diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2023-03-03 21:38:41 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2023-03-17 01:00:33 +0300 |
commit | 9347dd4efc156c93b1d9beaeb32e9b719ad6a3d2 (patch) | |
tree | 00c3e91a451670569716e087a5df52de1e838c21 /meta-security/meta-tpm/recipes-tpm2 | |
parent | a2acbee53923f9aa6d5f914b6d7cc7a80da2cea9 (diff) | |
download | openbmc-9347dd4efc156c93b1d9beaeb32e9b719ad6a3d2.tar.xz |
subtree updates: raspberrypi security arm
meta-raspberrypi: e43af1e3a6..e15b876155:
Florian Frank (1):
linux-firmware-rpidistro: Fix wireless on model 3B and Zero W
Khem Raj (1):
linux-raspberrypi_5.15.bb: Upgrade to 5.15.92
Martin Jansa (1):
gstreamer1.0-plugins-good: rename bbappend, drop version
meta-arm: dc10b73cc5..eb9c47a4e1:
Gowtham Suresh Kumar (6):
arm/edk2-basetools: Add edk2 base tool native recipe
arm-bsp/uefi_capsule: Add UEFI capsule generation class
arm-bsp/corstone1000-image: Generate UEFI capsule for corstone1000 platform
arm/edk2-basetools: Convert edk2 basetools recipes to native only
arm-bsp/uefi_capsule: Use json file to pass capsule config
arm/uefi_capsule: Move UEFI capsule to IMGDEPLOYDIR
Jon Mason (5):
arm/boot-wrapper-aarch64: update to a newer SHA
arm/gn: update to a more recent SHA
arm/opencsd: update to v1.4.0
arm/trusted-firmware-a: update version and relocate fiptool
arm/sbsa-acs: update to v6.1.0
Mohamed Omar Asaker (5):
arm-bsp/trusted-services: corstone1000:Align psa crypto client with TF-Mv1.7
arm-bsp/trusted-services:corstone1000: disable obsolete algorithms for crypto
arm-bsp/trusted-services: corstone1000: Disable SHA512/384
arm-bsp/trusted-firmware-m:corstone1000: Increase number of assets
arm-bsp/trusted-firmware-m:corstone1000: Set SPM backend to IPC
Peter Hoyes (11):
arm,arm-bsp/classes: Move wic_nopt to meta-arm
arm-bsp/classes: Use :append to add to IMAGE_TYPES in wic_nopt
CI: Factor out CACHE_DIR to improve mirror configurability
CI: Collect testimage logs on failure
arm/trusted-firmware-m: Synchronize with 1.7.0 release
arm/classes: Factor out image signing arguments in tfm_image_sign
arm/trusted-firmware-m: Create common inc file for src definitions
arm/trusted-firmware-m: Create inc file for common config
arm/trusted-firmware-m-scripts: Create inc file for common config
arm/classes: Add sstate support to tfm_sign_images
CI: Add BUILD_ENABLE_REGEX option to conditionally enable builds
Ross Burton (8):
arm-bsp/external-system: fix the gen_module race, again
arm-bsp/linux-yocto: add 5.19 kernel recipe for N1SDP
arm/linux-yocto: remove obsolete 5.19 bbappend
arm/trusted-firmware-m: Do not use release branches
arm/boot-wrapper-aarch64: tell upgrade checker to look for new SHAs
CI/machine-summary: add missing recipes
arm-toolchain/gcc-arm: add missing Signed-off-by tag
arm/optee-os: add missing patch header
meta-security: 3529cfb43e..c06b9a18a6:
Maciej Borzęcki (1):
dm-verity-img.bbclass: add squashfs images
Petr Gotthard (4):
tpm2-tss: upgrade 3.2.0 -> 4.0.1
tpm2-tools: upgrade 5.3 -> 5.5
tpm2-pkcs11: upgrade 1.8.0 -> 1.9.0
tpm2-abrmd: upgrade 2.4.1 -> 3.0.0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0e1629b2f70ad1e5f7b97f5ae6d768bde101cc6f
Diffstat (limited to 'meta-security/meta-tpm/recipes-tpm2')
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb (renamed from meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.4.1.bb) | 2 | ||||
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.0.bb (renamed from meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb) | 7 | ||||
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.5.bb (renamed from meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.3.bb) | 7 | ||||
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch | 10 | ||||
-rw-r--r-- | meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb (renamed from meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb) | 12 |
5 files changed, 12 insertions, 26 deletions
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.4.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb index 75e958841d..ea2433c9fb 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.4.1.bb +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb @@ -18,7 +18,7 @@ SRC_URI = "\ file://tpm2-abrmd.default \ " -SRC_URI[sha256sum] = "a7844a257eaf5176f612fe9620018edc0880cca7036465ad2593f83ae0ad6673" +SRC_URI[sha256sum] = "d59aff34164aa705b05155b86607f6b66918a433104f754a3fcf76216dd9f465" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.0.bb index 38847a804c..e0def0f704 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.8.0.bb +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.0.bb @@ -8,7 +8,7 @@ DEPENDS = "autoconf-archive pkgconfig sqlite3 openssl libtss2-dev tpm2-tools lib SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" -SRC_URI[sha256sum] = "79f28899047defd6b4b72b7268dd56abf27774954022315f818c239af33e05bd" +SRC_URI[sha256sum] = "35bf06c30cfa76fc0eba2c5f503cf7dd0d34a66afb2d292fee896b90362f633b" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" @@ -16,11 +16,6 @@ inherit autotools-brokensep pkgconfig python3native EXTRA_OECONF += "--disable-ptool-checks" -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - do_compile:append() { cd ${S}/tools python3 setup.py build diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.3.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.5.bb index 53d5abb07e..ef73238927 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.3.bb +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_5.5.bb @@ -8,16 +8,11 @@ DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive" SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" -SRC_URI[sha256sum] = "e7ce2fd36ef5cdbd7872d823a442e8754a4f0ca7c54b60efcdb75c12a1f98f8f" +SRC_URI[sha256sum] = "1fdb49c730537bfdaed088884881a61e3bfd121e957ec0bdceeec0261236c123" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" inherit autotools pkgconfig bash-completion -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - # need tss-esys RDEPENDS:${PN} = "libtss2 tpm2-abrmd" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch index 450698ff64..04a29644c1 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fixup_hosttools.patch @@ -5,16 +5,16 @@ Not appropriate for cross build env. Upstream-Status: OE [inappropriate] Signed-off-by: Armin Kuster <akuster808@gmail.com> -Index: tpm2-tss-3.2.0/configure.ac +Index: tpm2-tss-4.0.1/configure.ac =================================================================== ---- tpm2-tss-3.2.0.orig/configure.ac -+++ tpm2-tss-3.2.0/configure.ac -@@ -488,17 +488,6 @@ +--- tpm2-tss-4.0.1.orig/configure.ac ++++ tpm2-tss-4.0.1/configure.ac +@@ -554,17 +554,6 @@ AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes") AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes) AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes") -# Check all tools used by make install --AS_IF([test "$HOSTOS" = "Linux"], +-AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"], - [ AC_CHECK_PROG(useradd, useradd, yes) - AC_CHECK_PROG(groupadd, groupadd, yes) - AC_CHECK_PROG(adduser, adduser, yes) diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb index 1556273171..657a2cd94c 100644 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_4.0.1.bb @@ -10,15 +10,16 @@ SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN file://fixup_hosttools.patch \ " -SRC_URI[sha256sum] = "48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912" +SRC_URI[sha256sum] = "532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950" UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases" inherit autotools pkgconfig systemd useradd -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "vendor" PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " -PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c " +PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,curl json-c util-linux-libuuid " +PACKAGECONFIG[policy] = "--enable-policy,--disable-policy,json-c util-linux-libuuid " EXTRA_OECONF += "--enable-static --with-udevrulesdir=${nonarch_base_libdir}/udev/rules.d/" EXTRA_OECONF += "--runstatedir=/run" @@ -28,11 +29,6 @@ USERADD_PACKAGES = "${PN}" GROUPADD_PARAM:${PN} = "--system tss" USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - do_install:append() { # Remove /run as it is created on startup rm -rf ${D}/run |