yocto@lists.yoctoproject.org | [meta-security][PATCH] tpm2-tss: upgrade 3.2.0 -> 4.0.1

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

[meta-security][PATCH] tpm2-tss: upgrade 3.2.0 -> 4.0.1

Petr Gotthard #59244 Changelog: https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@...> --- .../tpm2-tss/tpm2-tss/fixup_hosttools.patch \| 10 +++++----- .../{tpm2-tss_3.2.0.bb => tpm2-tss_4.0.1.bb} \| 12 ++++-------- 2 files changed, 9 insertions(+), 13 deletions(-) rename meta-tpm/recipes-tpm2/tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_4.0.1.bb} (90%) diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch index 450698f..04a2964 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch @@ -5,16 +5,16 @@ Not appropriate for cross build env. Upstream-Status: OE [inappropriate] Signed-off-by: Armin Kuster <akuster808@...> -Index: tpm2-tss-3.2.0/configure.ac +Index: tpm2-tss-4.0.1/configure.ac =================================================================== ---- tpm2-tss-3.2.0.orig/configure.ac -+++ tpm2-tss-3.2.0/configure.ac -@@ -488,17 +488,6 @@ +--- tpm2-tss-4.0.1.orig/configure.ac ++++ tpm2-tss-4.0.1/configure.ac +@@ -554,17 +554,6 @@ AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes") AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes) AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes") -# Check all tools used by make install --AS_IF([test "$HOSTOS" = "Linux"], +-AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"], - [ AC_CHECK_PROG(useradd, useradd, yes) - AC_CHECK_PROG(groupadd, groupadd, yes) - AC_CHECK_PROG(adduser, adduser, yes) diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb similarity index 90% rename from meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb rename to meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb index 1556273..657a2cd 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb @@ -10,15 +10,16 @@ SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN file://fixup_hosttools.patch \ " -SRC_URI[sha256sum] = "48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912" +SRC_URI[sha256sum] = "532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" inherit autotools pkgconfig systemd useradd -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "vendor" PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " -PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c " +PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c util-linux-libuuid " +PACKAGECONFIG[policy] = "--enable-policy,--disable-policy,json-c util-linux-libuuid " EXTRA_OECONF += "--enable-static --with-udevrulesdir=${nonarch_base_libdir}/udev/rules.d/" EXTRA_OECONF += "--runstatedir=/run" @@ -28,11 +29,6 @@ USERADD_PACKAGES = "${PN}" GROUPADD_PARAM:${PN} = "--system tss" USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - do_install:append() { # Remove /run as it is created on startup rm -rf ${D}/run -- 2.34.1
More All Messages By This Member
Peter Kjellerstedt #59756 toggle quoted message Show quoted text -----Original Message----- From: yocto@... <yocto@...> On Behalf Of Petr Gotthard Sent: den 17 februari 2023 20:02 To: yocto@... Subject: [yocto] [meta-security][PATCH] tpm2-tss: upgrade 3.2.0 -> 4.0.1 Changelog: https://github.com/tpm2-software/tpm2-tss/blob/4.0.1/CHANGELOG.md Signed-off-by: Petr Gotthard <petr.gotthard@...> --- .../tpm2-tss/tpm2-tss/fixup_hosttools.patch \| 10 +++++----- .../{tpm2-tss_3.2.0.bb => tpm2-tss_4.0.1.bb} \| 12 ++++-------- 2 files changed, 9 insertions(+), 13 deletions(-) rename meta-tpm/recipes-tpm2/tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_4.0.1.bb} (90%) diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch index 450698f..04a2964 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch @@ -5,16 +5,16 @@ Not appropriate for cross build env. Upstream-Status: OE [inappropriate] Signed-off-by: Armin Kuster <akuster808@...> -Index: tpm2-tss-3.2.0/configure.ac +Index: tpm2-tss-4.0.1/configure.ac =================================================================== ---- tpm2-tss-3.2.0.orig/configure.ac -+++ tpm2-tss-3.2.0/configure.ac -@@ -488,17 +488,6 @@ +--- tpm2-tss-4.0.1.orig/configure.ac ++++ tpm2-tss-4.0.1/configure.ac +@@ -554,17 +554,6 @@ AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes") AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes) AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes") -# Check all tools used by make install --AS_IF([test "$HOSTOS" = "Linux"], +-AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"], - [ AC_CHECK_PROG(useradd, useradd, yes) - AC_CHECK_PROG(groupadd, groupadd, yes) - AC_CHECK_PROG(adduser, adduser, yes) diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb similarity index 90% rename from meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb rename to meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb index 1556273..657a2cd 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb @@ -10,15 +10,16 @@ SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN file://fixup_hosttools.patch \ " -SRC_URI[sha256sum] = "48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912" +SRC_URI[sha256sum] = "532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" inherit autotools pkgconfig systemd useradd -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "vendor" PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " -PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c " +PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c util-linux-libuuid " +PACKAGECONFIG[policy] = "--enable-policy,--disable-policy,json-c util-linux-libuuid " You introduce a new feature "policy", but then you set the default for PACKAGECONFIG to "vendor", which does not exist. Was this intentional? If so it should have been mentioned in the commit message as it causes a warning unless you override the default PACKAGECONFIG: WARNING: tpm2-tss-4.0.1-r0 do_configure: QA Issue: tpm2-tss: invalid PACKAGECONFIG: vendor [invalid-packageconfig] EXTRA_OECONF += "--enable-static --with-udevrulesdir=${nonarch_base_libdir}/udev/rules.d/" EXTRA_OECONF += "--runstatedir=/run" @@ -28,11 +29,6 @@ USERADD_PACKAGES = "${PN}" GROUPADD_PARAM:${PN} = "--system tss" USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - do_install:append() { # Remove /run as it is created on startup rm -rf ${D}/run -- 2.34.1 //Peter
More All Messages By This Member
Petr Gotthard #59757 Yeah, I am sorry for that. It was intentional, but I discovered there is a bug in the upstream that prevents me from using this feature properly. https://github.com/tpm2-software/tpm2-tss/issues/2571 I thought it will be fixed quickly, but it wasn't. Let me fix this. toggle quoted message Show quoted text -----Original Message----- From: Peter Kjellerstedt <peter.kjellerstedt@...> Sent: Friday, April 21, 2023 8:07 PM To: Petr Gotthard <petr.gotthard@...> Cc: yocto@... Subject: RE: [meta-security][PATCH] tpm2-tss: upgrade 3.2.0 -> 4.0.1 You introduce a new feature "policy", but then you set the default for PACKAGECONFIG to "vendor", which does not exist. Was this intentional? If so it should have been mentioned in the commit message as it causes a warning unless you override the default PACKAGECONFIG: WARNING: tpm2-tss-4.0.1-r0 do_configure: QA Issue: tpm2-tss: invalid PACKAGECONFIG: vendor [invalid-packageconfig] //Peter
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms