import tboot-1.10.2-6.el9
This commit is contained in:
parent
49555800f0
commit
32ca641a6a
58
SOURCES/0003-Use-sha256-as-default-hashing-algorithm.patch
Normal file
58
SOURCES/0003-Use-sha256-as-default-hashing-algorithm.patch
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
# HG changeset patch
|
||||||
|
# User Lukasz Hawrylko <lukasz.hawrylko@intel.com>
|
||||||
|
# Date 1631717614 -7200
|
||||||
|
# Wed Sep 15 16:53:34 2021 +0200
|
||||||
|
# Node ID 5bf5c12411d3a4a7e0a552203b40bfe59d5c7789
|
||||||
|
# Parent 4cdcf97e4723647b6fac761565c0be13f7e31009
|
||||||
|
Use sha256 as default hashing algorithm in lcp2_mlehash and tb_polgen
|
||||||
|
|
||||||
|
Signed-off-by: Lukasz Hawrylko <lukasz.hawrylko@intel.com>
|
||||||
|
|
||||||
|
diff -r 4cdcf97e4723 -r 5bf5c12411d3 docs/man/tb_polgen.8
|
||||||
|
--- a/docs/man/tb_polgen.8 Thu Aug 26 14:12:44 2021 +0200
|
||||||
|
+++ b/docs/man/tb_polgen.8 Wed Sep 15 16:53:34 2021 +0200
|
||||||
|
@@ -21,6 +21,9 @@
|
||||||
|
\fR[\fB\-\-ctrl \fIpolicy-control-value\fR]
|
||||||
|
The default value 1 is to extend policy into PCR 17.
|
||||||
|
.TP
|
||||||
|
+\fR[\fB\-\-alg \fIsha1 \fR|\fI sha256 \fR|\fI sha384 \fR|\fI sha512\fR]
|
||||||
|
+Policy hashing algorithm.
|
||||||
|
+.TP
|
||||||
|
\fIpolicy-file\fR
|
||||||
|
.RE
|
||||||
|
.TP
|
||||||
|
diff -r 4cdcf97e4723 -r 5bf5c12411d3 lcptools-v2/mlehash.c
|
||||||
|
--- a/lcptools-v2/mlehash.c Thu Aug 26 14:12:44 2021 +0200
|
||||||
|
+++ b/lcptools-v2/mlehash.c Wed Sep 15 16:53:34 2021 +0200
|
||||||
|
@@ -70,8 +70,8 @@
|
||||||
|
|
||||||
|
|
||||||
|
bool verbose = false;
|
||||||
|
-char alg_name[32] = "sha1";
|
||||||
|
-uint16_t alg_type = TPM_ALG_SHA1;
|
||||||
|
+char alg_name[32] = "sha256";
|
||||||
|
+uint16_t alg_type = TPM_ALG_SHA256;
|
||||||
|
|
||||||
|
static struct option long_opts[] =
|
||||||
|
{
|
||||||
|
diff -r 4cdcf97e4723 -r 5bf5c12411d3 tb_polgen/param.c
|
||||||
|
--- a/tb_polgen/param.c Thu Aug 26 14:12:44 2021 +0200
|
||||||
|
+++ b/tb_polgen/param.c Wed Sep 15 16:53:34 2021 +0200
|
||||||
|
@@ -51,7 +51,7 @@
|
||||||
|
|
||||||
|
static const char *help[] = {
|
||||||
|
"tb_polgen --create --type nonfatal|continue|halt\n",
|
||||||
|
- " [--alg sha1 (default)|sha256|sha384|sha512]\n",
|
||||||
|
+ " [--alg sha1|sha256 (default)|sha384|sha512]\n",
|
||||||
|
" [--ctrl <policy control value>]\n",
|
||||||
|
" [--verbose]\n",
|
||||||
|
" <policy file name>\n",
|
||||||
|
@@ -330,7 +330,7 @@
|
||||||
|
params->cmd = POLGEN_CMD_NONE;
|
||||||
|
params->mod_num = -1;
|
||||||
|
params->pcr = -1;
|
||||||
|
- params->hash_alg = TB_HALG_SHA1;
|
||||||
|
+ params->hash_alg = TB_HALG_SHA256;
|
||||||
|
params->policy_type = -1;
|
||||||
|
params->policy_control = TB_POLCTL_EXTEND_PCR17;
|
||||||
|
params->hash_type = -1;
|
@ -1,7 +1,7 @@
|
|||||||
Summary: Performs a verified launch using Intel TXT
|
Summary: Performs a verified launch using Intel TXT
|
||||||
Name: tboot
|
Name: tboot
|
||||||
Version: 1.10.2
|
Version: 1.10.2
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -10,6 +10,7 @@ Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.
|
|||||||
|
|
||||||
Patch0: 0001-Add-Wno-error-deprecated-declarations-to-Config.mk.patch
|
Patch0: 0001-Add-Wno-error-deprecated-declarations-to-Config.mk.patch
|
||||||
Patch1: 0002-lcputils.c-remove-call-to-EVP_PKEY_set_alias_type.patch
|
Patch1: 0002-lcputils.c-remove-call-to-EVP_PKEY_set_alias_type.patch
|
||||||
|
Patch2: 0003-Use-sha256-as-default-hashing-algorithm.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
@ -58,6 +59,10 @@ make debug=y DISTDIR=$RPM_BUILD_ROOT install
|
|||||||
/boot/tboot-syms
|
/boot/tboot-syms
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Sep 30 2021 Tony Camuso <tcamuso@redhat.com> - 1:1.10.2-6
|
||||||
|
- Use sha256 as default hashing algorithm
|
||||||
|
Resolves: rhbz#1935448
|
||||||
|
|
||||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.10.2-5
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.10.2-5
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
Related: rhbz#1991688
|
Related: rhbz#1991688
|
||||||
|
Loading…
Reference in New Issue
Block a user