From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 28 Jan 2022 18:23:22 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nDUy2-00GFdI-MM for lore@lore.pengutronix.de; Fri, 28 Jan 2022 18:23:22 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1nDUy2-0003dQ-1s; Fri, 28 Jan 2022 18:23:22 +0100 Received: from mail-db8eur05on2043.outbound.protection.outlook.com ([40.107.20.43] helo=EUR05-DB8-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nDUxR-0003dC-Vd; Fri, 28 Jan 2022 18:22:46 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CoKH974lPpF+XwXfOQ6R7NXQ6FN+6KoiM1vLzx01aRcJQz3T2ygTs4sOppi2l2XZS48vOOBZN6tC51Ro3zJcSHnF2k2vjQW7LwhAEozlDFTAMxzpU+f1AjC7aQgAY5BICEdX8h5NbfN2bX0j+WwXCLchVK84HmXlyVWX3pqABsYl5uUXJoZ1V8+UABt1W5fSQ5kPXC8euXUeicA2utUCsCb3eyvBB/Y/1Qd2JxMkAIMFF+Ng2XwKaqjCVuWC9Y0ZzkHB70pAUhBuFJ46gjZtgOiNV67DZmkmtvBU/BCqSZbWlbcw6E4mYmirb7DwjhmtepjLUj+CF2S3Nh+CnxuAag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cHmPXCPx4W4Amuw1cjiDhTT3Xm9EOiDdADGJWAK7XvQ=; b=RRYIK67bAQ4nJKMOyZFNASEJ+CvUjka6iz1mjw5/aWxliYIAc4Y5wMjo4NyXKBRJXQkUGG/Ea8yuB9w1TmESB1wxxHwytsxq2xpydjRdBEzygw1bAl8NViWCMdXxNImP2IuNw+4Mr+RV2g5BaDJ0onBDO5JG8UxD7SMZnhD7vaTsAbPuI+Uk+lm4eRjvqsvQQniDEALl5/tcNejF41c0rXhe88Rijpd+ZdCo0KbPGr8UOg01n/E2jutx1dULF7KnxCkGBAbJr2lCVsoMTKx3Pd919+5u/YNOjh5j+9b+ZSb3fzPm2fVW52gEw28QEVpBDEvigjPxvoXEsCSPFrihiw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cHmPXCPx4W4Amuw1cjiDhTT3Xm9EOiDdADGJWAK7XvQ=; b=kYwQg/Jdycl0zlGQ8Xq6/pwxP58xAxB6UdH+Na+W5M4wGTiEKetcyRmyO3mQMScd/Jsp5QLqfIY5RJZkId1JQadZbLw5fcizjnc8DMT1NAhblycCiMueicWT+WOzAJJp81m5s6mIXFKFc49tX0Kd8Z1vY6F7v14BjV/x4RP5mdI= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by AM9P251MB0400.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:3de::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4909.17; Fri, 28 Jan 2022 17:22:44 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::10ab:30da:9dfb:56fe%4]) with mapi id 15.20.4930.015; Fri, 28 Jan 2022 17:22:44 +0000 Message-ID: Date: Fri, 28 Jan 2022 18:22:19 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Content-Language: en-US To: Michael Olbrich References: <20220127143532.2212796-1-christian.melki@t2data.com> <20220127143532.2212796-11-christian.melki@t2data.com> From: Christian Melki In-Reply-To: X-ClientProxiedBy: GV3P280CA0106.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:8::21) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d5868621-c752-4638-f36c-08d9e282cb9b X-MS-TrafficTypeDiagnostic: AM9P251MB0400:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nFE6XRxCUGb8cSbuazDc6Un9vSb5sc6orw77I9ueNxWJ2p95hZFBSzhCMGugETf+1NFfB2wEbtF3Tvbl9cVs/OA3oLeZ6yB5rBryx/IDLLjI3Vc57RF4kERQ12KlrG37mVLSpOG1hZZ/BQJT2/MhHBPQlE/HiLCmoa0eXP32NbY3dErPcJLmkIAJBooZgbHkDy1ui+Ql8mREbey9Cg08/UHHe/pBc5MJ7wn/YgpoLJy0h2I71FtlroXoDGPJa5z+hj4LgRGzOGkkI6T2zXUP6HgOTn/bpQBEfPQmUXUB9V9Q4DpPvaHLNgbOC6FTWDT/ozMaLHEiOxOOXp7wh1v/QSOmEUtsHv+4JQDQuD3n16k6BH/Rno3DnPj99aAzvFCYFExcmlTkec6JjfbxRnUgRJ0lXB9De3DmGH5v6OHtRef4ho2CsZBaDvU6sJI/Nb7/Xx/vq1jhOf7Lfo0U9LwZ98yPimk+FGtY92dRSNhzUiyM/qr02Ks0f5kmgn9trIRYvLiFrtwPZ07zA2K+gOzIMOUPZ3nOg00GUfGQHGZw1ehXWXYV3l2kDk9W0p6AUglsdoWKgkDmPPxMz/gJqk2kP7UHgO2k3tCwkQL9VAvr/f2panObxhUJIDbZlcLGEQo4kp+hsrJU0zMIHHqcnOLuynScT01pOtBTrlQHqkYTy1EfPJZG7EWKZ6aEsY7mpjiytNlUe663eS+5T+Ub9h9tAxFhWGaziLzjvD9UFAwzBwIjqfRRNOHhZahKe7csueDfalgOltrUdrdlx8lcir+9cJLlELsfXX71es+y6Mq5eUcFkDNNZIGjHHriKa67IgJNM22fkUsO60GcwTmYd1SRBg== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(346002)(376002)(136003)(39830400003)(396003)(53546011)(52116002)(6506007)(4326008)(36756003)(38350700002)(966005)(316002)(6512007)(450100002)(38100700002)(66946007)(2616005)(6486002)(186003)(8936002)(44832011)(83380400001)(31696002)(3450700001)(508600001)(26005)(66556008)(5660300002)(66476007)(86362001)(31686004)(8676002)(6916009)(6666004)(2906002)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?dnhET1FqRWpTRndTYkVaVHBOZTI1b1l1ak5kYWg0d1BCRnd0cVY3dG8zTG9S?= =?utf-8?B?UjZKdzJpa1huSStQVGgzeC9HUFBjYlJVYlZ0czRkWUVUR2VHMGJJeVNZbnp1?= =?utf-8?B?YXBHalZzMGVuZVdxeUp0a3k2YlJ2YUdmSTRpajdiSXVLT3Jzc3pqYUdrWDl6?= =?utf-8?B?QVZ3N3dBbUFlNE1TWm52VXlMZlNpZFNDNUJna0Nuc2NhaFFpVHA1Z3RkRk5H?= =?utf-8?B?bGtJRTdIU09HaTg2bWpaZ0I0YTZmVDVHWVFxZFJ3ZTAwYk1SQngrVDZDQUcy?= =?utf-8?B?K2lkTzZ3c2EvU0cxTmVFUWlLeS9BY2FnZEV5QWszb1VQQ3hzL3grMkpQVUdG?= =?utf-8?B?QkZacjFFN0x1dmxnUE9DbjgxLzFNRHl2THNiYjJEL1RLaXNzN3htS1UrQ1Jl?= =?utf-8?B?MFlaWTRDZG1QSTVQYWptZ0NiTEhWdllqTUM5SGdyS08rUWUxT3FuSVpldEJY?= =?utf-8?B?SGtuVkdRKzZRWVpWaG1tTTRqM2dJY2UrY2ZzMHRpUE5IK2c4MWN3eUlXdmtQ?= =?utf-8?B?V0w1ZFh3Z1NETGVrVEdDek82ZEYyTTFicFA1N1NyV1g5L25admIzTVMyVDVi?= =?utf-8?B?RXpHc3FuRVRLb0s5WjdiaTdoT2lHN2pMdVIxS2cxWEtVTTNod2NVUU5rZHNT?= =?utf-8?B?U3F6NmxhWlhBYlFGKzZLUVBUaG1GUUQ5M3ZlQ1BsblpNdFI5SHRpQUJCM250?= =?utf-8?B?VjZIbGdRK1JSSzN3QUJoTlJ5UlFTVS84OGlzNWJrWkRrbW1oMlBWcmFUbDdk?= =?utf-8?B?RTV6bU83d0xUMzcxWGpBMnlYc2JMcExOU3RpWlJwNGlHckVoN2pmTHhLY2kv?= =?utf-8?B?VHJmY3FmaUtuVmd1NHBWYzZNd29Ua0ZJKzZrR2FETzc2TFhMeGdRaTA2YUdl?= =?utf-8?B?VjhHWEFodGxSS0pnSi90c1ZDM1BtTnRhVFhsQVhqeks4WUV0c0RaNlgxdkl0?= =?utf-8?B?UDVNb3lmL0x3eFF0WXk3WURTYi9GTC9iaXBUM1FLQjN0c2g2UGNSUDhUZlY0?= =?utf-8?B?aWtObHJuZTRDWkk3cDJxaCtJVGM0TnNLak5ycGxYdjJ4SjNEQnhRN1hlYld1?= =?utf-8?B?ZHNDejVpM2ttOHFWdVVpSmNQZjJFN0Jjdm5CMzZuc1FzVkRVRkl0MVY3blg1?= =?utf-8?B?Mng1Q3BWejliUFBIQ29ETWZWSzZBNDEyejM0OHdITjVVakpLbU1rQ2Q4Z0Z0?= =?utf-8?B?YWlKRTZkd0ZyN29ibjNuNmd5T2haSm4rTHBLZkJRS3g5ckN6aUY2SlByQmFR?= =?utf-8?B?bFpTNkUyQ2FDU2dudVRERXI4ajRzMm1hSy9EZTFUWmFZTmdKaDhVcjVqQW45?= =?utf-8?B?Q1pPQlFQNHlDekFhSDRFYVRNTGRIMUFsM1VPdWZkOXNOK3NxR1gvL05VZHMw?= =?utf-8?B?WnlnWmFhN3FPZGRDdGpKVW5aOVZmY2ZDOWdHcUNKcU43a1VKM3ZrRFp1TnZs?= =?utf-8?B?NVF0dW0yRkRqVVhuMDBjTW9YQmpsYXlVckNTbDM3bzBBRkJkS3B6Tm8rbVVU?= =?utf-8?B?WFY3ZTFDSjBGZWxXOTlFbU1odG13ZWFiVmJRT1NSZkt4TEZQUEpLSzVqZ3l1?= =?utf-8?B?WTdraDQ3UXF0UktpU0pzQkl3SjJZWm5PMElVRW9Jd1JzN3JTck1abTFmeGQv?= =?utf-8?B?MVNILzdHSkxUYitXT3YzTnZadlNoUGFSQ2JXeFlKeVFVNHB2V3FzcDcwcHJy?= =?utf-8?B?Y2RXOElmMDRXNkMyNVdJRE13TGdlcTdtcTM2dm9VYTB0MEFPNEx0TnJTT1J2?= =?utf-8?B?Snlya0RoWXVHaEJ6NG9IWlB4NDZiOENPcmZLQVEwTG1naVc0bWRENGIybW9G?= =?utf-8?B?Q281dlZ0eERSMmE4Y3NxcHhZd0hLZHROQStCbXJ6SlNOSGJBa0xnZVZsQU81?= =?utf-8?B?b2RQc0dXckdmd0RrRUtzUEdhVGYxVjhtbmt6MjJkY3Y1emErVllDSUdUalpW?= =?utf-8?B?TFQyREo1eVVmVGNhMVlVVXZ2VXlHdjBBTTQ2S21DRStMTnBMNzdraGdCdXZ0?= =?utf-8?B?TkwrRDQrZk1oUGVLQXdxS2lzSEtWSVFlZXhiK2JrRlo1RW1KVXhLQ2pUd1Ju?= =?utf-8?B?ZE5vVE9pdjJGSjhBVDZkUXJDQytPSXdMMHJMVVNyWlNWQzVWa3ppSllwbjNy?= =?utf-8?B?YWtPc1g0dlNCU3NmV2c5R1NnbVlIaHR3bzFZVFJoQlh2VCsvTk1jWlBQY0U2?= =?utf-8?B?RzdoNTZSdHNzZ2JvRWRrckY0VTJwdHkyZC8xeWJFNGpZcU5TbUNWN1o4V2py?= =?utf-8?B?N0I1MlEyZ3Y0aUtFL3M4SVIwcVBBPT0=?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: d5868621-c752-4638-f36c-08d9e282cb9b X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jan 2022 17:22:44.0350 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Kepg05I32h9mpKHjb/PRXLHc9UEgwn5Nxc6s2fZhNyxlAnIIrCDFtkd9d5Ln3vN2g4rEwhKnY+kQfptbRF2SDHH1I2XnrSk8ZXsFYXP/Mvw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9P251MB0400 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] [PATCH] tpm2-tss: Version bump. 2.3.1 -> 3.1.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de, christian.melki@t2data.com Cc: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false On 1/28/22 17:16, Michael Olbrich wrote: > On Thu, Jan 27, 2022 at 03:35:30PM +0100, Christian Melki wrote: >> Approx. 2,5 year worth of fixes. >> https://github.com/tpm2-software/tpm2-tss/releases >> Fixes CVE-2020-24455 (three times over). >> tpm2-tss now depends on JSON_C and LIBCURL. >> Remove changed configuration options. > > Fails to build here: > > checking for groupadd... no > configure: error: Missing required program 'groupadd': ensure it is installed and on PATH. > > Adding a group should not be done during install anyways and it would fail, > so I think this should work: > > TPM2_TSS_CONF_ENV := \ > $(CROSS_ENV) \ > GROUPADD=: \ > USERADD=: > > Michael > Didn't see that one coming. How abusive! >>From a makefile none the less. I have the required binaries on my development machine so I didn't notice. Now, I've tried your suggestion, but I can't see that it helps? Looks like the entire thing goes about the binaries in a very static fashion. .. define make_tss_user_and_group (id -g tss 2>/dev/null || groupadd -r tss) && \ (id -u tss 2>/dev/null || useradd -r -g tss tss) endef ..and.. define set_tss_permissions (chown -R tss:tss "$1") && \ (chmod -R 2775 "$1") && \ (setfacl -m default:group:tss:rwx "$1") endef .. >> Signed-off-by: Christian Melki >> --- >> rules/tpm2-tss.in | 2 ++ >> rules/tpm2-tss.make | 7 ++----- >> 2 files changed, 4 insertions(+), 5 deletions(-) >> >> diff --git a/rules/tpm2-tss.in b/rules/tpm2-tss.in >> index dbb310072..75d32188c 100644 >> --- a/rules/tpm2-tss.in >> +++ b/rules/tpm2-tss.in >> @@ -4,6 +4,8 @@ config TPM2_TSS >> tristate >> select HOST_AUTOTOOLS_AUTOCONF_ARCHIVE >> select OPENSSL >> + select JSON_C >> + select LIBCURL >> prompt "tpm2-tss" >> help >> TPM2 Software stack library - TSS and TCTI libraries >> diff --git a/rules/tpm2-tss.make b/rules/tpm2-tss.make >> index 768c64426..72aff609a 100644 >> --- a/rules/tpm2-tss.make >> +++ b/rules/tpm2-tss.make >> @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_TPM2_TSS) += tpm2-tss >> # >> # Paths and names >> # >> -TPM2_TSS_VERSION := 2.3.1 >> -TPM2_TSS_MD5 := 5744b10e3cef56df5d65b50f51fb3fe9 >> +TPM2_TSS_VERSION := 3.1.0 >> +TPM2_TSS_MD5 := 4d04cf52fff4ee061bb3f7b4f4ea03b7 >> TPM2_TSS := tpm2-tss-$(TPM2_TSS_VERSION) >> TPM2_TSS_SUFFIX := tar.gz >> TPM2_TSS_URL := https://github.com/tpm2-software/tpm2-tss/releases/download/$(TPM2_TSS_VERSION)/$(TPM2_TSS).$(TPM2_TSS_SUFFIX) >> @@ -36,9 +36,6 @@ TPM2_TSS_CONF_OPT := \ >> $(CROSS_AUTOCONF_USR) \ >> --enable-debug=info \ >> --disable-unit \ >> - --enable-esapi \ >> - --disable-tcti-device-async \ >> - --disable-tcti-partial-reads \ >> --enable-tcti-device \ >> --enable-tcti-mssim \ >> --disable-tcti-fuzzing \ >> -- >> 2.30.2 >> >> >> _______________________________________________ >> ptxdist mailing list >> ptxdist@pengutronix.de >> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de >> > _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de