.gitignore

@@ -1 +1 @@
-SOURCES/tpm2-abrmd-2.3.3.tar.gz
+SOURCES/tpm2-abrmd-2.4.0.tar.gz

.tpm2-abrmd.metadata

@@ -1 +1 @@
-fb6e3565ea65813e30dee0b50b9c20b36973182f SOURCES/tpm2-abrmd-2.3.3.tar.gz
+ea9f83ccbbe8201519c0282f7237c175d9faac78 SOURCES/tpm2-abrmd-2.4.0.tar.gz

SOURCES/0001-tabrmd-options-fix-memory-leak.patch

@@ -1,211 +0,0 @@
-From ff90674fd801dd369231a20c47ebef0d08402e9e Mon Sep 17 00:00:00 2001
-From: William Roberts <william.c.roberts@intel.com>
-Date: Tue, 12 Jan 2021 14:12:48 -0600
-Subject: [PATCH 1/6] tabrmd-options: fix memory leak
-
-The tabrmd_options_t structure is initialized with static char *
-strings. These strings can be replaced by g_option_context_parse().
-However, g_option_context_parse() replaces the string with allocated
-memory and thus needs a call to g_free. Either one would need to keep
-track if glib allocated the string and conditionally free it, or just
-set all the strings to glib allocated strings. This patch takes the
-approach of always allocating the option strings.
-
-Fixes leaks like:
-==2677142==ERROR: LeakSanitizer: detected memory leaks
-
-Direct leak of 9 byte(s) in 1 object(s) allocated from:
-    #8 0x7fbd1acd5da1 in g_option_context_parse (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5eda1)
-    #9 0x4cc438 in parse_opts /home/wcrobert/workspace/tpm2-abrmd/src/tabrmd-options.c:103:10
-    #10 0x4c7ffe in main /home/wcrobert/workspace/tpm2-abrmd/src/tabrmd.c:41:10
-    #11 0x7fbd1a8770b2 in __libc_start_main /build/glibc-ZN95T4/glibc-2.31/csu/../csu/libc-start.c:308:16
-    #12 0x42004d in _start (/home/wcrobert/workspace/tpm2-abrmd/src/tpm2-abrmd+0x42004d)
-
-Signed-off-by: William Roberts <william.c.roberts@intel.com>
----
- src/tabrmd-init.c    |  2 ++
- src/tabrmd-options.c | 53 +++++++++++++++++++++++++++++++++++++++-----
- src/tabrmd-options.h | 11 +++++----
- src/tabrmd.c         |  4 +++-
- 4 files changed, 59 insertions(+), 11 deletions(-)
-
-diff --git a/src/tabrmd-init.c b/src/tabrmd-init.c
-index 2ad7539..58e0103 100644
---- a/src/tabrmd-init.c
-+++ b/src/tabrmd-init.c
-@@ -99,6 +99,8 @@ gmain_data_cleanup (gmain_data_t *data)
-     if (data->loop != NULL) {
-         main_loop_quit (data->loop);
-     }
-+
-+    tabrmd_options_free(&data->options);
- }
- /*
-  * This function initializes and configures all of the long-lived objects
-diff --git a/src/tabrmd-options.c b/src/tabrmd-options.c
-index 0dd7b87..22f249c 100644
---- a/src/tabrmd-options.c
-+++ b/src/tabrmd-options.c
-@@ -16,6 +16,12 @@
- #define G_OPTION_FLAG_NONE 0
- #endif
- 
-+#define SET_STR_IF_NULL(var, value) \
-+    do { \
-+        var = var == NULL ? g_strdup(value) : var; \
-+        g_assert(var); \
-+    } while(0)
-+
- /*
-  * This is a GOptionArgFunc callback invoked from the GOption processor from
-  * the parse_opts function below. It will be called when the daemon is
-@@ -36,6 +42,22 @@ show_version (const gchar  *option_name,
-     g_print ("tpm2-abrmd version %s\n", VERSION);
-     exit (0);
- }
-+
-+/**
-+ * Frees internal memory associated with a tabrmd_options_t struct.
-+ * @param opts
-+ *  The options to free, note it doesn't free opts itself.
-+ */
-+void
-+tabrmd_options_free(tabrmd_options_t *opts)
-+{
-+    g_assert(opts);
-+
-+    g_clear_pointer(&opts->dbus_name, g_free);
-+    g_clear_pointer(&opts->prng_seed_file, g_free);
-+    g_clear_pointer(&opts->tcti_conf, g_free);
-+}
-+
- /**
-  * This function parses the parameter argument vector and populates the
-  * parameter 'options' structure with data needed to configure the tabrmd.
-@@ -51,7 +73,7 @@ parse_opts (gint argc,
-             gchar *argv[],
-             tabrmd_options_t *options)
- {
--    gchar *logger_name = "stdout";
-+    gchar *logger_name = NULL;
-     GOptionContext *ctx;
-     GError *err = NULL;
-     gboolean session_bus = FALSE;
-@@ -105,33 +127,52 @@ parse_opts (gint argc,
-         return FALSE;
-     }
-     g_option_context_free (ctx);
-+
-+    /*
-+     * Set unset STRING options to defaults, we do this so we can free allocated
-+     * string options with gfree, having a mix of const and allocated ptr's
-+     * causes leaks
-+     */
-+    SET_STR_IF_NULL(options->dbus_name, TABRMD_DBUS_NAME_DEFAULT);
-+    SET_STR_IF_NULL(options->prng_seed_file, TABRMD_ENTROPY_SRC_DEFAULT);
-+    SET_STR_IF_NULL(options->tcti_conf, TABRMD_TCTI_CONF_DEFAULT);
-+    SET_STR_IF_NULL(logger_name, "stdout");
-+
-     /* select the bus type, default to G_BUS_TYPE_SESSION */
-     options->bus = session_bus ? G_BUS_TYPE_SESSION : G_BUS_TYPE_SYSTEM;
--    if (set_logger (logger_name) == -1) {
-+    gint ret = set_logger (logger_name);
-+    if (ret == -1) {
-         g_critical ("Unknown logger: %s, try --help\n", logger_name);
--        return FALSE;
-+        g_free(logger_name);
-+        goto error;
-     }
-+    g_free(logger_name);
-+
-     if (options->max_connections < 1 ||
-         options->max_connections > TABRMD_CONNECTION_MAX)
-     {
-         g_critical ("maximum number of connections must be between 1 "
-                     "and %d", TABRMD_CONNECTION_MAX);
--        return FALSE;
-+        goto error;
-     }
-     if (options->max_sessions < 1 ||
-         options->max_sessions > TABRMD_SESSIONS_MAX_DEFAULT)
-     {
-         g_critical ("max-sessions must be between 1 and %d",
-                     TABRMD_SESSIONS_MAX_DEFAULT);
--        return FALSE;
-+        goto error;
-     }
-     if (options->max_transients < 1 ||
-         options->max_transients > TABRMD_TRANSIENT_MAX)
-     {
-         g_critical ("max-trans-obj parameter must be between 1 and %d",
-                     TABRMD_TRANSIENT_MAX);
--        return FALSE;
-+        goto error;
-     }
-     g_warning ("tcti_conf after: \"%s\"", options->tcti_conf);
-     return TRUE;
-+
-+error:
-+    tabrmd_options_free(options);
-+    return FALSE;
- }
-diff --git a/src/tabrmd-options.h b/src/tabrmd-options.h
-index 4994920..d6bcfe9 100644
---- a/src/tabrmd-options.h
-+++ b/src/tabrmd-options.h
-@@ -15,10 +15,10 @@
-     .max_connections = TABRMD_CONNECTIONS_MAX_DEFAULT, \
-     .max_transients = TABRMD_TRANSIENT_MAX_DEFAULT, \
-     .max_sessions = TABRMD_SESSIONS_MAX_DEFAULT, \
--    .dbus_name = TABRMD_DBUS_NAME_DEFAULT, \
--    .prng_seed_file = TABRMD_ENTROPY_SRC_DEFAULT, \
-+    .dbus_name = NULL, \
-+    .prng_seed_file = NULL, \
-     .allow_root = FALSE, \
--    .tcti_conf = TABRMD_TCTI_CONF_DEFAULT, \
-+    .tcti_conf = NULL, \
- }
- 
- typedef struct tabrmd_options {
-@@ -28,7 +28,7 @@ typedef struct tabrmd_options {
-     guint           max_transients;
-     guint           max_sessions;
-     gchar          *dbus_name;
--    const gchar    *prng_seed_file;
-+    gchar          *prng_seed_file;
-     gboolean        allow_root;
-     gchar          *tcti_conf;
- } tabrmd_options_t;
-@@ -38,4 +38,7 @@ parse_opts (gint argc,
-             gchar *argv[],
-             tabrmd_options_t *options);
- 
-+void
-+tabrmd_options_free(tabrmd_options_t *opts);
-+
- #endif /* TABRMD_OPTIONS_H */
-diff --git a/src/tabrmd.c b/src/tabrmd.c
-index 7c93e90..e015de3 100644
---- a/src/tabrmd.c
-+++ b/src/tabrmd.c
-@@ -43,7 +43,8 @@ main (int argc, char *argv[])
-     }
-     if (geteuid() == 0 && ! gmain_data.options.allow_root) {
-         g_print ("Refusing to run as root. Pass --allow-root if you know what you are doing.\n");
--        return 1;
-+        ret = 1;
-+        goto out;
-     }
- 
-     g_mutex_init (&gmain_data.init_mutex);
-@@ -63,6 +64,7 @@ main (int argc, char *argv[])
-     if (ret == 0 && gmain_data.ipc_disconnected) {
-         ret = EX_IOERR;
-     }
-+out:
-     gmain_data_cleanup (&gmain_data);
-     return ret;
- }
--- 
-2.34.3
-

SOURCES/0002-resource-manager-rm-ref-count-inc-of-handle_entry.patch

@@ -1,49 +0,0 @@
-From ec7116d0e4de535a90c1dc5edabe821f04a0f8e0 Mon Sep 17 00:00:00 2001
-From: William Roberts <william.c.roberts@intel.com>
-Date: Wed, 13 Jan 2021 12:21:47 -0600
-Subject: [PATCH 2/6] resource-manager: rm ref count inc of handle_entry
-
-Per:
-  - https://developer.gnome.org/gobject/stable/gobject-memory.html
-
-g_object_new sets the ref count to 1, so their is no need to bump it
-again, we already have ownership.
-
-Fixes leaks like:
-Direct leak of 10480 byte(s) in 2 object(s) allocated from:
-    #0 0x7f1aa88aabc8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
-    #1 0x7f1aa848acd8 in g_malloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x57cd8)
-    #2 0x7f1aa84a32c5 in g_slice_alloc (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x702c5)
-    #3 0x7f1aa84a38ed in g_slice_alloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x708ed)
-    #4 0x7f1aa85970cf in g_type_create_instance (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x3b0cf)
-    #5 0x7f1aa857634c  (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x1a34c)
-    #6 0x7f1aa8578377 in g_object_new_valist (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x1c377)
-    #7 0x7f1aa85786cc in g_object_new (/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0+0x1c6cc)
-    #8 0x561e13d667d3 in handle_map_entry_new src/handle-map-entry.c:138
-    #9 0x561e13d540d3 in create_context_mapping_transient src/resource-manager.c:1160
-    #10 0x561e13d547b1 in resource_manager_create_context_mapping src/resource-manager.c:1261
-    #11 0x561e13d54ec8 in resource_manager_process_tpm2_command src/resource-manager.c:1359
-    #12 0x561e13d55365 in resource_manager_thread src/resource-manager.c:1424
-    #13 0x7f1aa8384608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
-    #14 0x7f1aa82ab292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
-
-Signed-off-by: William Roberts <william.c.roberts@intel.com>
----
- src/resource-manager.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/src/resource-manager.c b/src/resource-manager.c
-index 904f683..050436f 100644
---- a/src/resource-manager.c
-+++ b/src/resource-manager.c
-@@ -1167,7 +1167,6 @@ create_context_mapping_transient (ResourceManager  *resmgr,
-     handle_map_insert (handle_map, vhandle, handle_entry);
-     g_object_unref (handle_map);
-     tpm2_response_set_handle (response, vhandle);
--    g_object_ref (handle_entry);
- }
- /*
-  * This function after a Tpm2Command is sent to the TPM and:
--- 
-2.34.3
-

SOURCES/0003-tabrmd-init.c-fix-leaks-on-main-to-thread-tpm2-insta.patch

@@ -1,51 +0,0 @@
-From 62ae28635ada2a74b526244e8ea69cef74c6c022 Mon Sep 17 00:00:00 2001
-From: William Roberts <william.c.roberts@intel.com>
-Date: Wed, 13 Jan 2021 13:52:06 -0600
-Subject: [PATCH 3/6] tabrmd-init.c: fix leaks on main to thread tpm2 instance
-
-Theirs a case where the Tpm2 object coming in from main to the thread
-fails setup and the cleanup function doesn't unref it. Move it to the
-main cleanup routine and use g_clear_object to be *clear* on whom owns
-the reference.
-
-Fixes leaks like:
-Indirect leak of 4176 byte(s) in 1 object(s) allocated from:
-    #0 0x7f652e71cdc6 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
-    #1 0x7f652e25ad30 in g_malloc0 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x57d30)
-    #2 0x555ebb1a1c5f in sapi_context_init src/tpm2.c:162
-    #3 0x555ebb1a2fa8 in tpm2_new src/tpm2.c:438
-    #4 0x555ebb19d665 in init_thread_func src/tabrmd-init.c:178
-    #5 0x555ebb19bede in init_thread_func_tpm2_init_fail test/tabrmd-init_unit.c:199
-    #6 0x7f652e6074e0  (/usr/lib/x86_64-linux-gnu/libcmocka.so.0+0x54e0)
-
-Signed-off-by: William Roberts <william.c.roberts@intel.com>
----
- src/tabrmd-init.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/tabrmd-init.c b/src/tabrmd-init.c
-index 58e0103..866c852 100644
---- a/src/tabrmd-init.c
-+++ b/src/tabrmd-init.c
-@@ -99,6 +99,9 @@ gmain_data_cleanup (gmain_data_t *data)
-     if (data->loop != NULL) {
-         main_loop_quit (data->loop);
-     }
-+    if (data->tpm2) {
-+        g_clear_object (&data->tpm2);
-+    }
- 
-     tabrmd_options_free(&data->options);
- }
-@@ -208,7 +211,7 @@ init_thread_func (gpointer user_data)
-     g_clear_object (&session_list);
-     data->response_sink = response_sink_new ();
-     g_object_unref (command_attrs);
--    g_object_unref (data->tpm2);
-+    g_clear_object (&data->tpm2);
-     /*
-      * Wire up the TPM command processing pipeline. TPM command buffers
-      * flow from the CommandSource, to the Tab then finally back to the
--- 
-2.34.3
-

SOURCES/0004-init_thread_func-fix-deadlock.patch

@@ -1,28 +0,0 @@
-From 545287019c1b9689c92900330be058b5ab9cf5d6 Mon Sep 17 00:00:00 2001
-From: William Roberts <william.c.roberts@intel.com>
-Date: Wed, 13 Jan 2021 15:11:42 -0600
-Subject: [PATCH 4/6] init_thread_func: fix deadlock
-
-The caller locks the mutex and never releases on the error path, only
-the success path.
-
-Signed-off-by: William Roberts <william.c.roberts@intel.com>
----
- src/tabrmd-init.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/tabrmd-init.c b/src/tabrmd-init.c
-index 866c852..ea71155 100644
---- a/src/tabrmd-init.c
-+++ b/src/tabrmd-init.c
-@@ -249,6 +249,7 @@ init_thread_func (gpointer user_data)
-     return GINT_TO_POINTER (0);
- 
- err_out:
-+    g_mutex_unlock (&data->init_mutex);
-     g_debug ("%s: calling gmain_data_cleanup", __func__);
-     gmain_data_cleanup (data);
-     return GINT_TO_POINTER (ret);
--- 
-2.34.3
-

SOURCES/0005-ResourceManager-Avoid-double-free-in-resource-manage.patch

@@ -1,30 +0,0 @@
-From a97e07d5a5947f5749e4ea25d0f538eeee8997bb Mon Sep 17 00:00:00 2001
-From: Jerry Snitselaar <jsnitsel@redhat.com>
-Date: Mon, 23 Nov 2020 11:45:31 -0700
-Subject: [PATCH 5/6] ResourceManager: Avoid double free in resource-manager.c
-
-Clean up potential double free found by coverity in
-resource_manager_load_session_from_handle. If flush_session has been
-called, don't call session_list_remove which is already called in
-flush_session.
-
-Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
----
- src/resource-manager.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/resource-manager.c b/src/resource-manager.c
-index 050436f..556184b 100644
---- a/src/resource-manager.c
-+++ b/src/resource-manager.c
-@@ -239,6 +239,7 @@ resource_manager_load_session_from_handle (ResourceManager *resmgr,
-         rc = tpm2_response_get_code (response);
-         if (rc != TSS2_RC_SUCCESS) {
-             flush_session (resmgr, session_entry);
-+            goto out;
-         }
-     }
-     if (will_flush) {
--- 
-2.34.3
-

SOURCES/0006-tcti-initialize-GError-to-NULL.patch

@@ -1,40 +0,0 @@
-From a645f8c656b47568072351f4bfa58960016fbbac Mon Sep 17 00:00:00 2001
-From: Nicolas Iooss <nicolas.iooss@ledger.fr>
-Date: Mon, 27 Sep 2021 16:46:42 +0200
-Subject: [PATCH 6/6] tcti: initialize GError to NULL
-
-When an error happens in `tcti_tabrmd_read`, Glib reports:
-
-    (process:905338): GLib-WARNING **: 06:59:08.971: GError set over the
-    top of a previous GError or uninitialized memory.
-    This indicates a bug in someone's code. You must ensure an error is
-    NULL before it's set.
-    The overwriting error message was: Error receiving data: Connection
-    reset by peer
-
-This warning was reported on
-https://github.com/tpm2-software/tpm2-pkcs11/issues/705
-
-Fix the warning by initializing `error` correctly.
-
-Signed-off-by: Nicolas Iooss <nicolas.iooss@ledger.fr>
----
- src/tcti-tabrmd.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/tcti-tabrmd.c b/src/tcti-tabrmd.c
-index d96709e..d0ab74d 100644
---- a/src/tcti-tabrmd.c
-+++ b/src/tcti-tabrmd.c
-@@ -187,7 +187,7 @@ tcti_tabrmd_read (TSS2_TCTI_TABRMD_CONTEXT *ctx,
-                   size_t size,
-                   int32_t timeout)
- {
--    GError *error;
-+    GError *error = NULL;
-     ssize_t num_read;
-     int ret;
- 
--- 
-2.34.3
-

SPECS/tpm2-abrmd.spec

@@ -1,8 +1,8 @@
 %global selinuxtype targeted
 
 Name: tpm2-abrmd
-Version: 2.3.3
-Release: 3%{?dist}
+Version: 2.4.0
+Release: 4%{?dist}
 Summary: A system daemon implementing TPM2 Access Broker and Resource Manager
 
 License: BSD
@@ -10,6 +10,7 @@ URL:     https://github.com/tpm2-software/tpm2-abrmd
 Source0: https://github.com/tpm2-software/tpm2-abrmd/releases/download/%{version}/%{name}-%{version}.tar.gz
 
 %{?systemd_requires}
+BuildRequires: make
 BuildRequires: systemd
 BuildRequires: libtool
 BuildRequires: autoconf-archive
@@ -19,22 +20,27 @@ BuildRequires: pkgconfig(gio-unix-2.0)
 BuildRequires: pkgconfig(tss2-mu)
 BuildRequires: pkgconfig(tss2-sys)
 # tpm2-abrmd depends on tpm2-tss-devel for tss2-mu/sys libs
-BuildRequires: tpm2-tss-devel >= 2.3.1-2%{?dist}
-
-Patch0: 0001-tabrmd-options-fix-memory-leak.patch
-Patch1: 0002-resource-manager-rm-ref-count-inc-of-handle_entry.patch
-Patch2: 0003-tabrmd-init.c-fix-leaks-on-main-to-thread-tpm2-insta.patch
-Patch3: 0004-init_thread_func-fix-deadlock.patch
-Patch4: 0005-ResourceManager-Avoid-double-free-in-resource-manage.patch
-Patch5: 0006-tcti-initialize-GError-to-NULL.patch
+BuildRequires: tpm2-tss-devel >= 2.4.0
 
 # tpm2-abrmd depends on the package that contains its SELinux policy module
 Requires: (%{name}-selinux >= 2.0.0-1%{?dist} if selinux-policy-%{selinuxtype})
+Requires: tpm2-tss >= 2.4.0
 
 %description
 tpm2-abrmd is a system daemon implementing the TPM2 access broker (TAB) and
 Resource Manager (RM) spec from the TCG.
 
+%package devel
+Summary: Headers, static libraries and package config files of tpm2-abrmd
+Requires: %{name}%{_isa} = %{version}-%{release}
+# tpm2-abrmd-devel depends on tpm2-tss-devel for tss2-mu/sys libs
+Requires: tpm2-tss-devel%{?_isa} >= 2.4.0
+
+%description devel
+This package contains headers, static libraries and package config files
+required to build applications that use tpm2-abrmd.
+
+
 %prep
 %autosetup -p1 -n %{name}-%{version}
 
@@ -47,83 +53,113 @@ Resource Manager (RM) spec from the TCG.
 %install
 %make_install
 find %{buildroot}%{_libdir} -type f -name \*.la -delete
+rm -f %{buildroot}/%{_presetdir}/tpm2-abrmd.preset
 
-%pre
-getent group tss >/dev/null || groupadd -g 59 -r tss
-getent passwd tss >/dev/null || \
-useradd -r -u 59 -g tss -d /dev/null -s /sbin/nologin \
- -c "Account used by the tpm2-abrmd package to sandbox the tpm2-abrmd daemon" tss
-exit 0
-
-%files
-%doc README.md CHANGELOG.md
-%license LICENSE
-%{_libdir}/libtss2-tcti-tabrmd.so.*
-%{_sbindir}/tpm2-abrmd
-%config(noreplace) %{_sysconfdir}/dbus-1/system.d/tpm2-abrmd.conf
-%{_datarootdir}/dbus-1/system-services/com.intel.tss2.Tabrmd.service
-%{_unitdir}/tpm2-abrmd.service
-%{_presetdir}/tpm2-abrmd.preset
-%{_mandir}/man3/Tss2_Tcti_Tabrmd_Init.3.gz
-%{_mandir}/man7/tss2-tcti-tabrmd.7.gz
-%{_mandir}/man8/tpm2-abrmd.8.gz
-
-
-%package devel
-Summary: Headers, static libraries and package config files of tpm2-abrmd
-Requires: %{name}%{_isa} = %{version}-%{release}
-# tpm2-abrmd-devel depends on tpm2-tss-devel for tss2-mu/sys libs
-Requires: tpm2-tss-devel%{?_isa} >= 2.0.0-1%{?dist}
-
-%description devel
-This package contains headers, static libraries and package config files
-required to build applications that use tpm2-abrmd.
-
-%files devel
-%{_includedir}/tss2/tss2-tcti-tabrmd.h
-%{_libdir}/libtss2-tcti-tabrmd.so
-%{_libdir}/pkgconfig/tss2-tcti-tabrmd.pc
-
-# on package installation
 %post
-/sbin/ldconfig
 %systemd_post tpm2-abrmd.service
 
 %preun
 %systemd_preun tpm2-abrmd.service
 
 %postun
-/sbin/ldconfig
 %systemd_postun tpm2-abrmd.service
 
+%files
+%license LICENSE
+%doc README.md CHANGELOG.md
+%{_libdir}/libtss2-tcti-tabrmd.so.*
+%{_sbindir}/tpm2-abrmd
+%config(noreplace) %{_sysconfdir}/dbus-1/system.d/tpm2-abrmd.conf
+%{_datarootdir}/dbus-1/system-services/com.intel.tss2.Tabrmd.service
+%{_unitdir}/tpm2-abrmd.service
+%{_mandir}/man3/Tss2_Tcti_Tabrmd_Init.3*
+%{_mandir}/man7/tss2-tcti-tabrmd.7*
+%{_mandir}/man8/tpm2-abrmd.8*
+
+%files devel
+%{_includedir}/tss2/tss2-tcti-tabrmd.h
+%{_libdir}/libtss2-tcti-tabrmd.so
+%{_libdir}/pkgconfig/tss2-tcti-tabrmd.pc
+
+
 %changelog
-* Thu Aug 11 2022 Štěpán Horáček <shoracek@redhat.com> - 2.3.3-3
-- Fix memory leaks and double free
-  resolves: rhbz#2041912
+* Tue Oct 3 2023 Štěpán Horáček <shoracek@redhat.com> - 2.4.0-4
+- Remove user-creation code that is already handled by a requirement.
+  Resolves: RHEL-8814
 
-* Mon Nov 23 2020 Jerry Snitselaar <jsnitsel@redhat.com> - 2.3.3-2
-- Update tpm2-tss-devel BuildRequires
-resolves: rhbz#1855177
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Wed Nov 11 2020 Jerry Snitselaar <jsnitsel@redhat.com> - 2.3.3-1
-- Rebase to 2.3.3 release.
-resolves: rhbz#1855177
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-2
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 
-* Tue May 28 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.1.1-3
-- Update CI gating to use test.
-resolves: rhbz#1682416
+* Tue Feb 09 2021 Peter Robinson <pbrobinson@fedoraproject.org> - 2.4.0-1
+- Update to 2.4.0
 
-* Tue May 14 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.1.1-2
-- Add initial CI gating.
-resolves: rhbz#1682416
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 
-* Tue Apr 30 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.1.1-1
-- Rebase to release 2.1.1
-resolves: rhbz#1664499
+* Sat Aug 29 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 2.3.3-1
+- Update to 2.3.3
 
-* Wed Feb 06 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.0.0-3
-- Fix tpm2-abrmd-selinux Requires
-resolves: rhbz#1642000
+* Wed Aug 05 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 2.3.2-3
+- Rebuild for tpm2-tss 3.0.0
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Sat Jul 04 2020 Peter Robinson <pbrobinson@fedoraproject.org> - 2.3.2-1
+- Update to 2.3.2 release
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Tue Jan 14 2020 Sun Yunying <yunying.sun@intel.com> - 2.3.1-1
+- Update to 2.3.1 release
+
+* Mon Nov 18 2019 Sun Yunying <yunying.sun@intel.com> - 2.3.0-1
+- Update to 2.3.0 release
+- Update dependency to tpm2-tss-devel version
+
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jul 18 2019 Sun Yunying <yunying.sun@intel.com> - 2.2.0-1
+- Update to 2.2.0 release
+- Update .gitignore to exclude source tar ball no matter versions
+
+* Mon Mar 11 2019 Sun Yunying <yunying.sun@intel.com> - 2.1.1-1
+- Update to 2.1.1 release
+
+* Wed Mar 06 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.1.0-3
+- Remove obsolete scriptlets
+
+* Mon Feb 11 2019 Jerry Snitselaar <jsnitsel@redhat.com> - 2.1.0-2
+- Fix tpm2-abrmd-selinux requires
+
+* Mon Feb 11 2019 Sun Yunying <yunying.sun@intel.com> - 2.1.0-1
+- Update to 2.1.0 release
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jan 4 2019 Javier Martinez Canillas <javierm@redhat.com> - 2.0.3-2
+- Remove tpm2-abrmd preset file
+  Resolves: rhbz#1663124
+
+* Wed Nov 7 2018 Sun Yunying <yunying.sun@intel.com> - 2.0.3-1
+- Update to 2.0.3 release
+- Remove gdbus related patch and autoreconf scriptlet as it's included in 2.0.3
+
+* Tue Oct 16 2018 Sun Yunying <yunying.sun@intel.com> - 2.0.2-1
+- Update to 2.0.2 release
+- Add patch to fix configure error, also add autoreconf to update configure
+
+* Tue Aug 14 2018 Sun Yunying <yunying.sun@intel.com> - 2.0.1-1
+- Update to 2.0.1 release
+- Remove the tcti SONAME patch since it's already included in 2.0.1
+- Update dependency of tpm2-abrmd-selinux to fixed version instead dynamic one
 
 * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild