Name: tpm2-tss Version: 3.2.2 Release: 1%{?dist} Summary: TPM2.0 Software Stack # The entire source code is under BSD except implementation.h and tpmb.h which # is under TCGL(Trusted Computing Group License). License: BSD and TCGL URL: https://github.com/tpm2-software/tpm2-tss Source0: https://github.com/tpm2-software/tpm2-tss/releases/download/%{version}/%{name}-%{version}.tar.gz Source1: tpm2-tss-systemd-sysusers.conf # doxygen patch Patch0: tpm2-tss-3.0.0-doxygen.patch Patch2: 0001-esys_iutil-fix-possible-NPD.patch Patch3: 0001-tss2-rc-fix-unknown-layer-handler-dropping-bits.patch Patch4: 0002-MU-Fix-unneeded-size-check-in-TPM2B-unmarshaling.patch Patch5: 0003-FAPI-Fix-parameter-encryption-for-provisioning.patch Patch6: 0004-FAPI-Fix-missing-parameter-encryption-for-policy-ses.patch Patch7: 0005-FAPI-Fix-missing-parameter-encryption-for-some-HMAC-.patch Patch8: 0006-FAPI-Fix-usage-of-persistent-handles.patch Patch11: 0007-build-Fix-failed-build-with-disable-vendor.patch Patch12: 0008-FAPI-Fapi_GetInfo-display-warning-for-SHA3-hash-algs.patch Patch13: 0009-FAPI-Skip-provisioning-test-for-nv-ext-and-profile-p.patch Patch14: 0010-FAPI-Fix-wrong-allocation-of-pcr-policy.patch %global udevrules_prefix 60- BuildRequires: make BuildRequires: autoconf-archive BuildRequires: doxygen BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: json-c-devel BuildRequires: libcurl-devel BuildRequires: libgcrypt-devel BuildRequires: libtool BuildRequires: openssl-devel BuildRequires: pkgconfig BuildRequires: systemd BuildRequires: systemd-rpm-macros Requires(pre): shadow-utils %description tpm2-tss is a software stack supporting Trusted Platform Module(TPM) 2.0 system APIs. It sits between TPM driver and applications, providing TPM2.0 specified APIs for applications to access TPM module through kernel TPM drivers. %prep %autosetup -p1 -n %{name}-%{version} %build # Use built-in tpm-udev.rules, with specified installation path and prefix. %configure --disable-static --disable-silent-rules \ --disable-tcti-pcap --disable-tcti-libtpms \ --with-udevrulesdir=%{_udevrulesdir} --with-udevrulesprefix=%{udevrules_prefix} \ --with-runstatedir=%{_rundir} --with-tmpfilesdir=%{_tmpfilesdir} --with-sysusersdir=%{_sysusersdir} # This is to fix Rpath errors. Taken from https://fedoraproject.org/wiki/Packaging:Guidelines#Removing_Rpath sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool %make_build %install %make_install find %{buildroot}%{_libdir} -type f -name \*.la -delete rm %{buildroot}%{_sysusersdir}/tpm2-tss.conf install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/tpm2-tss.conf %pre %sysusers_create_compat %{SOURCE1} exit 0 %ldconfig_scriptlets %files %doc README.md CHANGELOG.md %license LICENSE %{_sysconfdir}/tpm2-tss/ %{_libdir}/libtss2-mu.so.0* %{_libdir}/libtss2-sys.so.1* %{_libdir}/libtss2-esys.so.0* %{_libdir}/libtss2-fapi.so.1* %{_libdir}/libtss2-rc.so.0* %{_libdir}/libtss2-tctildr.so.0* %{_libdir}/libtss2-tcti-cmd.so.0* %{_libdir}/libtss2-tcti-device.so.0* %{_libdir}/libtss2-tcti-mssim.so.0* %{_libdir}/libtss2-tcti-swtpm.so.0* %{_sysusersdir}/tpm2-tss.conf %{_tmpfilesdir}/tpm2-tss-fapi.conf %{_udevrulesdir}/%{udevrules_prefix}tpm-udev.rules %package devel Summary: Headers and libraries for building apps that use tpm2-tss Requires: %{name}%{_isa} = %{version}-%{release} %description devel This package contains headers and libraries required to build applications that use tpm2-tss. %files devel %{_includedir}/tss2/ %{_libdir}/libtss2-mu.so %{_libdir}/libtss2-sys.so %{_libdir}/libtss2-esys.so %{_libdir}/libtss2-fapi.so %{_libdir}/libtss2-rc.so %{_libdir}/libtss2-tctildr.so %{_libdir}/libtss2-tcti-cmd.so %{_libdir}/libtss2-tcti-device.so %{_libdir}/libtss2-tcti-mssim.so %{_libdir}/libtss2-tcti-swtpm.so %{_libdir}/pkgconfig/tss2-mu.pc %{_libdir}/pkgconfig/tss2-sys.pc %{_libdir}/pkgconfig/tss2-esys.pc %{_libdir}/pkgconfig/tss2-fapi.pc %{_libdir}/pkgconfig/tss2-rc.pc %{_libdir}/pkgconfig/tss2-tctildr.pc %{_libdir}/pkgconfig/tss2-tcti-cmd.pc %{_libdir}/pkgconfig/tss2-tcti-device.pc %{_libdir}/pkgconfig/tss2-tcti-mssim.pc %{_libdir}/pkgconfig/tss2-tcti-swtpm.pc %{_mandir}/man3/*.3.gz %{_mandir}/man5/*.5.gz %{_mandir}/man7/tss2*.7.gz %changelog * Fri Jun 23 2023 Štěpán Horáček - 3.2.2-1 - Rebase to 3.2.2 - Use systemd-sysusers to create user Resolves: CVE-2023-22745 Resolves: rhbz#2095479 Resolves: rhbz#2160307 Resolves: rhbz#2162613 * Wed Aug 10 2022 Štěpán Horáček - 3.0.3-8 - Fix memory leaks, potential crashes, upgrade to OpenSSL 3 Resolves: rhbz#2041919 * Thu Feb 17 2022 Štěpán Horáček - 3.0.3-7 - Rebuild with latest json-c library Related: rhbz#2023328 * Wed Aug 18 2021 Štěpán Horáček - 3.0.3-6 - Fix failures while using OpenSSL 3 Resolves: rhbz#1984634 * Tue Aug 10 2021 Mohan Boddu - 3.0.3-5 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 * Wed Jun 16 2021 Mohan Boddu - 3.0.3-4 - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz#1971065 * Fri Apr 16 2021 Mohan Boddu - 3.0.3-3 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 * Wed Jan 27 2021 Fedora Release Engineering - 3.0.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Nov 26 2020 Peter Robinson - 3.0.3-1 - Update to 3.0.2 * Sun Nov 22 2020 Peter Robinson - 3.0.2-1 - Update to 3.0.2 * Wed Sep 23 2020 Peter Robinson - 3.0.1-1 - Update to 3.0.1 * Tue Sep 15 2020 Than Ngo - 3.0.0-4 - Fix doxygen crash * Tue Sep 15 2020 Peter Robinson - 3.0.0-3 - Create tss user, if it doesn't exist, for userspace TPM access * Fri Aug 07 2020 Peter Robinson - 3.0.0-2 - Install sysusers config in sysusersdir (rhbz #1834519) * Wed Aug 05 2020 Peter Robinson - 3.0.0-1 - Update to 3.0.0 * Wed Aug 05 2020 Peter Robinson - 2.4.2-1 - Update to 2.4.2 * Wed Jul 29 2020 Fedora Release Engineering - 2.4.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu May 14 2020 Peter Robinson - 2.4.1-1 - Update to 2.4.1 * Fri May 08 2020 Paul Wouters - 2.4.0-3 - Use proper rundir and tmpfiles macros so proper directories are used * Tue Apr 21 2020 Björn Esser - 2.4.0-2 - Rebuild (json-c) * Thu Mar 12 2020 Peter Robinson - 2.4.0-1 - Update to 2.4.0 release * Mon Feb 24 2020 Peter Robinson - 2.3.3-1 - Update to 2.3.3 release * Fri Jan 31 2020 Fedora Release Engineering - 2.3.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Fri Dec 13 2019 Yunying Sun - 2.3.2-1 - Update to 2.3.2 release * Fri Sep 6 2019 Yunying Sun - 2.3.1-1 - Update to 2.3.1 release * Thu Aug 15 2019 Yunying Sun - 2.3.0-1 - Update to 2.3.0 release * Sat Jul 27 2019 Fedora Release Engineering - 2.2.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Wed May 29 2019 Yunying Sun - 2.2.3-1 - Update to 2.2.3 release * Fri Mar 29 2019 Yunying Sun - 2.2.2-1 - Update to 2.2.2 release * Mon Mar 4 2019 Peter Robinson 2.2.1-1 - Update to 2.2.1 release * Wed Feb 06 2019 Javier Martinez Canillas - 2.2.0-1 - Update to 2.2.0 release * Sun Feb 03 2019 Fedora Release Engineering - 2.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Wed Oct 10 2018 Yunying Sun - 2.1.0-1 - Update to 2.1.0 release * Thu Aug 30 2018 Yunying Sun - 2.0.1-1 - Update to 2.0.1 release * Sat Jul 14 2018 Fedora Release Engineering - 2.0.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Jul 4 2018 Yunying Sun - 2.0.0-2 - Re-enable ESAPI since gcrypt dependency is not an issue for Fedora - Bump release version to 2.0.0-2 * Mon Jul 2 2018 Yunying Sun - 2.0.0-1 - Update to 2.0.0 release (RHBZ#1508870) - Remove patch file 60-tpm-udev.rules, use upstream tpm-udev.rules instead - Disable ESAPI to fix build errors caused by dependency to libgcrypt 1.6.0 - Add scriptlet to fix Rpath errors - Update file installation paths and names accordingly * Sun Mar 04 2018 Javier Martinez Canillas - 1.4.0-1 - Update URLs to point to the new project location - Add README.md CHANGELOG.md to %%files directive - Update to 1.4.0 release (RHBZ#1508870) * Fri Feb 23 2018 Javier Martinez Canillas - 1.3.0-4 - Install udev rule for TPM character devices * Wed Feb 21 2018 Javier Martinez Canillas - 1.3.0-3 - Remove ExclusiveArch: %%{ix86} x86_64 directive * Fri Feb 09 2018 Igor Gnatenko - 1.3.0-2 - Escape macros in %%changelog * Fri Dec 08 2017 Javier Martinez Canillas - 1.3.0-1 - Update to 1.3.0 release * Wed Nov 29 2017 Javier Martinez Canillas - 1.3.0-0.1.rc2 - Update to 1.3.0 release candidate 2 (RHBZ#1508870) - Remove global pkg_prefix since now the upstream repo and package names match - Update URLs to point to the new project location - Remove -Wno-int-in-bool-context compiler flag since now upstream takes care - Remove %%doc directive since README.md and CHANGELOG.md are not in the tarball - Add patch to include a LICENSE since the generated tarball does not have it * Mon Aug 28 2017 Javier Martinez Canillas - 1.2.0-1 - Update to 1.2.0 release - Use tpm2-tss instead of TPM2.0-TSS as prefix since project name changed - Fix SPEC file access mode - Include new man pages in %%files directive * Fri Aug 18 2017 Javier Martinez Canillas - 1.1.0-3 - Remove unneeded source tarballs (RHBZ#1482828) * Thu Aug 03 2017 Fedora Release Engineering - 1.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Sun Yunying - 1.1.0-1 - Update to 1.1.0 release * Sat Feb 11 2017 Fedora Release Engineering - 1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Mon Dec 12 2016 Sun Yunying - 1.0-2 - Remove global macro pkg_version to avoid duplicate of version - Use ExclusiveArch instead of ExcludeArch - Use less wildcard in %%files section to be more specific - Add trailing slash at end of added directory in %%file section - Remove autoconf/automake/pkgconfig(cmocka) from BuildRequires - Increase release version to 2 * Fri Dec 2 2016 Sun Yunying - 1.0-1 - Initial version of the package