* [PATCH] systemd: Add tpm2 PACKAGECONFIG @ 2021-09-15 10:23 Kristian Klausen 2021-09-15 10:48 ` [OE-core] " Quentin Schulz 0 siblings, 1 reply; 7+ messages in thread From: Kristian Klausen @ 2021-09-15 10:23 UTC (permalink / raw) To: openembedded-core; +Cc: Kristian Klausen The TPM2 support is used, among other things, for unlocking encrypted volumes. Signed-off-by: Kristian Klausen <kristian@klausen.dk> --- meta/recipes-core/systemd/systemd_249.3.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb index c027b88fd6..f8c85dabf0 100644 --- a/meta/recipes-core/systemd/systemd_249.3.bb +++ b/meta/recipes-core/systemd/systemd_249.3.bb @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" PACKAGECONFIG[gnu-efi] = "-Dgnu-efi=true -Defi-libdir=${STAGING_LIBDIR} -Defi-includedir=${STAGING_INCDIR}/efi,-Dgnu-efi=false,gnu-efi" -- 2.25.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-15 10:23 [PATCH] systemd: Add tpm2 PACKAGECONFIG Kristian Klausen @ 2021-09-15 10:48 ` Quentin Schulz 2021-09-15 11:31 ` Kristian Klausen 0 siblings, 1 reply; 7+ messages in thread From: Quentin Schulz @ 2021-09-15 10:48 UTC (permalink / raw) To: kristian; +Cc: openembedded-core Hi Kristian, On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: > The TPM2 support is used, among other things, for unlocking encrypted > volumes. > > Signed-off-by: Kristian Klausen <kristian@klausen.dk> > --- > meta/recipes-core/systemd/systemd_249.3.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb > index c027b88fd6..f8c85dabf0 100644 > --- a/meta/recipes-core/systemd/systemd_249.3.bb > +++ b/meta/recipes-core/systemd/systemd_249.3.bb > @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" > PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" > PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" > PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" > +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in automatically by Bitbake since I assume the libs they contained are used by the linker for systemd? Also looking at the tpm2-tss recipe, I'm not sure there's a package named libtss2-tcti-device? I would assume that PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss" would be enough except if there's dynamic loading of libraries or binaries from tpm2-tss that are required at runtime? Cheers, Quentin ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-15 10:48 ` [OE-core] " Quentin Schulz @ 2021-09-15 11:31 ` Kristian Klausen 2021-09-15 11:34 ` Quentin Schulz 2021-09-17 15:47 ` Alexandre Belloni 0 siblings, 2 replies; 7+ messages in thread From: Kristian Klausen @ 2021-09-15 11:31 UTC (permalink / raw) To: Quentin Schulz; +Cc: kristian, openembedded-core Den Wed, Sep 15, 2021 at 12:48:18 +0200 skrev Quentin Schulz: > Hi Kristian, > > On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: > > The TPM2 support is used, among other things, for unlocking encrypted > > volumes. > > > > Signed-off-by: Kristian Klausen <kristian@klausen.dk> > > --- > > meta/recipes-core/systemd/systemd_249.3.bb | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb > > index c027b88fd6..f8c85dabf0 100644 > > --- a/meta/recipes-core/systemd/systemd_249.3.bb > > +++ b/meta/recipes-core/systemd/systemd_249.3.bb > > @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" > > PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" > > PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" > > PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" > > +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" > > Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in > automatically by Bitbake since I assume the libs they contained are used > by the linker for systemd? > > Also looking at the tpm2-tss recipe, I'm not sure there's a package > named libtss2-tcti-device? Are we looking at the same recipe? It is defined in tpm2-tss_3.0.3.bb[1]. [1] https://git.yoctoproject.org/cgit/cgit.cgi/meta-security/tree/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.0.3.bb?id=e0fca90835169e21ffabe6f2e4b901678236d36e#n37 > > I would assume that > > PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss" > > would be enough except if there's dynamic loading of libraries or > binaries from tpm2-tss that are required at runtime? I my testing it didn't work, presumably due to systemd not linking with libtss2*.so but loading them with dlopen()[2]. libtss2 is also using dlopen() for loading the TCTI implementation (libtss2-tcti-device in this case)[3]. [2] https://github.com/systemd/systemd/blob/aff870ef61bda152ea6241f684dcab26a9265e78/src/shared/tpm2-util.c#L46-L81 [3] https://github.com/tpm2-software/tpm2-tss/blob/9288970a3e657cdee85d08d3813199ec864de3ad/src/tss2-tcti/tctildr-dl.c#L79-L125 Cheers, Kristian > > Cheers, > Quentin ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-15 11:31 ` Kristian Klausen @ 2021-09-15 11:34 ` Quentin Schulz 2021-09-17 15:47 ` Alexandre Belloni 1 sibling, 0 replies; 7+ messages in thread From: Quentin Schulz @ 2021-09-15 11:34 UTC (permalink / raw) To: Kristian Klausen; +Cc: openembedded-core Hi Kristian, On Wed, Sep 15, 2021 at 01:31:07PM +0200, Kristian Klausen wrote: > Den Wed, Sep 15, 2021 at 12:48:18 +0200 skrev Quentin Schulz: > > Hi Kristian, > > > > On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: > > > The TPM2 support is used, among other things, for unlocking encrypted > > > volumes. > > > > > > Signed-off-by: Kristian Klausen <kristian@klausen.dk> > > > --- > > > meta/recipes-core/systemd/systemd_249.3.bb | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb > > > index c027b88fd6..f8c85dabf0 100644 > > > --- a/meta/recipes-core/systemd/systemd_249.3.bb > > > +++ b/meta/recipes-core/systemd/systemd_249.3.bb > > > @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" > > > PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" > > > PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" > > > PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" > > > +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" > > > > Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in > > automatically by Bitbake since I assume the libs they contained are used > > by the linker for systemd? > > > > Also looking at the tpm2-tss recipe, I'm not sure there's a package > > named libtss2-tcti-device? > > Are we looking at the same recipe? It is defined in > tpm2-tss_3.0.3.bb[1]. > > [1] https://urldefense.proofpoint.com/v2/url?u=https-3A__git.yoctoproject.org_cgit_cgit.cgi_meta-2Dsecurity_tree_meta-2Dtpm_recipes-2Dtpm2_tpm2-2Dtss_tpm2-2Dtss-5F3.0.3.bb-3Fid-3De0fca90835169e21ffabe6f2e4b901678236d36e-23n37&d=DwIBAg&c=_sEr5x9kUWhuk4_nFwjJtA&r=LYjLexDn7rXIzVmkNPvw5ymA1XTSqHGq8yBP6m6qZZ4njZguQhZhkI_-172IIy1t&m=YhnjtFDUXJqt4E89iFwwS6UgV0wqekVtZVyVfp05TSo&s=DN-nSy3eRWcgLmzegO1kzafrJwuNAp36bKdUuPBwqYo&e= > I was looking at the one in meta-measured layer. For some reason it seems the above layer does not appear in the layerindex :/ > > > > I would assume that > > > > PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss" > > > > would be enough except if there's dynamic loading of libraries or > > binaries from tpm2-tss that are required at runtime? > > I my testing it didn't work, presumably due to systemd not linking with > libtss2*.so but loading them with dlopen()[2]. > > libtss2 is also using dlopen() for loading the TCTI implementation > (libtss2-tcti-device in this case)[3]. > > [2] https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_systemd_systemd_blob_aff870ef61bda152ea6241f684dcab26a9265e78_src_shared_tpm2-2Dutil.c-23L46-2DL81&d=DwIBAg&c=_sEr5x9kUWhuk4_nFwjJtA&r=LYjLexDn7rXIzVmkNPvw5ymA1XTSqHGq8yBP6m6qZZ4njZguQhZhkI_-172IIy1t&m=YhnjtFDUXJqt4E89iFwwS6UgV0wqekVtZVyVfp05TSo&s=tP52Oja6E8aYHPFpUEJnTxBW8ECdM1zaSqG1bk5vpuc&e= > [3] https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_tpm2-2Dsoftware_tpm2-2Dtss_blob_9288970a3e657cdee85d08d3813199ec864de3ad_src_tss2-2Dtcti_tctildr-2Ddl.c-23L79-2DL125&d=DwIBAg&c=_sEr5x9kUWhuk4_nFwjJtA&r=LYjLexDn7rXIzVmkNPvw5ymA1XTSqHGq8yBP6m6qZZ4njZguQhZhkI_-172IIy1t&m=YhnjtFDUXJqt4E89iFwwS6UgV0wqekVtZVyVfp05TSo&s=qeaguTVVsgGOzAgPagMJBe6qeimxYewI5ufmfYjT97c&e= > Then: Reviewed-by: Quentin Schulz <foss@0leil.net> Thanks! Quentin ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-15 11:31 ` Kristian Klausen 2021-09-15 11:34 ` Quentin Schulz @ 2021-09-17 15:47 ` Alexandre Belloni 2021-09-18 9:17 ` Richard Purdie 2021-09-18 15:26 ` Armin Kuster 1 sibling, 2 replies; 7+ messages in thread From: Alexandre Belloni @ 2021-09-17 15:47 UTC (permalink / raw) To: kristian; +Cc: Quentin Schulz, openembedded-core On 15/09/2021 13:31:07+0200, Kristian Klausen via lists.openembedded.org wrote: > Den Wed, Sep 15, 2021 at 12:48:18 +0200 skrev Quentin Schulz: > > Hi Kristian, > > > > On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: > > > The TPM2 support is used, among other things, for unlocking encrypted > > > volumes. > > > > > > Signed-off-by: Kristian Klausen <kristian@klausen.dk> > > > --- > > > meta/recipes-core/systemd/systemd_249.3.bb | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb > > > index c027b88fd6..f8c85dabf0 100644 > > > --- a/meta/recipes-core/systemd/systemd_249.3.bb > > > +++ b/meta/recipes-core/systemd/systemd_249.3.bb > > > @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" > > > PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" > > > PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" > > > PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" > > > +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" > > > > Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in > > automatically by Bitbake since I assume the libs they contained are used > > by the linker for systemd? > > > > Also looking at the tpm2-tss recipe, I'm not sure there's a package > > named libtss2-tcti-device? > > Are we looking at the same recipe? It is defined in > tpm2-tss_3.0.3.bb[1]. > > [1] https://git.yoctoproject.org/cgit/cgit.cgi/meta-security/tree/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.0.3.bb?id=e0fca90835169e21ffabe6f2e4b901678236d36e#n37 > Then, shouldn't that be a bbappend in meta-security? Else, you run the risk of pulling a dependency for a recipe in a layer you don't have. > > > > I would assume that > > > > PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss" > > > > would be enough except if there's dynamic loading of libraries or > > binaries from tpm2-tss that are required at runtime? > > I my testing it didn't work, presumably due to systemd not linking with > libtss2*.so but loading them with dlopen()[2]. > > libtss2 is also using dlopen() for loading the TCTI implementation > (libtss2-tcti-device in this case)[3]. > > [2] https://github.com/systemd/systemd/blob/aff870ef61bda152ea6241f684dcab26a9265e78/src/shared/tpm2-util.c#L46-L81 > [3] https://github.com/tpm2-software/tpm2-tss/blob/9288970a3e657cdee85d08d3813199ec864de3ad/src/tss2-tcti/tctildr-dl.c#L79-L125 > > Cheers, > Kristian > > > > > Cheers, > > Quentin > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-17 15:47 ` Alexandre Belloni @ 2021-09-18 9:17 ` Richard Purdie 2021-09-18 15:26 ` Armin Kuster 1 sibling, 0 replies; 7+ messages in thread From: Richard Purdie @ 2021-09-18 9:17 UTC (permalink / raw) To: Alexandre Belloni, kristian; +Cc: Quentin Schulz, openembedded-core On Fri, 2021-09-17 at 17:47 +0200, Alexandre Belloni wrote: > On 15/09/2021 13:31:07+0200, Kristian Klausen via lists.openembedded.org wrote: > > Den Wed, Sep 15, 2021 at 12:48:18 +0200 skrev Quentin Schulz: > > > Hi Kristian, > > > > > > On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: > > > > The TPM2 support is used, among other things, for unlocking encrypted > > > > volumes. > > > > > > > > Signed-off-by: Kristian Klausen <kristian@klausen.dk> > > > > --- > > > > meta/recipes-core/systemd/systemd_249.3.bb | 1 + > > > > 1 file changed, 1 insertion(+) > > > > > > > > diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb > > > > index c027b88fd6..f8c85dabf0 100644 > > > > --- a/meta/recipes-core/systemd/systemd_249.3.bb > > > > +++ b/meta/recipes-core/systemd/systemd_249.3.bb > > > > @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" > > > > PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" > > > > PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" > > > > PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" > > > > +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" > > > > > > Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in > > > automatically by Bitbake since I assume the libs they contained are used > > > by the linker for systemd? > > > > > > Also looking at the tpm2-tss recipe, I'm not sure there's a package > > > named libtss2-tcti-device? > > > > Are we looking at the same recipe? It is defined in > > tpm2-tss_3.0.3.bb[1]. > > > > [1] https://git.yoctoproject.org/cgit/cgit.cgi/meta-security/tree/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.0.3.bb?id=e0fca90835169e21ffabe6f2e4b901678236d36e#n37 > > > > Then, shouldn't that be a bbappend in meta-security? Else, you run the > risk of pulling a dependency for a recipe in a layer you don't have. Even if the dependency is in another layer, we've been moving towards having the PACKAGECONFIG in the main recipe with the default as not enabled. This means the correct "disable" configure options are added explicitly. Cheers, Richard ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [OE-core] [PATCH] systemd: Add tpm2 PACKAGECONFIG 2021-09-17 15:47 ` Alexandre Belloni 2021-09-18 9:17 ` Richard Purdie @ 2021-09-18 15:26 ` Armin Kuster 1 sibling, 0 replies; 7+ messages in thread From: Armin Kuster @ 2021-09-18 15:26 UTC (permalink / raw) To: Alexandre Belloni, kristian; +Cc: Quentin Schulz, openembedded-core On 9/17/21 8:47 AM, Alexandre Belloni wrote: > On 15/09/2021 13:31:07+0200, Kristian Klausen via lists.openembedded.org wrote: >> Den Wed, Sep 15, 2021 at 12:48:18 +0200 skrev Quentin Schulz: >>> Hi Kristian, >>> >>> On Wed, Sep 15, 2021 at 12:23:08PM +0200, Kristian Klausen via lists.openembedded.org wrote: >>>> The TPM2 support is used, among other things, for unlocking encrypted >>>> volumes. >>>> >>>> Signed-off-by: Kristian Klausen <kristian@klausen.dk> >>>> --- >>>> meta/recipes-core/systemd/systemd_249.3.bb | 1 + >>>> 1 file changed, 1 insertion(+) >>>> >>>> diff --git a/meta/recipes-core/systemd/systemd_249.3.bb b/meta/recipes-core/systemd/systemd_249.3.bb >>>> index c027b88fd6..f8c85dabf0 100644 >>>> --- a/meta/recipes-core/systemd/systemd_249.3.bb >>>> +++ b/meta/recipes-core/systemd/systemd_249.3.bb >>>> @@ -128,6 +128,7 @@ PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" >>>> PACKAGECONFIG[cgroupv2] = "-Ddefault-hierarchy=unified,-Ddefault-hierarchy=hybrid" >>>> PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" >>>> PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup,,cryptsetup" >>>> +PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss,tpm2-tss libtss2 libtss2-tcti-device" >>> Shouldn't the RDEPENDS part of the PACKAGECONFIG be pulled in >>> automatically by Bitbake since I assume the libs they contained are used >>> by the linker for systemd? >>> >>> Also looking at the tpm2-tss recipe, I'm not sure there's a package >>> named libtss2-tcti-device? >> Are we looking at the same recipe? It is defined in >> tpm2-tss_3.0.3.bb[1]. >> >> [1] https://git.yoctoproject.org/cgit/cgit.cgi/meta-security/tree/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.0.3.bb?id=e0fca90835169e21ffabe6f2e4b901678236d36e#n37 >> > Then, shouldn't that be a bbappend in meta-security? Else, you run the > risk of pulling a dependency for a recipe in a layer you don't have. Well, this may help avoid the need for a bbappend, add this to the systemd recipe: PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'tpm2', d)} or PACKAGECONFIG += "${@bb.utils.contains_any('DISTRO_FEATURES', 'tpm tpm2', 'tpm2', d)}" Since tpm and tpm2 are required to enable things in meta-security. - armin > >>> I would assume that >>> >>> PACKAGECONFIG[tpm2] = "-Dtpm2=true,-Dtpm2=false,tpm2-tss" >>> >>> would be enough except if there's dynamic loading of libraries or >>> binaries from tpm2-tss that are required at runtime? >> I my testing it didn't work, presumably due to systemd not linking with >> libtss2*.so but loading them with dlopen()[2]. >> >> libtss2 is also using dlopen() for loading the TCTI implementation >> (libtss2-tcti-device in this case)[3]. >> >> [2] https://github.com/systemd/systemd/blob/aff870ef61bda152ea6241f684dcab26a9265e78/src/shared/tpm2-util.c#L46-L81 >> [3] https://github.com/tpm2-software/tpm2-tss/blob/9288970a3e657cdee85d08d3813199ec864de3ad/src/tss2-tcti/tctildr-dl.c#L79-L125 >> >> Cheers, >> Kristian >> >>> Cheers, >>> Quentin >> >> > > > > ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-09-18 15:26 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-09-15 10:23 [PATCH] systemd: Add tpm2 PACKAGECONFIG Kristian Klausen 2021-09-15 10:48 ` [OE-core] " Quentin Schulz 2021-09-15 11:31 ` Kristian Klausen 2021-09-15 11:34 ` Quentin Schulz 2021-09-17 15:47 ` Alexandre Belloni 2021-09-18 9:17 ` Richard Purdie 2021-09-18 15:26 ` Armin Kuster
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.