From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: From: Bastian Krause References: <20191127153429.28592-1-bst@pengutronix.de> <20191128113632.5jnnfw2xteurtpot@pengutronix.de> <1763af15-edba-8f04-2af9-36f75d3c5dcf@pengutronix.de> Message-ID: <581b3878-bdc9-6aa4-c2d1-feff0bf674df@pengutronix.de> Date: Thu, 28 Nov 2019 15:00:16 +0100 MIME-Version: 1.0 In-Reply-To: <1763af15-edba-8f04-2af9-36f75d3c5dcf@pengutronix.de> Content-Language: en-US Subject: Re: [ptxdist] [PATCH 1/2] tpm2-tss: version bump 2.2.2 -> 2.3.1 List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: Roland Hieber Cc: ptxdist@pengutronix.de On 11/28/19 2:33 PM, Bastian Krause wrote: > On 11/28/19 12:36 PM, Roland Hieber wrote: >> On Wed, Nov 27, 2019 at 04:34:28PM +0100, Bastian Krause wrote: >>> Signed-off-by: Bastian Krause >>> --- >>> rules/tpm2-tss.make | 18 +++++++++++++++--- >>> 1 file changed, 15 insertions(+), 3 deletions(-) >>> >>> diff --git a/rules/tpm2-tss.make b/rules/tpm2-tss.make >>> index 4bdaef17e..fe84e606f 100644 >>> --- a/rules/tpm2-tss.make >>> +++ b/rules/tpm2-tss.make >>> @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_TPM2_TSS) += tpm2-tss >>> # >>> # Paths and names >>> # >>> -TPM2_TSS_VERSION := 2.2.2 >>> -TPM2_TSS_MD5 := db341b66daab34cbb4d6a4e5a8745001 >>> +TPM2_TSS_VERSION := 2.3.1 >>> +TPM2_TSS_MD5 := 5744b10e3cef56df5d65b50f51fb3fe9 >>> TPM2_TSS := tpm2-tss-$(TPM2_TSS_VERSION) >>> TPM2_TSS_SUFFIX := tar.gz >>> TPM2_TSS_URL := https://github.com/tpm2-software/tpm2-tss/releases/download/$(TPM2_TSS_VERSION)/$(TPM2_TSS).$(TPM2_TSS_SUFFIX) >>> @@ -34,15 +34,23 @@ TPM2_TSS_LICENSE_FILES := file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da >>> TPM2_TSS_CONF_TOOL := autoconf >>> TPM2_TSS_CONF_OPT := \ >>> $(CROSS_AUTOCONF_USR) \ >>> + --enable-debug=info \ >>> --disable-unit \ >>> --enable-esapi \ >>> --disable-tcti-device-async \ >>> --disable-tcti-partial-reads \ >>> --enable-tcti-device \ >>> --enable-tcti-mssim \ >>> + --disable-tcti-fuzzing \ >>> + --disable-nodl \ >>> --disable-integration \ >>> - --disable-debug \ >>> + --disable-valgrind \ >>> + --disable-valgrind-memcheck \ >>> + --disable-valgrind-helgrind \ >>> + --disable-valgrind-drd \ >>> + --disable-valgrind-sgcheck \ >>> --disable-defaultflags \ >>> + --disable-weakcrypto \ >>> --disable-doxygen-doc \ >>> --disable-doxygen-dot \ >>> --disable-doxygen-man \ >>> @@ -56,6 +64,7 @@ TPM2_TSS_CONF_OPT := \ >>> --disable-code-coverage \ >>> --with-crypto=ossl \ >>> --with-udevrulesdir=/usr/lib/udev/rules.d \ >>> + --with-fuzzing=none \ >>> --without-gcov >>> >>> # ---------------------------------------------------------------------------- >>> @@ -76,6 +85,9 @@ $(STATEDIR)/tpm2-tss.targetinstall: >>> @$(call install_lib, tpm2-tss, 0, 0, 0644, libtss2-sys) >>> @$(call install_lib, tpm2-tss, 0, 0, 0644, libtss2-tcti-device) >>> @$(call install_lib, tpm2-tss, 0, 0, 0644, libtss2-tcti-mssim) >>> + @$(call install_lib, tpm2-tss, 0, 0, 0644, libtss2-tctildr) >>> + @$(call install_link, tpm2-tss, ./libtss2-tcti-device.so.0.0.0, /usr/lib/libtss2-tcti-default.so) >> >> Oh? Is libtss2-tcti-default.so used anywhere? Or was it just renamed >> between the versions? > > In v2.3.1: > > https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-tcti/tctildr-dl.c#L34 > > In v2.2.x: > > https://github.com/tpm2-software/tpm2-tss/blob/2.2.x/src/tss2-esys/esys_tcti_default.c#L37 > > I am not sure which variant of TCTI[1] loading is desired. See this: > > https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-esys/esys_context.c#L25 > > Maybe someone has an opinion on this? We've discussed this internally. Summary: The TCTI loading order specified in [1] means actually: - Library libtss2-tcti-default.so (link to the preferred TCTI) - Library libtss2-tcti-tabrmd.so (tabrmd) -> package "tpm2-abrmd" - Device /dev/tpmrm0 (kernel resident resource manager) -> via libtss2-tcti-device - Device /dev/tpm0 (hardware TPM) -> via libtss2-tcti-device - TCP socket localhost:2321 (TPM simulator) -> via libtss2-tcti-mssim So installing the libtss2-tcti-default->libtss2-tcti-device symlink is counterproductive as it ignores tpm2-abrmd even if it is installed. Without the symlink the order is: - libtss2-tcti-tabrmd - libtss2-tcti-device (tpmrm0) - libtss2-tcti-device (tpm0) - libtss2-tcti-mssim I'll send a v2 without the symlink. Regards, Bastian [1] https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-esys/esys_context.c#L25 > [1] > https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md > >>> + @$(call install_lib, tpm2-tss, 0, 0, 0644, libtss2-rc) >>> >>> @$(call install_alternative, tpm2-tss, 0, 0, 0644, \ >>> /usr/lib/udev/rules.d/70-tpm-udev.rules) >>> -- >>> 2.24.0 >>> >>> >>> _______________________________________________ >>> ptxdist mailing list >>> ptxdist@pengutronix.de >>> >> > > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de