +} + +do_install_append() { + install -d ${D}${systemd_system_unitdir} + install -m0644 ${S}/contrib/resourcemgr.service ${D}${systemd_system_unitdir}/resourcemgr.service +} + +PROVIDES = "${PACKAGES}" +PACKAGES = " \ + ${PN}-dbg \ + libtss2 \ + libtss2-dev \ + libtss2-staticdev \ + libtctidevice \ + libtctidevice-dev \ + libtctidevice-staticdev \ + libtctisocket \ + libtctisocket-dev \ + libtctisocket-staticdev \ + resourcemgr \ +" + +FILES_libtss2 = " \ + ${libdir}/libsapi.so.0.0.0 \ + ${libdir}/libmarshal.so.0.0.0 \ +" +FILES_libtss2-dev = " \ + ${includedir}/sapi \ + ${includedir}/tcti/common.h \ + ${libdir}/libsapi.so* \ + ${libdir}/libmarshal.so* \ + ${libdir}/pkgconfig/sapi.pc \ +" +FILES_libtss2-staticdev = " \ + ${libdir}/libsapi.a \ + ${libdir}/libsapi.la \ + ${libdir}/libmarshal.a \ + ${libdir}/libmarshal.la \ +" +FILES_libtctidevice = "${libdir}/libtcti-device.so.0.0.0" +FILES_libtctidevice-dev = " \ + ${includedir}/tcti/tcti_device.h \ + ${libdir}/libtcti-device.so* \ + ${libdir}/pkgconfig/tcti-device.pc \ +" +FILES_libtctidevice-staticdev = "${libdir}/libtcti-device.*a" +FILES_libtctisocket = "${libdir}/libtcti-socket.so.0.0.0" +FILES_libtctisocket-dev = " \ + ${includedir}/tcti/tcti_socket.h \ + ${libdir}/libtcti-socket.so* \ + ${libdir}/pkgconfig/tcti-socket.pc \ +" +FILES_libtctisocket-staticdev = "${libdir}/libtcti-socket.*a" +FILES_resourcemgr = "${sbindir}/resourcemgr ${systemd_system_unitdir}/resourcemgr.service" diff --git a/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb b/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb new file mode 100644 index 0000000..a53d4c3 --- /dev/null +++ b/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb @@ -0,0 +1,24 @@ +SUMMARY = "TPM 2.0 Simulator Extraction Script" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=1415f7be284540b81d9d28c67c1a6b8b" + +DEPENDS += "python" + +SRCREV = "93dc4412432013ed7bcabd42007754c68f6e362e" +SRC_URI = "git://github.com/stwagnr/tpm2simulator.git" + +S = "${WORKDIR}/git" +OECMAKE_SOURCEPATH = "${S}/cmake" + +PV = "116+git${SRCPV}" + +inherit native lib_package cmake + +EXTRA_OECMAKE = " \ + -DCMAKE_BUILD_TYPE=Debug \ + -DSPEC_VERSION=116 \ +" + +do_configure_prepend () { + sed -i 's/^SET = False/SET = True/' ${S}/scripts/settings.py +} diff --git a/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch b/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch new file mode 100644 index 0000000..3f5a144 --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch @@ -0,0 +1,49 @@ +trousers: fix compiling with musl + +use POSIX getpwent instead of getpwent_r + +Upstream-Status: Submitted + +Signed-off-by: Armin Kuster + +Index: git/src/tspi/ps/tspps.c +=================================================================== +--- git.orig/src/tspi/ps/tspps.c ++++ git/src/tspi/ps/tspps.c +@@ -66,9 +66,6 @@ get_user_ps_path(char **file) + TSS_RESULT result; + char *file_name = NULL, *home_dir = NULL; + struct passwd *pwp; +-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) +- struct passwd pw; +-#endif + struct stat stat_buf; + char buf[PASSWD_BUFSIZE]; + uid_t euid; +@@ -96,24 +93,15 @@ get_user_ps_path(char **file) + #else + setpwent(); + while (1) { +-#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) +- rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); +- if (rc) { +- LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", +- strerror(rc)); +- endpwent(); +- return TSPERR(TSS_E_INTERNAL_ERROR); +- } +- +-#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) + if ((pwp = getpwent()) == NULL) { + LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", + strerror(rc)); + endpwent(); ++#if (defined (__FreeBSD__) || defined (__OpenBSD__)) + MUTEX_UNLOCK(user_ps_path); ++#endif + return TSPERR(TSS_E_INTERNAL_ERROR); + } +-#endif + if (euid == pwp->pw_uid) { + home_dir = strdup(pwp->pw_dir); + break; diff --git a/meta-tpm/recipes-tpm/trousers/files/tcsd.service b/meta-tpm/recipes-tpm/trousers/files/tcsd.service new file mode 100644 index 0000000..787d4e9 --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/tcsd.service @@ -0,0 +1,10 @@ +[Unit] +Description=TCG Core Services Daemon +After=syslog.target + +[Service] +Type=forking +ExecStart=@SBINDIR@/tcsd + +[Install] +WantedBy=multi-user.target diff --git a/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules b/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules new file mode 100644 index 0000000..256babd --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules @@ -0,0 +1,2 @@ +# trousers daemon expects tpm device to be owned by tss user & group +KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss" diff --git a/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh new file mode 100644 index 0000000..0ecf7cc --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh @@ -0,0 +1,65 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: tcsd trousers +# Required-Start: $local_fs $remote_fs $network +# Required-Stop: $local_fs $remote_fs $network +# Should-Start: +# Should-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: starts tcsd +# Description: tcsd belongs to the TrouSerS TCG Software Stack +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/tcsd +NAME=tcsd +DESC="Trusted Computing daemon" +USER="tss" + +test -x "${DAEMON}" || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +case "${1}" in + start) + echo "Starting $DESC: " + + if [ ! -e /dev/tpm* ] + then + echo "device driver not loaded, skipping." + exit 0 + fi + + start-stop-daemon --start --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} -- ${DAEMON_OPTS} + RETVAL="$?" + echo "$NAME." + [ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid + exit $RETVAL + ;; + + stop) + echo "Stopping $DESC: " + + start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON} + RETVAL="$?" + echo "$NAME." + rm -f /var/run/${NAME}.pid + exit $RETVAL + ;; + + restart|force-reload) + "${0}" stop + sleep 1 + "${0}" start + exit $? + ;; + *) + echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2 + exit 3 + ;; +esac + +exit 0 diff --git a/meta-tpm/recipes-tpm/trousers/trousers_git.bb b/meta-tpm/recipes-tpm/trousers/trousers_git.bb new file mode 100644 index 0000000..352374c --- /dev/null +++ b/meta-tpm/recipes-tpm/trousers/trousers_git.bb @@ -0,0 +1,117 @@ +SUMMARY = "TrouSerS - An open-source TCG Software Stack implementation." +LICENSE = "BSD" +HOMEPAGE = "http://sourceforge.net/projects/trousers/" +LIC_FILES_CHKSUM = "file://README;startline=3;endline=4;md5=2af28fbed0832e4d83a9e6dd68bb4413" +SECTION = "security/tpm" + +DEPENDS = "openssl" + +SRCREV = "4b9a70d5789b0b74f43957a6c19ab2156a72d3e0" +PV = "0.3.14+git${SRCPV}" + +SRC_URI = " \ + git://git.code.sf.net/p/trousers/trousers \ + file://trousers.init.sh \ + file://trousers-udev.rules \ + file://tcsd.service \ + file://get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch \ + " + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig useradd update-rc.d ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)} + +PACKAGECONFIG ?= "gmp " +PACKAGECONFIG[gmp] = "--with-gmp, --with-gmp=no, gmp" +PACKAGECONFIG[gtk] = "--with-gui=gtk, --with-gui=none, gtk+" + +do_install () { + oe_runmake DESTDIR=${D} install +} + +do_install_append() { + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/trousers.init.sh ${D}${sysconfdir}/init.d/trousers + install -d ${D}${sysconfdir}/udev/rules.d + install -m 0644 ${WORKDIR}/trousers-udev.rules ${D}${sysconfdir}/udev/rules.d/45-trousers.rules + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/tcsd.service ${D}${systemd_unitdir}/system/ + sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/tcsd.service + fi +} + +CONFFILES_${PN} += "${sysconfig}/tcsd.conf" + +PROVIDES = "${PACKAGES}" +PACKAGES = " \ + libtspi \ + libtspi-dbg \ + libtspi-dev \ + libtspi-doc \ + libtspi-staticdev \ + trousers \ + trousers-dbg \ + trousers-doc \ + " + +# libtspi needs tcsd for most (all?) operations, so suggest to +# install that. +RRECOMMENDS_libtspi = "${PN}" + +FILES_libtspi = " \ + ${libdir}/*.so.1 \ + ${libdir}/*.so.1.2.0 \ + " +FILES_libtspi-dbg = " \ + ${libdir}/.debug \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tspi \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trspi \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/*.h \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/tss \ + " +FILES_libtspi-dev = " \ + ${includedir} \ + ${libdir}/*.so \ + " +FILES_libtspi-doc = " \ + ${mandir}/man3 \ + " +FILES_libtspi-staticdev = " \ + ${libdir}/*.la \ + ${libdir}/*.a \ + " +FILES_${PN} = " \ + ${sbindir}/tcsd \ + ${sysconfdir} \ + ${localstatedir} \ + " + +FILES_${PN}-dev += "${libdir}/trousers" + +FILES_${PN}-dbg = " \ + ${sbindir}/.debug \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcs \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcsd \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tddl \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trousers \ + ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/trousers \ + " +FILES_${PN}-doc = " \ + ${mandir}/man5 \ + ${mandir}/man8 \ + " + +INITSCRIPT_NAME = "trousers" +INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ." + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "--system tss" +USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" + +SYSTEMD_PACKAGES = "${PN}" +SYSTEMD_SERVICE_${PN} = "tcsd.service" +SYSTEMD_AUTO_ENABLE = "disable" + +BBCLASSEXTEND = "native" diff --git a/recipes-kernel/linux/linux-yocto_4.10.bbappend b/recipes-kernel/linux/linux-yocto_4.10.bbappend index 35a32b6..0e610d4 100644 --- a/recipes-kernel/linux/linux-yocto_4.10.bbappend +++ b/recipes-kernel/linux/linux-yocto_4.10.bbappend @@ -1,8 +1,5 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-4.10:" -# TPM kernel support -KERNEL_FEATURES_append += "${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' features/tpm/tpm.scc', '', d)}" - SRC_URI += "\ ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor.cfg', '', d)} \ " diff --git a/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch b/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch deleted file mode 100644 index 9e1021a..0000000 --- a/recipes-tpm/libtpm/files/Convert-another-vdprintf-to-dprintf.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 09e7dd42e5201d079bad70e9f7cc6033ce1c7cad Mon Sep 17 00:00:00 2001 -From: Stefan Berger -Date: Fri, 3 Feb 2017 10:58:22 -0500 -Subject: [PATCH] Convert another vdprintf to dprintf - -Signed-off-by: Stefan Berger -Upstream-Status: Backport -Signed-off-by: Armin Kuster - ---- - src/tpm_library.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: git/src/tpm_library.c -=================================================================== ---- git.orig/src/tpm_library.c -+++ git/src/tpm_library.c -@@ -427,7 +427,7 @@ void TPMLIB_LogPrintfA(unsigned int inde - indent = sizeof(spaces) - 1; - memset(spaces, ' ', indent); - spaces[indent] = 0; -- vdprintf(debug_fd, spaces, NULL); -+ dprintf(debug_fd, "%s", spaces); - } - - va_start(args, format); diff --git a/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch b/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch deleted file mode 100644 index a71b5c1..0000000 --- a/recipes-tpm/libtpm/files/Use-format-s-for-call-to-dprintf.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 6a9b4e5d70f770aa9ca31e3e6d3b1ae72c192070 Mon Sep 17 00:00:00 2001 -From: Stefan Berger -Date: Tue, 31 Jan 2017 20:10:51 -0500 -Subject: [PATCH] Use format '%s' for call to dprintf - -Fix the dprintf call to use a format parameter that otherwise causes -errors with gcc on certain platforms. - -Signed-off-by: Stefan Berger - -Upstream-Status: Backport -replaces local patch -Signed-off-by: Armin Kuster - ---- - src/tpm_library.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -Index: git/src/tpm_library.c -=================================================================== ---- git.orig/src/tpm_library.c -+++ git/src/tpm_library.c -@@ -405,8 +405,8 @@ int TPMLIB_LogPrintf(const char *format, - } - - if (debug_prefix) -- dprintf(debug_fd, debug_prefix); -- dprintf(debug_fd, buffer); -+ dprintf(debug_fd, "%s", debug_prefix); -+ dprintf(debug_fd, "%s", buffer); - - return i; - } diff --git a/recipes-tpm/libtpm/files/fix_signed_issue.patch b/recipes-tpm/libtpm/files/fix_signed_issue.patch deleted file mode 100644 index fc13aa5..0000000 --- a/recipes-tpm/libtpm/files/fix_signed_issue.patch +++ /dev/null @@ -1,48 +0,0 @@ -Upstream-Status: Pending -Signed-off-by: Armin kuster - -Index: git/src/swtpm/ctrlchannel.c -=================================================================== ---- git.orig/src/swtpm/ctrlchannel.c -+++ git/src/swtpm/ctrlchannel.c -@@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm - uint32_t tpm_number = 0; - unsigned char *blob = NULL; - uint32_t blob_length = be32toh(pss->u.req.length); -- uint32_t remain = blob_length, offset = 0; -+ ssize_t remain = (ssize_t) blob_length; -+ uint32_t offset = 0; - TPM_RESULT res; - uint32_t flags = be32toh(pss->u.req.state_flags); - TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; -Index: git/src/swtpm_ioctl/tpm_ioctl.c -=================================================================== ---- git.orig/src/swtpm_ioctl/tpm_ioctl.c -+++ git/src/swtpm_ioctl/tpm_ioctl.c -@@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo - numbytes = write(file_fd, pgs.u.resp.data, - devtoh32(is_chardev, pgs.u.resp.length)); - -- if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { -+ if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { - fprintf(stderr, - "Could not write to file '%s': %s\n", - filename, strerror(errno)); -@@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo - had_error = true; - break; - } -- pss.u.req.length = htodev32(is_chardev, numbytes); -+ pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); - - /* the returnsize is zero on all intermediate packets */ - returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) -@@ -863,7 +863,7 @@ int main(int argc, char *argv[]) - return EXIT_FAILURE; - } - /* no tpm_result here */ -- printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); -+ printf("ptm capability is 0x%llx\n", (uint64_t)devtoh64(is_chardev, cap)); - - } else if (!strcmp(command, "-i")) { - init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); diff --git a/recipes-tpm/libtpm/libtpm_1.0.bb b/recipes-tpm/libtpm/libtpm_1.0.bb deleted file mode 100644 index f9624f6..0000000 --- a/recipes-tpm/libtpm/libtpm_1.0.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "LIBPM - Software TPM Library" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=97e5eea8d700d76b3ddfd35c4c96485f" - -SRCREV = "ad44846dda5a96e269ad2f78a532e01e9a2f02a1" -SRC_URI = " \ - git://github.com/stefanberger/libtpms.git \ - file://Convert-another-vdprintf-to-dprintf.patch \ - file://Use-format-s-for-call-to-dprintf.patch \ - " - -S = "${WORKDIR}/git" -inherit autotools-brokensep pkgconfig - -PACKAGECONFIG ?= "openssl" -PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" - -PV = "1.0+git${SRCPV}" - -BBCLASSEXTEND = "native" diff --git a/recipes-tpm/swtpm/files/fix_fcntl_h.patch b/recipes-tpm/swtpm/files/fix_fcntl_h.patch deleted file mode 100644 index e844045..0000000 --- a/recipes-tpm/swtpm/files/fix_fcntl_h.patch +++ /dev/null @@ -1,21 +0,0 @@ -logging: Fix musl build issue with fcntl - - error: #warning redirecting incorrect #include to [-Werror=cpp] - #warning redirecting incorrect #include to - -Index: git/src/swtpm/logging.c -=================================================================== ---- git.orig/src/swtpm/logging.c -+++ git/src/swtpm/logging.c -@@ -43,7 +43,7 @@ - #include - #include - #include --#include -+#include - #include - #include - #include diff --git a/recipes-tpm/swtpm/files/fix_lib_search_path.patch b/recipes-tpm/swtpm/files/fix_lib_search_path.patch deleted file mode 100644 index 28aca4a..0000000 --- a/recipes-tpm/swtpm/files/fix_lib_search_path.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 85706ceb6877ade3b589d3c390abf5b3492bb718 Mon Sep 17 00:00:00 2001 -From: Armin Kuster -Date: Thu, 13 Oct 2016 02:03:56 -0700 -Subject: [PATCH] swtpm: add new package - -Upstream-Status: Inappropriate [OE config] - -Signed-off-by: Armin Kuster - -Rebased to current tip. - -Signed-off-by: Patrick Ohly - ---- - configure.ac | 32 ++++++++++---------------------- - 1 file changed, 10 insertions(+), 22 deletions(-) - -diff --git a/configure.ac b/configure.ac -index c4a9c6d..6267f64 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -395,29 +395,17 @@ CFLAGS="$CFLAGS -Wformat -Wformat-security" - dnl We have to make sure libtpms is using the same crypto library - dnl to avoid problems - AC_MSG_CHECKING([the crypto library libtpms is using]) --dirs=$($CC $CFLAGS -Xlinker --verbose 2>/dev/null | \ -- sed -n '/SEARCH_DIR/p' | \ -- sed 's/SEARCH_DIR("=\?\(@<:@^"@:>@\+\)"); */\1\n/g') --for dir in $dirs $LIBRARY_PATH; do -- if test -r $dir/libtpms.so; then -- if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then -- libtpms_cryptolib="openssl" -- break -- fi -- if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then -- libtpms_cryptolib="freebl" -- break -- fi -+dir="$SEARCH_DIR" -+if test -r $dir/libtpms.so; then -+ if test -n "`ldd $dir/libtpms.so | grep libcrypto.so`"; then -+ libtpms_cryptolib="openssl" -+ break - fi -- case $host_os in -- cygwin) -- if test -r $dir/libtpms.a; then -- if test -n "$(nm $dir/libtpms.a | grep "U AES_encrypt")"; then -- libtpms_cryptolib="openssl" -- fi -- fi -- esac --done -+ if test -n "`ldd $dir/libtpms.so | grep libnss3.so`"; then -+ libtpms_cryptolib="freebl" -+ break -+ fi -+fi - - if test -z "$libtpms_cryptolib"; then - AC_MSG_ERROR([Could not determine libtpms crypto library.]) --- -2.1.4 - diff --git a/recipes-tpm/swtpm/files/fix_signed_issue.patch b/recipes-tpm/swtpm/files/fix_signed_issue.patch deleted file mode 100644 index 140585b..0000000 --- a/recipes-tpm/swtpm/files/fix_signed_issue.patch +++ /dev/null @@ -1,48 +0,0 @@ -Upstream-Status: Pending -Signed-off-by Armin Kuster - -Index: git/src/swtpm/ctrlchannel.c -=================================================================== ---- git.orig/src/swtpm/ctrlchannel.c -+++ git/src/swtpm/ctrlchannel.c -@@ -152,7 +152,8 @@ static int ctrlchannel_receive_state(ptm - uint32_t tpm_number = 0; - unsigned char *blob = NULL; - uint32_t blob_length = be32toh(pss->u.req.length); -- uint32_t remain = blob_length, offset = 0; -+ ssize_t remain = (ssize_t) blob_length; -+ uint32_t offset = 0; - TPM_RESULT res; - uint32_t flags = be32toh(pss->u.req.state_flags); - TPM_BOOL is_encrypted = (flags & PTM_STATE_FLAG_ENCRYPTED) != 0; -Index: git/src/swtpm_ioctl/tpm_ioctl.c -=================================================================== ---- git.orig/src/swtpm_ioctl/tpm_ioctl.c -+++ git/src/swtpm_ioctl/tpm_ioctl.c -@@ -303,7 +303,7 @@ static int do_save_state_blob(int fd, bo - numbytes = write(file_fd, pgs.u.resp.data, - devtoh32(is_chardev, pgs.u.resp.length)); - -- if (numbytes != devtoh32(is_chardev, pgs.u.resp.length)) { -+ if (numbytes != (ssize_t) devtoh32(is_chardev, pgs.u.resp.length)) { - fprintf(stderr, - "Could not write to file '%s': %s\n", - filename, strerror(errno)); -@@ -420,7 +420,7 @@ static int do_load_state_blob(int fd, bo - had_error = true; - break; - } -- pss.u.req.length = htodev32(is_chardev, numbytes); -+ pss.u.req.length = htodev32(is_chardev, (uint32_t) numbytes); - - /* the returnsize is zero on all intermediate packets */ - returnsize = ((size_t)numbytes < sizeof(pss.u.req.data)) -@@ -863,7 +863,7 @@ int main(int argc, char *argv[]) - return EXIT_FAILURE; - } - /* no tpm_result here */ -- printf("ptm capability is 0x%lx\n", (uint64_t)devtoh64(is_chardev, cap)); -+ printf("ptm capability is 0x%llx\n", (long long unsigned)devtoh64(is_chardev, cap)); - - } else if (!strcmp(command, "-i")) { - init.u.req.init_flags = htodev32(is_chardev, PTM_INIT_FLAG_DELETE_VOLATILE); diff --git a/recipes-tpm/swtpm/files/ioctl_h.patch b/recipes-tpm/swtpm/files/ioctl_h.patch deleted file mode 100644 index d736bc6..0000000 --- a/recipes-tpm/swtpm/files/ioctl_h.patch +++ /dev/null @@ -1,22 +0,0 @@ -tpm_ioctl: fix musl for missing ioctl - -tpm_ioctl.c: In function 'ioctl_to_cmd': -tpm_ioctl.c:86:26: error: '_IOC_NRSHIFT' undeclared (first use in this function) - return ((ioctlnum >> _IOC_NRSHIFT) & _IOC_NRMASK) + 1; - - -Upstream-status: -Signed-off-by: Armin Kuster - -Index: git/src/swtpm_ioctl/tpm_ioctl.c -=================================================================== ---- git.orig/src/swtpm_ioctl/tpm_ioctl.c -+++ git/src/swtpm_ioctl/tpm_ioctl.c -@@ -58,6 +58,7 @@ - #include - #include - #include -+#include - #include - #include - #include diff --git a/recipes-tpm/swtpm/swtpm-wrappers-native.bb b/recipes-tpm/swtpm/swtpm-wrappers-native.bb deleted file mode 100644 index 644f3ac..0000000 --- a/recipes-tpm/swtpm/swtpm-wrappers-native.bb +++ /dev/null @@ -1,53 +0,0 @@ -SUMMARY = "SWTPM - OpenEmbedded wrapper scripts for native swtpm tools" -LICENSE = "MIT" -DEPENDS = "swtpm-native tpm-tools-native net-tools-native" - -inherit native - -# The whole point of the recipe is to make files available -# for use after the build is done, so don't clean up... -RM_WORK_EXCLUDE += "${PN}" - -do_create_wrapper () { - # Wrap (almost) all swtpm binaries. Some get special wrappers and some - # are not needed. - for i in `find ${bindir} ${base_bindir} ${sbindir} ${base_sbindir} -name 'swtpm*' -perm /+x -type f`; do - exe=`basename $i` - case $exe in - swtpm_setup.sh) - cat >${WORKDIR}/swtpm_setup_oe.sh <${WORKDIR}/${exe}_oe.sh < -+#include -+#include -+#include "tpm_tspi.h" -+#include "tpm_utils.h" -+#include "tpm_seal.h" -+ -+// #define TPM_EXTENDPCR_DEBUG -+ -+static void help(const char *aCmd) -+{ -+ logCmdHelp(aCmd); -+ logCmdOption("-i, --infile FILE", -+ _ -+ ("Filename containing data to extend PCRs with. Default is STDIN.")); -+ logCmdOption("-p, --pcr NUMBER", -+ _("PCR to extend.")); -+ -+} -+ -+static char in_filename[PATH_MAX] = ""; -+static TSS_HPCRS hPcrs = NULL_HPCRS; -+static TSS_HTPM hTpm; -+static UINT32 selectedPcrs[24]; -+static UINT32 selectedPcrsLen = 0; -+TSS_HCONTEXT hContext = 0; -+ -+static int parse(const int aOpt, const char *aArg) -+{ -+ int rc = -1; -+ -+ switch (aOpt) { -+ case 'i': -+ if (aArg) { -+ strncpy(in_filename, aArg, PATH_MAX); -+ rc = 0; -+ } -+ break; -+ case 'p': -+ if (aArg) { -+ selectedPcrs[selectedPcrsLen++] = atoi(aArg); -+ rc = 0; -+ } -+ break; -+ default: -+ break; -+ } -+ return rc; -+ -+} -+ -+int main(int argc, char **argv) -+{ -+ -+ int iRc = -1; -+ struct option opts[] = { -+ {"infile", required_argument, NULL, 'i'}, -+ {"pcr", required_argument, NULL, 'p'}, -+ }; -+ unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16]; -+ int lineLen; -+ UINT32 i; -+ -+ BIO *bin = NULL; -+ -+ initIntlSys(); -+ -+ if (genericOptHandler(argc, argv, "i:p:", opts, -+ sizeof(opts) / sizeof(struct option), parse, -+ help) != 0) -+ goto out; -+ -+ if (contextCreate(&hContext) != TSS_SUCCESS) -+ goto out; -+ -+ if (contextConnect(hContext) != TSS_SUCCESS) -+ goto out_close; -+ -+ if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS) -+ goto out_close; -+ -+ /* Create a BIO for the input file */ -+ if ((bin = BIO_new(BIO_s_file())) == NULL) { -+ logError(_("Unable to open input BIO\n")); -+ goto out_close; -+ } -+ -+ /* Assign the input file to the BIO */ -+ if (strlen(in_filename) == 0) -+ BIO_set_fp(bin, stdin, BIO_NOCLOSE); -+ else if (!BIO_read_filename(bin, in_filename)) { -+ logError(_("Unable to open input file: %s\n"), -+ in_filename); -+ goto out_close; -+ } -+ -+ /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be -+ * a 1.2 TSS/TPM */ -+ if (selectedPcrsLen) { -+ TSS_FLAG initFlag = 0; -+ UINT32 pcrSize; -+ BYTE *pcrValue; -+ -+ for (i = 0; i < selectedPcrsLen; i++) { -+ if (selectedPcrs[i] > 15) { -+#ifdef TSS_LIB_IS_12 -+ initFlag |= TSS_PCRS_STRUCT_INFO_LONG; -+#else -+ logError(_("This version of %s was compiled for a v1.1 TSS, which " -+ "can only seal\n data to PCRs 0-15. PCR %u is out of range" -+ "\n"), argv[0], selectedPcrs[i]); -+ goto out_close; -+#endif -+ } -+ } -+ -+ unsigned char msg[EVP_MAX_MD_SIZE]; -+ unsigned int msglen; -+ EVP_MD_CTX ctx; -+ EVP_DigestInit(&ctx, EVP_sha1()); -+ while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0) -+ EVP_DigestUpdate(&ctx, line, lineLen); -+ EVP_DigestFinal(&ctx, msg, &msglen); -+ -+ if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag, -+ &hPcrs) != TSS_SUCCESS) -+ goto out_close; -+ -+ for (i = 0; i < selectedPcrsLen; i++) { -+#ifdef TPM_EXTENDPCR_DEBUG -+ if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS) -+ goto out_close; -+ -+ unsigned int j; -+ for (j = 0; j < pcrSize; j++) -+ printf("%02X ", pcrValue[j]); -+ printf("\n"); -+#endif -+ -+ if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS) -+ goto out_close; -+ -+#ifdef TPM_EXTENDPCR_DEBUG -+ for (j = 0; j < pcrSize; j++) -+ printf("%02X ", pcrValue[j]); -+ printf("\n"); -+#endif -+ } -+ } -+ -+ iRc = 0; -+ logSuccess(argv[0]); -+ -+out_close: -+ contextClose(hContext); -+ -+out: -+ if (bin) -+ BIO_free(bin); -+ return iRc; -+} diff --git a/recipes-tpm/tpm-tools/tpm-tools_git.bb b/recipes-tpm/tpm-tools/tpm-tools_git.bb deleted file mode 100644 index f670bff..0000000 --- a/recipes-tpm/tpm-tools/tpm-tools_git.bb +++ /dev/null @@ -1,35 +0,0 @@ -SUMMARY = "The tpm-tools package contains commands to allow the platform administrator the ability to manage and diagnose the platform's TPM." -DESCRIPTION = " \ - The tpm-tools package contains commands to allow the platform administrator \ - the ability to manage and diagnose the platform's TPM. Additionally, the \ - package contains commands to utilize some of the capabilities available \ - in the TPM PKCS#11 interface implemented in the openCryptoki project. \ - " -SECTION = "tpm" -LICENSE = "CPL-1.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=059e8cd6165cb4c31e351f2b69388fd9" - -DEPENDS = "libtspi openssl" -DEPENDS_class-native = "trousers-native" - -SRCREV = "5c5126bedf2da97906358adcfb8c43c86e7dd0ee" -SRC_URI = " \ - git://git.code.sf.net/p/trousers/tpm-tools \ - file://tpm-tools-extendpcr.patch \ - " - -PV = "1.3.9.1+git${SRCPV}" - -inherit autotools-brokensep gettext - -S = "${WORKDIR}/git" - -do_configure_prepend () { - mkdir -p po - mkdir -p m4 - cp -R po_/* po/ - touch po/Makefile.in.in - touch m4/Makefile.am -} - -BBCLASSEXTEND = "native" diff --git a/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb b/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb deleted file mode 100644 index 6f1141c..0000000 --- a/recipes-tpm/tpm2.0-tools/tpm2.0-tools_git.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "Tools for TPM2." -DESCRIPTION = "tpm2.0-tools" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=91b7c548d73ea16537799e8060cea819" -SECTION = "tpm" - -DEPENDS = "pkgconfig tpm2.0-tss openssl curl autoconf-archive" - -# Mar 17, 2017 -SRCREV = "0b744d1b13ce57b4be547ae773d7db1cbccf9a04" - -SRC_URI = "git://github.com/01org/tpm2.0-tools.git;protocol=git;branch=master;name=tpm2.0-tools;destsuffix=tpm2.0-tools" - -S = "${WORKDIR}/tpm2.0-tools" - -PV = "git${SRCPV}" - -inherit autotools pkgconfig - - diff --git a/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 b/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 deleted file mode 100644 index d383ad5..0000000 --- a/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 +++ /dev/null @@ -1,332 +0,0 @@ -# =========================================================================== -# http://www.gnu.org/software/autoconf-archive/ax_pthread.html -# =========================================================================== -# -# SYNOPSIS -# -# AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) -# -# DESCRIPTION -# -# This macro figures out how to build C programs using POSIX threads. It -# sets the PTHREAD_LIBS output variable to the threads library and linker -# flags, and the PTHREAD_CFLAGS output variable to any special C compiler -# flags that are needed. (The user can also force certain compiler -# flags/libs to be tested by setting these environment variables.) -# -# Also sets PTHREAD_CC to any special C compiler that is needed for -# multi-threaded programs (defaults to the value of CC otherwise). (This -# is necessary on AIX to use the special cc_r compiler alias.) -# -# NOTE: You are assumed to not only compile your program with these flags, -# but also link it with them as well. e.g. you should link with -# $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS -# -# If you are only building threads programs, you may wish to use these -# variables in your default LIBS, CFLAGS, and CC: -# -# LIBS="$PTHREAD_LIBS $LIBS" -# CFLAGS="$CFLAGS $PTHREAD_CFLAGS" -# CC="$PTHREAD_CC" -# -# In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant -# has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name -# (e.g. PTHREAD_CREATE_UNDETACHED on AIX). -# -# Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the -# PTHREAD_PRIO_INHERIT symbol is defined when compiling with -# PTHREAD_CFLAGS. -# -# ACTION-IF-FOUND is a list of shell commands to run if a threads library -# is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it -# is not found. If ACTION-IF-FOUND is not specified, the default action -# will define HAVE_PTHREAD. -# -# Please let the authors know if this macro fails on any platform, or if -# you have any other suggestions or comments. This macro was based on work -# by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help -# from M. Frigo), as well as ac_pthread and hb_pthread macros posted by -# Alejandro Forero Cuervo to the autoconf macro repository. We are also -# grateful for the helpful feedback of numerous users. -# -# Updated for Autoconf 2.68 by Daniel Richard G. -# -# LICENSE -# -# Copyright (c) 2008 Steven G. Johnson -# Copyright (c) 2011 Daniel Richard G. -# -# This program is free software: you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation, either version 3 of the License, or (at your -# option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General -# Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program. If not, see . -# -# As a special exception, the respective Autoconf Macro's copyright owner -# gives unlimited permission to copy, distribute and modify the configure -# scripts that are the output of Autoconf when processing the Macro. You -# need not follow the terms of the GNU General Public License when using -# or distributing such scripts, even though portions of the text of the -# Macro appear in them. The GNU General Public License (GPL) does govern -# all other use of the material that constitutes the Autoconf Macro. -# -# This special exception to the GPL applies to versions of the Autoconf -# Macro released by the Autoconf Archive. When you make and distribute a -# modified version of the Autoconf Macro, you may extend this special -# exception to the GPL to apply to your modified version as well. - -#serial 21 - -AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) -AC_DEFUN([AX_PTHREAD], [ -AC_REQUIRE([AC_CANONICAL_HOST]) -AC_LANG_PUSH([C]) -ax_pthread_ok=no - -# We used to check for pthread.h first, but this fails if pthread.h -# requires special compiler flags (e.g. on True64 or Sequent). -# It gets checked for in the link test anyway. - -# First of all, check if the user has set any of the PTHREAD_LIBS, -# etcetera environment variables, and if threads linking works using -# them: -if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) - AC_TRY_LINK_FUNC([pthread_join], [ax_pthread_ok=yes]) - AC_MSG_RESULT([$ax_pthread_ok]) - if test x"$ax_pthread_ok" = xno; then - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" - fi - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" -fi - -# We must check for the threads library under a number of different -# names; the ordering is very important because some systems -# (e.g. DEC) have both -lpthread and -lpthreads, where one of the -# libraries is broken (non-POSIX). - -# Create a list of thread flags to try. Items starting with a "-" are -# C compiler flags, and other items are library names, except for "none" -# which indicates that we try without any flags at all, and "pthread-config" -# which is a program returning the flags for the Pth emulation library. - -ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" - -# The ordering *is* (sometimes) important. Some notes on the -# individual items follow: - -# pthreads: AIX (must check this before -lpthread) -# none: in case threads are in libc; should be tried before -Kthread and -# other compiler flags to prevent continual compiler warnings -# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) -# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) -# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) -# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) -# -pthreads: Solaris/gcc -# -mthreads: Mingw32/gcc, Lynx/gcc -# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it -# doesn't hurt to check since this sometimes defines pthreads too; -# also defines -D_REENTRANT) -# ... -mt is also the pthreads flag for HP/aCC -# pthread: Linux, etcetera -# --thread-safe: KAI C++ -# pthread-config: use pthread-config program (for GNU Pth library) - -case ${host_os} in - solaris*) - - # On Solaris (at least, for some versions), libc contains stubbed - # (non-functional) versions of the pthreads routines, so link-based - # tests will erroneously succeed. (We need to link with -pthreads/-mt/ - # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather - # a function called by this macro, so we could check for that, but - # who knows whether they'll stub that too in a future libc.) So, - # we'll just look for -pthreads and -lpthread first: - - ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" - ;; - - darwin*) - ax_pthread_flags="-pthread $ax_pthread_flags" - ;; -esac - -# Clang doesn't consider unrecognized options an error unless we specify -# -Werror. We throw in some extra Clang-specific options to ensure that -# this doesn't happen for GCC, which also accepts -Werror. - -AC_MSG_CHECKING([if compiler needs -Werror to reject unknown flags]) -save_CFLAGS="$CFLAGS" -ax_pthread_extra_flags="-Werror" -CFLAGS="$CFLAGS $ax_pthread_extra_flags -Wunknown-warning-option -Wsizeof-array-argument" -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([int foo(void);],[foo()])], - [AC_MSG_RESULT([yes])], - [ax_pthread_extra_flags= - AC_MSG_RESULT([no])]) -CFLAGS="$save_CFLAGS" - -if test x"$ax_pthread_ok" = xno; then -for flag in $ax_pthread_flags; do - - case $flag in - none) - AC_MSG_CHECKING([whether pthreads work without any flags]) - ;; - - -*) - AC_MSG_CHECKING([whether pthreads work with $flag]) - PTHREAD_CFLAGS="$flag" - ;; - - pthread-config) - AC_CHECK_PROG([ax_pthread_config], [pthread-config], [yes], [no]) - if test x"$ax_pthread_config" = xno; then continue; fi - PTHREAD_CFLAGS="`pthread-config --cflags`" - PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" - ;; - - *) - AC_MSG_CHECKING([for the pthreads library -l$flag]) - PTHREAD_LIBS="-l$flag" - ;; - esac - - save_LIBS="$LIBS" - save_CFLAGS="$CFLAGS" - LIBS="$PTHREAD_LIBS $LIBS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS $ax_pthread_extra_flags" - - # Check for various functions. We must include pthread.h, - # since some functions may be macros. (On the Sequent, we - # need a special flag -Kthread to make this header compile.) - # We check for pthread_join because it is in -lpthread on IRIX - # while pthread_create is in libc. We check for pthread_attr_init - # due to DEC craziness with -lpthreads. We check for - # pthread_cleanup_push because it is one of the few pthread - # functions on Solaris that doesn't have a non-functional libc stub. - # We try pthread_create on general principles. - AC_LINK_IFELSE([AC_LANG_PROGRAM([#include - static void routine(void *a) { a = 0; } - static void *start_routine(void *a) { return a; }], - [pthread_t th; pthread_attr_t attr; - pthread_create(&th, 0, start_routine, 0); - pthread_join(th, 0); - pthread_attr_init(&attr); - pthread_cleanup_push(routine, 0); - pthread_cleanup_pop(0) /* ; */])], - [ax_pthread_ok=yes], - []) - - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" - - AC_MSG_RESULT([$ax_pthread_ok]) - if test "x$ax_pthread_ok" = xyes; then - break; - fi - - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" -done -fi - -# Various other checks: -if test "x$ax_pthread_ok" = xyes; then - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - - # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. - AC_MSG_CHECKING([for joinable pthread attribute]) - attr_name=unknown - for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do - AC_LINK_IFELSE([AC_LANG_PROGRAM([#include ], - [int attr = $attr; return attr /* ; */])], - [attr_name=$attr; break], - []) - done - AC_MSG_RESULT([$attr_name]) - if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then - AC_DEFINE_UNQUOTED([PTHREAD_CREATE_JOINABLE], [$attr_name], - [Define to necessary symbol if this constant - uses a non-standard name on your system.]) - fi - - AC_MSG_CHECKING([if more special flags are required for pthreads]) - flag=no - case ${host_os} in - aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; - osf* | hpux*) flag="-D_REENTRANT";; - solaris*) - if test "$GCC" = "yes"; then - flag="-D_REENTRANT" - else - # TODO: What about Clang on Solaris? - flag="-mt -D_REENTRANT" - fi - ;; - esac - AC_MSG_RESULT([$flag]) - if test "x$flag" != xno; then - PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" - fi - - AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT], - [ax_cv_PTHREAD_PRIO_INHERIT], [ - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], - [[int i = PTHREAD_PRIO_INHERIT;]])], - [ax_cv_PTHREAD_PRIO_INHERIT=yes], - [ax_cv_PTHREAD_PRIO_INHERIT=no]) - ]) - AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"], - [AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], [1], [Have PTHREAD_PRIO_INHERIT.])]) - - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" - - # More AIX lossage: compile with *_r variant - if test "x$GCC" != xyes; then - case $host_os in - aix*) - AS_CASE(["x/$CC"], - [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6], - [#handle absolute path differently from PATH based program lookup - AS_CASE(["x$CC"], - [x/*], - [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])], - [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])]) - ;; - esac - fi -fi - -test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" - -AC_SUBST([PTHREAD_LIBS]) -AC_SUBST([PTHREAD_CFLAGS]) -AC_SUBST([PTHREAD_CC]) - -# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: -if test x"$ax_pthread_ok" = xyes; then - ifelse([$1],,[AC_DEFINE([HAVE_PTHREAD],[1],[Define if you have POSIX threads libraries and header files.])],[$1]) - : -else - ax_pthread_ok=no - $2 -fi -AC_LANG_POP -])dnl AX_PTHREAD diff --git a/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch b/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch deleted file mode 100644 index ecaca6e..0000000 --- a/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch +++ /dev/null @@ -1,31 +0,0 @@ -This fixes musl build issue do to missing FD_* defines. -Add sys/select.h - -Upstream-Status: Pending - -Signed-off-by: Armin Kuster - -Index: TPM2.0-TSS/tcti/tcti_socket.cpp -=================================================================== ---- TPM2.0-TSS.orig/tcti/tcti_socket.cpp -+++ TPM2.0-TSS/tcti/tcti_socket.cpp -@@ -28,6 +28,7 @@ - #include - #include // Needed for _wtoi - -+#include "sys/select.h" - #include - #include - #include "sysapi_util.h" -Index: TPM2.0-TSS/resourcemgr/resourcemgr.c -=================================================================== ---- TPM2.0-TSS.orig/resourcemgr/resourcemgr.c -+++ TPM2.0-TSS/resourcemgr/resourcemgr.c -@@ -28,6 +28,7 @@ - #include - #include // Needed for _wtoi - -+#include "sys/select.h" - #include - #include - #include diff --git a/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb b/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb deleted file mode 100644 index 14ec0ab..0000000 --- a/recipes-tpm/tpm2.0-tss/tpm2.0-tss_git.bb +++ /dev/null @@ -1,96 +0,0 @@ -SUMMARY = "Software stack for TPM2." -DESCRIPTION = "tpm2.0-tss like woah." -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" -SECTION = "tpm" - -DEPENDS = "autoconf-archive pkgconfig" - -SRCREV = "30794affab01598bbacfe1f167be7c068a0c0476" - -SRC_URI = " \ - git://github.com/01org/TPM2.0-TSS.git;protocol=git;branch=master;name=TPM2.0-TSS;destsuffix=TPM2.0-TSS \ - file://ax_pthread.m4 \ -" - -inherit autotools pkgconfig systemd - -S = "${WORKDIR}/${@d.getVar('BPN',d).upper()}" - -do_configure_prepend () { - mkdir -p ${S}/m4 - cp ${WORKDIR}/ax_pthread.m4 ${S}/m4 - # execute the bootstrap script - currentdir=$(pwd) - cd ${S} - ACLOCAL="aclocal --system-acdir=${STAGING_DATADIR}/aclocal" ./bootstrap - cd $currentdir -} - -INHERIT += "extrausers" -EXTRA_USERS_PARAMS = "\ - useradd -p '' tss; \ - groupadd tss; \ - " - -SYSTEMD_PACKAGES += "resourcemgr" -SYSTEMD_SERVICE_resourcemgr = "resourcemgr.service" -SYSTEMD_AUTO_ENABLE_resourcemgr = "enable" - -do_patch[postfuncs] += "fix_systemd_unit" -fix_systemd_unit () { - sed -i -e 's;^ExecStart=.*/resourcemgr;ExecStart=${sbindir}/resourcemgr;' ${S}/contrib/resourcemgr.service -} - -do_install_append() { - install -d ${D}${systemd_system_unitdir} - install -m0644 ${S}/contrib/resourcemgr.service ${D}${systemd_system_unitdir}/resourcemgr.service -} - -PROVIDES = "${PACKAGES}" -PACKAGES = " \ - ${PN}-dbg \ - libtss2 \ - libtss2-dev \ - libtss2-staticdev \ - libtctidevice \ - libtctidevice-dev \ - libtctidevice-staticdev \ - libtctisocket \ - libtctisocket-dev \ - libtctisocket-staticdev \ - resourcemgr \ -" - -FILES_libtss2 = " \ - ${libdir}/libsapi.so.0.0.0 \ - ${libdir}/libmarshal.so.0.0.0 \ -" -FILES_libtss2-dev = " \ - ${includedir}/sapi \ - ${includedir}/tcti/common.h \ - ${libdir}/libsapi.so* \ - ${libdir}/libmarshal.so* \ - ${libdir}/pkgconfig/sapi.pc \ -" -FILES_libtss2-staticdev = " \ - ${libdir}/libsapi.a \ - ${libdir}/libsapi.la \ - ${libdir}/libmarshal.a \ - ${libdir}/libmarshal.la \ -" -FILES_libtctidevice = "${libdir}/libtcti-device.so.0.0.0" -FILES_libtctidevice-dev = " \ - ${includedir}/tcti/tcti_device.h \ - ${libdir}/libtcti-device.so* \ - ${libdir}/pkgconfig/tcti-device.pc \ -" -FILES_libtctidevice-staticdev = "${libdir}/libtcti-device.*a" -FILES_libtctisocket = "${libdir}/libtcti-socket.so.0.0.0" -FILES_libtctisocket-dev = " \ - ${includedir}/tcti/tcti_socket.h \ - ${libdir}/libtcti-socket.so* \ - ${libdir}/pkgconfig/tcti-socket.pc \ -" -FILES_libtctisocket-staticdev = "${libdir}/libtcti-socket.*a" -FILES_resourcemgr = "${sbindir}/resourcemgr ${systemd_system_unitdir}/resourcemgr.service" diff --git a/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb b/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb deleted file mode 100644 index a53d4c3..0000000 --- a/recipes-tpm/tpm2simulator/tpm2simulator-native_116.bb +++ /dev/null @@ -1,24 +0,0 @@ -SUMMARY = "TPM 2.0 Simulator Extraction Script" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=1415f7be284540b81d9d28c67c1a6b8b" - -DEPENDS += "python" - -SRCREV = "93dc4412432013ed7bcabd42007754c68f6e362e" -SRC_URI = "git://github.com/stwagnr/tpm2simulator.git" - -S = "${WORKDIR}/git" -OECMAKE_SOURCEPATH = "${S}/cmake" - -PV = "116+git${SRCPV}" - -inherit native lib_package cmake - -EXTRA_OECMAKE = " \ - -DCMAKE_BUILD_TYPE=Debug \ - -DSPEC_VERSION=116 \ -" - -do_configure_prepend () { - sed -i 's/^SET = False/SET = True/' ${S}/scripts/settings.py -} diff --git a/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch b/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch deleted file mode 100644 index 3f5a144..0000000 --- a/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch +++ /dev/null @@ -1,49 +0,0 @@ -trousers: fix compiling with musl - -use POSIX getpwent instead of getpwent_r - -Upstream-Status: Submitted - -Signed-off-by: Armin Kuster - -Index: git/src/tspi/ps/tspps.c -=================================================================== ---- git.orig/src/tspi/ps/tspps.c -+++ git/src/tspi/ps/tspps.c -@@ -66,9 +66,6 @@ get_user_ps_path(char **file) - TSS_RESULT result; - char *file_name = NULL, *home_dir = NULL; - struct passwd *pwp; --#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) -- struct passwd pw; --#endif - struct stat stat_buf; - char buf[PASSWD_BUFSIZE]; - uid_t euid; -@@ -96,24 +93,15 @@ get_user_ps_path(char **file) - #else - setpwent(); - while (1) { --#if (defined (__linux) || defined (linux) || defined(__GLIBC__)) -- rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp); -- if (rc) { -- LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s", -- strerror(rc)); -- endpwent(); -- return TSPERR(TSS_E_INTERNAL_ERROR); -- } -- --#elif (defined (__FreeBSD__) || defined (__OpenBSD__)) - if ((pwp = getpwent()) == NULL) { - LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s", - strerror(rc)); - endpwent(); -+#if (defined (__FreeBSD__) || defined (__OpenBSD__)) - MUTEX_UNLOCK(user_ps_path); -+#endif - return TSPERR(TSS_E_INTERNAL_ERROR); - } --#endif - if (euid == pwp->pw_uid) { - home_dir = strdup(pwp->pw_dir); - break; diff --git a/recipes-tpm/trousers/files/tcsd.service b/recipes-tpm/trousers/files/tcsd.service deleted file mode 100644 index 787d4e9..0000000 --- a/recipes-tpm/trousers/files/tcsd.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=TCG Core Services Daemon -After=syslog.target - -[Service] -Type=forking -ExecStart=@SBINDIR@/tcsd - -[Install] -WantedBy=multi-user.target diff --git a/recipes-tpm/trousers/files/trousers-udev.rules b/recipes-tpm/trousers/files/trousers-udev.rules deleted file mode 100644 index 256babd..0000000 --- a/recipes-tpm/trousers/files/trousers-udev.rules +++ /dev/null @@ -1,2 +0,0 @@ -# trousers daemon expects tpm device to be owned by tss user & group -KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss" diff --git a/recipes-tpm/trousers/files/trousers.init.sh b/recipes-tpm/trousers/files/trousers.init.sh deleted file mode 100644 index 0ecf7cc..0000000 --- a/recipes-tpm/trousers/files/trousers.init.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/sh - -### BEGIN INIT INFO -# Provides: tcsd trousers -# Required-Start: $local_fs $remote_fs $network -# Required-Stop: $local_fs $remote_fs $network -# Should-Start: -# Should-Stop: -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: starts tcsd -# Description: tcsd belongs to the TrouSerS TCG Software Stack -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/tcsd -NAME=tcsd -DESC="Trusted Computing daemon" -USER="tss" - -test -x "${DAEMON}" || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -case "${1}" in - start) - echo "Starting $DESC: " - - if [ ! -e /dev/tpm* ] - then - echo "device driver not loaded, skipping." - exit 0 - fi - - start-stop-daemon --start --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} -- ${DAEMON_OPTS} - RETVAL="$?" - echo "$NAME." - [ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid - exit $RETVAL - ;; - - stop) - echo "Stopping $DESC: " - - start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON} - RETVAL="$?" - echo "$NAME." - rm -f /var/run/${NAME}.pid - exit $RETVAL - ;; - - restart|force-reload) - "${0}" stop - sleep 1 - "${0}" start - exit $? - ;; - *) - echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2 - exit 3 - ;; -esac - -exit 0 diff --git a/recipes-tpm/trousers/trousers_git.bb b/recipes-tpm/trousers/trousers_git.bb deleted file mode 100644 index 352374c..0000000 --- a/recipes-tpm/trousers/trousers_git.bb +++ /dev/null @@ -1,117 +0,0 @@ -SUMMARY = "TrouSerS - An open-source TCG Software Stack implementation." -LICENSE = "BSD" -HOMEPAGE = "http://sourceforge.net/projects/trousers/" -LIC_FILES_CHKSUM = "file://README;startline=3;endline=4;md5=2af28fbed0832e4d83a9e6dd68bb4413" -SECTION = "security/tpm" - -DEPENDS = "openssl" - -SRCREV = "4b9a70d5789b0b74f43957a6c19ab2156a72d3e0" -PV = "0.3.14+git${SRCPV}" - -SRC_URI = " \ - git://git.code.sf.net/p/trousers/trousers \ - file://trousers.init.sh \ - file://trousers-udev.rules \ - file://tcsd.service \ - file://get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch \ - " - -S = "${WORKDIR}/git" - -inherit autotools pkgconfig useradd update-rc.d ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)} - -PACKAGECONFIG ?= "gmp " -PACKAGECONFIG[gmp] = "--with-gmp, --with-gmp=no, gmp" -PACKAGECONFIG[gtk] = "--with-gui=gtk, --with-gui=none, gtk+" - -do_install () { - oe_runmake DESTDIR=${D} install -} - -do_install_append() { - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/trousers.init.sh ${D}${sysconfdir}/init.d/trousers - install -d ${D}${sysconfdir}/udev/rules.d - install -m 0644 ${WORKDIR}/trousers-udev.rules ${D}${sysconfdir}/udev/rules.d/45-trousers.rules - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/tcsd.service ${D}${systemd_unitdir}/system/ - sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/tcsd.service - fi -} - -CONFFILES_${PN} += "${sysconfig}/tcsd.conf" - -PROVIDES = "${PACKAGES}" -PACKAGES = " \ - libtspi \ - libtspi-dbg \ - libtspi-dev \ - libtspi-doc \ - libtspi-staticdev \ - trousers \ - trousers-dbg \ - trousers-doc \ - " - -# libtspi needs tcsd for most (all?) operations, so suggest to -# install that. -RRECOMMENDS_libtspi = "${PN}" - -FILES_libtspi = " \ - ${libdir}/*.so.1 \ - ${libdir}/*.so.1.2.0 \ - " -FILES_libtspi-dbg = " \ - ${libdir}/.debug \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tspi \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trspi \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/*.h \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/tss \ - " -FILES_libtspi-dev = " \ - ${includedir} \ - ${libdir}/*.so \ - " -FILES_libtspi-doc = " \ - ${mandir}/man3 \ - " -FILES_libtspi-staticdev = " \ - ${libdir}/*.la \ - ${libdir}/*.a \ - " -FILES_${PN} = " \ - ${sbindir}/tcsd \ - ${sysconfdir} \ - ${localstatedir} \ - " - -FILES_${PN}-dev += "${libdir}/trousers" - -FILES_${PN}-dbg = " \ - ${sbindir}/.debug \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcs \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tcsd \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/tddl \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/trousers \ - ${prefix}/src/debug/${BPN}/${PV}-${PR}/git/src/include/trousers \ - " -FILES_${PN}-doc = " \ - ${mandir}/man5 \ - ${mandir}/man8 \ - " - -INITSCRIPT_NAME = "trousers" -INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ." - -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system tss" -USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" - -SYSTEMD_PACKAGES = "${PN}" -SYSTEMD_SERVICE_${PN} = "tcsd.service" -SYSTEMD_AUTO_ENABLE = "disable" - -BBCLASSEXTEND = "native" -- cgit v1.2.3-54-g00ecf