From: Roland Hieber <rhi@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Roland Hieber <rhi@pengutronix.de>
Subject: [ptxdist] [PATCH v2 2/3] ima-evm-utils: version bump 1.1 -> 1.3.2
Date: Wed, 16 Jun 2021 18:16:54 +0200 [thread overview]
Message-ID: <20210616161655.15480-2-rhi@pengutronix.de> (raw)
In-Reply-To: <20210616161655.15480-1-rhi@pengutronix.de>
Changes to the patch queue:
* (old 0002) "Makefile.am: rename INCLUDES -> AM_CPPFLAGS":
replaced by upstream commit 8acbae598b39a421b5d0 ("replace INCLUDES
with AM_CPPFLAGS")
* (old 0006) "use EVP_MAX_MD_SIZE for hash size instead of open …":
replaced by upstream commit 1d9c27927932f2e750e3 ("Define hash and sig
buffer sizes and add asserts")
* (old 0008) "evmctl: add parameter -e to set evm hash algo":
replaced by upstream commit ae1319eeabd6e0798003 ("Remove hardcoding
of SHA1 in EVM signatures"), which uses the already existing -a
parameter for this functionality now too.
* (old 0009) "evmctl: add support for offline image preparation":
port the refactoring from upstream commit c317d4618f92d4dd65
("Namespace some too generic object names"). Also _GNU_SOURCE is now
already defined by configure, and will generate a warning when
redefined, so drop its definition here.
* (old 0011, new 0009) "HACK: don't generate the man page":
expand patch to make sure the manpages are really not built and
generate an error looking for "asciidoc", even when the XSL stylesheet
is detected on the build host
* (old 0013) "evmctl: use correct include for xattr.h":
replaced by upstream commit 6aea54d2ad2287b3e889 ("evmctl: use correct
include for xattr.h")
Link: https://sf.net/p/linux-ima/ima-evm-utils/ci/8acbae598b39a421b5d0
Link: https://sf.net/p/linux-ima/ima-evm-utils/ci/1d9c27927932f2e750e3
Link: https://sf.net/p/linux-ima/ima-evm-utils/ci/ae1319eeabd6e0798003
Link: https://sf.net/p/linux-ima/ima-evm-utils/ci/c317d4618f92d4dd6570
Link: https://sf.net/p/linux-ima/ima-evm-utils/ci/6aea54d2ad2287b3e889
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
---
v1 -> v2:
* update to version 1.3.2
* port existing patches
PATCH v1: https://lore.ptxdist.org/ptxdist/20210607130909.4836-5-rhi@pengutronix.de
---
...efile.am-rename-INCLUDES-AM_CPPFLAGS.patch | 40 ------
...-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch | 73 ----------
...add-parameter-e-to-set-evm-hash-algo.patch | 133 ------------------
.../0011-HACK-don-t-generate-man-page.patch | 19 ---
...mctl-use-correct-include-for-xattr.h.patch | 80 -----------
patches/ima-evm-utils-1.1/series | 16 ---
...ile-at-it-s-autogenerated-by-autotoo.patch | 0
...d-add-missing-closedir-dir-on-error.patch} | 6 +-
...issing-error-handling-and-propagate.patch} | 6 +-
...back-definitions-for-XATTR_NAME_IMA.patch} | 8 +-
..._DIGEST_LENGTH-instead-of-open-codi.patch} | 6 +-
...pport-for-offline-image-preparation.patch} | 76 +++++-----
...ount-.-and-.-for-directory-hash-gen.patch} | 6 +-
...-Fix-warning-for-non-debug-use-case.patch} | 4 +-
...009-HACK-don-t-generate-the-man-page.patch | 60 ++++++++
.../autogen.sh | 0
patches/ima-evm-utils-1.3.2/series | 12 ++
rules/ima-evm-utils.make | 7 +-
18 files changed, 128 insertions(+), 424 deletions(-)
delete mode 100644 patches/ima-evm-utils-1.1/0002-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
delete mode 100644 patches/ima-evm-utils-1.1/0006-evmctl-libimaevm-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch
delete mode 100644 patches/ima-evm-utils-1.1/0008-evmctl-add-parameter-e-to-set-evm-hash-algo.patch
delete mode 100644 patches/ima-evm-utils-1.1/0011-HACK-don-t-generate-man-page.patch
delete mode 100644 patches/ima-evm-utils-1.1/0013-evmctl-use-correct-include-for-xattr.h.patch
delete mode 100644 patches/ima-evm-utils-1.1/series
rename patches/{ima-evm-utils-1.1 => ima-evm-utils-1.3.2}/0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch (100%)
rename patches/{ima-evm-utils-1.1/0003-evmctl-find-add-missing-closedir-dir-on-error.patch => ima-evm-utils-1.3.2/0002-evmctl-find-add-missing-closedir-dir-on-error.patch} (79%)
rename patches/{ima-evm-utils-1.1/0004-evmctl-find-add-missing-error-handling-and-propagate.patch => ima-evm-utils-1.3.2/0003-evmctl-find-add-missing-error-handling-and-propagate.patch} (87%)
rename patches/{ima-evm-utils-1.1/0005-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch => ima-evm-utils-1.3.2/0004-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch} (80%)
rename patches/{ima-evm-utils-1.1/0007-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch => ima-evm-utils-1.3.2/0005-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch} (76%)
rename patches/{ima-evm-utils-1.1/0009-evmctl-add-support-for-offline-image-preparation.patch => ima-evm-utils-1.3.2/0006-evmctl-add-support-for-offline-image-preparation.patch} (78%)
rename patches/{ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch => ima-evm-utils-1.3.2/0007-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch} (86%)
rename patches/{ima-evm-utils-1.1/0012-Fix-warning-for-non-debug-use-case.patch => ima-evm-utils-1.3.2/0008-Fix-warning-for-non-debug-use-case.patch} (86%)
create mode 100644 patches/ima-evm-utils-1.3.2/0009-HACK-don-t-generate-the-man-page.patch
rename patches/{ima-evm-utils-1.1 => ima-evm-utils-1.3.2}/autogen.sh (100%)
create mode 100644 patches/ima-evm-utils-1.3.2/series
diff --git a/patches/ima-evm-utils-1.1/0002-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch b/patches/ima-evm-utils-1.1/0002-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
deleted file mode 100644
index cb09b8d78f8a..000000000000
--- a/patches/ima-evm-utils-1.1/0002-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: Marc Kleine-Budde <mkl@pengutronix.de>
-Date: Wed, 27 May 2015 10:41:27 +0200
-Subject: [PATCH] Makefile.am: rename INCLUDES -> AM_CPPFLAGS
-
-This patch fixes the following warning during autoreconf:
-
-| src/Makefile.am:19: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
-
-Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
----
- src/Makefile.am | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/Makefile.am b/src/Makefile.am
-index deb18fb09dc7..9f547283d535 100644
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -1,7 +1,7 @@
- lib_LTLIBRARIES = libimaevm.la
-
- libimaevm_la_SOURCES = libimaevm.c
--libimaevm_la_CPPFLAGS = $(OPENSSL_CFLAGS)
-+libimaevm_la_CPPFLAGS = $(OPENSSL_CFLAGS) $(AM_CPPFLAGS)
- # current[:revision[:age]]
- # result: [current-age].age.revision
- libimaevm_la_LDFLAGS = -version-info 0:0:0
-@@ -12,11 +12,11 @@ include_HEADERS = imaevm.h
- bin_PROGRAMS = evmctl
-
- evmctl_SOURCES = evmctl.c
--evmctl_CPPFLAGS = $(OPENSSL_CFLAGS)
-+evmctl_CPPFLAGS = $(OPENSSL_CFLAGS) $(AM_CPPFLAGS)
- evmctl_LDFLAGS = $(LDFLAGS_READLINE)
- evmctl_LDADD = $(OPENSSL_LIBS) -lkeyutils libimaevm.la
-
--INCLUDES = -I$(top_srcdir) -include config.h
-+AM_CPPFLAGS = -I$(top_srcdir) -include config.h
-
- DISTCLEANFILES = @DISTCLEANFILES@
-
diff --git a/patches/ima-evm-utils-1.1/0006-evmctl-libimaevm-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch b/patches/ima-evm-utils-1.1/0006-evmctl-libimaevm-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch
deleted file mode 100644
index a3cd597f82d6..000000000000
--- a/patches/ima-evm-utils-1.1/0006-evmctl-libimaevm-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From: Marc Kleine-Budde <mkl@pengutronix.de>
-Date: Sat, 26 Mar 2016 22:58:07 +0100
-Subject: [PATCH] evmctl, libimaevm: use EVP_MAX_MD_SIZE for hash size instead
- of open coding it
-
-Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
----
- src/evmctl.c | 10 +++++-----
- src/libimaevm.c | 2 +-
- 2 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/src/evmctl.c b/src/evmctl.c
-index de53be37b69b..b0f3b6362528 100644
---- a/src/evmctl.c
-+++ b/src/evmctl.c
-@@ -495,7 +495,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
-
- static int sign_evm(const char *file, const char *key)
- {
-- unsigned char hash[20];
-+ unsigned char hash[EVP_MAX_MD_SIZE];
- unsigned char sig[1024];
- int len, err;
-
-@@ -533,7 +533,7 @@ static int sign_evm(const char *file, const char *key)
-
- static int hash_ima(const char *file)
- {
-- unsigned char hash[66]; /* MAX hash size + 2 */
-+ unsigned char hash[EVP_MAX_MD_SIZE + 2]; /* MAX hash size + 2 */
- int len, err, offset;
- int algo = get_hash_algo(params.hash_algo);
-
-@@ -571,7 +571,7 @@ static int hash_ima(const char *file)
-
- static int sign_ima(const char *file, const char *key)
- {
-- unsigned char hash[64];
-+ unsigned char hash[EVP_MAX_MD_SIZE];
- unsigned char sig[1024];
- int len, err;
-
-@@ -751,7 +751,7 @@ static int cmd_sign_evm(struct command *cmd)
-
- static int verify_evm(const char *file)
- {
-- unsigned char hash[20];
-+ unsigned char hash[EVP_MAX_MD_SIZE];
- unsigned char sig[1024];
- int len;
-
-@@ -1119,7 +1119,7 @@ out:
-
- static int hmac_evm(const char *file, const char *key)
- {
-- unsigned char hash[20];
-+ unsigned char hash[EVP_MAX_MD_SIZE];
- unsigned char sig[1024];
- int len, err;
-
-diff --git a/src/libimaevm.c b/src/libimaevm.c
-index 6fa0ed4a1c74..8fc23be08bd7 100644
---- a/src/libimaevm.c
-+++ b/src/libimaevm.c
-@@ -590,7 +590,7 @@ int verify_hash(const char *file, const unsigned char *hash, int size, unsigned
- int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
- unsigned char *digest, int digestlen)
- {
-- unsigned char hash[64];
-+ unsigned char hash[EVP_MAX_MD_SIZE];
- int hashlen, sig_hash_algo;
-
- if (sig[0] != 0x03) {
diff --git a/patches/ima-evm-utils-1.1/0008-evmctl-add-parameter-e-to-set-evm-hash-algo.patch b/patches/ima-evm-utils-1.1/0008-evmctl-add-parameter-e-to-set-evm-hash-algo.patch
deleted file mode 100644
index 488dfa822286..000000000000
--- a/patches/ima-evm-utils-1.1/0008-evmctl-add-parameter-e-to-set-evm-hash-algo.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From: Steffen Trumtrar <s.trumtrar@pengutronix.de>
-Date: Tue, 8 Mar 2016 13:46:14 +0100
-Subject: [PATCH] evmctl: add parameter -e to set evm hash algo
-
-The paramter -a sets the hash algorithm only for IMA. To not break
-anything, add a new parameter -e to be able to change the hash for
-EVM, too.
-
-Signed-off-by: Steffen Trumtrar <s.trumtrar@pengutronix.de>
----
- src/evmctl.c | 27 +++++++++++++++++++++++----
- src/imaevm.h | 1 +
- src/libimaevm.c | 1 +
- 3 files changed, 25 insertions(+), 4 deletions(-)
-
-diff --git a/src/evmctl.c b/src/evmctl.c
-index b0f3b6362528..5d664005e915 100644
---- a/src/evmctl.c
-+++ b/src/evmctl.c
-@@ -336,6 +336,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
- #else
- pctx = EVP_MD_CTX_new();
- #endif
-+ const EVP_MD *md;
-
- if (lstat(file, &st)) {
- log_err("Failed to stat: %s\n", file);
-@@ -379,7 +380,13 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
- return -1;
- }
-
-- err = EVP_DigestInit(pctx, EVP_sha1());
-+ md = EVP_get_digestbyname(params.evm_hash_algo);
-+ if (!md) {
-+ log_err("EVP_get_digestbyname() failed\n");
-+ return 1;
-+ }
-+
-+ err = EVP_DigestInit(pctx, md);
- if (!err) {
- log_err("EVP_DigestInit() failed\n");
- return 1;
-@@ -503,7 +510,7 @@ static int sign_evm(const char *file, const char *key)
- if (len <= 1)
- return len;
-
-- len = sign_hash("sha1", hash, len, key, NULL, sig + 1);
-+ len = sign_hash(params.evm_hash_algo, hash, len, key, NULL, sig + 1);
- if (len <= 1)
- return len;
-
-@@ -992,6 +999,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
- #else
- pctx = HMAC_CTX_new();
- #endif
-+ const EVP_MD *md;
-
- key = file2bin(keyfile, NULL, &keylen);
- if (!key) {
-@@ -1038,7 +1046,13 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
- goto out;
- }
-
-- err = !HMAC_Init_ex(pctx, evmkey, sizeof(evmkey), EVP_sha1(), NULL);
-+ md = EVP_get_digestbyname(params.evm_hash_algo);
-+ if (!md) {
-+ log_err("EVP_get_digestbyname() failed\n");
-+ return 1;
-+ }
-+
-+ err = !HMAC_Init_ex(pctx, evmkey, sizeof(evmkey), md, NULL);
- if (err) {
- log_err("HMAC_Init() failed\n");
- goto out;
-@@ -1635,6 +1649,7 @@ static void usage(void)
- printf(
- "\n"
- " -a, --hashalgo sha1 (default), sha224, sha256, sha384, sha512\n"
-+ " -e, --evmhashalgo sha1 (default), sha224, sha256, sha384, sha512\n"
- " -s, --imasig make IMA signature\n"
- " -d, --imahash make IMA hash\n"
- " -f, --sigfile store IMA signature in .sig file instead of xattr\n"
-@@ -1691,6 +1706,7 @@ static struct option opts[] = {
- {"imasig", 0, 0, 's'},
- {"imahash", 0, 0, 'd'},
- {"hashalgo", 1, 0, 'a'},
-+ {"evmhashalgo", 1, 0, 'e'},
- {"pass", 2, 0, 'p'},
- {"sigfile", 0, 0, 'f'},
- {"uuid", 2, 0, 'u'},
-@@ -1758,7 +1774,7 @@ int main(int argc, char *argv[])
- g_argc = argc;
-
- while (1) {
-- c = getopt_long(argc, argv, "hvnsda:op::fu::k:t:ri", opts, &lind);
-+ c = getopt_long(argc, argv, "hvnsda:e:op::fu::k:t:ri", opts, &lind);
- if (c == -1)
- break;
-
-@@ -1784,6 +1800,9 @@ int main(int argc, char *argv[])
- case 'a':
- params.hash_algo = optarg;
- break;
-+ case 'e':
-+ params.evm_hash_algo = optarg;
-+ break;
- case 'p':
- if (optarg)
- params.keypass = optarg;
-diff --git a/src/imaevm.h b/src/imaevm.h
-index 1bafaad0f4ab..ed92e4d8981d 100644
---- a/src/imaevm.h
-+++ b/src/imaevm.h
-@@ -179,6 +179,7 @@ struct libevm_params {
- int verbose;
- int x509;
- const char *hash_algo;
-+ const char *evm_hash_algo;
- const char *keyfile;
- const char *keypass;
- };
-diff --git a/src/libimaevm.c b/src/libimaevm.c
-index b6c328801708..4c093a038b72 100644
---- a/src/libimaevm.c
-+++ b/src/libimaevm.c
-@@ -129,6 +129,7 @@ struct libevm_params params = {
- .verbose = LOG_INFO - 1,
- .x509 = 1,
- .hash_algo = "sha1",
-+ .evm_hash_algo = "sha1",
- };
-
- static void __attribute__ ((constructor)) libinit(void);
diff --git a/patches/ima-evm-utils-1.1/0011-HACK-don-t-generate-man-page.patch b/patches/ima-evm-utils-1.1/0011-HACK-don-t-generate-man-page.patch
deleted file mode 100644
index bb44e8d6c2be..000000000000
--- a/patches/ima-evm-utils-1.1/0011-HACK-don-t-generate-man-page.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-From: Michael Olbrich <m.olbrich@pengutronix.de>
-Date: Wed, 3 Jun 2015 16:08:51 +0200
-Subject: [PATCH] HACK: don't generate man page
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- Makefile.am | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index 06ebf59ea4aa..e527f34f1faa 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,5 +1,4 @@
- SUBDIRS = src
--dist_man_MANS = evmctl.1
-
- doc_DATA = examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
- EXTRA_DIST = autogen.sh $(doc_DATA)
diff --git a/patches/ima-evm-utils-1.1/0013-evmctl-use-correct-include-for-xattr.h.patch b/patches/ima-evm-utils-1.1/0013-evmctl-use-correct-include-for-xattr.h.patch
deleted file mode 100644
index 3157c711a065..000000000000
--- a/patches/ima-evm-utils-1.1/0013-evmctl-use-correct-include-for-xattr.h.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <git@andred.net>
-Date: Mon, 17 Oct 2016 12:45:32 +0100
-Subject: [PATCH] evmctl: use correct include for xattr.h
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The xattr API/ABI is provided by both the c-library, as well as by the
-libattr package. The c-library's header file is sys/xattr.h, whereas
-libattr's header file can be found in attr/xattr.h.
-
-Given none of the code here *links* against the libattr.so shared library, it
-is wrong to *compile* against libattr's API (header file).
-
-Doing so avoids confusion as to which xattr.h is used as the least problem,
-and potential ABI differences as the worst problem due the mismatching header
-file used.
-
-So make sure we compile and link against the same thing, the c-library in
-both cases.
-
-Signed-off-by: André Draszik <git@andred.net>
-Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
----
- configure.ac | 2 +-
- packaging/ima-evm-utils.spec | 1 -
- packaging/ima-evm-utils.spec.in | 1 -
- src/evmctl.c | 2 +-
- 4 files changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 6822f39cff69..06d061bc94ea 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -30,7 +30,7 @@ AC_SUBST(OPENSSL_LIBS)
- AC_CHECK_HEADER(unistd.h)
- AC_CHECK_HEADERS(openssl/conf.h)
-
--AC_CHECK_HEADERS(attr/xattr.h, , [AC_MSG_ERROR([attr/xattr.h header not found. You need the libattr development package.])])
-+AC_CHECK_HEADERS(sys/xattr.h, , [AC_MSG_ERROR([sys/xattr.h header not found. You need the c-library development package.])])
- AC_CHECK_HEADERS(keyutils.h, , [AC_MSG_ERROR([keyutils.h header not found. You need the libkeyutils development package.])])
-
- #debug support - yes for a while
-diff --git a/packaging/ima-evm-utils.spec b/packaging/ima-evm-utils.spec
-index a11a27a18815..63388d2b444b 100644
---- a/packaging/ima-evm-utils.spec
-+++ b/packaging/ima-evm-utils.spec
-@@ -11,7 +11,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
- BuildRequires: autoconf
- BuildRequires: automake
- BuildRequires: openssl-devel
--BuildRequires: libattr-devel
- BuildRequires: keyutils-libs-devel
-
- %description
-diff --git a/packaging/ima-evm-utils.spec.in b/packaging/ima-evm-utils.spec.in
-index 7ca6c6fb3b0d..65c32f9e6445 100644
---- a/packaging/ima-evm-utils.spec.in
-+++ b/packaging/ima-evm-utils.spec.in
-@@ -11,7 +11,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
- BuildRequires: autoconf
- BuildRequires: automake
- BuildRequires: openssl-devel
--BuildRequires: libattr-devel
- BuildRequires: keyutils-libs-devel
-
- %description
-diff --git a/src/evmctl.c b/src/evmctl.c
-index 4422c0e84d4a..02eb84d4c341 100644
---- a/src/evmctl.c
-+++ b/src/evmctl.c
-@@ -49,7 +49,7 @@
- #include <stdint.h>
- #include <string.h>
- #include <dirent.h>
--#include <attr/xattr.h>
-+#include <sys/xattr.h>
- #include <linux/xattr.h>
- #include <getopt.h>
- #include <keyutils.h>
diff --git a/patches/ima-evm-utils-1.1/series b/patches/ima-evm-utils-1.1/series
deleted file mode 100644
index 6fb042465042..000000000000
--- a/patches/ima-evm-utils-1.1/series
+++ /dev/null
@@ -1,16 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch
-0002-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
-0003-evmctl-find-add-missing-closedir-dir-on-error.patch
-0004-evmctl-find-add-missing-error-handling-and-propagate.patch
-0005-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
-0006-evmctl-libimaevm-use-EVP_MAX_MD_SIZE-for-hash-size-i.patch
-0007-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
-0008-evmctl-add-parameter-e-to-set-evm-hash-algo.patch
-0009-evmctl-add-support-for-offline-image-preparation.patch
-0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
-0011-HACK-don-t-generate-man-page.patch
-0012-Fix-warning-for-non-debug-use-case.patch
-0013-evmctl-use-correct-include-for-xattr.h.patch
-# 5032e96fb6da7cb77f053c2b5a6edc44 - git-ptx-patches magic
diff --git a/patches/ima-evm-utils-1.1/0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch b/patches/ima-evm-utils-1.3.2/0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch
similarity index 100%
rename from patches/ima-evm-utils-1.1/0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch
rename to patches/ima-evm-utils-1.3.2/0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch
diff --git a/patches/ima-evm-utils-1.1/0003-evmctl-find-add-missing-closedir-dir-on-error.patch b/patches/ima-evm-utils-1.3.2/0002-evmctl-find-add-missing-closedir-dir-on-error.patch
similarity index 79%
rename from patches/ima-evm-utils-1.1/0003-evmctl-find-add-missing-closedir-dir-on-error.patch
rename to patches/ima-evm-utils-1.3.2/0002-evmctl-find-add-missing-closedir-dir-on-error.patch
index 4b1c84584479..5c91c4621a76 100644
--- a/patches/ima-evm-utils-1.1/0003-evmctl-find-add-missing-closedir-dir-on-error.patch
+++ b/patches/ima-evm-utils-1.3.2/0002-evmctl-find-add-missing-closedir-dir-on-error.patch
@@ -10,10 +10,10 @@
1 file changed, 2 insertions(+)
diff --git a/src/evmctl.c b/src/evmctl.c
-index 2ffee786865b..20eccfa93b2b 100644
+index 1815f55d73e0..cca2fabdb2a6 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
-@@ -1229,6 +1229,7 @@ static int find(const char *path, int dts, find_cb_t func)
+@@ -1331,6 +1331,7 @@ static int find(const char *path, int dts, find_cb_t func)
if (fchdir(dirfd(dir))) {
log_err("Failed to chdir %s\n", path);
@@ -21,7 +21,7 @@ @@ -1229,6 +1229,7 @@ static int find(const char *path, int dts, find_cb_t func)
return -1;
}
-@@ -1244,6 +1245,7 @@ static int find(const char *path, int dts, find_cb_t func)
+@@ -1346,6 +1347,7 @@ static int find(const char *path, int dts, find_cb_t func)
if (chdir("..")) {
log_err("Failed to chdir: %s\n", path);
diff --git a/patches/ima-evm-utils-1.1/0004-evmctl-find-add-missing-error-handling-and-propagate.patch b/patches/ima-evm-utils-1.3.2/0003-evmctl-find-add-missing-error-handling-and-propagate.patch
similarity index 87%
rename from patches/ima-evm-utils-1.1/0004-evmctl-find-add-missing-error-handling-and-propagate.patch
rename to patches/ima-evm-utils-1.3.2/0003-evmctl-find-add-missing-error-handling-and-propagate.patch
index 68660d95eda0..62471489a9f2 100644
--- a/patches/ima-evm-utils-1.1/0004-evmctl-find-add-missing-error-handling-and-propagate.patch
+++ b/patches/ima-evm-utils-1.3.2/0003-evmctl-find-add-missing-error-handling-and-propagate.patch
@@ -12,10 +12,10 @@
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
-index 20eccfa93b2b..55fc619f5990 100644
+index cca2fabdb2a6..e6761f2ae5e4 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
-@@ -1234,13 +1234,20 @@ static int find(const char *path, int dts, find_cb_t func)
+@@ -1336,13 +1336,20 @@ static int find(const char *path, int dts, find_cb_t func)
}
while ((de = readdir(dir))) {
@@ -38,7 +38,7 @@ @@ -1234,13 +1234,20 @@ static int find(const char *path, int dts, find_cb_t fun
}
if (chdir("..")) {
-@@ -1249,8 +1256,13 @@ static int find(const char *path, int dts, find_cb_t func)
+@@ -1351,8 +1358,13 @@ static int find(const char *path, int dts, find_cb_t func)
return -1;
}
diff --git a/patches/ima-evm-utils-1.1/0005-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch b/patches/ima-evm-utils-1.3.2/0004-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
similarity index 80%
rename from patches/ima-evm-utils-1.1/0005-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
rename to patches/ima-evm-utils-1.3.2/0004-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
index 69aadb377668..0de24af6a0e7 100644
--- a/patches/ima-evm-utils-1.1/0005-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
+++ b/patches/ima-evm-utils-1.3.2/0004-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
@@ -10,12 +10,12 @@
1 file changed, 5 insertions(+)
diff --git a/src/evmctl.c b/src/evmctl.c
-index 55fc619f5990..de53be37b69b 100644
+index e6761f2ae5e4..a1fd9feaea78 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
-@@ -62,6 +62,11 @@
- #include <openssl/err.h>
- #include <openssl/rsa.h>
+@@ -72,6 +72,11 @@
+ #define XATTR_NAME_APPARMOR XATTR_SECURITY_PREFIX XATTR_APPARMOR_SUFFIX
+ #endif
+#ifndef XATTR_NAME_IMA
+#define XATTR_IMA_SUFFIX "ima"
diff --git a/patches/ima-evm-utils-1.1/0007-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch b/patches/ima-evm-utils-1.3.2/0005-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
similarity index 76%
rename from patches/ima-evm-utils-1.1/0007-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
rename to patches/ima-evm-utils-1.3.2/0005-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
index 2164c6238e78..e20cfaa826df 100644
--- a/patches/ima-evm-utils-1.1/0007-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
+++ b/patches/ima-evm-utils-1.3.2/0005-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
@@ -8,10 +8,10 @@
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
-index 8fc23be08bd7..b6c328801708 100644
+index fa6c27858d0f..002b0657337c 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
-@@ -379,7 +379,7 @@ int verify_hash_v1(const char *file, const unsigned char *hash, int size,
+@@ -382,7 +382,7 @@ static int verify_hash_v1(const char *file, const unsigned char *hash, int size,
SHA_CTX ctx;
unsigned char out[1024];
RSA *key;
@@ -20,7 +20,7 @@ @@ -379,7 +379,7 @@ int verify_hash_v1(const char *file, const unsigned char *ha
struct signature_hdr *hdr = (struct signature_hdr *)sig;
log_info("hash-v1: ");
-@@ -744,7 +744,7 @@ int sign_hash_v1(const char *hashalgo, const unsigned char *hash, int size, cons
+@@ -805,7 +805,7 @@ static int sign_hash_v1(const char *hashalgo, const unsigned char *hash,
unsigned char pub[1024];
RSA *key;
char name[20];
diff --git a/patches/ima-evm-utils-1.1/0009-evmctl-add-support-for-offline-image-preparation.patch b/patches/ima-evm-utils-1.3.2/0006-evmctl-add-support-for-offline-image-preparation.patch
similarity index 78%
rename from patches/ima-evm-utils-1.1/0009-evmctl-add-support-for-offline-image-preparation.patch
rename to patches/ima-evm-utils-1.3.2/0006-evmctl-add-support-for-offline-image-preparation.patch
index 6d9b40fc5b43..75d92734190c 100644
--- a/patches/ima-evm-utils-1.1/0009-evmctl-add-support-for-offline-image-preparation.patch
+++ b/patches/ima-evm-utils-1.3.2/0006-evmctl-add-support-for-offline-image-preparation.patch
@@ -33,29 +33,29 @@
---
src/evmctl.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++--------
src/imaevm.h | 1 +
- src/libimaevm.c | 25 ++++++++++++++++++++++++-
- 3 files changed, 74 insertions(+), 9 deletions(-)
+ src/libimaevm.c | 24 +++++++++++++++++++++++-
+ 3 files changed, 73 insertions(+), 9 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
-index 5d664005e915..9003f7640c0f 100644
+index a1fd9feaea78..a4d784a5bfb6 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
-@@ -337,6 +337,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -352,6 +352,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ #else
pctx = EVP_MD_CTX_new();
#endif
- const EVP_MD *md;
+ ino_t ino;
if (lstat(file, &st)) {
log_err("Failed to stat: %s\n", file);
-@@ -371,9 +372,25 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -386,9 +387,25 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
}
close(fd);
}
- log_info("generation: %u\n", generation);
}
-+ if (params.image_mode) {
++ if (imaevm_params.image_mode) {
+ char buf[128] = { };
+
+ err = lgetxattr(file, "user.image-inode-number", buf, sizeof(buf) - 1);
@@ -75,7 +75,7 @@ @@ -371,9 +372,25 @@ static int calc_evm_hash(const char *file, unsigned char *h
list_size = llistxattr(file, list, sizeof(list));
if (list_size < 0) {
log_err("llistxattr() failed\n");
-@@ -439,7 +456,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -470,7 +487,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
hmac_size = sizeof(*hmac);
if (!evm_portable) {
@@ -84,7 +84,7 @@ @@ -439,7 +456,7 @@ static int calc_evm_hash(const char *file, unsigned char *ha
hmac->generation = generation;
}
hmac->uid = st.st_uid;
-@@ -450,7 +467,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -481,7 +498,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
hmac_size = sizeof(*hmac);
if (!evm_portable) {
@@ -93,7 +93,7 @@ @@ -450,7 +467,7 @@ static int calc_evm_hash(const char *file, unsigned char *ha
hmac->generation = generation;
}
hmac->uid = st.st_uid;
-@@ -461,7 +478,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+@@ -492,7 +509,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
hmac_size = sizeof(*hmac);
if (!evm_portable) {
@@ -102,19 +102,19 @@ @@ -461,7 +478,7 @@ static int calc_evm_hash(const char *file, unsigned char *ha
hmac->generation = generation;
}
hmac->uid = st.st_uid;
-@@ -1000,6 +1017,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+@@ -1085,6 +1102,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+ #else
pctx = HMAC_CTX_new();
#endif
- const EVP_MD *md;
+ ino_t ino;
key = file2bin(keyfile, NULL, &keylen);
if (!key) {
-@@ -1038,10 +1056,26 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+@@ -1123,10 +1141,26 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
close(fd);
}
-+ if (params.image_mode) {
++ if (imaevm_params.image_mode) {
+ char buf[128] = { };
+
+ err = lgetxattr(file, "user.image-inode-number", buf, sizeof(buf) - 1);
@@ -137,7 +137,7 @@ @@ -1038,10 +1056,26 @@ static int calc_evm_hmac(const char *file, const char *k
log_err("llistxattr() failed: %s\n", file);
goto out;
}
-@@ -1084,7 +1118,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+@@ -1170,7 +1204,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
struct h_misc *hmac = (struct h_misc *)&hmac_misc;
hmac_size = sizeof(*hmac);
@@ -146,7 +146,7 @@ @@ -1084,7 +1118,7 @@ static int calc_evm_hmac(const char *file, const char *key
hmac->generation = generation;
hmac->uid = st.st_uid;
hmac->gid = st.st_gid;
-@@ -1093,7 +1127,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+@@ -1179,7 +1213,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
struct h_misc_64 *hmac = (struct h_misc_64 *)&hmac_misc;
hmac_size = sizeof(*hmac);
@@ -155,7 +155,7 @@ @@ -1093,7 +1127,7 @@ static int calc_evm_hmac(const char *file, const char *key
hmac->generation = generation;
hmac->uid = st.st_uid;
hmac->gid = st.st_gid;
-@@ -1102,7 +1136,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
+@@ -1188,7 +1222,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
struct h_misc_32 *hmac = (struct h_misc_32 *)&hmac_misc;
hmac_size = sizeof(*hmac);
@@ -164,7 +164,7 @@ @@ -1102,7 +1136,7 @@ static int calc_evm_hmac(const char *file, const char *key
hmac->generation = generation;
hmac->uid = st.st_uid;
hmac->gid = st.st_gid;
-@@ -1666,6 +1700,9 @@ static void usage(void)
+@@ -2476,6 +2510,9 @@ static void usage(void)
" --smack use extra SMACK xattrs for EVM\n"
" --m32 force EVM hmac/signature for 32 bit target system\n"
" --m64 force EVM hmac/signature for 64 bit target system\n"
@@ -174,7 +174,7 @@ @@ -1666,6 +1700,9 @@ static void usage(void)
" --ino use custom inode for EVM\n"
" --uid use custom UID for EVM\n"
" --gid use custom GID for EVM\n"
-@@ -1716,6 +1753,7 @@ static struct option opts[] = {
+@@ -2528,6 +2565,7 @@ static struct option opts[] = {
{"recursive", 0, 0, 'r'},
{"m32", 0, 0, '3'},
{"m64", 0, 0, '6'},
@@ -182,31 +182,31 @@ @@ -1716,6 +1753,7 @@ static struct option opts[] = {
{"portable", 0, 0, 'o'},
{"smack", 0, 0, 128},
{"version", 0, 0, 129},
-@@ -1774,7 +1812,7 @@ int main(int argc, char *argv[])
+@@ -2600,7 +2638,7 @@ int main(int argc, char *argv[])
g_argc = argc;
while (1) {
-- c = getopt_long(argc, argv, "hvnsda:e:op::fu::k:t:ri", opts, &lind);
-+ c = getopt_long(argc, argv, "hvnsda:e:op::fu::k:t:rim", opts, &lind);
+- c = getopt_long(argc, argv, "hvnsda:op::fu::k:t:ri", opts, &lind);
++ c = getopt_long(argc, argv, "hvnsda:op::fu::k:t:rim", opts, &lind);
if (c == -1)
break;
-@@ -1847,6 +1885,9 @@ int main(int argc, char *argv[])
+@@ -2670,6 +2708,9 @@ int main(int argc, char *argv[])
case '6':
msize = 64;
break;
+ case 'm':
-+ params.image_mode = true;
++ imaevm_params.image_mode = true;
+ break;
case 128:
evm_config_xattrnames = evm_extra_smack_xattrs;
break;
diff --git a/src/imaevm.h b/src/imaevm.h
-index ed92e4d8981d..7e32d09c6538 100644
+index 45039199ab31..2f78a31ab438 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
-@@ -182,6 +182,7 @@ struct libevm_params {
- const char *evm_hash_algo;
+@@ -196,6 +196,7 @@ struct libimaevm_params {
+ const char *hash_algo;
const char *keyfile;
const char *keypass;
+ bool image_mode;
@@ -214,31 +214,23 @@ @@ -182,6 +182,7 @@ struct libevm_params {
struct RSA_ASN1_template {
diff --git a/src/libimaevm.c b/src/libimaevm.c
-index 4c093a038b72..866f74b39b41 100644
+index 002b0657337c..1cdf1dc590cc 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
-@@ -40,6 +40,7 @@
-
- /* should we use logger instead for library? */
- #define USE_FPRINTF
-+#define _GNU_SOURCE
-
- #include <sys/types.h>
- #include <sys/param.h>
-@@ -49,6 +50,7 @@
- #include <dirent.h>
- #include <string.h>
+@@ -51,6 +51,7 @@
#include <stdio.h>
+ #include <assert.h>
+ #include <ctype.h>
+#include <sys/xattr.h>
+ #include <openssl/crypto.h>
#include <openssl/pem.h>
- #include <openssl/evp.h>
-@@ -224,7 +226,28 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
+@@ -193,7 +194,28 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
}
while ((de = readdir(dir))) {
- ino = de->d_ino;
-+ if (params.image_mode) {
++ if (imaevm_params.image_mode) {
+ char *name;
+ char buf[128] = { };
+
diff --git a/patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch b/patches/ima-evm-utils-1.3.2/0007-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
similarity index 86%
rename from patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
rename to patches/ima-evm-utils-1.3.2/0007-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
index 12b77a132002..251f7136b42b 100644
--- a/patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
+++ b/patches/ima-evm-utils-1.3.2/0007-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
@@ -15,16 +15,16 @@
1 file changed, 3 insertions(+)
diff --git a/src/libimaevm.c b/src/libimaevm.c
-index 866f74b39b41..834b738426bf 100644
+index 1cdf1dc590cc..6bb0b0757c42 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
-@@ -226,6 +226,9 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
+@@ -194,6 +194,9 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
}
while ((de = readdir(dir))) {
+ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, ".."))
+ continue;
+
- if (params.image_mode) {
+ if (imaevm_params.image_mode) {
char *name;
char buf[128] = { };
diff --git a/patches/ima-evm-utils-1.1/0012-Fix-warning-for-non-debug-use-case.patch b/patches/ima-evm-utils-1.3.2/0008-Fix-warning-for-non-debug-use-case.patch
similarity index 86%
rename from patches/ima-evm-utils-1.1/0012-Fix-warning-for-non-debug-use-case.patch
rename to patches/ima-evm-utils-1.3.2/0008-Fix-warning-for-non-debug-use-case.patch
index 80073f19aaf5..2cddf569a91d 100644
--- a/patches/ima-evm-utils-1.1/0012-Fix-warning-for-non-debug-use-case.patch
+++ b/patches/ima-evm-utils-1.3.2/0008-Fix-warning-for-non-debug-use-case.patch
@@ -14,10 +14,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/evmctl.c b/src/evmctl.c
-index 9003f7640c0f..4422c0e84d4a 100644
+index a4d784a5bfb6..7c1f15082615 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
-@@ -1191,7 +1191,7 @@ static int hmac_evm(const char *file, const char *key)
+@@ -1279,7 +1279,7 @@ static int hmac_evm(const char *file, const char *key)
return 0;
}
diff --git a/patches/ima-evm-utils-1.3.2/0009-HACK-don-t-generate-the-man-page.patch b/patches/ima-evm-utils-1.3.2/0009-HACK-don-t-generate-the-man-page.patch
new file mode 100644
index 000000000000..b0c39f6ee75a
--- /dev/null
+++ b/patches/ima-evm-utils-1.3.2/0009-HACK-don-t-generate-the-man-page.patch
@@ -0,0 +1,60 @@
+From: Roland Hieber <rhi@pengutronix.de>
+Date: Mon, 14 Jun 2021 01:52:53 +0200
+Subject: [PATCH] HACK: don't generate the man page
+
+Also prevent host path leakage for
+/usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl,
+which is autodetected by EVMCTL_MANPAGE_DOCBOOK_XSL when it exists on
+the build host.
+
+Signed-off-by: Roland Hieber <rhi@pengutronix.de>
+---
+ Makefile.am | 18 ------------------
+ configure.ac | 2 --
+ 2 files changed, 20 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 17fd478eff2f..26e3d4843d0e 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -1,7 +1,4 @@
+ SUBDIRS = src tests
+-if MANPAGE_DOCBOOK_XSL
+-dist_man_MANS = evmctl.1
+-endif
+
+ doc_DATA = examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
+ EXTRA_DIST = autogen.sh $(doc_DATA)
+@@ -25,19 +22,4 @@ rpm: $(tarname)
+ cp $(tarname) $(SRCS)/
+ rpmbuild -ba --nodeps $(SPEC)
+
+-if MANPAGE_DOCBOOK_XSL
+-evmctl.1.html: README
+- @asciidoc -o $@ $<
+-
+-evmctl.1:
+- asciidoc -d manpage -b docbook -o evmctl.1.xsl README
+- xsltproc --nonet -o $@ $(MANPAGE_DOCBOOK_XSL) evmctl.1.xsl
+- rm -f evmctl.1.xsl
+-
+-rmman:
+- rm -f evmctl.1
+-
+-doc: evmctl.1.html rmman evmctl.1
+-endif
+-
+ .PHONY: $(tarname)
+diff --git a/configure.ac b/configure.ac
+index e1ed1000858c..6cc076713453 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -56,8 +56,6 @@ else
+ CFLAGS="$CFLAGS -Wall -Wstrict-prototypes -pipe -fomit-frame-pointer"
+ fi
+
+-EVMCTL_MANPAGE_DOCBOOK_XSL
+-
+ # for gcov
+ #CFLAGS="$CFLAGS -Wall -fprofile-arcs -ftest-coverage"
+ #CXXFLAGS="$CXXFLAGS -Wall -fprofile-arcs -ftest-coverage"
diff --git a/patches/ima-evm-utils-1.1/autogen.sh b/patches/ima-evm-utils-1.3.2/autogen.sh
similarity index 100%
rename from patches/ima-evm-utils-1.1/autogen.sh
rename to patches/ima-evm-utils-1.3.2/autogen.sh
diff --git a/patches/ima-evm-utils-1.3.2/series b/patches/ima-evm-utils-1.3.2/series
new file mode 100644
index 000000000000..0ff0d9aef8e1
--- /dev/null
+++ b/patches/ima-evm-utils-1.3.2/series
@@ -0,0 +1,12 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-INSTALL-remove-file-at-it-s-autogenerated-by-autotoo.patch
+0002-evmctl-find-add-missing-closedir-dir-on-error.patch
+0003-evmctl-find-add-missing-error-handling-and-propagate.patch
+0004-evmctl-add-fallback-definitions-for-XATTR_NAME_IMA.patch
+0005-libimaevm-use-SHA_DIGEST_LENGTH-instead-of-open-codi.patch
+0006-evmctl-add-support-for-offline-image-preparation.patch
+0007-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch
+0008-Fix-warning-for-non-debug-use-case.patch
+0009-HACK-don-t-generate-the-man-page.patch
+# 537ff71d727921132bf8bd9102e3a3e3 - git-ptx-patches magic
diff --git a/rules/ima-evm-utils.make b/rules/ima-evm-utils.make
index 3a0ce4660c87..6f483ec8c935 100644
--- a/rules/ima-evm-utils.make
+++ b/rules/ima-evm-utils.make
@@ -1,7 +1,7 @@
# -*-makefile-*-
#
# Copyright (C) 2013 by Michael Grzeschik <mgr@pengutronix.de>
-# 2015 by Marc Kleine-Budde <mkl@pengutronix.de>
+# 2015, 2020 by Marc Kleine-Budde <mkl@pengutronix.de>
# 2021 Roland Hieber, Pengutronix <rhi@pengutronix.de>
#
# For further information about the PTXdist project and license conditions
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_IMA_EVM_UTILS) += ima-evm-utils
#
# Paths and names
#
-IMA_EVM_UTILS_VERSION := 1.1
-IMA_EVM_UTILS_MD5 := 77455aeee54fdc7a70c733bcb65d33cc
+IMA_EVM_UTILS_VERSION := 1.3.2
+IMA_EVM_UTILS_MD5 := 55cc0e2c77a725f722833c3b4a36038c
IMA_EVM_UTILS := ima-evm-utils-$(IMA_EVM_UTILS_VERSION)
IMA_EVM_UTILS_SUFFIX := tar.gz
IMA_EVM_UTILS_URL := $(call ptx/mirror, SF, linux-ima/ima-evm-utils/$(IMA_EVM_UTILS).$(IMA_EVM_UTILS_SUFFIX))
@@ -35,6 +35,7 @@ IMA_EVM_UTILS_LICENSE_FILES := \
IMA_EVM_UTILS_CONF_TOOL := autoconf
IMA_EVM_UTILS_AUTOCONF := \
$(CROSS_AUTOCONF_USR) \
+ --enable-openssl-conf \
--disable-debug
# ----------------------------------------------------------------------------
--
2.29.2
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
next prev parent reply other threads:[~2021-06-16 16:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-16 16:16 [ptxdist] [PATCH v2 1/3] ima-evm-utils: fix license statement Roland Hieber
2021-06-16 16:16 ` Roland Hieber [this message]
2021-06-29 5:09 ` [ptxdist] [APPLIED] ima-evm-utils: version bump 1.1 -> 1.3.2 Michael Olbrich
2021-06-16 16:16 ` [ptxdist] [PATCH v2 3/3] systemd: make hostnamed and quotacheck optional Roland Hieber
2021-06-29 5:09 ` [ptxdist] [APPLIED] " Michael Olbrich
2021-06-29 5:09 ` [ptxdist] [APPLIED] ima-evm-utils: fix license statement Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210616161655.15480-2-rhi@pengutronix.de \
--to=rhi@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox