All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3
@ 2020-10-15  5:26 akuster
  2020-10-15  5:26 ` [meta-security][PATCH 2/5] tpm2-totp: update to 0.2.1 akuster
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: akuster @ 2020-10-15  5:26 UTC (permalink / raw)
  To: yocto

includes: CVE-2020-24455

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../tpm2-tss/{tpm2-tss_2.4.1.bb => tpm2-tss_2.4.3.bb}         | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)
 rename meta-tpm/recipes-tpm2/tpm2-tss/{tpm2-tss_2.4.1.bb => tpm2-tss_2.4.3.bb} (94%)

diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb
similarity index 94%
rename from meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb
rename to meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb
index 22b961d..78be513 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.1.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb
@@ -6,10 +6,8 @@ SECTION = "tpm"
 
 DEPENDS = "autoconf-archive-native libgcrypt openssl"
 
-SRCREV = "a99e733ba66c359502689a9c42fd5e02ed1dd7d6"
-
 SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
-SRC_URI[sha256sum] = "58d7afcab9ff3daaafb5316e57d2c211118334b470d5a5bc6ceace6f89a1e60d"
+SRC_URI[sha256sum] = "e294677f8993234d0adfa191a5cbf9c5b83cc60c724c233e3d631c26712abea0"
 
 inherit autotools pkgconfig systemd extrausers
 
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [meta-security][PATCH 2/5] tpm2-totp: update to 0.2.1
  2020-10-15  5:26 [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3 akuster
@ 2020-10-15  5:26 ` akuster
  2020-10-15  5:26 ` [meta-security][PATCH 3/5] tpm2-abrmd: update to 2.3.3 akuster
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: akuster @ 2020-10-15  5:26 UTC (permalink / raw)
  To: yocto

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../tpm2-totp/{tpm2-totp_0.2.0.bb => tpm2-totp_0.2.1.bb}     | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
 rename meta-tpm/recipes-tpm2/tpm2-totp/{tpm2-totp_0.2.0.bb => tpm2-totp_0.2.1.bb} (85%)

diff --git a/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb
similarity index 85%
rename from meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb
rename to meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb
index 0dad673..264484f 100644
--- a/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.1.bb
@@ -9,9 +9,8 @@ DEPENDS = "autoconf-archive libtss2-dev qrencode"
 
 PE = "1"
 
-SRCREV = "994b4203e4769baefa6e7719915629bc8210e90a"
-SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x \
-          "
+SRCREV = "bfd581986353edc1058604e77cac804bd8b0d30a"
+SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x"
 
 inherit autotools-brokensep pkgconfig
 
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [meta-security][PATCH 3/5] tpm2-abrmd: update to 2.3.3
  2020-10-15  5:26 [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3 akuster
  2020-10-15  5:26 ` [meta-security][PATCH 2/5] tpm2-totp: update to 0.2.1 akuster
@ 2020-10-15  5:26 ` akuster
  2020-10-15  5:26 ` [meta-security][PATCH 4/5] tpm2-tools: update to 4.3.0 akuster
  2020-10-15  5:26 ` [meta-security][PATCH 5/5] tpm2-pkcs11: update to 1.4.0 akuster
  3 siblings, 0 replies; 5+ messages in thread
From: akuster @ 2020-10-15  5:26 UTC (permalink / raw)
  To: yocto

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../tpm2-abrmd/{tpm2-abrmd_2.3.0.bb => tpm2-abrmd_2.3.3.bb}     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-tpm/recipes-tpm2/tpm2-abrmd/{tpm2-abrmd_2.3.0.bb => tpm2-abrmd_2.3.3.bb} (97%)

diff --git a/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb b/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb
similarity index 97%
rename from meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb
rename to meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb
index 991364a..d2a1c47 100644
--- a/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.3.bb
@@ -18,7 +18,7 @@ SRC_URI = "\
     file://tpm2-abrmd.default \
 "
 
-SRCREV = "ac82192df1158cb58eac02777cf15c965b02cfbc"
+SRCREV = "4cdda466010a3699ebe967d990ac715ae3de7d35"
 
 S = "${WORKDIR}/git"
 
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [meta-security][PATCH 4/5] tpm2-tools: update to 4.3.0
  2020-10-15  5:26 [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3 akuster
  2020-10-15  5:26 ` [meta-security][PATCH 2/5] tpm2-totp: update to 0.2.1 akuster
  2020-10-15  5:26 ` [meta-security][PATCH 3/5] tpm2-abrmd: update to 2.3.3 akuster
@ 2020-10-15  5:26 ` akuster
  2020-10-15  5:26 ` [meta-security][PATCH 5/5] tpm2-pkcs11: update to 1.4.0 akuster
  3 siblings, 0 replies; 5+ messages in thread
From: akuster @ 2020-10-15  5:26 UTC (permalink / raw)
  To: yocto

LIC_FILES_CHKSUM changes do to added Copyright

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../{tpm2-pkcs11_1.2.0.bb => tpm2-pkcs11_1.3.0.bb}            | 0
 .../tpm2-tools/{tpm2-tools_4.1.3.bb => tpm2-tools_4.3.0.bb}   | 4 ++--
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename meta-tpm/recipes-tpm2/tpm2-pkcs11/{tpm2-pkcs11_1.2.0.bb => tpm2-pkcs11_1.3.0.bb} (100%)
 rename meta-tpm/recipes-tpm2/tpm2-tools/{tpm2-tools_4.1.3.bb => tpm2-tools_4.3.0.bb} (64%)

diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.3.0.bb
similarity index 100%
rename from meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.2.0.bb
rename to meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.3.0.bb
diff --git a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb
similarity index 64%
rename from meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb
rename to meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb
index ae01d5e..5bd26ab 100644
--- a/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.3.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.3.0.bb
@@ -1,13 +1,13 @@
 SUMMARY = "Tools for TPM2."
 DESCRIPTION = "tpm2-tools"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc"
+LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=a846608d090aa64494c45fc147cc12e3"
 SECTION = "tpm"
 
 DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive"
 
 SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
 
-SRC_URI[sha256sum] = "bb5d3310620e75468fe33dbd530bd73dd648c70ec707b4579c74d9f63fc82704"
+SRC_URI[sha256sum] = "ae009b3495b44a16faa3d94d41ac9c9d99c71723482efad53c5eea17eeed80fc"
 
 inherit autotools pkgconfig bash-completion
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [meta-security][PATCH 5/5] tpm2-pkcs11: update to 1.4.0
  2020-10-15  5:26 [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3 akuster
                   ` (2 preceding siblings ...)
  2020-10-15  5:26 ` [meta-security][PATCH 4/5] tpm2-tools: update to 4.3.0 akuster
@ 2020-10-15  5:26 ` akuster
  3 siblings, 0 replies; 5+ messages in thread
From: akuster @ 2020-10-15  5:26 UTC (permalink / raw)
  To: yocto

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../0001-remove-local-binary-checkes.patch    | 77 +++++++++++++++++++
 ...2-pkcs11_1.3.0.bb => tpm2-pkcs11_1.4.0.bb} |  7 +-
 2 files changed, 82 insertions(+), 2 deletions(-)
 create mode 100644 meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch
 rename meta-tpm/recipes-tpm2/tpm2-pkcs11/{tpm2-pkcs11_1.3.0.bb => tpm2-pkcs11_1.4.0.bb} (80%)

diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch
new file mode 100644
index 0000000..9d3f073
--- /dev/null
+++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-remove-local-binary-checkes.patch
@@ -0,0 +1,77 @@
+From 9e3ef6f253f9427596baf3e7d748a79854cadfa9 Mon Sep 17 00:00:00 2001
+From: Armin Kuster <akuster808@gmail.com>
+Date: Wed, 14 Oct 2020 08:55:33 -0700
+Subject: [PATCH] remove local binary checkes
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Upsteam-Status: Inappropriate
+These are only needed to run on the tartget so we add an RDPENDS.
+Not needed for building.
+
+---
+ configure.ac | 48 ------------------------------------------------
+ 1 file changed, 48 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 50e7d4b..2b9abcf 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -219,54 +219,6 @@ AX_PROG_JAVAC()
+ AX_PROG_JAVA()
+ m4_popdef([AC_MSG_ERROR])
+ 
+-AC_CHECK_PROG([tpm2_createprimary], [tpm2_createprimary], [yes], [no])
+-  AS_IF([test "x$tpm2_createprimary" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_createprimary, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_create], [tpm2_create], [yes], [no])
+-  AS_IF([test "x$tpm2_create" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_create, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_evictcontrol], [tpm2_evictcontrol], [yes], [no])
+-  AS_IF([test "x$tpm2_evictcontrol" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_evictcontrol, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_readpublic], [tpm2_readpublic], [yes], [no])
+-  AS_IF([test "x$tpm2_readpublic" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_readpublic, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_load], [tpm2_load], [yes], [no])
+-  AS_IF([test "x$tpm2_load" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_load, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_loadexternal], [tpm2_loadexternal], [yes], [no])
+-  AS_IF([test "x$tpm2_loadexternal" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_loadexternal, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_unseal], [tpm2_unseal], [yes], [no])
+-  AS_IF([test "x$tpm2_unseal" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_unseal, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_encryptdecrypt], [tpm2_encryptdecrypt], [yes], [no])
+-  AS_IF([test "x$tpm2_encryptdecrypt" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_encryptdecrypt, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_sign], [tpm2_sign], [yes], [no])
+-  AS_IF([test "x$tpm2_sign" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_sign, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_getcap], [tpm2_getcap], [yes], [no])
+-  AS_IF([test "x$tpm2_getcap" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_getcap, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_import], [tpm2_import], [yes], [no])
+-  AS_IF([test "x$tpm2_import" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_import, but executable not found.])])
+-
+-AC_CHECK_PROG([tpm2_changeauth], [tpm2_changeauth], [yes], [no])
+-  AS_IF([test "x$tpm2_changeauth" != "xyes"],
+-    [AC_MSG_ERROR([tpm2_ptool requires tpm2_changeauth, but executable not found.])])
+-
+ AC_DEFUN([integration_test_checks], [
+ 
+   PKG_CHECK_MODULES([OPENSC_PKCS11],[opensc-pkcs11],,
+-- 
+2.17.1
+
diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.3.0.bb b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb
similarity index 80%
rename from meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.3.0.bb
rename to meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb
index ce2dac0..4865733 100644
--- a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.3.0.bb
+++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.4.0.bb
@@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab"
 DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml"
 
 SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=1.X \
-           file://bootstrap_fixup.patch "
+           file://bootstrap_fixup.patch \
+           file://0001-remove-local-binary-checkes.patch"
 
-SRCREV = "8d8f137f65f1d61d66cc191947b59c378f23e97d"
+SRCREV = "78bbf6a0237351830d0c3923b25ba0b57ae0b7e9"
 
 S = "${WORKDIR}/git"
 
@@ -18,3 +19,5 @@ inherit autotools-brokensep pkgconfig
 do_configure_prepend () {
     ${S}/bootstrap
 }
+
+RDEPNDS_${PN} = "tpm2-tools"
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-10-15  5:26 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-15  5:26 [meta-security][PATCH 1/5] tpm2-tss: update to 2.4.3 akuster
2020-10-15  5:26 ` [meta-security][PATCH 2/5] tpm2-totp: update to 0.2.1 akuster
2020-10-15  5:26 ` [meta-security][PATCH 3/5] tpm2-abrmd: update to 2.3.3 akuster
2020-10-15  5:26 ` [meta-security][PATCH 4/5] tpm2-tools: update to 4.3.0 akuster
2020-10-15  5:26 ` [meta-security][PATCH 5/5] tpm2-pkcs11: update to 1.4.0 akuster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.