From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Sat, 29 Jan 2022 09:30:43 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nDj87-00GyJF-Nf for lore@lore.pengutronix.de; Sat, 29 Jan 2022 09:30:43 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nDj86-0006cP-LC; Sat, 29 Jan 2022 09:30:42 +0100 Received: from mail-am6eur05on2043.outbound.protection.outlook.com ([40.107.22.43] helo=EUR05-AM6-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nDj7b-0006ZD-K7; Sat, 29 Jan 2022 09:30:12 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lLEIsd4rnaGdMoTZcFWwaRQyubyA+a3hRQ6IgSXSzjZjJqUYLlnV2iX5aKSgQgP7HgcWsyHdy0E5DLnYKTEUW+SjbD2+2qdt5IcdyW5lt6ZaICk1GgqS3ZK2d7PryIDjzzG0UeV0/7Y4Z/4XSIYPUxrfDp08J2sh21l3fF8Jhmw/OCmfq1VmpfBwGKcg+Z7Na+gLS1aIPtACRrc7NtGHZbyV6OKM7c8EY7FI4qt5VlfqDefPVK+FQ+OX52O2OjZxCtKi6ccXGt0RaSRYROpdqjlWhCRyPRfkOq0wxR7WHbMVEMcfaTFhdG+y08MxXWD4Drkhi7jOmk5ojYzZbccwNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jW6gycjnJGpsrYm7kszqggiVQlWy3yB9QQFKQVNB+lU=; b=hf3QQx8gJ7xCFSk3k2+QwTcetT9G7pBXULi16d3p5kOraW7Vd4TIhuzKWIPzOpMorGBPR/qqzoMHMc1CVviFt4UzJB8oIDUmaeomfV58yFlCO6HFAL7MRn5K30CWDpesywVxu01heprYa/9G8w1dG/7zFa8aysvK8Yyi+pEZtD7ubZMapqNEPC97SgnqIYV69rUHm6MLQnZ1G8Ea6i69CoLVe+OwuV0GNdozCTVB9j1aZcLXRzZFOTMz8NQUBofD9880cKhwxWeXeSEE93ya3aCWLEqvmInTi1T9AfoHcpK3/6rpyPTFuOe8jH+R0S9ltMbGbjkcjilxUdqLnbhNlg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jW6gycjnJGpsrYm7kszqggiVQlWy3yB9QQFKQVNB+lU=; b=GpT+mhKlkOz9tOBDAMZKKlCetoATcaREjl0jrmgZoiR4dE9iIWxCmU3eS0YeFDKeptQhMlfIU3hsLhJYubDb/+ObrNpn5FtW/dg5VnlqNp1BZaSDalOk2vcMt7HM7aei8eGT/2wGe3+7PtqHT35MXK56+5fnPbRabG1l7k8jhBU= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by PAXP251MB0378.EURP251.PROD.OUTLOOK.COM (2603:10a6:102:20b::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.20; Sat, 29 Jan 2022 08:30:08 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe%4]) with mapi id 15.20.4930.020; Sat, 29 Jan 2022 08:30:08 +0000 Message-ID: <36c721f5-a9cc-d55c-cde3-1fa9a0568053@t2data.com> Date: Sat, 29 Jan 2022 09:29:43 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Content-Language: en-US To: Michael Olbrich References: <20220127143532.2212796-1-christian.melki@t2data.com> <20220127143532.2212796-11-christian.melki@t2data.com> <20220128183236.GE11273@pengutronix.de> From: Christian Melki In-Reply-To: <20220128183236.GE11273@pengutronix.de> X-ClientProxiedBy: GV3P280CA0092.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:8::10) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6e96e521-aeb5-4809-32eb-08d9e3018e95 X-MS-TrafficTypeDiagnostic: PAXP251MB0378:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: q9J7Fa3cOxg3aUmIXJdgknPhTMv+iYiVOh06wvh52dXtVOBs5p645PrN7n8+y257DLBE8CW1fM/CktVv0yn6svBTwmxVwmddanJUh33+GIiE//2bzuqRXwj/Yl8SyUkOBAodfEQd8IvBDHfu2Mv7dAK9EDiFqowGDEmB/xyBar+v3t6VhWrGatkS9sxAm8KHxcP0H53hfLQL/0OvuhFVwIRyZp/JZKMUAdWEsSMgtSIjwSjRLxokGL7wiAndarmjsf+8/f5OxuMVaj9CaBJATMhrkOXFdUccNK2Zrk6mdYrmAyHjRSetYHXyXKuY66QQJt/k//D2AChUx+aug6p2ygqPx3/HM7jKGp7UaM80Zm684KOcAnGENLy/yB/R0NZcMmNjq0VRGGFHXuul9d/hlfsR/+rReYls3m7qI074d5GN1Wmxzt4HAOdZxdukq1h8wUTyJIaEC77gwvC9c7QV48VF1rNucKYfX5YQbxmVLJWolPs6IeHzz4ruDLfFkmHHNpknaXQ2PderUcqmvYVIcoT4ZLn02faD7qhOSvikNWkO9T2HOyda2F++xicYLXSGL3uTesJZinq9/hCclAF3X915iW0safiagQ5lF062ccglT01FbdGv8irLTHeNhhd2P5+Gma7tEjY+Yp//xMBiBBymXYPr7AY0bFRbgts5J3DNJd5RJ+WkyT9vDrG6CeHtUaOqQQPlLo5yoLmt6XCC8xvhIkvbeMarnXmJihw5hHaQDtxEipV6zorE1IsSlU3BHm6PlpeMv037y7LOU3HIMyA7dslrLyiOPYvAPkhtHdEO+QN1bT0BoXusBGv8t/Uhv7PsSxioH20owV727TNVgjI/or5w0m+934AUraXdUiB/VYgFpOif3SaNTfna0oM2 X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(376002)(346002)(39830400003)(396003)(366004)(136003)(6486002)(6916009)(6512007)(2906002)(86362001)(31696002)(966005)(508600001)(6506007)(53546011)(38100700002)(38350700002)(450100002)(6666004)(66556008)(66476007)(66946007)(8936002)(186003)(3450700001)(26005)(44832011)(8676002)(4326008)(316002)(31686004)(36756003)(83380400001)(2616005)(5660300002)(52116002)(45980500001)(43740500002)(20210929001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?UnVjUng4WWYwRjRXNHVNYXkzV1cyZHIxN2F3amJiTmNTT25NSkxPYzI2alc2?= =?utf-8?B?SWpONjVzaE11UFJ0Tm9xYWNzcFF1UjBUakNselFmdUQvVEJDdHBIRFUxQXFE?= =?utf-8?B?Unp4MXJzMTQxWTRzMWVCRC85ZTdMU1dheTNWRDRZaDBISGJ5OVBxM1J0Wm45?= =?utf-8?B?TWVsQzVuMnJXY3FOTjAvNEtXWmJaMk5kUjFVUkVMaTZERGFOdWcwUnZVMERi?= =?utf-8?B?bGovMFZpZ2hDRFNVdlh6UThIR0N1REhSZjB3WHhLNU0rY2l3cWVnZnpMU2Y5?= =?utf-8?B?VUVWSW9TOEdOYmpMbm84VEhlY2lYNXF6Z3J5Mi9kS0pIMXQrYi9TRGFMQlRW?= =?utf-8?B?NW5uT0d4aTVxQzJsNkl5eXRFdWZOSzdnbDVoRjhMSmNlQ0pDV3BGdFdXVENW?= =?utf-8?B?bFhGb1o1QllVMitkMUxOUm1VNHcwWlpHa0xGTUN4M0dyakRtb2dNUGdTWXBW?= =?utf-8?B?MVBHLzE0dVJtM2pCbTRjdzl2WEpPMDVsMzNOellTL2d1VmpNL2xKTHVNSTIy?= =?utf-8?B?ZlRkQlZyQ0ZjZHhkcytOWHRIS3EyZ0F1WHFQVStvSTROZExpTG5xWGF2d3I5?= =?utf-8?B?RlF3dDhHY092aHRHS3BIU3hQVTZJeVh5UFNDRjBnMjJRcXZSQSt4STUzR2wx?= =?utf-8?B?V2Y3bnhvMlh2bXdVYlpqNkJ4TVl0cmJ3UDkra1FDbWU3S1RKQjdCM3JVS1hC?= =?utf-8?B?WXN0TzIxQ1BXdWR2cVU4azNXRFNscEREY0ZtdndrU1dmSUFBenZOcVlOR292?= =?utf-8?B?VW1QRjM5NTduY2h5K0JEUGkzM3NvaXZNSytmN1Z6UWI5ZWpEMzduMTQvTGRU?= =?utf-8?B?TU4wZkRWWE9JTEI2T2ZkMG5JNXJqV0pJdVk1cXQ1eXNVYkRzN3NaK00rUERO?= =?utf-8?B?elNjQTZubnRHU3FydE9DcVEzeGk3SnZRWjdqeXlyS09hMHN6eUNkSUd3enU4?= =?utf-8?B?VUc2ZFhaRnFYVFlYbnMrZ3ltTUc3ZFBaYUt1Mk40RXdtTDliWFYrd1kvTitS?= =?utf-8?B?TEIxRXZDNGgvRGtXVDJwNnpGc3hhck9yRHovczZ1WUsvQ2pHZ2R0cTB1b0l3?= =?utf-8?B?Y1NaZ0xwOCtTSXNueXpOdWw1azY0RUlhU3EzQTY5SWRoREgra0NJc09EUVhV?= =?utf-8?B?ZTJTUUtvS3JmQlY3eGthWEpTK2FIcFpGbjVLMFhpL3VvMTAycW1uLzdRTCs2?= =?utf-8?B?K3FsYW96S0pnWEZ6b3dqM203VFlSbk8zOE1CNVZydlJCcThtb1hsTEYwSzYw?= =?utf-8?B?NWsxU08xQWYzNlZEaTJYYW1nWUgxTVk5QkZwbzlNcDJOZG03ZzQ3bXIzV2x6?= =?utf-8?B?WkFpVFVvMkhoWGFHTThFdkIxT1dheGFkT21mcC8zWStmclB5dkhMNWlSWkw3?= =?utf-8?B?SjBMakIzaVRnbnBGOEROdzRnRFNQaE1RQXlvNTkwYUVWNzhKMEdrbWlRRTd2?= =?utf-8?B?bVBPYTRhaWlQTnRQQXlNRm9BWFRNVHY1RzVRbTJjRXNZSURJQUhtMGRwcTd3?= =?utf-8?B?a2RiL2dyYlNsSDFGQWF5NzVCaWptTnAzUURZNXgxb0FDRHBmU1hFeERwZ2Nh?= =?utf-8?B?d1FaVUpqNEx6SkhKMHltYmJqSkM1T3BlWVRxR1ZkdzVHRzVuKzExeUpGa3RC?= =?utf-8?B?cDZsSEdqT2lEWXNKdE9xQ1dqS09IR0xqWjA5bE55Y2JGVHBqRHFJRUZ6R1lj?= =?utf-8?B?alVHK0JZTTNWMXNzMmtocWNZeVhBUXZLRTNZdlVyZDc2aEJwbVI0em5xenhD?= =?utf-8?B?TmE3eHloc1E4Rjh2elpIRXhCcWRORnBCNTJZMWt3aW1TN2V6bjFTU25aa1VL?= =?utf-8?B?ZnpFZ1FQL21SODZJeDFJdjJrSjBRRldiMzVpNEJZZDV5U3VQR0FKTDltNjlt?= =?utf-8?B?dEZMd0E4UjVWZWVBRGE2d0pvMmwzeDlzVVNXTW82SFVsYjdUMEMwV1hjYU1y?= =?utf-8?B?UVZUYTZUVjR6T2grZkVsYW9DQktjdjIyL0daRnlkL2FWK3VZb29Zb0dYYVVS?= =?utf-8?B?V1IrV2gyYjBmKzRoSXVOcEozc0VQTUU2U00rdHdYczY4dlFHOUprMDJXek9h?= =?utf-8?B?cTdxV0VzNGJhNUl5Z3ZnbkpLN3RDVS9UQ3crTU9ITC83T0NXSGNtK0UxZ0M3?= =?utf-8?B?MllVUVhaajhPS1lJemxDYWdHNy9NeXE4R1M1eVhxQVR2MUZRRnJCV2c1bm1o?= =?utf-8?B?ZGRoNlVseGpabmx6YWFaUGJNRHdFVm55YlpQdWxTdUx0MzRWMW5YK1o0Mjkr?= =?utf-8?B?ZytzeW1aTVlkK1REbnpWQzBuV0NnPT0=?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6e96e521-aeb5-4809-32eb-08d9e3018e95 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2022 08:30:07.9857 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: YDH/fvIYbJRP4bVN8YahnotYVePtHNODbjjA2kU9sb70zNHZKT8+5Y7atseihqSr++6feW/jltNrBf2quBswBxdejOPQjx+JgA+YJyErpJ4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXP251MB0378 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] [PATCH] tpm2-tss: Version bump. 2.3.1 -> 3.1.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de, christian.melki@t2data.com Cc: "ptxdist@pengutronix.de" Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false On 1/28/22 19:32, Michael Olbrich wrote: > On Fri, Jan 28, 2022 at 06:22:19PM +0100, Christian Melki wrote: >> On 1/28/22 17:16, Michael Olbrich wrote: >>> On Thu, Jan 27, 2022 at 03:35:30PM +0100, Christian Melki wrote: >>>> Approx. 2,5 year worth of fixes. >>>> https://github.com/tpm2-software/tpm2-tss/releases >>>> Fixes CVE-2020-24455 (three times over). >>>> tpm2-tss now depends on JSON_C and LIBCURL. >>>> Remove changed configuration options. >>> >>> Fails to build here: >>> >>> checking for groupadd... no >>> configure: error: Missing required program 'groupadd': ensure it is installed and on PATH. >>> >>> Adding a group should not be done during install anyways and it would fail, >>> so I think this should work: >>> >>> TPM2_TSS_CONF_ENV := \ >>> $(CROSS_ENV) \ >>> GROUPADD=: \ >>> USERADD=: >>> >>> Michael >>> >> >> Didn't see that one coming. How abusive! >> From a makefile none the less. >> I have the required binaries on my development machine so I didn't notice. >> Now, I've tried your suggestion, but I can't see that it helps? >> >> Looks like the entire thing goes about the binaries in a very static >> fashion. >> >> .. >> define make_tss_user_and_group >> (id -g tss 2>/dev/null || groupadd -r tss) && \ >> (id -u tss 2>/dev/null || useradd -r -g tss tss) >> endef > > @$(call make_tss_user_and_group) || echo "WARNING Failed to create the tss user and group" > > so any error here is ignored. We just need to get through the configure > check. > ack. TPM2_TSS_CONF_ENV := \ $(CROSS_ENV) \ ac_cv_prog_result_groupadd=yes \ ac_cv_prog_result_useradd=yes should work for getting through configure? >> ..and.. >> >> define set_tss_permissions >> (chown -R tss:tss "$1") && \ >> (chmod -R 2775 "$1") && \ >> (setfacl -m default:group:tss:rwx "$1") >> endef >> .. > > And 'make install' is called with fakeroot, so this will just be ignored as > well. > > Michael > >> >>>> Signed-off-by: Christian Melki >>>> --- >>>> rules/tpm2-tss.in | 2 ++ >>>> rules/tpm2-tss.make | 7 ++----- >>>> 2 files changed, 4 insertions(+), 5 deletions(-) >>>> >>>> diff --git a/rules/tpm2-tss.in b/rules/tpm2-tss.in >>>> index dbb310072..75d32188c 100644 >>>> --- a/rules/tpm2-tss.in >>>> +++ b/rules/tpm2-tss.in >>>> @@ -4,6 +4,8 @@ config TPM2_TSS >>>> tristate >>>> select HOST_AUTOTOOLS_AUTOCONF_ARCHIVE >>>> select OPENSSL >>>> + select JSON_C >>>> + select LIBCURL >>>> prompt "tpm2-tss" >>>> help >>>> TPM2 Software stack library - TSS and TCTI libraries >>>> diff --git a/rules/tpm2-tss.make b/rules/tpm2-tss.make >>>> index 768c64426..72aff609a 100644 >>>> --- a/rules/tpm2-tss.make >>>> +++ b/rules/tpm2-tss.make >>>> @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_TPM2_TSS) += tpm2-tss >>>> # >>>> # Paths and names >>>> # >>>> -TPM2_TSS_VERSION := 2.3.1 >>>> -TPM2_TSS_MD5 := 5744b10e3cef56df5d65b50f51fb3fe9 >>>> +TPM2_TSS_VERSION := 3.1.0 >>>> +TPM2_TSS_MD5 := 4d04cf52fff4ee061bb3f7b4f4ea03b7 >>>> TPM2_TSS := tpm2-tss-$(TPM2_TSS_VERSION) >>>> TPM2_TSS_SUFFIX := tar.gz >>>> TPM2_TSS_URL := https://github.com/tpm2-software/tpm2-tss/releases/download/$(TPM2_TSS_VERSION)/$(TPM2_TSS).$(TPM2_TSS_SUFFIX) >>>> @@ -36,9 +36,6 @@ TPM2_TSS_CONF_OPT := \ >>>> $(CROSS_AUTOCONF_USR) \ >>>> --enable-debug=info \ >>>> --disable-unit \ >>>> - --enable-esapi \ >>>> - --disable-tcti-device-async \ >>>> - --disable-tcti-partial-reads \ >>>> --enable-tcti-device \ >>>> --enable-tcti-mssim \ >>>> --disable-tcti-fuzzing \ >>>> -- >>>> 2.30.2 >>>> >>>> >>>> _______________________________________________ >>>> ptxdist mailing list >>>> ptxdist@pengutronix.de >>>> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de >>>> >>> >> >> > _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de