From 0b554c030253431de3afc44fe8a3911038c0b91a Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw2@fedoraproject.org>
Date: Tue, 16 Dec 2008 23:19:45 +0000
Subject: [PATCH] Fix long-standing segfault. And other things

---
 trousers-0.3.1-reuseaddr.patch                | 11 +++
 trousers-0.3.1-use-tpm-emu.patch              | 80 +++++++++++++++++++
 ...rkaround-selinux-namespace-pollution.patch | 39 +++++++++
 trousers.spec                                 | 13 ++-
 4 files changed, 142 insertions(+), 1 deletion(-)
 create mode 100644 trousers-0.3.1-reuseaddr.patch
 create mode 100644 trousers-0.3.1-use-tpm-emu.patch
 create mode 100644 trousers-0.3.1-workaround-selinux-namespace-pollution.patch

diff --git a/trousers-0.3.1-reuseaddr.patch b/trousers-0.3.1-reuseaddr.patch
new file mode 100644
index 0000000..adbe1ce
--- /dev/null
+++ b/trousers-0.3.1-reuseaddr.patch
@@ -0,0 +1,11 @@
+--- trousers-0.3.1/src/tcsd/svrside.c~	2007-08-29 22:11:13.000000000 +0100
++++ trousers-0.3.1/src/tcsd/svrside.c	2008-09-27 10:23:08.000000000 +0100
+@@ -268,6 +268,8 @@ main(int argc, char **argv)
+ 	else
+ 		serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ 
++	c = 1;
++	setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c));
+ 	if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
+ 		LogError("Failed bind: %s", strerror(errno));
+ 		return -1;
diff --git a/trousers-0.3.1-use-tpm-emu.patch b/trousers-0.3.1-use-tpm-emu.patch
new file mode 100644
index 0000000..4bcfaf4
--- /dev/null
+++ b/trousers-0.3.1-use-tpm-emu.patch
@@ -0,0 +1,80 @@
+--- trousers-0.3.1/src/tddl/tddl.c~	2006-06-08 20:23:34.000000000 +0100
++++ trousers-0.3.1/src/tddl/tddl.c	2008-09-27 10:12:27.000000000 +0100
+@@ -15,6 +15,8 @@
+ #include <errno.h>
+ #include <string.h>
+ #include <sys/ioctl.h>
++#include <sys/socket.h>
++#include <sys/un.h>
+ 
+ #include "trousers/tss.h"
+ #include "trousers_types.h"
+@@ -22,14 +24,16 @@
+ #include "tcslog.h"
+ #include "tddl.h"
+ 
+-struct tpm_device_node tpm_device_nodes[] = {
+-	{"/dev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
+-	{"/udev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
+-	{"/dev/tpm", TDDL_UNDEF, TDDL_UNDEF},
+-	{NULL, 0, 0}
++static struct tpm_device_node tpm_device_nodes[] = {
++	{"/dev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF},
++	{"/udev/tpm0", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF},
++	{"/dev/tpm", TDDL_TYPE_FILE, TDDL_UNDEF, TDDL_UNDEF},
++	{"/var/run/tpm/tpmd_socket:0", TDDL_TYPE_SOCKET, TDDL_TRANSMIT_RW,
++								TDDL_UNDEF},
++	{NULL, 0, 0, 0}
+ };
+ 
+-struct tpm_device_node *opened_device = NULL;
++static struct tpm_device_node *opened_device = NULL;
+ 
+ BYTE txBuffer[TDDL_TXBUF_SIZE];
+ 
+@@ -40,12 +44,30 @@ open_device(void)
+ 
+ 	/* tpm_device_paths is filled out in tddl.h */
+ 	for (i = 0; tpm_device_nodes[i].path != NULL; i++) {
++		int fd = -1;
+ 		errno = 0;
+-		if ((tpm_device_nodes[i].fd = open(tpm_device_nodes[i].path, O_RDWR)) < 0)
++		
++		if (tpm_device_nodes[i].type == TDDL_TYPE_FILE)
++			fd = open(tpm_device_nodes[i].path, O_RDWR);
++		else if (tpm_device_nodes[i].type == TDDL_TYPE_SOCKET) {
++			struct sockaddr_un addr;
++
++			fd = socket(AF_UNIX, SOCK_STREAM, 0);
++			if (fd >= 0) {
++				addr.sun_family = AF_UNIX;
++				strncpy(addr.sun_path, tpm_device_nodes[i].path,
++					sizeof(addr.sun_path));
++				if (connect(fd, (void *)&addr, sizeof(addr)) < 0) {
++					close(fd);
++					fd = -1;
++				}
++			}
++		}
++		if (fd < 0)
+ 			continue;
+-
++		tpm_device_nodes[i].fd = fd;
+ 		opened_device = &(tpm_device_nodes[i]);
+-		return opened_device->fd;
++		return fd;
+ 	}
+ 
+ 	return -1;
+--- trousers-0.3.1/src/include/tddl.h~	2005-10-25 04:01:07.000000000 +0100
++++ trousers-0.3.1/src/include/tddl.h	2008-09-27 10:00:20.000000000 +0100
+@@ -14,6 +14,9 @@
+ 
+ struct tpm_device_node {
+ 	char *path;
++#define TDDL_TYPE_FILE		1
++#define TDDL_TYPE_SOCKET	2
++	int type;
+ #define TDDL_TRANSMIT_IOCTL	1
+ #define TDDL_TRANSMIT_RW	2
+ 	int transmit;
diff --git a/trousers-0.3.1-workaround-selinux-namespace-pollution.patch b/trousers-0.3.1-workaround-selinux-namespace-pollution.patch
new file mode 100644
index 0000000..b6de61f
--- /dev/null
+++ b/trousers-0.3.1-workaround-selinux-namespace-pollution.patch
@@ -0,0 +1,39 @@
+--- trousers-0.3.1/src/include/obj_context.h~	2007-08-28 20:13:39.000000000 +0100
++++ trousers-0.3.1/src/include/obj_context.h	2008-09-26 01:08:07.000000000 +0100
+@@ -44,7 +44,7 @@ struct tr_context_obj {
+ };
+ 
+ /* obj_context.c */
+-void       context_free(void *data);
++void       obj_context_free(void *data);
+ TSS_BOOL   obj_is_context(TSS_HOBJECT);
+ TSS_RESULT obj_context_get_policy(TSS_HCONTEXT, UINT32, TSS_HPOLICY *);
+ TSS_BOOL   obj_context_is_silent(TSS_HCONTEXT);
+@@ -84,6 +84,6 @@ struct tcs_api_table *obj_context_get_tc
+ #define CONTEXT_LIST_DECLARE_EXTERN	extern struct obj_list context_list
+ #define CONTEXT_LIST_INIT()		list_init(&context_list)
+ #define CONTEXT_LIST_CONNECT(a,b)	obj_connectContext_list(&context_list, a, b)
+-#define CONTEXT_LIST_CLOSE(a)		obj_list_close(&context_list, &context_free, a)
++#define CONTEXT_LIST_CLOSE(a)		obj_list_close(&context_list, &obj_context_free, a)
+ 
+ #endif
+--- trousers-0.3.1/src/tspi/obj_context.c~	2007-10-26 21:34:52.000000000 +0100
++++ trousers-0.3.1/src/tspi/obj_context.c	2008-09-26 01:06:17.000000000 +0100
+@@ -60,7 +60,7 @@ obj_context_add(TSS_HOBJECT *phObject)
+ 
+ 	/* Add the default policy */
+ 	if ((result = obj_policy_add(*phObject, TSS_POLICY_USAGE, &context->policy))) {
+-		obj_list_remove(&context_list, &context_free, *phObject, *phObject);
++		obj_list_remove(&context_list, &obj_context_free, *phObject, *phObject);
+ 		return result;
+ 	}
+ 
+@@ -95,7 +95,7 @@ obj_context_get_tcs_api(TSS_HCONTEXT tsp
+ }
+ 
+ void
+-context_free(void *data)
++obj_context_free(void *data)
+ {
+ 	struct tr_context_obj *context = (struct tr_context_obj *)data;
+ 
diff --git a/trousers.spec b/trousers.spec
index 0204eaf..c1ab594 100644
--- a/trousers.spec
+++ b/trousers.spec
@@ -3,7 +3,7 @@
 
 %define name		trousers
 %define version		0.3.1
-%define release		10
+%define release		11
 
 Name:			%{name}
 Summary:		TCG's Software Stack v1.2 
@@ -26,6 +26,9 @@ Patch0:			trousers-0.3.1-remove-group-install-code.patch
 Patch1:			trousers-0.3.1-limits.patch
 Patch2:			trousers-0.3.1-cast.patch
 Patch3:			trousers-0.3.1-module-ordering.patch
+Patch4:			trousers-0.3.1-workaround-selinux-namespace-pollution.patch
+Patch5:			trousers-0.3.1-reuseaddr.patch
+Patch6:			trousers-0.3.1-use-tpm-emu.patch
 
 %description
 TrouSerS is an implementation of the Trusted Computing Group's Software Stack
@@ -60,6 +63,9 @@ applications.
 %patch1 -p2
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
 
 %build
 %configure
@@ -125,6 +131,11 @@ fi
 %{_libdir}/libtddl.a
 
 %changelog
+* Tue Dec 16 2008 David Woodhouse <David.Woodhouse@intel.com> - 0.3.1-11
+- Work around SELinux namespace pollution (#464037)
+- Use SO_REUSEADDR
+- Use TPM emulator if it's available and no hardware is
+
 * Wed Aug 08 2008 Emily Ratliff <ratliff@austin.ibm.com> - 0.3.1-10
 - Use the uid/gid pair assigned to trousers from BZ#457593