From 3a41e8f873528b6f8277154a7797fd0c51c2fc06 Mon Sep 17 00:00:00 2001 From: Charles R. Anderson Date: Mar 03 2018 04:37:11 +0000 Subject: Update to 1.15.1 Upstream swapped bundled gnulib GPLv2+ for bundled Cifra CC0 --- diff --git a/.gitignore b/.gitignore index 5dd3810..af80f9f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /sedutil-1.12.tar.gz +/sedutil-1.15.1.tar.gz diff --git a/sedutil-1.12-nvme_ioctl.patch b/sedutil-1.12-nvme_ioctl.patch deleted file mode 100644 index b16d905..0000000 --- a/sedutil-1.12-nvme_ioctl.patch +++ /dev/null @@ -1,143 +0,0 @@ -From: Charles R. Anderson -Date: Tue, 16 May 2016 18:55 -0400 - -Remove LINUX_VERSION_CODE > 4.4.0 check to support older kernels that use the newer nvme_ioctl.h - -From 5ca6100917a025f6e11ae20838e1e37e7db2d587 Mon Sep 17 00:00:00 2001 -From: JanLuca -Date: Mon, 30 May 2016 00:21:48 +0200 -Subject: [PATCH] Use nvme_ioctl.h for newer kernel versions #55 - -The header linux/nvme.h was replaced by linux/nvme_ioctl.h in kernel versions greater than 4.4: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d99a8dda154 - -The needed structs and opcodes are copied into a new header file from nvme.h. - -See also: -https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a9cf8284b45110a4d98aea180a89c857e53bf850 -https://www.bountysource.com/issues/29775575-linux-nvme-h-has-been-renamed-in-linux-4-4 ---- - linux/DtaDevLinuxNvme.h | 8 ++- - linux/DtaDevLinuxNvmeStructsOpCodes.h | 95 +++++++++++++++++++++++++++++++++++ - 2 files changed, 102 insertions(+), 1 deletion(-) - create mode 100755 linux/DtaDevLinuxNvmeStructsOpCodes.h - -diff --git a/linux/DtaDevLinuxNvme.h b/linux/DtaDevLinuxNvme.h -index cc55761..7a67385 100755 ---- a/linux/DtaDevLinuxNvme.h -+++ b/linux/DtaDevLinuxNvme.h -@@ -18,7 +18,13 @@ along with sedutil. If not, see . - - * C:E********************************************************************** */ - #pragma once --#include "linux/nvme.h" -+#include -+#if 1 || (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)) -+#include -+#include "DtaDevLinuxNvmeStructsOpCodes.h" -+#else -+#include -+#endif - #include "DtaStructures.h" - #include "DtaDevLinuxDrive.h" - -diff --git a/linux/DtaDevLinuxNvmeStructsOpCodes.h b/linux/DtaDevLinuxNvmeStructsOpCodes.h -new file mode 100755 -index 0000000..b781949 ---- /dev/null -+++ b/linux/DtaDevLinuxNvmeStructsOpCodes.h -@@ -0,0 +1,95 @@ -+/* -+ * Definitions for the NVM Express interface -+ * Copyright (c) 2011-2014, Intel Corporation. -+ * -+ * This program is free software; you can redistribute it and/or modify it -+ * under the terms and conditions of the GNU General Public License, -+ * version 2, as published by the Free Software Foundation. -+ * -+ * This program is distributed in the hope it will be useful, but WITHOUT -+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -+ * more details. -+ */ -+#pragma once -+ -+enum nvme_admin_opcode { -+ nvme_admin_delete_sq = 0x00, -+ nvme_admin_create_sq = 0x01, -+ nvme_admin_get_log_page = 0x02, -+ nvme_admin_delete_cq = 0x04, -+ nvme_admin_create_cq = 0x05, -+ nvme_admin_identify = 0x06, -+ nvme_admin_abort_cmd = 0x08, -+ nvme_admin_set_features = 0x09, -+ nvme_admin_get_features = 0x0a, -+ nvme_admin_async_event = 0x0c, -+ nvme_admin_activate_fw = 0x10, -+ nvme_admin_download_fw = 0x11, -+ nvme_admin_format_nvm = 0x80, -+ nvme_admin_security_send = 0x81, -+ nvme_admin_security_recv = 0x82, -+}; -+ -+struct nvme_id_power_state { -+ __le16 max_power; /* centiwatts */ -+ __u8 rsvd2; -+ __u8 flags; -+ __le32 entry_lat; /* microseconds */ -+ __le32 exit_lat; /* microseconds */ -+ __u8 read_tput; -+ __u8 read_lat; -+ __u8 write_tput; -+ __u8 write_lat; -+ __le16 idle_power; -+ __u8 idle_scale; -+ __u8 rsvd19; -+ __le16 active_power; -+ __u8 active_work_scale; -+ __u8 rsvd23[9]; -+}; -+ -+struct nvme_id_ctrl { -+ __le16 vid; -+ __le16 ssvid; -+ char sn[20]; -+ char mn[40]; -+ char fr[8]; -+ __u8 rab; -+ __u8 ieee[3]; -+ __u8 mic; -+ __u8 mdts; -+ __le16 cntlid; -+ __le32 ver; -+ __u8 rsvd84[172]; -+ __le16 oacs; -+ __u8 acl; -+ __u8 aerl; -+ __u8 frmw; -+ __u8 lpa; -+ __u8 elpe; -+ __u8 npss; -+ __u8 avscc; -+ __u8 apsta; -+ __le16 wctemp; -+ __le16 cctemp; -+ __u8 rsvd270[242]; -+ __u8 sqes; -+ __u8 cqes; -+ __u8 rsvd514[2]; -+ __le32 nn; -+ __le16 oncs; -+ __le16 fuses; -+ __u8 fna; -+ __u8 vwc; -+ __le16 awun; -+ __le16 awupf; -+ __u8 nvscc; -+ __u8 rsvd531; -+ __le16 acwu; -+ __u8 rsvd534[2]; -+ __le32 sgls; -+ __u8 rsvd540[1508]; -+ struct nvme_id_power_state psd[32]; -+ __u8 vs[1024]; -+}; diff --git a/sedutil-1.15.1-nvme_ioctl.patch b/sedutil-1.15.1-nvme_ioctl.patch new file mode 100644 index 0000000..9d788b5 --- /dev/null +++ b/sedutil-1.15.1-nvme_ioctl.patch @@ -0,0 +1,113 @@ +diff -up sedutil-1.15.1/linux/DtaDevLinuxNvme.h.nvme_ioctl sedutil-1.15.1/linux/DtaDevLinuxNvme.h +--- sedutil-1.15.1/linux/DtaDevLinuxNvme.h.nvme_ioctl 2017-08-21 20:28:11.000000000 -0400 ++++ sedutil-1.15.1/linux/DtaDevLinuxNvme.h 2018-03-02 22:54:20.882144312 -0500 +@@ -19,8 +19,9 @@ along with sedutil. If not, see +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) ++#if 1 || (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)) + #include ++#include "DtaDevLinuxNvmeStructsOpCodes.h" + #else + #include + #endif +diff -up sedutil-1.15.1/linux/DtaDevLinuxNvmeStructsOpCodes.h.nvme_ioctl sedutil-1.15.1/linux/DtaDevLinuxNvmeStructsOpCodes.h +--- sedutil-1.15.1/linux/DtaDevLinuxNvmeStructsOpCodes.h.nvme_ioctl 2018-03-02 22:51:13.255083016 -0500 ++++ sedutil-1.15.1/linux/DtaDevLinuxNvmeStructsOpCodes.h 2018-03-02 22:51:13.255083016 -0500 +@@ -0,0 +1,95 @@ ++/* ++ * Definitions for the NVM Express interface ++ * Copyright (c) 2011-2014, Intel Corporation. ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms and conditions of the GNU General Public License, ++ * version 2, as published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for ++ * more details. ++ */ ++#pragma once ++ ++enum nvme_admin_opcode { ++ nvme_admin_delete_sq = 0x00, ++ nvme_admin_create_sq = 0x01, ++ nvme_admin_get_log_page = 0x02, ++ nvme_admin_delete_cq = 0x04, ++ nvme_admin_create_cq = 0x05, ++ nvme_admin_identify = 0x06, ++ nvme_admin_abort_cmd = 0x08, ++ nvme_admin_set_features = 0x09, ++ nvme_admin_get_features = 0x0a, ++ nvme_admin_async_event = 0x0c, ++ nvme_admin_activate_fw = 0x10, ++ nvme_admin_download_fw = 0x11, ++ nvme_admin_format_nvm = 0x80, ++ nvme_admin_security_send = 0x81, ++ nvme_admin_security_recv = 0x82, ++}; ++ ++struct nvme_id_power_state { ++ __le16 max_power; /* centiwatts */ ++ __u8 rsvd2; ++ __u8 flags; ++ __le32 entry_lat; /* microseconds */ ++ __le32 exit_lat; /* microseconds */ ++ __u8 read_tput; ++ __u8 read_lat; ++ __u8 write_tput; ++ __u8 write_lat; ++ __le16 idle_power; ++ __u8 idle_scale; ++ __u8 rsvd19; ++ __le16 active_power; ++ __u8 active_work_scale; ++ __u8 rsvd23[9]; ++}; ++ ++struct nvme_id_ctrl { ++ __le16 vid; ++ __le16 ssvid; ++ char sn[20]; ++ char mn[40]; ++ char fr[8]; ++ __u8 rab; ++ __u8 ieee[3]; ++ __u8 mic; ++ __u8 mdts; ++ __le16 cntlid; ++ __le32 ver; ++ __u8 rsvd84[172]; ++ __le16 oacs; ++ __u8 acl; ++ __u8 aerl; ++ __u8 frmw; ++ __u8 lpa; ++ __u8 elpe; ++ __u8 npss; ++ __u8 avscc; ++ __u8 apsta; ++ __le16 wctemp; ++ __le16 cctemp; ++ __u8 rsvd270[242]; ++ __u8 sqes; ++ __u8 cqes; ++ __u8 rsvd514[2]; ++ __le32 nn; ++ __le16 oncs; ++ __le16 fuses; ++ __u8 fna; ++ __u8 vwc; ++ __le16 awun; ++ __le16 awupf; ++ __u8 nvscc; ++ __u8 rsvd531; ++ __le16 acwu; ++ __u8 rsvd534[2]; ++ __le32 sgls; ++ __u8 rsvd540[1508]; ++ struct nvme_id_power_state psd[32]; ++ __u8 vs[1024]; ++}; diff --git a/sedutil-cli.8 b/sedutil-cli.8 deleted file mode 100644 index dcf5b57..0000000 --- a/sedutil-cli.8 +++ /dev/null @@ -1,93 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4. -.TH SEDUTIL-CLI "8" "May 2017" "sedutil-cli 1.12" "System Administration Utilities" -.SH NAME -sedutil-cli \- manage self-encrypting drives -.SH SYNOPSIS -.B sedutil\-cli -[\fI\,ACTION\/\fR] [\fI\,OPTION\/\fR]... [\fI\,DEVICE\/\fR] -.SH DESCRIPTION -A utility to manage self encrypting drives that conform -to the Trusted Computing Group OPAL 2.0 SSC specification. -.TP -\fB\-v\fR -increase verbosity, one to five v's -.TP -\fB\-n\fR -no password hashing. Passwords will be sent in clear text! -.TP -\fBACTIONS:\fR -.TP -\fB\-\-scan\fR -Scans the devices on the system, identifying Opal compliant devices -.TP -\fB\-\-query\fR -Display the Discovery 0 response of a device -.TP -\fB\-\-isValidSED\fR -Verify whether the given device is SED or not -.TP -\fB\-\-listLockingRanges\fR -List all Locking Ranges -.TP -\fB\-\-listLockingRange\fR <0...n> -List all Locking Ranges, 0 = GLobal 1..n = LRn -.TP -\fB\-\-eraseLockingRange\fR <0...n> -Erase a Locking Range, 0 = GLobal 1..n = LRn -.TP -\fB\-\-setupLockingRange\fR <0...n> -Setup a new Locking Range, 0 = GLobal 1..n = LRn -.TP -\fB\-\-initialSetup\fR -Setup the device for use with sedutil. is new SID and Admin1 password -.TP -\fB\-\-setSIDPassword\fR -Change the SID password -.TP -\fB\-\-setAdmin1Pwd\fR -Change the Admin1 password -.TP -\fB\-\-setPassword\fR -Change the Enterprise password for userid "EraseMaster" or "BandMaster", 0 <= n <= 1023 -.TP -\fB\-\-setLockingRange\fR <0...n> -Set the status of a Locking Range, 0 = GLobal 1..n = LRn -.TP -\fB\-\-enableLockingRange\fR <0...n> -Enable a Locking Range, 0 = GLobal 1..n = LRn -.TP -\fB\-\-disableLockingRange\fR <0...n> -Disable a Locking Range, 0 = GLobal 1..n = LRn -.TP -\fB\-\-setMBREnable\fR -Enable|Disable MBR shadowing -.TP -\fB\-\-setMBRDone\fR -set|unset MBRDone -.TP -\fB\-\-loadPBAimage\fR -Write to MBR Shadow area -.TP -\fB\-\-revertTPer\fR -set the device back to factory defaults. This **ERASES ALL DATA** -.TP -\fB\-\-revertNoErase\fR -deactivate the Locking SP without erasing the data on GLOBAL RANGE *ONLY* -.TP -\fB\-\-yesIreallywanttoERASEALLmydatausingthePSID\fR -revert the device using the PSID *ERASING* *ALL* the data -.TP -\fB\-\-printDefaultPassword\fR -print MSID -.SH EXAMPLES -sedutil\-cli \fB\-\-scan\fR -.PP -sedutil\-cli \fB\-\-query\fR \fI\,/dev/sdc\/\fP -.PP -sedutil\-cli \fB\-\-yesIreallywanttoERASEALLmydatausingthePSID\fR \fI\,/dev/sdc\/\fP -.PP -sedutil\-cli \fB\-\-initialSetup\fR \fI\,/dev/sdc\/\fP -.SH COPYRIGHT -sedutil v1.12 Copyright 2014\-2016 Bright Plaza Inc. -.SH SEE ALSO -See further documentation in /usr/share/doc/sedutil diff --git a/sedutil.spec b/sedutil.spec index 2a9a416..b28ff03 100644 --- a/sedutil.spec +++ b/sedutil.spec @@ -1,31 +1,21 @@ -%global gittag0 1.12 +%global gittag0 1.15.1 %global _hardened_build 1 Name: sedutil Version: %{gittag0} -Release: 8%{?dist} +Release: 1%{?dist} Summary: Tools to manage the activation and use of self encrypting drives # Everything is GPLv3+ except: -# - Common/pbkdf2/* which is GPLv2+, a bundled copy of some gnulib code. -# - Common/Dta*Dump* which is BSD (https://github.com/Drive-Trust-Alliance/sedutil/issues/145) -License: GPLv3+ and GPLv2+ and BSD +# - Common/pbkdf2/* which is CC0, a bundled copy of Cifra: https://github.com/ctz/cifra +License: GPLv3+ and CC0 URL: https://github.com/Drive-Trust-Alliance/sedutil/wiki Source0: https://github.com/Drive-Trust-Alliance/%{name}/archive/%{gittag0}/%{name}-%{gittag0}.tar.gz -# Make a manual page from the help output: -#help2man --name=sedutil-cli \ -# --section=8 \ -# --no-info \ -# --version-string=%%{version} \ -# --no-discard-stderr \ -# --output=./dist/Release_x86_64/GNU-Linux/sedutil-cli.8 \ -# ./dist/Release_x86_64/GNU-Linux/sedutil-cli -# Cleaned up with manual edits: -Source1: sedutil-cli.8 + # Modified version of https://github.com/Drive-Trust-Alliance/sedutil/pull/56.patch -# to use linux/nvme_ioctl.h regardless of kernel version number -Patch0: sedutil-1.12-nvme_ioctl.patch +# to use linux/nvme_ioctl.h regardless of kernel version number so we can compile on EL7. +Patch0: sedutil-1.15.1-nvme_ioctl.patch # sedutil does not work on big-endian architectures ExcludeArch: ppc ppc64 s390 s390x @@ -33,9 +23,9 @@ ExcludeArch: ppc ppc64 s390 s390x BuildRequires: gcc-c++ BuildRequires: ncurses-devel -# This package uses gnulib. It was granted an exception in: -# https://fedorahosted.org/fpc/ticket/174 -Provides: bundled(gnulib) +# This package uses a bundled copy of Cifra: +# https://github.com/ctz/cifra/commit/319fdb764cd12e12b8296358cfcd640346c4d0dd +Provides: bundled(cifra) # Replaces msed, but doesn't provide a compatible CLI command Obsoletes: msed <= 0.23-0.20 @@ -56,11 +46,11 @@ the PBA image itself. %prep %setup -q -n sedutil-%{gittag0} -%patch0 -p1 -b .nvme_ioctl +%{?el7:%patch0 -p1 -b .nvme_ioctl} # Adjust the GitVersion.sh script to just use the git tag from the # checkout so we don't need a full git tree or the git tool itself. cd linux -sed -i -e's/^GITVER=.*/GITVER=%{gittag0}/' GitVersion.sh +sed -i -e's/tarball/%{gittag0}/' GitVersion.sh # Remove stray execute permissions from source code find . -type f -name '*.h' -exec chmod -x {} \; find . -type f -name '*.cpp' -exec chmod -x {} \; @@ -73,9 +63,6 @@ find . -type f -name '*.cpp' -exec chmod -x {} \; cd linux/CLI make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" CONF=Release_x86_64 -# Copy in our manual page -cp -p %{SOURCE1} dist/Release_x86_64/GNU-Linux/sedutil-cli.8 - cd ../../LinuxPBA make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" CONF=Release @@ -84,7 +71,7 @@ mkdir -p $RPM_BUILD_ROOT%{_sbindir} install -p -m755 linux/CLI/dist/Release_x86_64/GNU-Linux/sedutil-cli $RPM_BUILD_ROOT%{_sbindir}/sedutil-cli mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8 -install -p -m644 linux/CLI/dist/Release_x86_64/GNU-Linux/sedutil-cli.8 $RPM_BUILD_ROOT%{_mandir}/man8/sedutil-cli.8 +install -p -m644 docs/sedutil-cli.8 $RPM_BUILD_ROOT%{_mandir}/man8/sedutil-cli.8 mkdir -p $RPM_BUILD_ROOT%{_libexecdir} install -p -m755 LinuxPBA/dist/Release/GNU-Linux/linuxpba $RPM_BUILD_ROOT%{_libexecdir}/linuxpba @@ -99,6 +86,10 @@ install -p -m755 LinuxPBA/dist/Release/GNU-Linux/linuxpba $RPM_BUILD_ROOT%{_libe %changelog +* Fri Mar 02 2018 Charles R. Anderson - 1.15.1-1 +- Update to 1.15.1 +- Upstream swapped bundled gnulib GPLv2+ for bundled Cifra CC0 + * Sun Feb 18 2018 Charles R. Anderson - 1.12-8 - add BR gcc-c++ diff --git a/sources b/sources index eb0efb8..fad8bad 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (sedutil-1.12.tar.gz) = f17fbb5a6d71d5bdd59d0fc85eed11036a8e365545133bc1374a733ce1975d6c8dd2cdc500bd46cffbec1f2bef621a98ca392e0dd314734c1ef12c073d70b0de +SHA512 (sedutil-1.15.1.tar.gz) = 9708ef307b457fad2f45735b044685ac6731c353af428c49ff0e312190f3bdc521bcfa71a9e1239d9ffe637d18293a99b09b7e001df96494cdce53f5442750f1