From d1d22e6713c601a72ff7329133cd86f30ac3d6ce Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Fri, 16 Oct 2020 10:14:32 -0500 Subject: meta-security: subtree update:d6baccc068..4c2f7ffd49 Adrian (1): gitignore added Armin Kuster (31): kas: build with ptest. remove apparmor softHSM: add pkg packagegroup-core-security: add softHSM libest: add recipe packagegroup-core-security: add libest package opendnssec: add recipe packagegroup-core-security: add opendnssec to pkg grp gitlab-ci: allow test to fail libseccomp: fix ptest failures. packagegroup-core-security-ptest: remove keyutils-ptest security-test-image: simplify packagegroup-core-security-ptest: remove apparmor: fix build issue with ptest enabled. security-test-image: tweak to get more tests to runn apparmor: update to 3.0 packagegroup-core-security: apparmor 3.0 ptest does not build suricata: fix compiling on gcc10 qemux86-test: add apparmor back apparmor: fix build for on musl ecryptfs-utils: fix musl build libest: fix musl build. sssd: update to latest ltm 1.16.5 packagegroup-core-security: remove clamav from musl image suricata: update to 4.1.9 kas: fixup alt configs gitlab-ci: add qemux86 and qemuarm64 musl builds tpm2-tss: update to 2.4.3 tpm2-totp: update to 0.2.1 tpm2-abrmd: update to 2.3.3 tpm2-tools: update to 4.3.0 tpm2-pkcs11: update to 1.4.0 Mingli Yu (1): scap-security-guide: add expat-native to DEPENDS Naveen Saini (3): initramfs-framework/dmverity: add retry loop for slow boot devices wic: add wks.in for intel dm-verity linux-%/5.x: Add dm-verity fragment as needed Signed-off-by: Andrew Geissler Change-Id: If3a721fdd99bb6e35c82cf4e7485f06cebaef905 --- .../recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb | 54 --------------- .../recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb | 54 +++++++++++++++ .../files/0001-remove-local-binary-checkes.patch | 77 +++++++++++++++++++++ .../recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb | 20 ------ .../recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb | 23 +++++++ .../recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb | 13 ---- .../recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb | 13 ++++ .../recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb | 18 ----- .../recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb | 17 +++++ .../recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb | 78 ---------------------- .../recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb | 76 +++++++++++++++++++++ 11 files changed, 260 insertions(+), 183 deletions(-) delete mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch delete mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb delete mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb delete mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb delete mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb create mode 100644 meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb (limited to 'meta-security/meta-tpm/recipes-tpm2') diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb deleted file mode 100644 index 991364ad3a..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb +++ /dev/null @@ -1,54 +0,0 @@ -SUMMARY = "TPM2 Access Broker & Resource Manager" -DESCRIPTION = "This is a system daemon implementing the TPM2 access \ -broker (TAB) & Resource Manager (RM) spec from the TCG. The daemon (tpm2-abrmd) \ -is implemented using Glib and the GObject system. In this documentation and \ -in the code we use `tpm2-abrmd` and `tabrmd` interchangeably. \ -" -SECTION = "security/tpm" - -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" - -DEPENDS = "autoconf-archive dbus glib-2.0 tpm2-tss glib-2.0-native \ - libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim" - -SRC_URI = "\ - git://github.com/tpm2-software/tpm2-abrmd.git \ - file://tpm2-abrmd-init.sh \ - file://tpm2-abrmd.default \ -" - -SRCREV = "ac82192df1158cb58eac02777cf15c965b02cfbc" - -S = "${WORKDIR}/git" - -inherit autotools pkgconfig systemd update-rc.d useradd - -SYSTEMD_PACKAGES += "${PN}" -SYSTEMD_SERVICE_${PN} = "tpm2-abrmd.service" -SYSTEMD_AUTO_ENABLE_${PN} = "disable" - -INITSCRIPT_NAME = "${PN}" -INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ." - -USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "tss" -USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" - -PACKAGECONFIG ?="${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}" -PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --with-systemdsystemunitdir=no" - -do_install_append() { - install -d "${D}${sysconfdir}/init.d" - install -m 0755 "${WORKDIR}/tpm2-abrmd-init.sh" "${D}${sysconfdir}/init.d/tpm2-abrmd" - - install -d "${D}${sysconfdir}/default" - install -m 0644 "${WORKDIR}/tpm2-abrmd.default" "${D}${sysconfdir}/default/tpm2-abrmd" -} - -FILES_${PN} += "${libdir}/systemd/system-preset \ - ${datadir}/dbus-1" - -RDEPENDS_${PN} += "tpm2-tss" - -BBCLASSEXTEND = "native" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb new file mode 100644 index 0000000000..d2a1c47b57 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb @@ -0,0 +1,54 @@ +SUMMARY = "TPM2 Access Broker & Resource Manager" +DESCRIPTION = "This is a system daemon implementing the TPM2 access \ +broker (TAB) & Resource Manager (RM) spec from the TCG. The daemon (tpm2-abrmd) \ +is implemented using Glib and the GObject system. In this documentation and \ +in the code we use `tpm2-abrmd` and `tabrmd` interchangeably. \ +" +SECTION = "security/tpm" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" + +DEPENDS = "autoconf-archive dbus glib-2.0 tpm2-tss glib-2.0-native \ + libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim" + +SRC_URI = "\ + git://github.com/tpm2-software/tpm2-abrmd.git \ + file://tpm2-abrmd-init.sh \ + file://tpm2-abrmd.default \ +" + +SRCREV = "4cdda466010a3699ebe967d990ac715ae3de7d35" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig systemd update-rc.d useradd + +SYSTEMD_PACKAGES += "${PN}" +SYSTEMD_SERVICE_${PN} = "tpm2-abrmd.service" +SYSTEMD_AUTO_ENABLE_${PN} = "disable" + +INITSCRIPT_NAME = "${PN}" +INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ." + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM_${PN} = "tss" +USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" + +PACKAGECONFIG ?="${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}" +PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --with-systemdsystemunitdir=no" + +do_install_append() { + install -d "${D}${sysconfdir}/init.d" + install -m 0755 "${WORKDIR}/tpm2-abrmd-init.sh" "${D}${sysconfdir}/init.d/tpm2-abrmd" + + install -d "${D}${sysconfdir}/default" + install -m 0644 "${WORKDIR}/tpm2-abrmd.default" "${D}${sysconfdir}/default/tpm2-abrmd" +} + +FILES_${PN} += "${libdir}/systemd/system-preset \ + ${datadir}/dbus-1" + +RDEPENDS_${PN} += "tpm2-tss" + +BBCLASSEXTEND = "native" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch new file mode 100644 index 0000000000..9d3f073e0a --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch @@ -0,0 +1,77 @@ +From 9e3ef6f253f9427596baf3e7d748a79854cadfa9 Mon Sep 17 00:00:00 2001 +From: Armin Kuster +Date: Wed, 14 Oct 2020 08:55:33 -0700 +Subject: [PATCH] remove local binary checkes + +Signed-off-by: Armin Kuster + +Upsteam-Status: Inappropriate +These are only needed to run on the tartget so we add an RDPENDS. +Not needed for building. + +--- + configure.ac | 48 ------------------------------------------------ + 1 file changed, 48 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 50e7d4b..2b9abcf 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -219,54 +219,6 @@ AX_PROG_JAVAC() + AX_PROG_JAVA() + m4_popdef([AC_MSG_ERROR]) + +-AC_CHECK_PROG([tpm2_createprimary], [tpm2_createprimary], [yes], [no]) +- AS_IF([test "x$tpm2_createprimary" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_createprimary, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_create], [tpm2_create], [yes], [no]) +- AS_IF([test "x$tpm2_create" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_create, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_evictcontrol], [tpm2_evictcontrol], [yes], [no]) +- AS_IF([test "x$tpm2_evictcontrol" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_evictcontrol, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_readpublic], [tpm2_readpublic], [yes], [no]) +- AS_IF([test "x$tpm2_readpublic" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_readpublic, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_load], [tpm2_load], [yes], [no]) +- AS_IF([test "x$tpm2_load" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_load, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_loadexternal], [tpm2_loadexternal], [yes], [no]) +- AS_IF([test "x$tpm2_loadexternal" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_loadexternal, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_unseal], [tpm2_unseal], [yes], [no]) +- AS_IF([test "x$tpm2_unseal" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_unseal, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_encryptdecrypt], [tpm2_encryptdecrypt], [yes], [no]) +- AS_IF([test "x$tpm2_encryptdecrypt" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_encryptdecrypt, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_sign], [tpm2_sign], [yes], [no]) +- AS_IF([test "x$tpm2_sign" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_sign, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_getcap], [tpm2_getcap], [yes], [no]) +- AS_IF([test "x$tpm2_getcap" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_getcap, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_import], [tpm2_import], [yes], [no]) +- AS_IF([test "x$tpm2_import" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_import, but executable not found.])]) +- +-AC_CHECK_PROG([tpm2_changeauth], [tpm2_changeauth], [yes], [no]) +- AS_IF([test "x$tpm2_changeauth" != "xyes"], +- [AC_MSG_ERROR([tpm2_ptool requires tpm2_changeauth, but executable not found.])]) +- + AC_DEFUN([integration_test_checks], [ + + PKG_CHECK_MODULES([OPENSC_PKCS11],[opensc-pkcs11],, +-- +2.17.1 + diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb deleted file mode 100644 index ce2dac0a55..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "A PKCS#11 interface for TPM2 hardware" -DESCRIPTION = "PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token." -SECTION = "security/tpm" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab" - -DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml" - -SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=1.X \ - file://bootstrap_fixup.patch " - -SRCREV = "8d8f137f65f1d61d66cc191947b59c378f23e97d" - -S = "${WORKDIR}/git" - -inherit autotools-brokensep pkgconfig - -do_configure_prepend () { - ${S}/bootstrap -} diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb new file mode 100644 index 0000000000..4865733411 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb @@ -0,0 +1,23 @@ +SUMMARY = "A PKCS#11 interface for TPM2 hardware" +DESCRIPTION = "PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token." +SECTION = "security/tpm" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab" + +DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml" + +SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=1.X \ + file://bootstrap_fixup.patch \ + file://0001-remove-local-binary-checkes.patch" + +SRCREV = "78bbf6a0237351830d0c3923b25ba0b57ae0b7e9" + +S = "${WORKDIR}/git" + +inherit autotools-brokensep pkgconfig + +do_configure_prepend () { + ${S}/bootstrap +} + +RDEPNDS_${PN} = "tpm2-tools" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb deleted file mode 100644 index ae01d5e1de..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb +++ /dev/null @@ -1,13 +0,0 @@ -SUMMARY = "Tools for TPM2." -DESCRIPTION = "tpm2-tools" -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc" -SECTION = "tpm" - -DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive" - -SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" - -SRC_URI[sha256sum] = "bb5d3310620e75468fe33dbd530bd73dd648c70ec707b4579c74d9f63fc82704" - -inherit autotools pkgconfig bash-completion diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb new file mode 100644 index 0000000000..5bd26ab986 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb @@ -0,0 +1,13 @@ +SUMMARY = "Tools for TPM2." +DESCRIPTION = "tpm2-tools" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=a846608d090aa64494c45fc147cc12e3" +SECTION = "tpm" + +DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive" + +SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" + +SRC_URI[sha256sum] = "ae009b3495b44a16faa3d94d41ac9c9d99c71723482efad53c5eea17eeed80fc" + +inherit autotools pkgconfig bash-completion diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb deleted file mode 100644 index 0dad673067..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb +++ /dev/null @@ -1,18 +0,0 @@ -SUMMARY = "Attest the trustworthiness of a device against a human using time-based one-time passwords" - -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=ed23833e93c95173c8d8913745e4b4e1" - -SECTION = "security/tpm" - -DEPENDS = "autoconf-archive libtss2-dev qrencode" - -PE = "1" - -SRCREV = "994b4203e4769baefa6e7719915629bc8210e90a" -SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x \ - " - -inherit autotools-brokensep pkgconfig - -S = "${WORKDIR}/git" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb new file mode 100644 index 0000000000..264484f7a1 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb @@ -0,0 +1,17 @@ +SUMMARY = "Attest the trustworthiness of a device against a human using time-based one-time passwords" + +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=ed23833e93c95173c8d8913745e4b4e1" + +SECTION = "security/tpm" + +DEPENDS = "autoconf-archive libtss2-dev qrencode" + +PE = "1" + +SRCREV = "bfd581986353edc1058604e77cac804bd8b0d30a" +SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x" + +inherit autotools-brokensep pkgconfig + +S = "${WORKDIR}/git" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb deleted file mode 100644 index 22b961d1c8..0000000000 --- a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb +++ /dev/null @@ -1,78 +0,0 @@ -SUMMARY = "Software stack for TPM2." -DESCRIPTION = "OSS implementation of the TCG TPM2 Software Stack (TSS2) " -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" -SECTION = "tpm" - -DEPENDS = "autoconf-archive-native libgcrypt openssl" - -SRCREV = "a99e733ba66c359502689a9c42fd5e02ed1dd7d6" - -SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" -SRC_URI[sha256sum] = "58d7afcab9ff3daaafb5316e57d2c211118334b470d5a5bc6ceace6f89a1e60d" - -inherit autotools pkgconfig systemd extrausers - -PACKAGECONFIG ??= "" -PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " -PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,json-c " - -EXTRA_OECONF += "--enable-static --with-udevrulesdir=${base_prefix}/lib/udev/rules.d/" -EXTRA_OECONF_remove = " --disable-static" - - -EXTRA_USERS_PARAMS = "\ - useradd -p '' tss; \ - groupadd tss; \ - " - -PROVIDES = "${PACKAGES}" -PACKAGES = " \ - ${PN} \ - ${PN}-dbg \ - ${PN}-doc \ - libtss2-mu \ - libtss2-mu-dev \ - libtss2-mu-staticdev \ - libtss2-tcti-device \ - libtss2-tcti-device-dev \ - libtss2-tcti-device-staticdev \ - libtss2-tcti-mssim \ - libtss2-tcti-mssim-dev \ - libtss2-tcti-mssim-staticdev \ - libtss2 \ - libtss2-dev \ - libtss2-staticdev \ -" - -FILES_libtss2-tcti-device = "${libdir}/libtss2-tcti-device.so.*" -FILES_libtss2-tcti-device-dev = " \ - ${includedir}/tss2/tss2_tcti_device.h \ - ${libdir}/pkgconfig/tss2-tcti-device.pc \ - ${libdir}/libtss2-tcti-device.so" -FILES_libtss2-tcti-device-staticdev = "${libdir}/libtss2-tcti-device.*a" - -FILES_libtss2-tcti-mssim = "${libdir}/libtss2-tcti-mssim.so.*" -FILES_libtss2-tcti-mssim-dev = " \ - ${includedir}/tss2/tss2_tcti_mssim.h \ - ${libdir}/pkgconfig/tss2-tcti-mssim.pc \ - ${libdir}/libtss2-tcti-mssim.so" -FILES_libtss2-tcti-mssim-staticdev = "${libdir}/libtss2-tcti-mssim.*a" - -FILES_libtss2-mu = "${libdir}/libtss2-mu.so.*" -FILES_libtss2-mu-dev = " \ - ${includedir}/tss2/tss2_mu.h \ - ${libdir}/pkgconfig/tss2-mu.pc \ - ${libdir}/libtss2-mu.so" -FILES_libtss2-mu-staticdev = "${libdir}/libtss2-mu.*a" - -FILES_libtss2 = "${libdir}/libtss2*so.*" -FILES_libtss2-dev = " \ - ${includedir} \ - ${libdir}/pkgconfig \ - ${libdir}/libtss2*so" -FILES_libtss2-staticdev = "${libdir}/libtss*a" - -FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev" - -RDEPENDS_libtss2 = "libgcrypt" diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb new file mode 100644 index 0000000000..78be51359e --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb @@ -0,0 +1,76 @@ +SUMMARY = "Software stack for TPM2." +DESCRIPTION = "OSS implementation of the TCG TPM2 Software Stack (TSS2) " +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" +SECTION = "tpm" + +DEPENDS = "autoconf-archive-native libgcrypt openssl" + +SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" +SRC_URI[sha256sum] = "e294677f8993234d0adfa191a5cbf9c5b83cc60c724c233e3d631c26712abea0" + +inherit autotools pkgconfig systemd extrausers + +PACKAGECONFIG ??= "" +PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " +PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,json-c " + +EXTRA_OECONF += "--enable-static --with-udevrulesdir=${base_prefix}/lib/udev/rules.d/" +EXTRA_OECONF_remove = " --disable-static" + + +EXTRA_USERS_PARAMS = "\ + useradd -p '' tss; \ + groupadd tss; \ + " + +PROVIDES = "${PACKAGES}" +PACKAGES = " \ + ${PN} \ + ${PN}-dbg \ + ${PN}-doc \ + libtss2-mu \ + libtss2-mu-dev \ + libtss2-mu-staticdev \ + libtss2-tcti-device \ + libtss2-tcti-device-dev \ + libtss2-tcti-device-staticdev \ + libtss2-tcti-mssim \ + libtss2-tcti-mssim-dev \ + libtss2-tcti-mssim-staticdev \ + libtss2 \ + libtss2-dev \ + libtss2-staticdev \ +" + +FILES_libtss2-tcti-device = "${libdir}/libtss2-tcti-device.so.*" +FILES_libtss2-tcti-device-dev = " \ + ${includedir}/tss2/tss2_tcti_device.h \ + ${libdir}/pkgconfig/tss2-tcti-device.pc \ + ${libdir}/libtss2-tcti-device.so" +FILES_libtss2-tcti-device-staticdev = "${libdir}/libtss2-tcti-device.*a" + +FILES_libtss2-tcti-mssim = "${libdir}/libtss2-tcti-mssim.so.*" +FILES_libtss2-tcti-mssim-dev = " \ + ${includedir}/tss2/tss2_tcti_mssim.h \ + ${libdir}/pkgconfig/tss2-tcti-mssim.pc \ + ${libdir}/libtss2-tcti-mssim.so" +FILES_libtss2-tcti-mssim-staticdev = "${libdir}/libtss2-tcti-mssim.*a" + +FILES_libtss2-mu = "${libdir}/libtss2-mu.so.*" +FILES_libtss2-mu-dev = " \ + ${includedir}/tss2/tss2_mu.h \ + ${libdir}/pkgconfig/tss2-mu.pc \ + ${libdir}/libtss2-mu.so" +FILES_libtss2-mu-staticdev = "${libdir}/libtss2-mu.*a" + +FILES_libtss2 = "${libdir}/libtss2*so.*" +FILES_libtss2-dev = " \ + ${includedir} \ + ${libdir}/pkgconfig \ + ${libdir}/libtss2*so" +FILES_libtss2-staticdev = "${libdir}/libtss*a" + +FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev" + +RDEPENDS_libtss2 = "libgcrypt" -- cgit v1.2.3