From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 04 Feb 2022 22:52:26 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nG6VG-005s5S-JF for lore@lore.pengutronix.de; Fri, 04 Feb 2022 22:52:26 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nG6VF-0008CZ-VT; Fri, 04 Feb 2022 22:52:25 +0100 Received: from mail-eopbgr70081.outbound.protection.outlook.com ([40.107.7.81] helo=EUR04-HE1-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nG6UF-00081d-8x for ptxdist@pengutronix.de; Fri, 04 Feb 2022 22:51:23 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HWFSQDUXaJBxkjJif2WqXvp0hg1DlfKtSeAmRBuxzxj7Iog+QOJ7CpZwkGpKWSCBafx8Qj6hykW5b7R10csm6m0xvXvggX46XxdFbJxWNkwFMb1DTXQjt7OQ7AIjIlFsXTNEsRn5zz8HaMAJ610Y2+2b62EdrSugPaoZfoneGOnc0oqfn7A9L87lo3Y7cAPgcRYtrwh98BWdifc7rViiO6K9RyriNAFbfeFSyD2wOyP2w/g8lzde+WjNpEUuk66B57pzZKAV05DgJ47C+Wc1MmikDm1mgDNQ67P9Fb/0Y2RembD9d2okmVYQm0JPxbboLekPdYi5kaHPZJ3+ODTBGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P08s7W/tTAOatR6CaZdZd/bOkGOcCHXps2pkojm4OnI=; b=lWjCHPqHe+CwMDqfaKSKMmV+q6lDrz+nljr0P3MJPS0zKWKtX4Di03VBKOy+yxbGWnJV9i+H0WIoaVLNbD/ZTT8WQdr7+nYpleebxYDezGHLWMHTdQweX2XrKDb7MNMhWcg2iDPZHoTc2TbhIa5WqTM39Fs0s+wwxloGWy1A6XiVXrIohnnM304Bd8wTwUf4A2DcEaqmWtZ4sFjZMcaud/nSqcUYoF2SqMS02R+jBHu4wSuLj3SYEucamb6rWaDwl0G/EtNj21rXY1vmb6Sec6yzX+7i2GajFFQDkjaRI9Mefmi8ukpVkfRUva4Y3kj5JjDLC7eFLmbAmp1PHeI70w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P08s7W/tTAOatR6CaZdZd/bOkGOcCHXps2pkojm4OnI=; b=IB0G5sABqC6uUrKYBYkXJg2BLYUcQVzv4YuzW90oLmpCDzIc7oTCoUosPgp9+awOu7UcSHtVdtUMelyfcuAZTf2pZrR9S7OYuD+UW2haF6a79vnaqIH8DDSfOPoYK0g3mNq2/vU5gNHtQ0PLpN57RJE6Sz6CB23WvSN6PnOmJMU= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by AM9P251MB0266.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:411::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.16; Fri, 4 Feb 2022 21:51:16 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe%4]) with mapi id 15.20.4951.017; Fri, 4 Feb 2022 21:51:16 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Fri, 4 Feb 2022 22:51:02 +0100 Message-Id: <20220204215102.1833387-2-christian.melki@t2data.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220204215102.1833387-1-christian.melki@t2data.com> References: <20220204215102.1833387-1-christian.melki@t2data.com> X-ClientProxiedBy: GV3P280CA0043.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::7) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4f5c3210-bb76-46ec-98d6-08d9e828781f X-MS-TrafficTypeDiagnostic: AM9P251MB0266:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4125; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: t4JpjYllkU6jvU9tfAexPMuyphlcYPaVcf3tJ1gEUMNq/ySka1tHg+mWw0nIja79vig2JlEI6qhi5PpJBMmdvFrJfnLsH/rltOlic0wfSu2yqU98iaRpYOQsbrBxwZJLdHkwt85OOAbHkCqUtX4ibTgZwwxpeWzp/hrH8eh2HeF1wdGj0jgHyHPqjAI1ch4+tkpYfRK7jOlEHR40oS9BlmPJWw7fAp7IFWwBt23AlJan7wAJbH0vWkTeTu8F9WycRBIYvx9mQ7+stxueOFPYZCCA0mMEvoiV0TPjLdrPOWTvuV8cN4cVcDWCgXgnM+9b24IZFK6xtmDQ9nxwuMfPQYd1nVvtv0zZtaCvtPbZBdhhGjqcr7nfID15xyuut8cLnkyjrNbihXiVZ4uCb/ORNnqHr0h6oHRUH6IfnmQsSeUgjRqTPpa/S6XwVsS0JrtDc8dgpvJ2G7ZCJQTo+nF4MqntQMBg7Kt3+drEowpPR/yB9cI7+0jXsAHxQ77J7cK6JrBMZfy5XjDGL18/elgliaTslZGLG7DGJSnznhWBKWZpbB/BiEoDxuzxQF1VYiIF6K49tMco9ADpnEJP9UXDuxYKK42BXS7f6phJFD/BJM6bbnxEboq3OQ/5lLZC5/7OcZBaoJQhffwdNsXBTpheOsap5lGlkSR4A/EU3RDVcIElh1bZLQIoLb3Fy6rzZ03dxNPlSY3Ryfv8m+GmB62arydbd4ifkJYpyAcLyNmr9Kl7H0Q/teA9SEVRj+V+2qclj8v5fBukRNlZYpmXueZ8eq9Q2F+UmDxPhmoEC3e0i3o3HA0TV1WAC8TVnGWOsuj74atV6WNO5eBCEI2/1hfq+A== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(396003)(366004)(346002)(376002)(136003)(39830400003)(8936002)(66476007)(1076003)(86362001)(44832011)(966005)(66946007)(66556008)(36756003)(186003)(26005)(2616005)(6916009)(6486002)(316002)(508600001)(5660300002)(38100700002)(38350700002)(8676002)(2906002)(52116002)(6512007)(6666004)(6506007)(83380400001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?JxepeOSgkRwsmRBRFT1poAZ2ri3/CCafvC9NHD19PZMQxMGNJGn9WhVpCIBB?= =?us-ascii?Q?X3H6P/dpYCy9EAJz4yF/hjCOjJM0Bglg7kxtgyoLYQHc5NsfZqtcxFA1LwFA?= =?us-ascii?Q?JcD20zYhMNqx6htRI30n+V7Bmx+9bpTItS9zLJEvQ9gHeEnO5sEzQtKveXRN?= =?us-ascii?Q?XWrys5sI9mYEfS2XGF5f8Celv76/1h9DvF8Zatj1mFKu/Bd2nR973XrWovag?= =?us-ascii?Q?8yndGv/4+EaY+qye1zJ8yQ4prKNe5V8Yms1WjecMxhIblOohsTKKayj9r7ft?= =?us-ascii?Q?n5GO0JpKwZYcy1KpEkAl9egi7wwxna5+JXrspQsKdR+ttRS4AquPaqo8STW3?= =?us-ascii?Q?Umlz0J8BMTOLOP4uTiUJIdLH8hbneuclehRLExblYj18zlPPA61NWedQzewA?= =?us-ascii?Q?xnQVjOWnwHO4unFDWRgnlcBY2/0+6UiPevgB9yDbTYvYxxt3a8FIDeamfs3/?= =?us-ascii?Q?pp6v9JZ96/13n7pbYojZ5+UbD/mxtpolFn31etePhTZOYoMGqTSxDAxK5qCm?= =?us-ascii?Q?l/rAvIz7TcV5S7PqojMDa5xBise4MYQVv/M3bkWaayi0XUQnpwlYOxGAqPqx?= =?us-ascii?Q?fujIWBaOf0UsBQxoO67nfSwZeZOdOPePnEdfn461nLbdZV4FyAvqksUBhUhy?= =?us-ascii?Q?UqibboLamUPjIIfCjddzzJvQDLHXezHPOK3kKaTr7DF0Tlu4fL0oUrIdPz1v?= =?us-ascii?Q?2QhWNwDGkDAK6fjBCoFYVyztcCHPGGM0D0fOkr7U7QknmZtT5lpUMIRlL4b7?= =?us-ascii?Q?eqlMszStSuYkJXPCSEehdv9nikSzE3YPx4gEOU2tsqmyqc/SigN1odZ2nr2Y?= =?us-ascii?Q?b3zT+NpFQCJoKWpPDYYi/k9LxRMyiD6/xMlLLvlOCBt+ONLVKDVNrdENGQ+e?= =?us-ascii?Q?vHgH8K0Nog52dnHp9ZP3nE41mupsA+2DxZI0R+STX4YR2zQc56Nm72U62S2T?= =?us-ascii?Q?lZm6DCll4gqE5c+qlD1gp8+/kTRzaOMjGuZFxHUuDoWykPL0iiT73BRdkYQI?= =?us-ascii?Q?SUR0kjap7a6+MZTLz/q0pOtLRc9y8HgxuUG+glzrhy7qyeeTyDi9Pna2i62X?= =?us-ascii?Q?e+Af+pwo8tqEL69Y/yhvsMoSFqkKB57PHrd1kbbx5r/OMHCtE/cXdDH99ysg?= =?us-ascii?Q?g1zO2wTPz48LQ3DQiCs8teUAAwb0WTMD3KAVQitS3udQb8Y3w+PsKJGkt7oY?= =?us-ascii?Q?ozSgefTAnMv2245BseePj56ng1LgNIcJ7GPmMUMioOIxvcKGyHu/4HGqIqel?= =?us-ascii?Q?HMfzSVE5j2A5qeMscyrEg6JuHPTjlmkl8tXXJGP7c7m2v+nA0IcJRzVc2wL3?= =?us-ascii?Q?0M6omJhSXXsY8yV3jJr5kOL92T8tEzRGC7v5DHDcjbKO7vTi7p3V+qaid30f?= =?us-ascii?Q?Kml6Dp+lEDSO84x4ns190/IlUCu26IoHeXnKmNtbxfrzN8j16DwsAgZZwguh?= =?us-ascii?Q?gvDx1GecHlV7D1raMIEkG7AmKLjNJdYeCgNHNMWuzpvE7esnAFvAV2Pmc7VG?= =?us-ascii?Q?MkWxqcENVelxoXj2QgW8WjTcUY//yTAZoOEG46060nV1gMxO2T8fwVHF5NKD?= =?us-ascii?Q?HcnVKNqT0Atlb0Rl/BdajfyPTNqIDGlU58Y5MRY9PzuyaKN8fLSjTL7JBsKl?= =?us-ascii?Q?rZIozRfO+OycSZ+z8ZHu0JwdBpIRHkkgERF3hgx7roonzgQ+lqtlRS+BfEGA?= =?us-ascii?Q?TW2R2qOQlfwsT91ib7iXb8rn6yQ=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4f5c3210-bb76-46ec-98d6-08d9e828781f X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2022 21:51:16.2558 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: PW6XlxVUG7r08PtLqK0SJvXu6a1vzLGISyL/nEhnCdaFvPZTiplaDVKlAksXScKttC4drwbMvcmJ7oEYsZhPtKFRx9k49PuwVugkUzfGpPQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P251MB0266 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH v5] tpm2-tools: Version bump. 4.1 -> 5.2 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Approx 2 years worth of fixes. https://github.com/tpm2-software/tpm2-tools/releases * Fixes CVE-2021-3565. * Update license file hash. File moved to a new directory. * tpm2-tools now optionally depends on EFIVAR for prettyprinting device paths. * Update tpm2 binaries. Change them to softlinks. Binary wants to be called busybox-style. Signed-off-by: Christian Melki --- rules/tpm2-tools.in | 14 +++++++++++++- rules/tpm2-tools.make | 34 +++++++++++++++++++++++++++------- 2 files changed, 40 insertions(+), 8 deletions(-) diff --git a/rules/tpm2-tools.in b/rules/tpm2-tools.in index 4c9cbaa92..20a3a7b7e 100644 --- a/rules/tpm2-tools.in +++ b/rules/tpm2-tools.in @@ -1,13 +1,25 @@ ## SECTION=tpm -config TPM2_TOOLS +menuconfig TPM2_TOOLS tristate select TPM2_TSS select OPENSSL select LIBCURL + select EFIVAR if TPM2_TOOLS_USE_EFIVAR prompt "tpm2-tools" help This package contains a set of tools to use with TPM 2.0 chips, for common tasks and features provided by the hardware; such as for doing basic key management, attestation, encryption and signing. + +if TPM2_TOOLS + +config TPM2_TOOLS_USE_EFIVAR + bool + prompt "Use efivar" + help + Building with efivar enables pretty-printing of + the device path. + +endif diff --git a/rules/tpm2-tools.make b/rules/tpm2-tools.make index ead881ffb..357bb245e 100644 --- a/rules/tpm2-tools.make +++ b/rules/tpm2-tools.make @@ -14,15 +14,15 @@ PACKAGES-$(PTXCONF_TPM2_TOOLS) += tpm2-tools # # Paths and names # -TPM2_TOOLS_VERSION := 4.1 -TPM2_TOOLS_MD5 := aecec22668233776922909f2ebf55e65 +TPM2_TOOLS_VERSION := 5.2 +TPM2_TOOLS_MD5 := 0057615ef43b9322d4577fc3bde0e8d6 TPM2_TOOLS := tpm2-tools-$(TPM2_TOOLS_VERSION) TPM2_TOOLS_SUFFIX := tar.gz TPM2_TOOLS_URL := https://github.com/tpm2-software/tpm2-tools/releases/download/$(TPM2_TOOLS_VERSION)/$(TPM2_TOOLS).$(TPM2_TOOLS_SUFFIX) TPM2_TOOLS_SOURCE := $(SRCDIR)/$(TPM2_TOOLS).$(TPM2_TOOLS_SUFFIX) TPM2_TOOLS_DIR := $(BUILDDIR)/$(TPM2_TOOLS) TPM2_TOOLS_LICENSE := BSD-3-Clause -TPM2_TOOLS_LICENSE_FILES := file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc +TPM2_TOOLS_LICENSE_FILES := file://doc/LICENSE;md5=a846608d090aa64494c45fc147cc12e3 # ---------------------------------------------------------------------------- # Prepare @@ -32,6 +32,10 @@ TPM2_TOOLS_LICENSE_FILES := file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc # autoconf # TPM2_TOOLS_CONF_TOOL := autoconf +TPM2_TOOLS_CONF_ENV := \ + $(CROSS_ENV) \ + $(call ptx/ifdef, PTXCONF_TPM2_TOOLS_USE_EFIVAR,,ac_cv_header_efivar_efivar_h=no) + TPM2_TOOLS_CONF_OPT := \ $(CROSS_AUTOCONF_USR) \ --enable-debug=info \ @@ -48,10 +52,11 @@ TPM2_TOOLS_CFLAGS := \ # Target-Install # ---------------------------------------------------------------------------- -TPM2_TOOLS_PROGS := \ +TPM2_TOOLS_TPM2_PROGS := \ tpm2_activatecredential \ tpm2_certify \ tpm2_certifycreation \ + tpm2_certifyX509certutil \ tpm2_changeauth \ tpm2_changeeps \ tpm2_changepps \ @@ -59,6 +64,7 @@ TPM2_TOOLS_PROGS := \ tpm2_clear \ tpm2_clearcontrol \ tpm2_clockrateadjust \ + tpm2_commit \ tpm2_create \ tpm2_createak \ tpm2_createek \ @@ -66,12 +72,20 @@ TPM2_TOOLS_PROGS := \ tpm2_createprimary \ tpm2_dictionarylockout \ tpm2_duplicate \ + tpm2_ecdhkeygen \ + tpm2_ecdhzgen \ + tpm2_ecephemeral \ tpm2_encryptdecrypt \ + tpm2_eventlog \ tpm2_evictcontrol \ tpm2_flushcontext \ tpm2_getcap \ + tpm2_getcommandauditdigest \ + tpm2_geteccparameters \ tpm2_getekcertificate \ + tpm2_getpolicydigest \ tpm2_getrandom \ + tpm2_getsessionauditdigest \ tpm2_gettestresult \ tpm2_gettime \ tpm2_hash \ @@ -103,6 +117,7 @@ TPM2_TOOLS_PROGS := \ tpm2_policyauthvalue \ tpm2_policycommandcode \ tpm2_policycountertimer \ + tpm2_policycphash \ tpm2_policyduplicationselect \ tpm2_policylocality \ tpm2_policynamehash \ @@ -125,7 +140,9 @@ TPM2_TOOLS_PROGS := \ tpm2_rsaencrypt \ tpm2_selftest \ tpm2_send \ + tpm2_sessionconfig \ tpm2_setclock \ + tpm2_setcommandauditstatus \ tpm2_setprimarypolicy \ tpm2_shutdown \ tpm2_sign \ @@ -134,7 +151,8 @@ TPM2_TOOLS_PROGS := \ tpm2_stirrandom \ tpm2_testparms \ tpm2_unseal \ - tpm2_verifysignature + tpm2_verifysignature \ + tpm2_zgen2phase $(STATEDIR)/tpm2-tools.targetinstall: @$(call targetinfo) @@ -145,8 +163,10 @@ $(STATEDIR)/tpm2-tools.targetinstall: @$(call install_fixup, tpm2-tools,AUTHOR,"Marc Kleine-Budde ") @$(call install_fixup, tpm2-tools,DESCRIPTION,missing) - @$(foreach prog, $(TPM2_TOOLS_PROGS), \ - $(call install_copy, tpm2-tools, 0, 0, 0755, -, /usr/bin/$(prog))$(ptx/nl)) + @$(call install_copy, tpm2-tools, 0, 0, 0755, -, /usr/bin/tpm2) + + @$(foreach prog, $(TPM2_TOOLS_TPM2_PROGS), \ + @$(call install_link, tpm2-tools, tpm2, /usr/bin/$(prog))$(ptx/nl)) @$(call install_finish, tpm2-tools) -- 2.30.2 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de