import tpm2-abrmd-2.0.0-3.el8
This commit is contained in:
commit
a9ee59e229
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
SOURCES/tpm2-abrmd-2.0.0.tar.gz
|
1
.tpm2-abrmd.metadata
Normal file
1
.tpm2-abrmd.metadata
Normal file
@ -0,0 +1 @@
|
|||||||
|
3df5896c55f6ffd520c4ff3c1f4b1d65f8738417 SOURCES/tpm2-abrmd-2.0.0.tar.gz
|
@ -0,0 +1,106 @@
|
|||||||
|
From 9c4a30c22725948537911dafa664d3741fd0249b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Javier Martinez Canillas <javierm@redhat.com>
|
||||||
|
Date: Wed, 4 Jul 2018 16:04:15 +0200
|
||||||
|
Subject: [PATCH 1/1] tcti-dynamic: Make the tss2 device TCTI library SONAME
|
||||||
|
the default
|
||||||
|
|
||||||
|
The raw libtss2-tcti-device.so is only included in the development package
|
||||||
|
but the tpm2-abrmd tries to dynamically load this instead of the library's
|
||||||
|
SONAME which is included in the tpm2-tss package.
|
||||||
|
|
||||||
|
This was reported in [0] and partially fixed by the commit d2f0b2d1f0f
|
||||||
|
("tcti-util: Use proper SONAME for TCTI dlopen"). But I still needed these
|
||||||
|
changes so the tpm2-abrmd daemon could lookup the correct library name.
|
||||||
|
|
||||||
|
[0]: https://lists.01.org/pipermail/tpm2/2018-May/000700.html
|
||||||
|
|
||||||
|
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
|
||||||
|
---
|
||||||
|
man/tpm2-abrmd.8.in | 12 ++++++------
|
||||||
|
src/tabrmd.h | 2 +-
|
||||||
|
src/tcti-dynamic.c | 2 +-
|
||||||
|
src/tcti-dynamic.h | 2 +-
|
||||||
|
4 files changed, 9 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/man/tpm2-abrmd.8.in b/man/tpm2-abrmd.8.in
|
||||||
|
index c745a7e5eac..e02cbf44a16 100644
|
||||||
|
--- a/man/tpm2-abrmd.8.in
|
||||||
|
+++ b/man/tpm2-abrmd.8.in
|
||||||
|
@@ -25,7 +25,7 @@ is formatted as "tcti-name:tcti-conf" where:
|
||||||
|
.IP 'tcti-name'
|
||||||
|
The name of the TCTI library shared object file. Libraries are found using
|
||||||
|
the same algorithm as dlopen (3). If the TCTI library file name follows the
|
||||||
|
-naming convention: \fBlibtss2-tcti-<name>.so\fR where <name> is the name for
|
||||||
|
+naming convention: \fBlibtss2-tcti-<name>.so.0\fR where <name> is the name for
|
||||||
|
the TCTI, the value of \fB<name>\fR may be supplied in place of the full
|
||||||
|
library file name. See 'EXAMPLES' below.
|
||||||
|
.IP 'tcti-conf'
|
||||||
|
@@ -89,21 +89,21 @@ Execute daemon with default TCTI and provided config string:
|
||||||
|
This is equivalent to:
|
||||||
|
.B tpm2-abrmd --tcti="device:/dev/tpm0"
|
||||||
|
.br
|
||||||
|
-.B tpm2-abrmd --tcti="libtss2-tcti-device.so:/dev/tpm0"
|
||||||
|
+.B tpm2-abrmd --tcti="libtss2-tcti-device.so.0:/dev/tpm0"
|
||||||
|
.TP
|
||||||
|
Have daemon use Microsoft/IBM TPM2 Simulator tcti library
|
||||||
|
-'libtss2-tcti-mssim.so'.
|
||||||
|
+'libtss2-tcti-mssim.so.0'.
|
||||||
|
This connects to a TPM2 simulator via a TCP mssim.
|
||||||
|
.br
|
||||||
|
.B tpm2-abrmd --tcti="mssim"
|
||||||
|
.br
|
||||||
|
-.B tpm2-abrmd --tcti="libtss2-tcti-mssim.so"
|
||||||
|
+.B tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0"
|
||||||
|
.TP
|
||||||
|
-Have daemon use tcti library 'libtss2-tcti-mssim.so' and config string
|
||||||
|
+Have daemon use tcti library 'libtss2-tcti-mssim.so.0' and config string
|
||||||
|
'tcp://127.0.0.1:5555':
|
||||||
|
.B tpm2-abrmd --tcti=mssim:tcp://127.0.0.1:5555"
|
||||||
|
.br
|
||||||
|
-.B tpm2-abrmd --tcti="libtss2-tcti-mssim.so:tcp://127.0.0.1:5555"
|
||||||
|
+.B tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0:tcp://127.0.0.1:5555"
|
||||||
|
.SH AUTHOR
|
||||||
|
Philip Tricca <philip.b.tricca@intel.com>
|
||||||
|
.SH "SEE ALSO"
|
||||||
|
diff --git a/src/tabrmd.h b/src/tabrmd.h
|
||||||
|
index 7e0eb02b4ef..ed9d7dd063b 100644
|
||||||
|
--- a/src/tabrmd.h
|
||||||
|
+++ b/src/tabrmd.h
|
||||||
|
@@ -43,7 +43,7 @@
|
||||||
|
#define TABRMD_ENTROPY_SRC_DEFAULT "/dev/urandom"
|
||||||
|
#define TABRMD_SESSIONS_MAX_DEFAULT 4
|
||||||
|
#define TABRMD_SESSIONS_MAX 64
|
||||||
|
-#define TABRMD_TCTI_FILENAME_DEFAULT "libtss2-tcti-device.so"
|
||||||
|
+#define TABRMD_TCTI_FILENAME_DEFAULT "libtss2-tcti-device.so.0"
|
||||||
|
#define TABRMD_TCTI_CONF_DEFAULT NULL
|
||||||
|
#define TABRMD_TRANSIENT_MAX_DEFAULT 27
|
||||||
|
#define TABRMD_TRANSIENT_MAX 100
|
||||||
|
diff --git a/src/tcti-dynamic.c b/src/tcti-dynamic.c
|
||||||
|
index f3e0b6db694..852eb70b2ea 100644
|
||||||
|
--- a/src/tcti-dynamic.c
|
||||||
|
+++ b/src/tcti-dynamic.c
|
||||||
|
@@ -139,7 +139,7 @@ tcti_dynamic_class_init (TctiDynamicClass *klass)
|
||||||
|
g_param_spec_string ("file-name",
|
||||||
|
"TCTI library file",
|
||||||
|
"Library file containing TCTI implementation.",
|
||||||
|
- "libtss2-tcti-device.so",
|
||||||
|
+ "libtss2-tcti-device.so.0",
|
||||||
|
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY);
|
||||||
|
obj_properties[PROP_CONF_STR] =
|
||||||
|
g_param_spec_string ("conf-str",
|
||||||
|
diff --git a/src/tcti-dynamic.h b/src/tcti-dynamic.h
|
||||||
|
index 08691a66d58..2ed0eaea640 100644
|
||||||
|
--- a/src/tcti-dynamic.h
|
||||||
|
+++ b/src/tcti-dynamic.h
|
||||||
|
@@ -34,7 +34,7 @@
|
||||||
|
|
||||||
|
G_BEGIN_DECLS
|
||||||
|
|
||||||
|
-#define TCTI_DYNAMIC_DEFAULT_FILE_NAME "libtss2-tcti-device.so"
|
||||||
|
+#define TCTI_DYNAMIC_DEFAULT_FILE_NAME "libtss2-tcti-device.so.0"
|
||||||
|
#define TCTI_DYNAMIC_DEFAULT_CONF_STR "/dev/tpm0"
|
||||||
|
|
||||||
|
typedef struct _TctiDynamicClass {
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
146
SPECS/tpm2-abrmd.spec
Normal file
146
SPECS/tpm2-abrmd.spec
Normal file
@ -0,0 +1,146 @@
|
|||||||
|
%global selinuxtype targeted
|
||||||
|
|
||||||
|
Name: tpm2-abrmd
|
||||||
|
Version: 2.0.0
|
||||||
|
Release: 3%{?dist}
|
||||||
|
Summary: A system daemon implementing TPM2 Access Broker and Resource Manager
|
||||||
|
|
||||||
|
License: BSD
|
||||||
|
URL: https://github.com/tpm2-software/tpm2-abrmd
|
||||||
|
Source0: https://github.com/tpm2-software/tpm2-abrmd/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||||
|
|
||||||
|
Patch0: tcti-dynamic-Make-the-tss2-device-TCTI-library-SONAM.patch
|
||||||
|
|
||||||
|
%{?systemd_requires}
|
||||||
|
BuildRequires: systemd
|
||||||
|
BuildRequires: libtool
|
||||||
|
BuildRequires: autoconf-archive
|
||||||
|
BuildRequires: pkgconfig(cmocka)
|
||||||
|
BuildRequires: pkgconfig(dbus-1)
|
||||||
|
BuildRequires: pkgconfig(gio-unix-2.0)
|
||||||
|
BuildRequires: pkgconfig(tss2-mu)
|
||||||
|
BuildRequires: pkgconfig(tss2-sys)
|
||||||
|
# tpm2-abrmd depends on tpm2-tss-devel for tss2-mu/sys libs
|
||||||
|
BuildRequires: tpm2-tss-devel >= 2.0.0-2%{?dist}
|
||||||
|
|
||||||
|
# tpm2-abrmd depends on the package that contains its SELinux policy module
|
||||||
|
Requires: (%{name}-selinux >= %{version}-1%{?dist} if selinux-policy-%{selinuxtype})
|
||||||
|
|
||||||
|
%description
|
||||||
|
tpm2-abrmd is a system daemon implementing the TPM2 access broker (TAB) and
|
||||||
|
Resource Manager (RM) spec from the TCG.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%autosetup -p1 -n %{name}-%{version}
|
||||||
|
|
||||||
|
%build
|
||||||
|
%configure --disable-static --disable-silent-rules \
|
||||||
|
--with-systemdsystemunitdir=%{_unitdir} \
|
||||||
|
--with-systemdpresetdir=%{_presetdir}
|
||||||
|
%make_build
|
||||||
|
|
||||||
|
%install
|
||||||
|
%make_install
|
||||||
|
find %{buildroot}%{_libdir} -type f -name \*.la -delete
|
||||||
|
|
||||||
|
%pre
|
||||||
|
getent group tss >/dev/null || groupadd -g 59 -r tss
|
||||||
|
getent passwd tss >/dev/null || \
|
||||||
|
useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \
|
||||||
|
-c "Account used by the tpm2-abrmd package to sandbox the tpm2-abrmd daemon" tss
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
%files
|
||||||
|
%doc README.md CHANGELOG.md
|
||||||
|
%license LICENSE
|
||||||
|
%{_libdir}/libtss2-tcti-tabrmd.so.*
|
||||||
|
%{_sbindir}/tpm2-abrmd
|
||||||
|
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/tpm2-abrmd.conf
|
||||||
|
%{_datarootdir}/dbus-1/system-services/com.intel.tss2.Tabrmd.service
|
||||||
|
%{_unitdir}/tpm2-abrmd.service
|
||||||
|
%{_presetdir}/tpm2-abrmd.preset
|
||||||
|
%{_mandir}/man3/Tss2_Tcti_Tabrmd_Init.3.gz
|
||||||
|
%{_mandir}/man7/tss2-tcti-tabrmd.7.gz
|
||||||
|
%{_mandir}/man8/tpm2-abrmd.8.gz
|
||||||
|
|
||||||
|
|
||||||
|
%package devel
|
||||||
|
Summary: Headers, static libraries and package config files of tpm2-abrmd
|
||||||
|
Requires: %{name}%{_isa} = %{version}-%{release}
|
||||||
|
# tpm2-abrmd-devel depends on tpm2-tss-devel for tss2-mu/sys libs
|
||||||
|
Requires: tpm2-tss-devel%{?_isa} >= 2.0.0-1%{?dist}
|
||||||
|
|
||||||
|
%description devel
|
||||||
|
This package contains headers, static libraries and package config files
|
||||||
|
required to build applications that use tpm2-abrmd.
|
||||||
|
|
||||||
|
%files devel
|
||||||
|
%{_includedir}/tss2/tss2-tcti-tabrmd.h
|
||||||
|
%{_libdir}/libtss2-tcti-tabrmd.so
|
||||||
|
%{_libdir}/pkgconfig/tss2-tcti-tabrmd.pc
|
||||||
|
|
||||||
|
# on package installation
|
||||||
|
%post
|
||||||
|
/sbin/ldconfig
|
||||||
|
%systemd_post tpm2-abrmd.service
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%systemd_preun tpm2-abrmd.service
|
||||||
|
|
||||||
|
%postun
|
||||||
|
/sbin/ldconfig
|
||||||
|
%systemd_postun tpm2-abrmd.service
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Wed Feb 06 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.0.0-3
|
||||||
|
- Fix tpm2-abrmd-selinux Requires
|
||||||
|
resolves: rhbz#1642000
|
||||||
|
|
||||||
|
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 04 2018 Javier Martinez Canillas <javierm@redhat.com> - 2.0.0-1
|
||||||
|
- Download the distributed tarball instead of the source code tarball
|
||||||
|
- Update URLs to point to the new project location
|
||||||
|
- Update to 2.0.0 release
|
||||||
|
|
||||||
|
* Fri Feb 23 2018 Javier Martinez Canillas <javierm@redhat.com> - 1.1.0-12
|
||||||
|
- Don't install udev rule for TPM character devices
|
||||||
|
|
||||||
|
* Wed Feb 21 2018 Javier Martinez Canillas <javierm@redhat.com> - 1.1.0-11
|
||||||
|
- Remove ExclusiveArch: x86_64 directive
|
||||||
|
|
||||||
|
* Thu Feb 15 2018 Javier Martinez Canillas <javierm@redhat.com> - 1.1.0-10
|
||||||
|
- Remove %%{_isa} from BuildRequires (RHBZ#1545210)
|
||||||
|
|
||||||
|
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Oct 25 2017 Peter Jones <pjones@redhat.com> - 1.1.0-8
|
||||||
|
- Make only tpm2-abrmd-devel have a runtime dep on tpm2-tools-devel
|
||||||
|
|
||||||
|
* Wed Oct 18 2017 Jerry Snitselaar <jsnitsel@redhat.com> - 1.1.0-7
|
||||||
|
- tcti-abrmd: Fix null deref
|
||||||
|
|
||||||
|
* Fri Oct 13 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-6
|
||||||
|
- Add tss user if doesn't currently exist - PR#1 from Jerry Snitselaar
|
||||||
|
- Removed source tarball and cleared it from .gitignore
|
||||||
|
|
||||||
|
* Wed Aug 16 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-5
|
||||||
|
- Updated source0 URL to fix rpmlint warnings
|
||||||
|
|
||||||
|
* Tue Aug 15 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-4
|
||||||
|
- Rename and relocate udev rules file to _udevrulesdir
|
||||||
|
- Update scriptlet to add service name after systemd_postrun
|
||||||
|
|
||||||
|
* Tue Aug 1 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-3
|
||||||
|
- Use config option with-systemdsystemunitdir to set systemd unit file location
|
||||||
|
|
||||||
|
* Mon Jul 31 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-2
|
||||||
|
- Removed BuildRequires for gcc
|
||||||
|
- Move tpm2-abrmd systemd service to /usr/lib/systemd/system
|
||||||
|
- Added scriptlet for tpm2-abrmd systemd service
|
||||||
|
- Use autoreconf instead of bootstrap
|
||||||
|
|
||||||
|
* Wed Jul 26 2017 Sun Yunying <yunying.sun@intel.com> - 1.1.0-1
|
||||||
|
- Initial packaging
|
Loading…
Reference in New Issue
Block a user