Compare commits
No commits in common. "da9fb7cf747196cd5587b36f2e66fb7031c83bd1" and "66e8475791073bdfd97699f85fbd1f815f9c8e34" have entirely different histories.
da9fb7cf74
...
66e8475791
@ -1,2 +0,0 @@
|
|||||||
ee581bce3e76310f5c5488898771f7f403f72693 libkcapi-1.3.1.tar.xz
|
|
||||||
b667ef4177e1ce64a6f1278ba73fb834d06c3cb1 libkcapi-1.3.1.tar.xz.asc
|
|
163
000-Kern-5.8-fix-MSG_MORE-usage.patch
Normal file
163
000-Kern-5.8-fix-MSG_MORE-usage.patch
Normal file
@ -0,0 +1,163 @@
|
|||||||
|
From b612c52c5ccf021d01e6c786db1a31a697f21d97 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stephan Mueller <smueller@chronox.de>
|
||||||
|
Date: Thu, 13 Aug 2020 21:58:07 +0200
|
||||||
|
Subject: [PATCH] Kern 5.8: fix MSG_MORE usage
|
||||||
|
|
||||||
|
With kernel 5.8, a precise use of MSG_MORE is mandatory to support
|
||||||
|
a stream cipher approach (init -> update -> update -> ... -> final).
|
||||||
|
All but the last update operations must use MSG_MORE, the last update
|
||||||
|
operation must not use MSG_MORE.
|
||||||
|
|
||||||
|
Reported-by: Ondrej Mosnacek <omosnace@redhat.com>
|
||||||
|
Signed-off-by: Stephan Mueller <smueller@chronox.de>
|
||||||
|
---
|
||||||
|
lib/kcapi-aead.c | 24 ++++++++++++++----------
|
||||||
|
lib/kcapi-kernel-if.c | 6 ++----
|
||||||
|
test/kcapi-main.c | 31 +++++++++++++++++--------------
|
||||||
|
3 files changed, 33 insertions(+), 28 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/kcapi-aead.c b/lib/kcapi-aead.c
|
||||||
|
index d241618..45a0bd7 100644
|
||||||
|
--- a/lib/kcapi-aead.c
|
||||||
|
+++ b/lib/kcapi-aead.c
|
||||||
|
@@ -210,13 +210,15 @@ _kcapi_aead_encrypt_aio_fallback(struct kcapi_handle *handle,
|
||||||
|
uint32_t iovlen, const uint8_t *iv)
|
||||||
|
{
|
||||||
|
uint32_t i;
|
||||||
|
- int32_t ret = kcapi_aead_stream_init_enc(handle, iv, NULL, 0);
|
||||||
|
-
|
||||||
|
- if (ret < 0)
|
||||||
|
- return ret;
|
||||||
|
+ int32_t ret = 0;
|
||||||
|
|
||||||
|
for (i = 0; i < iovlen; i++) {
|
||||||
|
- int rc = kcapi_aead_stream_update_last(handle, iniov, 1);
|
||||||
|
+ int rc = kcapi_aead_stream_init_enc(handle, iv, NULL, 0);
|
||||||
|
+
|
||||||
|
+ if (rc < 0)
|
||||||
|
+ return rc;
|
||||||
|
+
|
||||||
|
+ rc = kcapi_aead_stream_update_last(handle, iniov, 1);
|
||||||
|
if (rc < 0)
|
||||||
|
return rc;
|
||||||
|
|
||||||
|
@@ -271,13 +273,15 @@ _kcapi_aead_decrypt_aio_fallback(struct kcapi_handle *handle,
|
||||||
|
uint32_t iovlen, const uint8_t *iv)
|
||||||
|
{
|
||||||
|
uint32_t i;
|
||||||
|
- int32_t ret = kcapi_aead_stream_init_dec(handle, iv, NULL, 0);
|
||||||
|
-
|
||||||
|
- if (ret < 0)
|
||||||
|
- return ret;
|
||||||
|
+ int32_t ret = 0;
|
||||||
|
|
||||||
|
for (i = 0; i < iovlen; i++) {
|
||||||
|
- int rc = kcapi_aead_stream_update_last(handle, iniov, 1);
|
||||||
|
+ int rc = kcapi_aead_stream_init_dec(handle, iv, NULL, 0);
|
||||||
|
+
|
||||||
|
+ if (rc < 0)
|
||||||
|
+ return rc;
|
||||||
|
+
|
||||||
|
+ rc = kcapi_aead_stream_update_last(handle, iniov, 1);
|
||||||
|
if (rc < 0)
|
||||||
|
return rc;
|
||||||
|
|
||||||
|
diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
|
||||||
|
index bea994f..42cf1ad 100644
|
||||||
|
--- a/lib/kcapi-kernel-if.c
|
||||||
|
+++ b/lib/kcapi-kernel-if.c
|
||||||
|
@@ -439,8 +439,7 @@ int _kcapi_aio_send_iov(struct kcapi_handle *handle, struct iovec *iov,
|
||||||
|
if (0 > ret)
|
||||||
|
return ret;
|
||||||
|
} else {
|
||||||
|
- ret = _kcapi_common_send_meta(handle, NULL, 0, enc,
|
||||||
|
- len ? MSG_MORE : 0);
|
||||||
|
+ ret = _kcapi_common_send_meta(handle, NULL, 0, enc, MSG_MORE);
|
||||||
|
if (0 > ret)
|
||||||
|
return ret;
|
||||||
|
ret = _kcapi_common_vmsplice_iov(handle, iov, iovlen, 0);
|
||||||
|
@@ -1246,8 +1245,7 @@ int32_t _kcapi_cipher_crypt(struct kcapi_handle *handle, const uint8_t *in,
|
||||||
|
if (0 > ret)
|
||||||
|
return ret;
|
||||||
|
} else {
|
||||||
|
- ret = _kcapi_common_send_meta(handle, NULL, 0, enc,
|
||||||
|
- inlen ? MSG_MORE : 0);
|
||||||
|
+ ret = _kcapi_common_send_meta(handle, NULL, 0, enc, MSG_MORE);
|
||||||
|
if (0 > ret)
|
||||||
|
return ret;
|
||||||
|
ret = _kcapi_common_vmsplice_chunk(handle, in, inlen, 0);
|
||||||
|
diff --git a/test/kcapi-main.c b/test/kcapi-main.c
|
||||||
|
index 51f6ec7..64e466c 100644
|
||||||
|
--- a/test/kcapi-main.c
|
||||||
|
+++ b/test/kcapi-main.c
|
||||||
|
@@ -846,7 +846,7 @@ static int cavs_sym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
- for(i = 0; i < loops; i++) {
|
||||||
|
+ for (i = 0; i < loops; i++) {
|
||||||
|
_get_time(&begin);
|
||||||
|
if (cavs_test->enc) {
|
||||||
|
ret = kcapi_cipher_encrypt(handle,
|
||||||
|
@@ -886,7 +886,7 @@ static int cavs_sym(struct kcapi_cavs *cavs_test, uint32_t loops,
|
||||||
|
}
|
||||||
|
|
||||||
|
static void mt_sym_writer(struct kcapi_handle *handle, struct iovec *iov,
|
||||||
|
- int forking)
|
||||||
|
+ int forking, int last)
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
@@ -899,7 +899,10 @@ static void mt_sym_writer(struct kcapi_handle *handle, struct iovec *iov,
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
- ret = kcapi_cipher_stream_update_last(handle, iov, 1);
|
||||||
|
+ if (last)
|
||||||
|
+ ret = kcapi_cipher_stream_update_last(handle, iov, 1);
|
||||||
|
+ else
|
||||||
|
+ ret = kcapi_cipher_stream_update(handle, iov, 1);
|
||||||
|
if (0 > ret)
|
||||||
|
printf("Sending of data failed\n");
|
||||||
|
|
||||||
|
@@ -1004,7 +1007,7 @@ static int cavs_sym_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
||||||
|
iov.iov_len = cavs_test->ctlen;
|
||||||
|
}
|
||||||
|
|
||||||
|
- mt_sym_writer(handle_ptr, &iov, forking);
|
||||||
|
+ mt_sym_writer(handle_ptr, &iov, forking, i == (loops * 2 - 1));
|
||||||
|
|
||||||
|
outiov.iov_base = outbuf_ptr;
|
||||||
|
outiov.iov_len = outbuflen;
|
||||||
|
@@ -1636,21 +1639,21 @@ static int cavs_aead_stream(struct kcapi_cavs *cavs_test, uint32_t loops,
|
||||||
|
if (ret)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
- if (cavs_test->enc)
|
||||||
|
- ret = kcapi_aead_stream_init_enc(handle, newiv, NULL, 0);
|
||||||
|
-
|
||||||
|
- else
|
||||||
|
- ret = kcapi_aead_stream_init_dec(handle, newiv, NULL, 0);
|
||||||
|
- if (0 > ret) {
|
||||||
|
- printf("Initialization of cipher buffer failed\n");
|
||||||
|
- goto out;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
for (i = 0; i < loops; i++) {
|
||||||
|
int errsv = 0;
|
||||||
|
|
||||||
|
memset(outbuf, 0, outbuflen);
|
||||||
|
|
||||||
|
+ if (cavs_test->enc)
|
||||||
|
+ ret = kcapi_aead_stream_init_enc(handle, newiv, NULL, 0);
|
||||||
|
+ else
|
||||||
|
+ ret = kcapi_aead_stream_init_dec(handle, newiv, NULL, 0);
|
||||||
|
+ if (0 > ret) {
|
||||||
|
+ printf("Initialization of cipher buffer failed\n");
|
||||||
|
+ goto out;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+
|
||||||
|
iov.iov_base = cavs_test->assoc;
|
||||||
|
iov.iov_len = cavs_test->assoclen;
|
||||||
|
if (cavs_test->enc) {
|
@ -1,49 +0,0 @@
|
|||||||
From 2abf7fecb5162e4b59ba134c813ebee839eb45e9 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Simo Sorce <simo@redhat.com>
|
|
||||||
Date: Wed, 14 Jul 2021 10:52:01 -0400
|
|
||||||
Subject: [PATCH] Use GCCs __symver__ attribute
|
|
||||||
|
|
||||||
This is needed to allow LTO builds, as the __asm__ directives do not give
|
|
||||||
enough context to the compiler and the build fails when the -flto flag is
|
|
||||||
passed in.
|
|
||||||
|
|
||||||
Unfotunately __symver__ is avilbel only startig from GCC 10, so we need
|
|
||||||
more macro juggling.
|
|
||||||
|
|
||||||
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
||||||
---
|
|
||||||
lib/internal.h | 11 +++++++++++
|
|
||||||
1 file changed, 11 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/lib/internal.h b/lib/internal.h
|
|
||||||
index 29fdb7b..64dad24 100644
|
|
||||||
--- a/lib/internal.h
|
|
||||||
+++ b/lib/internal.h
|
|
||||||
@@ -350,6 +350,16 @@ static inline int io_getevents(__attribute__((unused)) aio_context_t ctx,
|
|
||||||
#if __GNUC__ >= 4
|
|
||||||
# define DSO_PUBLIC __attribute__ ((visibility ("default")))
|
|
||||||
|
|
||||||
+#if __GNUC__ >= 10
|
|
||||||
+# define IMPL_SYMVER(name, version) \
|
|
||||||
+ __attribute__ ((visibility ("default"))) \
|
|
||||||
+ __attribute__((__symver__("kcapi_" #name "@@LIBKCAPI_" version)))
|
|
||||||
+
|
|
||||||
+# define ORIG_SYMVER(name, version) \
|
|
||||||
+ __attribute__ ((visibility ("default"))) \
|
|
||||||
+ __attribute__((__symver__("kcapi_" #name "@LIBKCAPI_" version)))
|
|
||||||
+
|
|
||||||
+#else
|
|
||||||
# define IMPL_SYMVER(name, version) \
|
|
||||||
__asm__(".global impl_" #name ";"\
|
|
||||||
".symver impl_" #name ",kcapi_" #name "@@LIBKCAPI_" version);\
|
|
||||||
@@ -359,6 +369,7 @@ static inline int io_getevents(__attribute__((unused)) aio_context_t ctx,
|
|
||||||
__asm__(".global orig_" #name ";"\
|
|
||||||
".symver orig_" #name ",kcapi_" #name "@LIBKCAPI_" version);\
|
|
||||||
__attribute__ ((visibility ("default")))
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
#else
|
|
||||||
# error "Compiler version too old"
|
|
||||||
--
|
|
||||||
2.31.1
|
|
||||||
|
|
@ -4,10 +4,3 @@ product_versions:
|
|||||||
decision_context: bodhi_update_push_stable
|
decision_context: bodhi_update_push_stable
|
||||||
rules:
|
rules:
|
||||||
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
||||||
--- !Policy
|
|
||||||
product_versions:
|
|
||||||
- rhel-9
|
|
||||||
decision_context: osci_compose_gate
|
|
||||||
rules:
|
|
||||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
|
||||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}
|
|
||||||
|
137
libkcapi.spec
137
libkcapi.spec
@ -1,7 +1,7 @@
|
|||||||
# Shared object version of libkcapi.
|
# Shared object version of libkcapi.
|
||||||
%global vmajor 1
|
%global vmajor 1
|
||||||
%global vminor 3
|
%global vminor 2
|
||||||
%global vpatch 1
|
%global vpatch 0
|
||||||
|
|
||||||
# Do we build the replacements packages?
|
# Do we build the replacements packages?
|
||||||
%bcond_with replace_coreutils
|
%bcond_with replace_coreutils
|
||||||
@ -22,23 +22,6 @@
|
|||||||
%else
|
%else
|
||||||
%bcond_with test_package
|
%bcond_with test_package
|
||||||
%endif
|
%endif
|
||||||
# disable cppcheck analysis in ELN/RHEL to avoid the dependency bz#1931518
|
|
||||||
%if 0%{?rhel}
|
|
||||||
%bcond_with cppcheck
|
|
||||||
%else
|
|
||||||
# Temporarily disable cppcheck on Fedora until bz#1923600 is fixed in rawhide
|
|
||||||
%bcond_with cppcheck
|
|
||||||
#bcond_without cppcheck
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# Use `--without test` to build without running the tests
|
|
||||||
%bcond_without test
|
|
||||||
# Use `--without fuzz_test` to skip the fuzz test during build
|
|
||||||
%bcond_without fuzz_test
|
|
||||||
# Use `--without doc` to build without the -doc subpackage
|
|
||||||
%bcond_without doc
|
|
||||||
# Use `--without clang_sa` to skip clang static analysis during build
|
|
||||||
%bcond_without clang_sa
|
|
||||||
|
|
||||||
# This package needs at least Linux Kernel v4.10.0.
|
# This package needs at least Linux Kernel v4.10.0.
|
||||||
%global min_kernel_ver 4.10.0
|
%global min_kernel_ver 4.10.0
|
||||||
@ -94,8 +77,8 @@
|
|||||||
%global sha512hmac bin/kcapi-hasher -n sha512hmac
|
%global sha512hmac bin/kcapi-hasher -n sha512hmac
|
||||||
%global fipshmac bin/kcapi-hasher -n fipshmac
|
%global fipshmac bin/kcapi-hasher -n fipshmac
|
||||||
%else
|
%else
|
||||||
%global sha512hmac bash %{SOURCE2}
|
%global sha512hmac bash %{_sourcedir}/sha512hmac-openssl.sh
|
||||||
%global fipshmac bash %{SOURCE3}
|
%global fipshmac bash %{_sourcedir}/fipshmac-openssl.sh
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
# Add generation of HMAC checksums of the final stripped
|
# Add generation of HMAC checksums of the final stripped
|
||||||
@ -106,7 +89,7 @@
|
|||||||
%{__arch_install_post} \
|
%{__arch_install_post} \
|
||||||
%{__os_install_post} \
|
%{__os_install_post} \
|
||||||
bin_path=%{buildroot}%{_bindir} \
|
bin_path=%{buildroot}%{_bindir} \
|
||||||
lib_path=%{buildroot}%{_libdir} \
|
lib_path=%{buildroot}/%{_lib} \
|
||||||
for app in %{apps_hmaccalc}; do \
|
for app in %{apps_hmaccalc}; do \
|
||||||
test -e "$bin_path"/$app || continue \
|
test -e "$bin_path"/$app || continue \
|
||||||
{ %sha512hmac "$bin_path"/$app || exit 1; } \\\
|
{ %sha512hmac "$bin_path"/$app || exit 1; } \\\
|
||||||
@ -123,41 +106,35 @@ done \
|
|||||||
"$lib_path"/fipscheck/libkcapi.so.%{vmajor}.hmac \
|
"$lib_path"/fipscheck/libkcapi.so.%{vmajor}.hmac \
|
||||||
%{nil}
|
%{nil}
|
||||||
|
|
||||||
|
|
||||||
Name: libkcapi
|
Name: libkcapi
|
||||||
Version: %{vmajor}.%{vminor}.%{vpatch}
|
Version: %{vmajor}.%{vminor}.%{vpatch}
|
||||||
Release: 3%{?dist}
|
Release: 3%{?dist}
|
||||||
Summary: User space interface to the Linux Kernel Crypto API
|
Summary: User space interface to the Linux Kernel Crypto API
|
||||||
|
|
||||||
License: BSD or GPLv2
|
License: BSD or GPLv2
|
||||||
URL: https://www.chronox.de/%{name}.html
|
URL: http://www.chronox.de/%{name}.html
|
||||||
Source0: https://www.chronox.de/%{name}/%{name}-%{version}.tar.xz
|
Source0: http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz
|
||||||
Source1: https://www.chronox.de/%{name}/%{name}-%{version}.tar.xz.asc
|
Source1: http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz.asc
|
||||||
Source2: sha512hmac-openssl.sh
|
Source2: sha512hmac-openssl.sh
|
||||||
Source3: fipshmac-openssl.sh
|
Source3: fipshmac-openssl.sh
|
||||||
|
|
||||||
Patch1: 0001-Use-GCCs-__symver__-attribute.patch
|
Patch0: %{giturl}/commit/b612c52c5ccf.patch#/000-Kern-5.8-fix-MSG_MORE-usage.patch
|
||||||
|
|
||||||
BuildRequires: bash
|
BuildRequires: bash
|
||||||
|
BuildRequires: clang
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
|
BuildRequires: cppcheck
|
||||||
|
BuildRequires: docbook-utils-pdf
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: git-core
|
BuildRequires: git
|
||||||
BuildRequires: hardlink
|
BuildRequires: hardlink
|
||||||
BuildRequires: kernel-headers >= %{min_kernel_ver}
|
BuildRequires: kernel-headers >= %{min_kernel_ver}
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
BuildRequires: make
|
|
||||||
BuildRequires: openssl
|
BuildRequires: openssl
|
||||||
BuildRequires: perl-interpreter
|
BuildRequires: perl-interpreter
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
BuildRequires: xmlto
|
BuildRequires: xmlto
|
||||||
%if %{with doc}
|
|
||||||
BuildRequires: docbook-utils-pdf
|
|
||||||
%endif
|
|
||||||
%if %{with clang_sa}
|
|
||||||
BuildRequires: clang
|
|
||||||
%endif
|
|
||||||
%if %{with cppcheck}
|
|
||||||
BuildRequires: cppcheck
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# For ownership of %%{_sysctldir}.
|
# For ownership of %%{_sysctldir}.
|
||||||
Requires: systemd
|
Requires: systemd
|
||||||
@ -187,7 +164,6 @@ Requires: %{name}%{?_isa} == %{version}-%{release}
|
|||||||
Header files for applications that use %{name}.
|
Header files for applications that use %{name}.
|
||||||
|
|
||||||
|
|
||||||
%if %{with doc}
|
|
||||||
%package doc
|
%package doc
|
||||||
Summary: User documentation for the %{name} package
|
Summary: User documentation for the %{name} package
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
@ -198,7 +174,6 @@ Requires: %{name} == %{version}-%{release}
|
|||||||
|
|
||||||
%description doc
|
%description doc
|
||||||
User documentation for %{name}.
|
User documentation for %{name}.
|
||||||
%endif
|
|
||||||
|
|
||||||
|
|
||||||
%if %{with replace_coreutils}
|
%if %{with replace_coreutils}
|
||||||
@ -331,7 +306,7 @@ EOF
|
|||||||
|
|
||||||
%build
|
%build
|
||||||
%configure \
|
%configure \
|
||||||
--libdir=%{_libdir} \
|
--libdir=/%{_lib} \
|
||||||
--disable-silent-rules \
|
--disable-silent-rules \
|
||||||
--enable-kcapi-encapp \
|
--enable-kcapi-encapp \
|
||||||
--enable-kcapi-dgstapp \
|
--enable-kcapi-dgstapp \
|
||||||
@ -342,13 +317,9 @@ EOF
|
|||||||
--enable-shared \
|
--enable-shared \
|
||||||
--enable-static \
|
--enable-static \
|
||||||
--enable-sum-prefix= \
|
--enable-sum-prefix= \
|
||||||
--enable-sum-dir=%{_libdir} \
|
--enable-sum-dir=/%{_lib} \
|
||||||
--with-pkgconfigdir=%{_libdir}/pkgconfig
|
--with-pkgconfigdir=%{_libdir}/pkgconfig
|
||||||
%if %{with doc}
|
|
||||||
%make_build all doc
|
%make_build all doc
|
||||||
%else
|
|
||||||
%make_build all man
|
|
||||||
%endif
|
|
||||||
|
|
||||||
|
|
||||||
%install
|
%install
|
||||||
@ -365,14 +336,8 @@ EOF
|
|||||||
%if %{with_sysctl_tweak}
|
%if %{with_sysctl_tweak}
|
||||||
README.%{distroname_ext} \
|
README.%{distroname_ext} \
|
||||||
%endif
|
%endif
|
||||||
%if %{with doc}
|
README.md CHANGES.md TODO doc/%{name}.p{df,s}
|
||||||
doc/%{name}.p{df,s} \
|
|
||||||
%endif
|
|
||||||
README.md CHANGES.md TODO
|
|
||||||
|
|
||||||
%if %{with doc}
|
|
||||||
%{__cp} -pr lib/doc/html %{buildroot}%{_pkgdocdir}
|
%{__cp} -pr lib/doc/html %{buildroot}%{_pkgdocdir}
|
||||||
%endif
|
|
||||||
|
|
||||||
# Install replacement tools, if enabled.
|
# Install replacement tools, if enabled.
|
||||||
%if !%{with replace_coreutils}
|
%if !%{with replace_coreutils}
|
||||||
@ -398,13 +363,11 @@ EOF
|
|||||||
# Remove 0-size files.
|
# Remove 0-size files.
|
||||||
%{_bindir}/find %{buildroot} -type f -size 0 -print -delete
|
%{_bindir}/find %{buildroot} -type f -size 0 -print -delete
|
||||||
|
|
||||||
%if %{with doc}
|
|
||||||
# Make sure all docs have non-exec permissions, except for the dirs.
|
# Make sure all docs have non-exec permissions, except for the dirs.
|
||||||
%{_bindir}/find %{buildroot}%{_pkgdocdir} -type f -print | \
|
%{_bindir}/find %{buildroot}%{_pkgdocdir} -type f -print | \
|
||||||
%{_bindir}/xargs %{__chmod} -c 0644
|
%{_bindir}/xargs %{__chmod} -c 0644
|
||||||
%{_bindir}/find %{buildroot}%{_pkgdocdir} -type d -print | \
|
%{_bindir}/find %{buildroot}%{_pkgdocdir} -type d -print | \
|
||||||
%{_bindir}/xargs %{__chmod} -c 0755
|
%{_bindir}/xargs %{__chmod} -c 0755
|
||||||
%endif
|
|
||||||
|
|
||||||
# Possibly save some space by hardlinking.
|
# Possibly save some space by hardlinking.
|
||||||
for d in %{_mandir} %{_pkgdocdir}; do
|
for d in %{_mandir} %{_pkgdocdir}; do
|
||||||
@ -414,14 +377,10 @@ done
|
|||||||
|
|
||||||
%check
|
%check
|
||||||
# Some basic sanity checks.
|
# Some basic sanity checks.
|
||||||
%if %{with clang_sa}
|
for t in cppcheck scan; do
|
||||||
%make_build scan
|
%make_build $t
|
||||||
%endif
|
done
|
||||||
%if %{with cppcheck}
|
|
||||||
%make_build cppcheck
|
|
||||||
%endif
|
|
||||||
|
|
||||||
%if %{with test}
|
|
||||||
# On some arches `/proc/sys/net/core/optmem_max` is lower than 20480,
|
# On some arches `/proc/sys/net/core/optmem_max` is lower than 20480,
|
||||||
# which is the lowest limit needed to run the testsuite. If that limit
|
# which is the lowest limit needed to run the testsuite. If that limit
|
||||||
# is not met, we do not run it.
|
# is not met, we do not run it.
|
||||||
@ -430,15 +389,12 @@ done
|
|||||||
%if %{lua:print(rpm.vercmp(posix.uname('%r'), '5.1'));} >= 0
|
%if %{lua:print(rpm.vercmp(posix.uname('%r'), '5.1'));} >= 0
|
||||||
# Real testsuite.
|
# Real testsuite.
|
||||||
pushd test
|
pushd test
|
||||||
%if %{with fuzz_test}
|
|
||||||
ENABLE_FUZZ_TEST=1 \
|
ENABLE_FUZZ_TEST=1 \
|
||||||
%endif
|
|
||||||
NO_32BIT_TEST=1 \
|
NO_32BIT_TEST=1 \
|
||||||
./test-invocation.sh
|
./test-invocation.sh
|
||||||
popd
|
popd
|
||||||
%endif
|
%endif
|
||||||
%endif
|
%endif
|
||||||
%endif
|
|
||||||
|
|
||||||
|
|
||||||
%ldconfig_scriptlets
|
%ldconfig_scriptlets
|
||||||
@ -448,10 +404,10 @@ popd
|
|||||||
%doc %dir %{_pkgdocdir}
|
%doc %dir %{_pkgdocdir}
|
||||||
%doc %{_pkgdocdir}/README.md
|
%doc %{_pkgdocdir}/README.md
|
||||||
%license COPYING*
|
%license COPYING*
|
||||||
%{_libdir}/%{name}.so.%{vmajor}
|
/%{_lib}/%{name}.so.%{vmajor}
|
||||||
%{_libdir}/%{name}.so.%{version}
|
/%{_lib}/%{name}.so.%{version}
|
||||||
%{_libdir}/fipscheck/%{name}.so.%{vmajor}.hmac
|
/%{_lib}/fipscheck/%{name}.so.%{vmajor}.hmac
|
||||||
%{_libdir}/fipscheck/%{name}.so.%{version}.hmac
|
/%{_lib}/fipscheck/%{name}.so.%{version}.hmac
|
||||||
%if %{with_sysctl_tweak}
|
%if %{with_sysctl_tweak}
|
||||||
%doc %{_pkgdocdir}/README.%{distroname_ext}
|
%doc %{_pkgdocdir}/README.%{distroname_ext}
|
||||||
%{_sysctldir}/%{sysctl_prio}-%{name}-optmem_max.conf
|
%{_sysctldir}/%{sysctl_prio}-%{name}-optmem_max.conf
|
||||||
@ -463,41 +419,39 @@ popd
|
|||||||
%doc %{_pkgdocdir}/TODO
|
%doc %{_pkgdocdir}/TODO
|
||||||
%{_includedir}/kcapi.h
|
%{_includedir}/kcapi.h
|
||||||
%{_mandir}/man3/kcapi_*.3.*
|
%{_mandir}/man3/kcapi_*.3.*
|
||||||
%{_libdir}/%{name}.so
|
/%{_lib}/%{name}.so
|
||||||
%{_libdir}/pkgconfig/%{name}.pc
|
%{_libdir}/pkgconfig/%{name}.pc
|
||||||
|
|
||||||
|
|
||||||
%if %{with doc}
|
|
||||||
%files doc
|
%files doc
|
||||||
%doc %{_pkgdocdir}/html
|
%doc %{_pkgdocdir}/html
|
||||||
%doc %{_pkgdocdir}/%{name}.pdf
|
%doc %{_pkgdocdir}/%{name}.pdf
|
||||||
%doc %{_pkgdocdir}/%{name}.ps
|
%doc %{_pkgdocdir}/%{name}.ps
|
||||||
%endif
|
|
||||||
|
|
||||||
|
|
||||||
%if %{with replace_coreutils}
|
%if %{with replace_coreutils}
|
||||||
%files checksum
|
%files checksum
|
||||||
%{_bindir}/md5sum
|
%{_bindir}/md5sum
|
||||||
%{_bindir}/sha*sum
|
%{_bindir}/sha*sum
|
||||||
%{_libdir}/fipscheck/md5sum.hmac
|
/%{_lib}/fipscheck/md5sum.hmac
|
||||||
%{_libdir}/fipscheck/sha*sum.hmac
|
/%{_lib}/fipscheck/sha*sum.hmac
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%if %{with replace_fipscheck}
|
%if %{with replace_fipscheck}
|
||||||
%files fipscheck
|
%files fipscheck
|
||||||
%{_bindir}/fips*
|
%{_bindir}/fips*
|
||||||
%{_libdir}/fipscheck/fips*.hmac
|
/%{_lib}/fipscheck/fips*.hmac
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%if %{with replace_hmaccalc}
|
%if %{with replace_hmaccalc}
|
||||||
%files hmaccalc
|
%files hmaccalc
|
||||||
%{_bindir}/sha*hmac
|
%{_bindir}/sha*hmac
|
||||||
%{_libdir}/hmaccalc/sha*hmac.hmac
|
/%{_lib}/hmaccalc/sha*hmac.hmac
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
%files static
|
%files static
|
||||||
%{_libdir}/%{name}.a
|
/%{_lib}/%{name}.a
|
||||||
|
|
||||||
|
|
||||||
%files tools
|
%files tools
|
||||||
@ -512,37 +466,6 @@ popd
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.3.1-3
|
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
|
||||||
Related: rhbz#1991688
|
|
||||||
|
|
||||||
* Thu Jul 15 2021 Simo Sorce <simo@redhat.com> - 1.3.1-2
|
|
||||||
- Bring back usage of %{_libdir} instead of /%{_lib}
|
|
||||||
- Resolves: rhbz#1982620
|
|
||||||
|
|
||||||
* Wed Jul 14 2021 Simo Sorce <simo@redhat.com> - 1.3.1-1
|
|
||||||
- Update to new upstream release 1.3.1
|
|
||||||
- This fixes ABI issues and incorporates previous patches
|
|
||||||
|
|
||||||
* Mon Jul 12 2021 Simo Sorce <simo@redhat.com> - 1.3.0-1
|
|
||||||
- Update to new upstream release 1.3.0
|
|
||||||
|
|
||||||
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.1-3
|
|
||||||
- Rebuilt for RHEL 9 BETA for openssl 3.0
|
|
||||||
Related: rhbz#1971065
|
|
||||||
|
|
||||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.1-2
|
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
||||||
|
|
||||||
* Mon Mar 15 2021 Sahana Prasad <sahana@redhat.com> - 1.2.1-1
|
|
||||||
- Update to upstream version 1.2.1
|
|
||||||
- Remove patch fix MSG_MORE uasge as it is added upstream
|
|
||||||
- Remove cppcheck dependency for rhel bz#1931518
|
|
||||||
- Add a patch to fix fuzz tests
|
|
||||||
|
|
||||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-4
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Aug 14 2020 Ondrej Mosnáček <omosnace@redhat.com> - 1.2.0-3
|
* Fri Aug 14 2020 Ondrej Mosnáček <omosnace@redhat.com> - 1.2.0-3
|
||||||
- Require perl-interpreter instead of full perl
|
- Require perl-interpreter instead of full perl
|
||||||
- Backport fix for 5.9 kernels
|
- Backport fix for 5.9 kernels
|
||||||
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (libkcapi-1.3.1.tar.xz) = 2240e5410e1df4b54f42182bf294ac13d82fd78d60466cafef7644bf7c9144c064ba1fd78d110d66bc41fd220ad2f211081eb64a0da5c8740716a3146d72ba30
|
SHA512 (libkcapi-1.2.0.tar.xz) = f097aac4fb06d0e0a7f62376506caa2d4cdb03572be89286ff335684f9a10285ffea4b3cfb37fd49e51435aa6636256aa12f0cf970fd48b1358aace8ac14b289
|
||||||
SHA512 (libkcapi-1.3.1.tar.xz.asc) = fb5f85401921e884e7eb7b989baed2c98371a90b61056c929bf8348e7864fc001b67d7e5bf5f799d61befbefa6ab60b296c1d781fc30069936edc3eb40134954
|
SHA512 (libkcapi-1.2.0.tar.xz.asc) = 336769b04c75ee23d4cae98697a6ea14e5bd244bcefaa2396d80dab95538620c9353100685bd0568f61b8dfa3089c6ff7e4fdcdde949012ba0d7fe6aac650577
|
||||||
|
Loading…
Reference in New Issue
Block a user