From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 28 Jan 2022 18:37:04 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nDVBI-00GGcH-Mo for lore@lore.pengutronix.de; Fri, 28 Jan 2022 18:37:04 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nDVBH-00059U-O0; Fri, 28 Jan 2022 18:37:03 +0100 Received: from mail-vi1eur05on2047.outbound.protection.outlook.com ([40.107.21.47] helo=EUR05-VI1-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nDVB6-00059K-6Y for ptxdist@pengutronix.de; Fri, 28 Jan 2022 18:36:54 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hNv47zT/ke/A3Kq0PaphqWS8gQ7BRYrOaXhE3f4X7Jay0HKIsMzncTcwr8mOXMTcIGguLMJcky6Dra2T4geYsgvnZOxUnuJW56trQYeOxzyC+KvdCTEfRNxz2GVJOf7cE1KBZDq+23UtjoNzXf/5LcMZVZznGmuqhqy6c2kQgGNgS5U5TP790/627yBivq5StnzKSE5iL0tI+iKWmaoVsIlZfYUf1P6cVY2R6Mo5VQ8cnrSZ/RfjVT/vvNSi1fD+nivjAspfQ535lfTTcTkNUscgb7dCFTSYtwBpLaq5M7TRCenYJVOd3m4MxRf1fEODNFmPXYldUKskwvQJDRVh4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0IfeTn3X/JgY3eYE8jGBAyUDKsZXkMquLbVNPWTCruA=; b=TqAahCP4Mr1c/f5mCIY0liUDS7+kw19SDjAChXZuKkKHijOsXDrsMvyYbPHD7Hj/MFemRPPWzqMrwwb1ZrgOSbdCJUqUpUNCrJBoosdeq+dxsMNUGX0/s4itkJ1ehHNxaqJlmeEm4kzN1Tch3qgiz594shNMNw0TYzFOl47pdIUKasEK06ObXfilHlcJK8CQzfCOekJzybEMpyby2JQqA+egnEGkEN+S97WU4fImD/JG9SSgs/TKfXMctrLUiTfdTo5SWF+AT/FA8PX4Rw1l6rWXtiB1DqGC7tttoqLaPpVSztvGPoU5Ld5JqJdx4XUmB91F2DSBxM0PQO1CPAG13g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0IfeTn3X/JgY3eYE8jGBAyUDKsZXkMquLbVNPWTCruA=; b=VnsoFtqZEm6Sw+6AKMf42/hKrrpGotsreZaIk6fjKe7JlUz/zx7c3K7jAkkbSaxAffXRvbVFXIBqMFSsAfV880o8qQlVYE2xuCzeHurD4/hWtSO0D1lXO+Ly8OgyXaAOeKaxBi6BKqYMc/mx8sn0mKn0req0TcEYmn9Jugivdtk= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by AM9P251MB0366.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:41c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.18; Fri, 28 Jan 2022 17:36:50 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe%4]) with mapi id 15.20.4930.015; Fri, 28 Jan 2022 17:36:50 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Fri, 28 Jan 2022 18:36:43 +0100 Message-Id: <20220128173643.2593042-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.30.2 X-ClientProxiedBy: GV3P280CA0054.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::24) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 83b193a5-ec83-4d32-ddbd-08d9e284c3f0 X-MS-TrafficTypeDiagnostic: AM9P251MB0366:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4125; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7cfRvQnXgSVPJrK6uU82DViMDGu2i5h8UHEODphAssxKLBZbmaw7AZBtE4O5b0wj0I3ikBRbwWeo+3e+3uohKwH++NoHoVZKn2GxCiegO/TwHaPqlZGBXK4vbzM7SSX/dkUWI0wjqH3yWuDedeb84/vK4xxYB3f+Lr7NbPCzA8Pd1cTmeFRcfbLRhxB7dcXwOh6x3rkWV2YQydDGXa/xjmZOymR6d2mcDQV4aY4ymmNek7X4V/DwIzwI0rGF3qctQFmRwACkhQVMz1AZLUNnb8T80d32PT0QjHlAMBUCNWHDU9MY7V0KXMH7Mtmdn6/8XmpUeemJDNscqSHW010oxE3fSG2FpDM2DU5Atnt1fQ+47demC0mh7ibUGvomwEc3cFrlH53FJLWC00zc/CS+dJvHFsAl/8r+c/YAbGyMjoa5ch+m9semA0ld6Vuy8kM2VhhAJernlQRhwpC/8TnPpzvfkPNZyDwI/cq741LTWuKjG9DCZUyyXukSzf9XutJIx5f+vJk/TLrjGTqYrHr+sV+pi3Y/JX4jgXZi411+WTO5nb8GXO0LH6Wh26LyKAFDaUO6CSuiRbHiKmEolAgk1qTLs00uYDv6I2bJnFvtNpld9u5ZO3bdtmapzGCy5J0imbUh0Hf0rD+iyWr250ofF7Ab77UTMGfmEY94BvKrpwSGmStoXjJNER/bUN2FE4FhEy5qNkmwWmVn9nefLMGt+7TnrGi8sq0p2pMUePJnGRMyzZYxZn/hcDfwMvn0XqiGQSLUmYO01FUdE/uYPKb52V+O2BIVVPFNLsYVkydLkhs= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(396003)(346002)(39830400003)(136003)(366004)(376002)(66946007)(38350700002)(8676002)(86362001)(2906002)(5660300002)(38100700002)(44832011)(8936002)(66476007)(66556008)(6506007)(1076003)(2616005)(83380400001)(186003)(52116002)(6512007)(508600001)(6666004)(6916009)(6486002)(966005)(26005)(316002)(36756003)(20210929001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?/23NNNjqt/t2RjTjiSu8jbrNZu+wRSZU9481XPof3o15JjFqlKitKiOgKqJq?= =?us-ascii?Q?HB31iJHWvo0BCebxX5bBLcy+GIOGGYKGAbqeo0QmiCWyTHfrzHl7DGArAArD?= =?us-ascii?Q?e1cvWBnOFxSdUrqSFGDDyNV02OmR+6imDW8LeF1ZDjnOMOGP5TOCPXUK2059?= =?us-ascii?Q?mjeuy698IClDJWpLMkS9L1SAyJEYaTbTung5L+0r1RmEDk0xYEphd5nGXxqJ?= =?us-ascii?Q?zjIitWUau7l/bgYrbfE9JZYd/K6o67vP1dANgOOEJA+66n71ZERn71lHtlAM?= =?us-ascii?Q?yF8+AvfFWUcJq59vG6Knj+4q/tz6nyzR8k6FONg9do/7PMZfUvfNoi1NhFJR?= =?us-ascii?Q?NmUwBq+X9fUcb7W4OS3ltlwq43aqejrjtIrpwr1uPTxPS91Js7T1y8vCPwUA?= =?us-ascii?Q?bAjgEw3Up0JME8hm9L1LTgeHNbmzk5EfGGO2rp87o+jBV6MLyVeVrUw5ifB/?= =?us-ascii?Q?vhy9DzXAQ7jhyBmbdOpQXwrJEywNmue//WC814q5tB96j/kdnVVi3RqyJMYI?= =?us-ascii?Q?VpO8wf8gq27vWHyJJiT1030+9yf32Ob1bvAN6HQz20rMTW/q3CecRsvloMjT?= =?us-ascii?Q?Yd+0oJCJv9qZkcBnqBmznLdoJtVR8//HPCDURDOs/XlsFp56o87fa3HsGHyj?= =?us-ascii?Q?G/yxEW6qGJpKwOXCzOKYK61HeUJVRei+8sa0zcsqru/YZqBBn3ir2b+BqcnW?= =?us-ascii?Q?EUBYrcxvmp0UkmsNwKPssbdJY65o7ub+Y+9OpH4Xq6d07EfFJnIln9dGC3k+?= =?us-ascii?Q?uogAgEbSoxVDwMaEfClRnDqJTFZP8bhORHEe7pkmQUL0xEJubFw34qjo/aNH?= =?us-ascii?Q?rRY6R++sTGYA2pYC43B25vqQ77fiPqMKokaKqKbziECpCynuBz2GNmAKAky6?= =?us-ascii?Q?DP3w2M/5/1dXGhtDk105rxUqLSgH8KDqFfz/kdzVyNRXl6XT7lWf0OwNVq30?= =?us-ascii?Q?aHmpgngAm1H0FulYm+k22NeDaOQfTW6GawjL2QqgtQzG1vcYxetQZz7qQUbX?= =?us-ascii?Q?seGxAABDqTSlykfF4WPFzSoIyYKRnW9kCs/aWwJlVVFtjJkigmtq3cAS8/BK?= =?us-ascii?Q?2WScdUvvK7fJN/NBF8l8z9xoJN9RYCQRr7eFEhXiFB2qMZc+O6dA4hqruWnE?= =?us-ascii?Q?v/ZEoiojn+QDtyMheE6XxKgGtQ1f6MWRsZ49v/bxtpRHMd7rgKhJq3eke7wi?= =?us-ascii?Q?4wILZIR0mUJT5Kb7eUms1pBhInF1Qb76s2Hvkfi0LJsntPLpPI0ZRXsi60kL?= =?us-ascii?Q?3K8jwBEzQP/jg9J4jY9KShX3vw4vuYaxSuEnKffAQy0HzflQM2vN0fTg6Yr4?= =?us-ascii?Q?RZ25mKonBM2/PpNjki4gdCRuYarIlMYms4hmuPBnHWq3px65zck4FhDLTBeo?= =?us-ascii?Q?3m48dvSdFpJPmUkfk+Q6qtqfTXgD7kBh7YxTKESYQTRg5Gwyog+/Y0TMTYsn?= =?us-ascii?Q?QYVdX99nKVcr4xVjJQCWrh3bt5NRYYgN3sStzYBGAcWLINdAtviyfupbZI5P?= =?us-ascii?Q?DTBPVuPk5ELql2FjVPYfjAMA6xrEmReKLHlRtDuIz395sTHcSWMKtiYyniqg?= =?us-ascii?Q?VUmlbikcCRsx3L9g/CQA0GM8F5EcE5N7XIahlL701fZMRbgg1tW5l9oBuHYl?= =?us-ascii?Q?imAz69mGb2HbEbipu54dRmY9z05wzvhe3GmKe6KZq1djzBthleGUcc0a4Hb4?= =?us-ascii?Q?qivr4BNcuo7/x2NQs334G0jtzdc=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 83b193a5-ec83-4d32-ddbd-08d9e284c3f0 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jan 2022 17:36:50.1319 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 6MWrD/I+mgMJ+LDep5YnCh2EWR09Mr0qVLKSJjjKsLD4WinMFJqY9pqMpu/MJbn4BN02YgQwtL0pIPktI+mNiM1eZvimpMgX1CWHQDeuckA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P251MB0366 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH v4] tpm2-tools: Version bump. 4.1 -> 5.2 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Approx 2 years worth of fixes. https://github.com/tpm2-software/tpm2-tools/releases * Fixes CVE-2021-3565. * Update license file hash. File moved to a new directory. * tpm2-tools now optionally depends on EFIVAR for prettyprinting device paths. * Update tpm2 binaries. Change them to softlinks. Binary wants to be called busybox-style. Signed-off-by: Christian Melki --- rules/tpm2-tools.in | 14 +++++++++++++- rules/tpm2-tools.make | 34 +++++++++++++++++++++++++++------- 2 files changed, 40 insertions(+), 8 deletions(-) diff --git a/rules/tpm2-tools.in b/rules/tpm2-tools.in index 4c9cbaa92..20a3a7b7e 100644 --- a/rules/tpm2-tools.in +++ b/rules/tpm2-tools.in @@ -1,13 +1,25 @@ ## SECTION=tpm -config TPM2_TOOLS +menuconfig TPM2_TOOLS tristate select TPM2_TSS select OPENSSL select LIBCURL + select EFIVAR if TPM2_TOOLS_USE_EFIVAR prompt "tpm2-tools" help This package contains a set of tools to use with TPM 2.0 chips, for common tasks and features provided by the hardware; such as for doing basic key management, attestation, encryption and signing. + +if TPM2_TOOLS + +config TPM2_TOOLS_USE_EFIVAR + bool + prompt "Use efivar" + help + Building with efivar enables pretty-printing of + the device path. + +endif diff --git a/rules/tpm2-tools.make b/rules/tpm2-tools.make index ead881ffb..829df1bdc 100644 --- a/rules/tpm2-tools.make +++ b/rules/tpm2-tools.make @@ -14,15 +14,15 @@ PACKAGES-$(PTXCONF_TPM2_TOOLS) += tpm2-tools # # Paths and names # -TPM2_TOOLS_VERSION := 4.1 -TPM2_TOOLS_MD5 := aecec22668233776922909f2ebf55e65 +TPM2_TOOLS_VERSION := 5.2 +TPM2_TOOLS_MD5 := 0057615ef43b9322d4577fc3bde0e8d6 TPM2_TOOLS := tpm2-tools-$(TPM2_TOOLS_VERSION) TPM2_TOOLS_SUFFIX := tar.gz TPM2_TOOLS_URL := https://github.com/tpm2-software/tpm2-tools/releases/download/$(TPM2_TOOLS_VERSION)/$(TPM2_TOOLS).$(TPM2_TOOLS_SUFFIX) TPM2_TOOLS_SOURCE := $(SRCDIR)/$(TPM2_TOOLS).$(TPM2_TOOLS_SUFFIX) TPM2_TOOLS_DIR := $(BUILDDIR)/$(TPM2_TOOLS) TPM2_TOOLS_LICENSE := BSD-3-Clause -TPM2_TOOLS_LICENSE_FILES := file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc +TPM2_TOOLS_LICENSE_FILES := file://doc/LICENSE;md5=a846608d090aa64494c45fc147cc12e3 # ---------------------------------------------------------------------------- # Prepare @@ -32,6 +32,10 @@ TPM2_TOOLS_LICENSE_FILES := file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc # autoconf # TPM2_TOOLS_CONF_TOOL := autoconf +TPM2_TOOLS_CONF_ENV := \ + $(CROSS_ENV) \ + $(call ptx/ifdef, PTXCONF_TPM2_TOOLS_USE_EFIVAR,,ac_cv_header_efivar_efivar_h=no) + TPM2_TOOLS_CONF_OPT := \ $(CROSS_AUTOCONF_USR) \ --enable-debug=info \ @@ -48,10 +52,11 @@ TPM2_TOOLS_CFLAGS := \ # Target-Install # ---------------------------------------------------------------------------- -TPM2_TOOLS_PROGS := \ +TPM2_TOOLS_TPM2_PROGS := \ tpm2_activatecredential \ tpm2_certify \ tpm2_certifycreation \ + tpm2_certifyX509certutil \ tpm2_changeauth \ tpm2_changeeps \ tpm2_changepps \ @@ -59,6 +64,7 @@ TPM2_TOOLS_PROGS := \ tpm2_clear \ tpm2_clearcontrol \ tpm2_clockrateadjust \ + tpm2_commit \ tpm2_create \ tpm2_createak \ tpm2_createek \ @@ -66,12 +72,20 @@ TPM2_TOOLS_PROGS := \ tpm2_createprimary \ tpm2_dictionarylockout \ tpm2_duplicate \ + tpm2_ecdhkeygen \ + tpm2_ecdhzgen \ + tpm2_ecephemeral \ tpm2_encryptdecrypt \ + tpm2_eventlog \ tpm2_evictcontrol \ tpm2_flushcontext \ tpm2_getcap \ + tpm2_getcommandauditdigest \ + tpm2_geteccparameters \ tpm2_getekcertificate \ + tpm2_getpolicydigest \ tpm2_getrandom \ + tpm2_getsessionauditdigest \ tpm2_gettestresult \ tpm2_gettime \ tpm2_hash \ @@ -103,6 +117,7 @@ TPM2_TOOLS_PROGS := \ tpm2_policyauthvalue \ tpm2_policycommandcode \ tpm2_policycountertimer \ + tpm2_policycphash \ tpm2_policyduplicationselect \ tpm2_policylocality \ tpm2_policynamehash \ @@ -125,7 +140,9 @@ TPM2_TOOLS_PROGS := \ tpm2_rsaencrypt \ tpm2_selftest \ tpm2_send \ + tpm2_sessionconfig \ tpm2_setclock \ + tpm2_setcommandauditstatus \ tpm2_setprimarypolicy \ tpm2_shutdown \ tpm2_sign \ @@ -134,7 +151,8 @@ TPM2_TOOLS_PROGS := \ tpm2_stirrandom \ tpm2_testparms \ tpm2_unseal \ - tpm2_verifysignature + tpm2_verifysignature \ + tpm2_zgen2phase $(STATEDIR)/tpm2-tools.targetinstall: @$(call targetinfo) @@ -145,8 +163,10 @@ $(STATEDIR)/tpm2-tools.targetinstall: @$(call install_fixup, tpm2-tools,AUTHOR,"Marc Kleine-Budde ") @$(call install_fixup, tpm2-tools,DESCRIPTION,missing) - @$(foreach prog, $(TPM2_TOOLS_PROGS), \ - $(call install_copy, tpm2-tools, 0, 0, 0755, -, /usr/bin/$(prog))$(ptx/nl)) + @$(call install_copy, tpm2-tools, 0, 0, 0755, -, /usr/bin/tpm2) + + @$(foreach prog, $(TPM2_TOOLS_TPM2_PROGS), \ + @$(call install_link, tpm2-tools, /usr/bin/$(prog), /usr/bin/tpm2)$(ptx/nl)) @$(call install_finish, tpm2-tools) -- 2.30.2 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de