rpms/clevis
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Include tpm2_getcap as dracut required binary

Browse Source 
Resolves: #RHEL-68638

Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
This commit is contained in:
Sergio Arroutbi 2024-11-22 17:52:10 +01:00
parent 3387ddc404
commit 3ab2b70015
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
0005-Include-tpm2_getcap-as-dracut-required-binary.patch Normal file
View File

@ -0,0 +1,36 @@
From fc371d25a72806109e9a5c0205d67ba2232a6f17 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 20 Nov 2024 18:45:56 +0100
Subject: [PATCH] Include tpm2_getcap as dracut required binary
---
src/luks/dracut/clevis-pin-tpm2/module-setup.sh.in | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/luks/dracut/clevis-pin-tpm2/module-setup.sh.in b/src/luks/dracut/clevis-pin-tpm2/module-setup.sh.in
index 5ff0640..723df7a 100755
--- a/src/luks/dracut/clevis-pin-tpm2/module-setup.sh.in
+++ b/src/luks/dracut/clevis-pin-tpm2/module-setup.sh.in
@@ -19,7 +19,8 @@
#
check() {
- require_binaries clevis-decrypt-tpm2 tpm2_createprimary tpm2_flushcontext tpm2_load tpm2_unseal || return 1
+ require_binaries clevis-decrypt-tpm2 tpm2_createprimary tpm2_flushcontext \
+ tpm2_load tpm2_unseal tpm2_pcrread tpm2_getcap || return 1
require_any_binary tpm2_pcrread tpm2_pcrlist || return 1
return 0
}
@@ -30,7 +31,8 @@ depends() {
}
install() {
- inst_multiple clevis-decrypt-tpm2 tpm2_createprimary tpm2_flushcontext tpm2_load tpm2_unseal
+ inst_multiple clevis-decrypt-tpm2 tpm2_createprimary tpm2_flushcontext \
+ tpm2_load tpm2_unseal tpm2_getcap
inst_multiple -o tpm2_pcrread tpm2_pcrlist
inst_libdir_file "libtss2-tcti-device.so*"
}
--
2.47.0

7
clevis.spec
View File

@ -1,6 +1,6 @@
Name: clevis Name: clevis
Version: 21 Version: 21
Release: 206%{?dist} Release: 207%{?dist}
Summary: Automated decryption framework Summary: Automated decryption framework
License: GPLv3+ License: GPLv3+
@ -12,6 +12,7 @@ Patch0: 0001-PKCS-11-pin-fix-dracut-for-unconfigured-device.patch
Patch1: 0002-Fix-potential-race-condition.patch Patch1: 0002-Fix-potential-race-condition.patch
Patch2: 0003-Fix-to-start-pcscd-appropriately.patch Patch2: 0003-Fix-to-start-pcscd-appropriately.patch
Patch3: 0004-tpm2-use-first-pcr-algorithm-bank-supported-by.patch Patch3: 0004-tpm2-use-first-pcr-algorithm-bank-supported-by.patch
Patch4: 0005-Include-tpm2_getcap-as-dracut-required-binary.patch
BuildRequires: git-core BuildRequires: git-core
BuildRequires: gcc BuildRequires: gcc
@ -219,6 +220,10 @@ systemctl preset %{name}-luks-askpass.path >/dev/null 2>&1 || :
%changelog %changelog
* Fri Nov 22 2024 Sergio Arroutbi <sarroutb@redhat.com> - 21-207
- Include tpm2_getcap as dracut required binary
Resolves: #RHEL-68638
* Tue Nov 5 2024 Sergio Arroutbi <sarroutb@redhat.com> - 21-206 * Tue Nov 5 2024 Sergio Arroutbi <sarroutb@redhat.com> - 21-206
- TPM2: use first PCR algorithm bank supported by TPM as default - TPM2: use first PCR algorithm bank supported by TPM as default
Resolves: #RHEL-65468 Resolves: #RHEL-65468