diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b0f95c9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/tpm2-tools-3.1.1.tar.gz diff --git a/.tpm2-tools.metadata b/.tpm2-tools.metadata new file mode 100644 index 0000000..5f8ecf9 --- /dev/null +++ b/.tpm2-tools.metadata @@ -0,0 +1 @@ +45ae47b5b223d48d0dbb2cebfe6ad59fa8ee5d5e SOURCES/tpm2-tools-3.1.1.tar.gz diff --git a/SOURCES/Revert-objectattrs-clear-before-or-ing-in-values.patch b/SOURCES/Revert-objectattrs-clear-before-or-ing-in-values.patch new file mode 100644 index 0000000..de2f41f --- /dev/null +++ b/SOURCES/Revert-objectattrs-clear-before-or-ing-in-values.patch @@ -0,0 +1,43 @@ +From 1f3451ee7b046a590b6dfc20b6af010166670ff7 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Thu, 12 Jul 2018 19:50:26 +0200 +Subject: [PATCH 1/1] Revert "objectattrs: clear before or'ing in values" + +This reverts commit e103bbf5117b0b62b358fd15f18f848854fcb0ee. + +The tpm2-tools 3.1.0 release contains a backward incompatible change that +was introduced by commit e103bbf5117 ("objectattrs: clear before or'ing +in values"), that changed the way that object attributes were specified. + +Before there were a set of default attributes and the user could specify +additional attributes to be used, but after the mentioned commit the user +must specify all attributes. + +This is a user visible change that changes the tools semantics, so is not +a suitable change for a MINOR version number increment, according to the +Semantic Versioning document (https://semver.org) since it breaks rule 2: + +2.MINOR version when you add functionality in a backwards-compatible manner + +Fixes: #1097 + +Signed-off-by: Javier Martinez Canillas +--- + lib/tpm2_attr_util.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/lib/tpm2_attr_util.c b/lib/tpm2_attr_util.c +index d461a744c0d..e43d03f9e0a 100644 +--- a/lib/tpm2_attr_util.c ++++ b/lib/tpm2_attr_util.c +@@ -501,7 +501,6 @@ bool tpm2_attr_util_nv_strtoattr(char *attribute_list, TPMA_NV *nvattrs) { + + bool tpm2_attr_util_obj_strtoattr(char *attribute_list, TPMA_OBJECT *objattrs) { + +- memset(objattrs, 0, sizeof(*objattrs)); + return common_strtoattr(attribute_list, objattrs, obj_attr_table, ARRAY_LEN(obj_attr_table)); + } + +-- +2.17.1 + diff --git a/SOURCES/lib-tpm2_options-restore-TCTI-configuration-environm.patch b/SOURCES/lib-tpm2_options-restore-TCTI-configuration-environm.patch new file mode 100644 index 0000000..ef80ef4 --- /dev/null +++ b/SOURCES/lib-tpm2_options-restore-TCTI-configuration-environm.patch @@ -0,0 +1,216 @@ +From 175e47711c72a8169f94b971c4e9973bbfb04efc Mon Sep 17 00:00:00 2001 +From: Joshua Lock +Date: Wed, 5 Sep 2018 23:21:21 +0100 +Subject: [PATCH] lib/tpm2_options: restore TCTI configuration environment + variables + +The port to TSS2.0 introduced a new unified environment variable to +configure a TCTI, TPM2TOOLS_ENV_TCTI. Unfortunately this also unwittingly +removed the old-style environment variable per TCTI configuration options, +which is a behavioural regression for the 3.x series of tpm2-tools. + +Restore the original TPM2TOOLS_* environment variables in addition to the +new style single environment variable. + +Fixes issue #1171 + +Signed-off-by: Joshua Lock +--- + lib/tpm2_options.c | 134 ++++++++++++++++++++++++++++++++++++--------- + 1 file changed, 107 insertions(+), 27 deletions(-) + +diff --git a/lib/tpm2_options.c b/lib/tpm2_options.c +index 751b0eee9819..2531948ecf74 100644 +--- a/lib/tpm2_options.c ++++ b/lib/tpm2_options.c +@@ -52,6 +52,10 @@ + #endif + + #define TPM2TOOLS_ENV_TCTI "TPM2TOOLS_TCTI" ++#define TPM2TOOLS_ENV_TCTI_NAME "TPM2TOOLS_TCTI_NAME" ++#define TPM2TOOLS_ENV_DEVICE "TPM2TOOLS_DEVICE_FILE" ++#define TPM2TOOLS_ENV_SOCK_ADDR "TPM2TOOLS_SOCKET_ADDRESS" ++#define TPM2TOOLS_ENV_SOCK_PORT "TPM2TOOLS_SOCKET_PORT" + #define TPM2TOOLS_ENV_ENABLE_ERRATA "TPM2TOOLS_ENABLE_ERRATA" + + tpm2_options *tpm2_options_new(const char *short_opts, size_t len, +@@ -136,13 +140,25 @@ void tpm2_options_free(tpm2_options *opts) { + } + typedef struct tcti_conf tcti_conf; + struct tcti_conf { +- const char *name; +- const char *opts; ++ char *name; ++ char *opts; + }; + ++/* ++ * Some tcti names changed in TSS 2.0, so in order to not break the ++ * expected options of the 3.X tools series map: ++ * - abrmd -> tabrmd ++ * - socket -> mssim ++ */ + static inline const char *fixup_name(const char *name) { + +- return !strcmp(name, "abrmd") ? "tabrmd" : name; ++ if (!strcmp(name, "abrmd")) { ++ return "tabrmd"; ++ } else if (!strcmp(name, "socket")) { ++ return "mssim"; ++ } ++ ++ return name; + } + + static const char *find_default_tcti(void) { +@@ -165,27 +181,14 @@ static const char *find_default_tcti(void) { + return NULL; + } + +-static tcti_conf tcti_get_config(const char *optstr) { +- +- /* set up the default configuration */ +- tcti_conf conf = { +- .name = find_default_tcti() +- }; +- +- /* no tcti config supplied, get it from env */ +- if (!optstr) { +- optstr = getenv (TPM2TOOLS_ENV_TCTI); +- if (!optstr) { +- /* nothing user supplied, use default */ +- return conf; +- } +- } ++/* Parse new-style, TSS 2.0, environment variables */ ++static void parse_env_tcti(const char *optstr, tcti_conf *conf) { + + char *split = strchr(optstr, ':'); + if (!split) { + /* --tcti=device */ +- conf.name = fixup_name(optstr); +- return conf; ++ conf->name = strdup(fixup_name(optstr)); ++ return; + } + + /* +@@ -200,24 +203,99 @@ static tcti_conf tcti_get_config(const char *optstr) { + + /* Case A */ + if (!optstr[0] && !split[1]) { +- return conf; ++ return; + } + + /* Case B */ + if (!optstr[0]) { +- conf.opts = &split[1]; +- return conf; ++ conf->opts = strdup(&split[1]); ++ return; + } + + /* Case C */ + if (!split[1]) { +- conf.name = fixup_name(optstr); +- return conf; ++ conf->name = strdup(fixup_name(optstr)); ++ return; + } + + /* Case D */ +- conf.name = fixup_name(optstr); +- conf.opts = &split[1]; ++ conf->name = strdup(fixup_name(optstr)); ++ conf->opts = strdup(&split[1]); ++ return; ++} ++ ++static char* parse_device_tcti(void) { ++ const char *device = getenv(TPM2TOOLS_ENV_DEVICE); ++ return strdup(device); ++} ++ ++static char* parse_socket_tcti(void) { ++ ++ /* ++ * tpm2_tcti_ldr_load() expects conf->opts to be of the format ++ * "host=localhost,port=2321" for the mssim tcti ++ * ++ * Max IPV6 IP address, 45 characters (45) ++ * Ports are 16bit int, 5 characters (5) ++ * "host=", 5 characters (5) ++ * "port=", 5 characters (5) ++ * strlen = 60 ++ */ ++ size_t optlen = 60; ++ const char *host; ++ const char *port; ++ char *ret = malloc(optlen); ++ if (!ret) { ++ LOG_ERR ("OOM"); ++ return NULL; ++ } ++ ++ host = getenv(TPM2TOOLS_ENV_SOCK_ADDR); ++ port = getenv(TPM2TOOLS_ENV_SOCK_PORT); ++ ++ if (host && port) { ++ snprintf(ret, optlen, "host=%s,port=%s", host, port); ++ } else if (host) { ++ snprintf(ret, optlen, "host=%s", host); ++ } else if (port) { ++ snprintf(ret, optlen, "port=%s", port); ++ } ++ return ret; ++} ++ ++static tcti_conf tcti_get_config(const char *optstr) { ++ ++ tcti_conf conf = { ++ .name = NULL ++ }; ++ ++ /* no tcti config supplied, get it from env */ ++ if (!optstr) { ++ /* ++ * Check the "old" way of specifying TCTI, using a shared env var and ++ * per-tcti option variables. ++ */ ++ optstr = getenv (TPM2TOOLS_ENV_TCTI_NAME); ++ if (optstr) { ++ conf.name = strdup(fixup_name(optstr)); ++ if (!strcmp(conf.name, "mssim")) { ++ conf.opts = parse_socket_tcti(); ++ } else if (!strcmp(conf.name, "device")) { ++ conf.opts = parse_device_tcti(); ++ } ++ } else { ++ /* Check the new way of defining a TCTI using a shared env var */ ++ optstr = getenv (TPM2TOOLS_ENV_TCTI); ++ if (optstr) { ++ parse_env_tcti(optstr, &conf); ++ } ++ } ++ } ++ ++ if (!conf.name) { ++ conf.name = strdup(find_default_tcti()); ++ } ++ + return conf; + } + +@@ -418,6 +496,8 @@ tpm2_option_code tpm2_handle_options (int argc, char **argv, + if (!flags->enable_errata) { + flags->enable_errata = !!getenv (TPM2TOOLS_ENV_ENABLE_ERRATA); + } ++ free(conf.name); ++ free(conf.opts); + } + + rc = tpm2_option_code_continue; +-- +2.17.1 + diff --git a/SOURCES/tpm2_getcap-restore-tool-output-to-print-properties-.patch b/SOURCES/tpm2_getcap-restore-tool-output-to-print-properties-.patch new file mode 100644 index 0000000..2f92f00 --- /dev/null +++ b/SOURCES/tpm2_getcap-restore-tool-output-to-print-properties-.patch @@ -0,0 +1,397 @@ +From 3598de590a7e9812a2ff4eadfff87e15b5d010a8 Mon Sep 17 00:00:00 2001 +From: Javier Martinez Canillas +Date: Tue, 11 Sep 2018 01:49:25 +0200 +Subject: [PATCH] tpm2_getcap: restore tool output to print properties with + TPM_PT prefix + +Commit ac9a5d787753 ("update to TSS version 2.0") updated tpm2-tss version +to 2.0. On tpm2-tss, the TPM_PT_* constants where renamed to TPM2_PT_* but +that commit also changed the output of the tpm2_getcap tool to match the +name of the properties. + +Unfortunately this is a bacward incompatible change that could break users +that were relying on the tpm2_getcap tool output. + +Restore the older output and also fix the tests that check these values. + +Fixes: #1175 + +Reported-by: Vilem Marsik +Signed-off-by: Javier Martinez Canillas +--- + test/system/test_tpm2_dictionarylockout.sh | 6 +- + test/system/test_tpm2_nv.sh | 2 +- + test/system/test_tpm2_quote.sh | 2 +- + tools/tpm2_getcap.c | 132 ++++++++++----------- + 4 files changed, 71 insertions(+), 71 deletions(-) + +diff --git a/test/system/test_tpm2_dictionarylockout.sh b/test/system/test_tpm2_dictionarylockout.sh +index a90854ac7ea6..d6dac227ed03 100755 +--- a/test/system/test_tpm2_dictionarylockout.sh ++++ b/test/system/test_tpm2_dictionarylockout.sh +@@ -40,16 +40,16 @@ trap onerror ERR + + tpm2_dictionarylockout -s -n 5 -t 6 -l 7 + +-if [ "$(tpm2_getcap -c properties-variable | grep TPM2_PT_MAX_AUTH_FAIL | sed -e 's/TPM2_PT_MAX_AUTH_FAIL: \+//')" != "0x00000005" ];then ++if [ "$(tpm2_getcap -c properties-variable | grep TPM_PT_MAX_AUTH_FAIL | sed -e 's/TPM_PT_MAX_AUTH_FAIL: \+//')" != "0x00000005" ]; then + echo "Failure: setting up the number of allowed tries in the lockout parameters" + exit 1 + fi + +-if [ "$(tpm2_getcap -c properties-variable | grep TPM2_PT_LOCKOUT_INTERVAL | sed -e 's/TPM2_PT_LOCKOUT_INTERVAL: \+//')" != "0x00000006" ];then ++if [ "$(tpm2_getcap -c properties-variable | grep TPM_PT_LOCKOUT_INTERVAL | sed -e 's/TPM_PT_LOCKOUT_INTERVAL: \+//')" != "0x00000006" ]; then + echo "Failure: setting up the lockout period in the lockout parameters" + fi + +-if [ "$(tpm2_getcap -c properties-variable | grep TPM2_PT_LOCKOUT_RECOVERY | sed -e 's/TPM2_PT_LOCKOUT_RECOVERY: \+//')" != "0x00000007" ];then ++if [ "$(tpm2_getcap -c properties-variable | grep TPM_PT_LOCKOUT_RECOVERY | sed -e 's/TPM_PT_LOCKOUT_RECOVERY: \+//')" != "0x00000007" ]; then + echo "Failure: setting up the lockout recovery period in the lockout parameters" + fi + +diff --git a/test/system/test_tpm2_nv.sh b/test/system/test_tpm2_nv.sh +index 3b486cc7c4e2..2db6522aae28 100755 +--- a/test/system/test_tpm2_nv.sh ++++ b/test/system/test_tpm2_nv.sh +@@ -153,7 +153,7 @@ tpm2_nvrelease -Q -x 0x1500016 -a 0x40000001 + # + # Test large writes + # +-large_file_size=$(tpm2_getcap -c properties-fixed | grep TPM2_PT_NV_INDEX_MAX | sed -r -e 's/.*(0x[0-9a-f]+)/\1/g') ++large_file_size=$(tpm2_getcap -c properties-fixed | grep TPM_PT_NV_INDEX_MAX | sed -r -e 's/.*(0x[0-9a-f]+)/\1/g') + nv_test_index=0x1000000 + + # Create an nv space with attributes 1010 = TPMA_NV_PPWRITE and TPMA_NV_AUTHWRITE +diff --git a/test/system/test_tpm2_quote.sh b/test/system/test_tpm2_quote.sh +index 3c0a9af0acce..d845ea1bdb14 100755 +--- a/test/system/test_tpm2_quote.sh ++++ b/test/system/test_tpm2_quote.sh +@@ -51,7 +51,7 @@ Handle_ak_quote=0x81010016 + Handle_ek_quote=0x81010017 + Handle_ak_quote2=0x81010018 + +-maxdigest=$(tpm2_getcap -c properties-fixed | grep TPM2_PT_MAX_DIGEST | sed -r -e 's/.*(0x[0-9a-f]+)/\1/g') ++maxdigest=$(tpm2_getcap -c properties-fixed | grep TPM_PT_MAX_DIGEST | sed -r -e 's/.*(0x[0-9a-f]+)/\1/g') + if ! [[ "$maxdigest" =~ ^(0x)*[0-9]+$ ]] ; then + echo "error: not a number, got: \"$maxdigest\"" >&2 + exit 1 +diff --git a/tools/tpm2_getcap.c b/tools/tpm2_getcap.c +index 6b3d8efbd620..29c6c3f9176f 100644 +--- a/tools/tpm2_getcap.c ++++ b/tools/tpm2_getcap.c +@@ -196,7 +196,7 @@ get_uint32_as_chars (UINT32 value, + void + tpm2_tool_output_tpma_modes (TPMA_MODES modes) + { +- tpm2_tool_output ("TPM2_PT_MODES: 0x%08x\n", modes); ++ tpm2_tool_output ("TPM_PT_MODES: 0x%08x\n", modes); + if (modes & TPMA_MODES_FIPS_140_2) + tpm2_tool_output (" TPMA_MODES_FIPS_140_2\n"); + if (modes& TPMA_MODES_RESERVED1_MASK) +@@ -208,7 +208,7 @@ tpm2_tool_output_tpma_modes (TPMA_MODES modes) + void + dump_permanent_attrs (TPMA_PERMANENT attrs) + { +- tpm2_tool_output ("TPM2_PT_PERSISTENT:\n"); ++ tpm2_tool_output ("TPM_PT_PERSISTENT:\n"); + tpm2_tool_output (" ownerAuthSet: %s\n", prop_str (attrs & TPMA_PERMANENT_OWNERAUTHSET)); + tpm2_tool_output (" endorsementAuthSet: %s\n", prop_str (attrs & TPMA_PERMANENT_ENDORSEMENTAUTHSET)); + tpm2_tool_output (" lockoutAuthSet: %s\n", prop_str (attrs & TPMA_PERMANENT_LOCKOUTAUTHSET)); +@@ -224,7 +224,7 @@ dump_permanent_attrs (TPMA_PERMANENT attrs) + void + dump_startup_clear_attrs (TPMA_STARTUP_CLEAR attrs) + { +- tpm2_tool_output ("TPM2_PT_STARTUP_CLEAR:\n"); ++ tpm2_tool_output ("TPM_PT_STARTUP_CLEAR:\n"); + tpm2_tool_output (" phEnable: %s\n", prop_str (attrs & TPMA_STARTUP_CLEAR_PHENABLE)); + tpm2_tool_output (" shEnable: %s\n", prop_str (attrs & TPMA_STARTUP_CLEAR_SHENABLE)); + tpm2_tool_output (" ehEnable: %s\n", prop_str (attrs & TPMA_STARTUP_CLEAR_EHENABLE)); +@@ -248,30 +248,30 @@ dump_tpm_properties_fixed (TPMS_TAGGED_PROPERTY properties[], + switch (property) { + case TPM2_PT_FAMILY_INDICATOR: + get_uint32_as_chars (value, buf); +- tpm2_tool_output ("TPM2_PT_FAMILY_INDICATOR:\n" ++ tpm2_tool_output ("TPM_PT_FAMILY_INDICATOR:\n" + " as UINT32: 0x08%x\n" + " as string: \"%s\"\n", + value, + buf); + break; + case TPM2_PT_LEVEL: +- tpm2_tool_output ("TPM2_PT_LEVEL: %d\n", value); ++ tpm2_tool_output ("TPM_PT_LEVEL: %d\n", value); + break; + case TPM2_PT_REVISION: +- tpm2_tool_output ("TPM2_PT_REVISION: %.2f\n", (float)value / 100); ++ tpm2_tool_output ("TPM_PT_REVISION: %.2f\n", (float)value / 100); + break; + case TPM2_PT_DAY_OF_YEAR: +- tpm2_tool_output ("TPM2_PT_DAY_OF_YEAR: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_DAY_OF_YEAR: 0x%08x\n", value); + break; + case TPM2_PT_YEAR: +- tpm2_tool_output ("TPM2_PT_YEAR: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_YEAR: 0x%08x\n", value); + break; + case TPM2_PT_MANUFACTURER: +- tpm2_tool_output ("TPM2_PT_MANUFACTURER: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MANUFACTURER: 0x%08x\n", value); + break; + case TPM2_PT_VENDOR_STRING_1: + get_uint32_as_chars (value, buf); +- tpm2_tool_output ("TPM2_PT_VENDOR_STRING_1:\n" ++ tpm2_tool_output ("TPM_PT_VENDOR_STRING_1:\n" + " as UINT32: 0x%08x\n" + " as string: \"%s\"\n", + value, +@@ -279,7 +279,7 @@ dump_tpm_properties_fixed (TPMS_TAGGED_PROPERTY properties[], + break; + case TPM2_PT_VENDOR_STRING_2: + get_uint32_as_chars (value, buf); +- tpm2_tool_output ("TPM2_PT_VENDOR_STRING_2:\n" ++ tpm2_tool_output ("TPM_PT_VENDOR_STRING_2:\n" + " as UINT32: 0x%08x\n" + " as string: \"%s\"\n", + value, +@@ -287,7 +287,7 @@ dump_tpm_properties_fixed (TPMS_TAGGED_PROPERTY properties[], + break; + case TPM2_PT_VENDOR_STRING_3: + get_uint32_as_chars (value, buf); +- tpm2_tool_output ("TPM2_PT_VENDOR_STRING_3:\n" ++ tpm2_tool_output ("TPM_PT_VENDOR_STRING_3:\n" + " as UINT32: 0x%08x\n" + " as string: \"%s\"\n", + value, +@@ -295,113 +295,113 @@ dump_tpm_properties_fixed (TPMS_TAGGED_PROPERTY properties[], + break; + case TPM2_PT_VENDOR_STRING_4: + get_uint32_as_chars (value, buf); +- tpm2_tool_output ("TPM2_PT_VENDOR_STRING_4:\n" ++ tpm2_tool_output ("TPM_PT_VENDOR_STRING_4:\n" + " as UINT32: 0x%08x\n" + " as string: \"%s\"\n", + value, + buf); + break; + case TPM2_PT_VENDOR_TPM_TYPE: +- tpm2_tool_output ("TPM2_PT_VENDOR_TPM_TYPE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_VENDOR_TPM_TYPE: 0x%08x\n", value); + break; + case TPM2_PT_FIRMWARE_VERSION_1: +- tpm2_tool_output ("TPM2_PT_FIRMWARE_VERSION_1: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_FIRMWARE_VERSION_1: 0x%08x\n", value); + break; + case TPM2_PT_FIRMWARE_VERSION_2: +- tpm2_tool_output ("TPM2_PT_FIRMWARE_VERSION_2: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_FIRMWARE_VERSION_2: 0x%08x\n", value); + break; + case TPM2_PT_INPUT_BUFFER: +- tpm2_tool_output ("TPM2_PT_INPUT_BUFFER: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_INPUT_BUFFER: 0x%08x\n", value); + break; + case TPM2_PT_TPM2_HR_TRANSIENT_MIN: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_TRANSIENT_MIN: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_TRANSIENT_MIN: 0x%08x\n", value); + break; + case TPM2_PT_TPM2_HR_PERSISTENT_MIN: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT_MIN: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_PERSISTENT_MIN: 0x%08x\n", value); + break; + case TPM2_PT_HR_LOADED_MIN: +- tpm2_tool_output ("TPM2_PT_HR_LOADED_MIN: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_HR_LOADED_MIN: 0x%08x\n", value); + break; + case TPM2_PT_ACTIVE_SESSIONS_MAX: +- tpm2_tool_output ("TPM2_PT_ACTIVE_SESSIONS_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_ACTIVE_SESSIONS_MAX: 0x%08x\n", value); + break; + case TPM2_PT_PCR_COUNT: +- tpm2_tool_output ("TPM2_PT_PCR_COUNT: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PCR_COUNT: 0x%08x\n", value); + break; + case TPM2_PT_PCR_SELECT_MIN: +- tpm2_tool_output ("TPM2_PT_PCR_SELECT_MIN: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PCR_SELECT_MIN: 0x%08x\n", value); + break; + case TPM2_PT_CONTEXT_GAP_MAX: +- tpm2_tool_output ("TPM2_PT_CONTEXT_GAP_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_CONTEXT_GAP_MAX: 0x%08x\n", value); + break; + case TPM2_PT_NV_COUNTERS_MAX: +- tpm2_tool_output ("TPM2_PT_NV_COUNTERS_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_COUNTERS_MAX: 0x%08x\n", value); + break; + case TPM2_PT_NV_INDEX_MAX: +- tpm2_tool_output ("TPM2_PT_NV_INDEX_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_INDEX_MAX: 0x%08x\n", value); + break; + case TPM2_PT_MEMORY: +- tpm2_tool_output ("TPM2_PT_MEMORY: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MEMORY: 0x%08x\n", value); + break; + case TPM2_PT_CLOCK_UPDATE: +- tpm2_tool_output ("TPM2_PT_CLOCK_UPDATE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_CLOCK_UPDATE: 0x%08x\n", value); + break; + case TPM2_PT_CONTEXT_HASH: /* this may be a TPM2_ALG_ID type */ +- tpm2_tool_output ("TPM2_PT_CONTEXT_HASH: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_CONTEXT_HASH: 0x%08x\n", value); + break; + case TPM2_PT_CONTEXT_SYM: /* this is a TPM2_ALG_ID type */ +- tpm2_tool_output ("TPM2_PT_CONTEXT_SYM: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_CONTEXT_SYM: 0x%08x\n", value); + break; + case TPM2_PT_CONTEXT_SYM_SIZE: +- tpm2_tool_output ("TPM2_PT_CONTEXT_SYM_SIZE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_CONTEXT_SYM_SIZE: 0x%08x\n", value); + break; + case TPM2_PT_ORDERLY_COUNT: +- tpm2_tool_output ("TPM2_PT_ORDERLY_COUNT: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_ORDERLY_COUNT: 0x%08x\n", value); + break; + case TPM2_PT_MAX_COMMAND_SIZE: +- tpm2_tool_output ("TPM2_PT_MAX_COMMAND_SIZE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_COMMAND_SIZE: 0x%08x\n", value); + break; + case TPM2_PT_MAX_RESPONSE_SIZE: +- tpm2_tool_output ("TPM2_PT_MAX_RESPONSE_SIZE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_RESPONSE_SIZE: 0x%08x\n", value); + break; + case TPM2_PT_MAX_DIGEST: +- tpm2_tool_output ("TPM2_PT_MAX_DIGEST: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_DIGEST: 0x%08x\n", value); + break; + case TPM2_PT_MAX_OBJECT_CONTEXT: +- tpm2_tool_output ("TPM2_PT_MAX_OBJECT_CONTEXT: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_OBJECT_CONTEXT: 0x%08x\n", value); + break; + case TPM2_PT_MAX_SESSION_CONTEXT: +- tpm2_tool_output ("TPM2_PT_MAX_SESSION_CONTEXT: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_SESSION_CONTEXT: 0x%08x\n", value); + break; + case TPM2_PT_PS_FAMILY_INDICATOR: +- tpm2_tool_output ("TPM2_PT_PS_FAMILY_INDICATOR: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PS_FAMILY_INDICATOR: 0x%08x\n", value); + break; + case TPM2_PT_PS_LEVEL: +- tpm2_tool_output ("TPM2_PT_PS_LEVEL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PS_LEVEL: 0x%08x\n", value); + break; + case TPM2_PT_PS_REVISION: +- tpm2_tool_output ("TPM2_PT_PS_REVISION: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PS_REVISION: 0x%08x\n", value); + break; + case TPM2_PT_PS_DAY_OF_YEAR: +- tpm2_tool_output ("TPM2_PT_PS_DAY_OF_YEAR: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PS_DAY_OF_YEAR: 0x%08x\n", value); + break; + case TPM2_PT_PS_YEAR: +- tpm2_tool_output ("TPM2_PT_PS_YEAR: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_PS_YEAR: 0x%08x\n", value); + break; + case TPM2_PT_SPLIT_MAX: +- tpm2_tool_output ("TPM2_PT_SPLIT_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_SPLIT_MAX: 0x%08x\n", value); + break; + case TPM2_PT_TOTAL_COMMANDS: +- tpm2_tool_output ("TPM2_PT_TOTAL_COMMANDS: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TOTAL_COMMANDS: 0x%08x\n", value); + break; + case TPM2_PT_LIBRARY_COMMANDS: +- tpm2_tool_output ("TPM2_PT_LIBRARY_COMMANDS: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_LIBRARY_COMMANDS: 0x%08x\n", value); + break; + case TPM2_PT_VENDOR_COMMANDS: +- tpm2_tool_output ("TPM2_PT_VENDOR_COMMANDS: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_VENDOR_COMMANDS: 0x%08x\n", value); + break; + case TPM2_PT_NV_BUFFER_MAX: +- tpm2_tool_output ("TPM2_PT_NV_BUFFER_MAX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_BUFFER_MAX: 0x%08x\n", value); + break; + case TPM2_PT_MODES: + tpm2_tool_output_tpma_modes ((TPMA_MODES)value); +@@ -429,61 +429,61 @@ dump_tpm_properties_var (TPMS_TAGGED_PROPERTY properties[], + dump_startup_clear_attrs ((TPMA_STARTUP_CLEAR)value); + break; + case TPM2_PT_TPM2_HR_NV_INDEX: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_NV_INDEX: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_NV_INDEX: 0x%08x\n", value); + break; + case TPM2_PT_HR_LOADED: +- tpm2_tool_output ("TPM2_PT_HR_LOADED: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_HR_LOADED: 0x%08x\n", value); + break; + case TPM2_PT_HR_LOADED_AVAIL: +- tpm2_tool_output ("TPM2_PT_HR_LOADED_AVAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_HR_LOADED_AVAIL: 0x%08x\n", value); + break; + case TPM2_PT_HR_ACTIVE: +- tpm2_tool_output ("TPM2_PT_HR_ACTIVE: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_HR_ACTIVE: 0x%08x\n", value); + break; + case TPM2_PT_HR_ACTIVE_AVAIL: +- tpm2_tool_output ("TPM2_PT_HR_ACTIVE_AVAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_HR_ACTIVE_AVAIL: 0x%08x\n", value); + break; + case TPM2_PT_TPM2_HR_TRANSIENT_AVAIL: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_TRANSIENT_AVAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_TRANSIENT_AVAIL: 0x%08x\n", value); + break; + case TPM2_PT_TPM2_HR_PERSISTENT: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_PERSISTENT: 0x%08x\n", value); + break; + case TPM2_PT_TPM2_HR_PERSISTENT_AVAIL: +- tpm2_tool_output ("TPM2_PT_TPM2_HR_PERSISTENT_AVAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_TPM2_HR_PERSISTENT_AVAIL: 0x%08x\n", value); + break; + case TPM2_PT_NV_COUNTERS: +- tpm2_tool_output ("TPM2_PT_NV_COUNTERS: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_COUNTERS: 0x%08x\n", value); + break; + case TPM2_PT_NV_COUNTERS_AVAIL: +- tpm2_tool_output ("TPM2_PT_NV_COUNTERS_AVAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_COUNTERS_AVAIL: 0x%08x\n", value); + break; + case TPM2_PT_ALGORITHM_SET: +- tpm2_tool_output ("TPM2_PT_ALGORITHM_SET: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_ALGORITHM_SET: 0x%08x\n", value); + break; + case TPM2_PT_LOADED_CURVES: +- tpm2_tool_output ("TPM2_PT_LOADED_CURVES: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_LOADED_CURVES: 0x%08x\n", value); + break; + case TPM2_PT_LOCKOUT_COUNTER: +- tpm2_tool_output ("TPM2_PT_LOCKOUT_COUNTER: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_LOCKOUT_COUNTER: 0x%08x\n", value); + break; + case TPM2_PT_MAX_AUTH_FAIL: +- tpm2_tool_output ("TPM2_PT_MAX_AUTH_FAIL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_MAX_AUTH_FAIL: 0x%08x\n", value); + break; + case TPM2_PT_LOCKOUT_INTERVAL: +- tpm2_tool_output ("TPM2_PT_LOCKOUT_INTERVAL: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_LOCKOUT_INTERVAL: 0x%08x\n", value); + break; + case TPM2_PT_LOCKOUT_RECOVERY: +- tpm2_tool_output ("TPM2_PT_LOCKOUT_RECOVERY: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_LOCKOUT_RECOVERY: 0x%08x\n", value); + break; + case TPM2_PT_NV_WRITE_RECOVERY: +- tpm2_tool_output ("TPM2_PT_NV_WRITE_RECOVERY: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_NV_WRITE_RECOVERY: 0x%08x\n", value); + break; + case TPM2_PT_AUDIT_COUNTER_0: +- tpm2_tool_output ("TPM2_PT_AUDIT_COUNTER_0: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_AUDIT_COUNTER_0: 0x%08x\n", value); + break; + case TPM2_PT_AUDIT_COUNTER_1: +- tpm2_tool_output ("TPM2_PT_AUDIT_COUNTER_1: 0x%08x\n", value); ++ tpm2_tool_output ("TPM_PT_AUDIT_COUNTER_1: 0x%08x\n", value); + break; + default: + LOG_ERR("Unknown property: 0x%08x\n", properties[i].property); +-- +2.17.1 + diff --git a/SPECS/tpm2-tools.spec b/SPECS/tpm2-tools.spec new file mode 100644 index 0000000..8673838 --- /dev/null +++ b/SPECS/tpm2-tools.spec @@ -0,0 +1,160 @@ +Name: tpm2-tools +Version: 3.1.1 +Release: 4%{?dist} +Summary: A TPM2.0 testing tool build upon TPM2.0-TSS + +License: BSD +URL: https://github.com/tpm2-software/tpm2-tools +Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz + +Patch0: Revert-objectattrs-clear-before-or-ing-in-values.patch +Patch1: lib-tpm2_options-restore-TCTI-configuration-environm.patch +Patch2: tpm2_getcap-restore-tool-output-to-print-properties-.patch + +BuildRequires: gcc-c++ +BuildRequires: libtool +BuildRequires: autoconf-archive +BuildRequires: pkgconfig(cmocka) +BuildRequires: pkgconfig(libcurl) +BuildRequires: pkgconfig(openssl) +# tpm2-tss-devel provides tss2-mu/sys/esys package config +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(tss2-sys) +BuildRequires: pkgconfig(tss2-esys) + +# tpm2-tools is heavily depending on TPM2.0-TSS project, matched tss is required +Requires: tpm2-tss%{?_isa} >= 2.0.0-2%{?dist} + +# tpm2-tools project changed the install path for binaries and man page section +Obsoletes: tpm2-tools <= 2.1.1-2 + +%description +tpm2-tools is a batch of testing tools for tpm2.0. It is based on tpm2-tss. + +%prep +%autosetup -p1 -n %{name}-%{version} + +%build +%configure --prefix=/usr --disable-static --disable-silent-rules +%make_build + +%install +%make_install + +%files +%doc README.md CHANGELOG.md +%license LICENSE +%{_bindir}/tpm2_* +%{_mandir}/man1/tpm2_*.1.gz + +%changelog +* Thu Nov 08 2018 Jerry Snitselaar - 3.1.1-4 +- lib/tpm2_options: restore TCTI configuration environment variables +- tpm2_getcap: restore tool output to print properties with TPM_PT prefix +resolves: rhbz#1648001 + +* Sat Jul 14 2018 Javier Martinez Canillas - - 3.1.1-3 +- Revert backward incompatible change that removes default object attributes + +* Sat Jul 14 2018 Fedora Release Engineering - 3.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Thu Jul 12 2018 Yunying Sun - 3.1.1-1 +- Update to 3.1.1 release + +* Thu Jul 5 2018 Yunying Sun - 3.1.0-1 +- Update Requires version of tpm2-tss to 2.0.0 +- Remove BuildRequires for tcti-abrmd since it is optional +- Remove BuildRequires for tcti-{device,mssim} as it is now dynamically loaded +- Update to 3.1.0 release + +* Mon Apr 30 2018 Javier Martinez Canillas - 3.0.4-1 +- Update URLs to point to the new project location +- Update to 3.0.4 release + +* Wed Feb 21 2018 Javier Martinez Canillas - 3.0.3-3 +- Remove ExclusiveArch: x86_64 directive + +* Fri Feb 09 2018 Fedora Release Engineering - 3.0.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Jan 16 2018 Javier Martinez Canillas - 3.0.3-1 +- Update to 3.0.3 release + +* Mon Dec 18 2017 Javier Martinez Canillas - 3.0.2-1 +- Update to 3.0.2 release + +* Tue Dec 12 2017 Javier Martinez Canillas - 3.0.1-1 +- Update to 3.0.1 release (RHBZ#1512743) +- Download the generated tarball provided instead of the source code tarball + +* Fri Dec 08 2017 Javier Martinez Canillas - 3.0-1 +- Update to 3.0 release + +* Wed Nov 29 2017 Javier Martinez Canillas - 3.0-0.1.rc1 +- Update to 3.0 release candidate 1 +- Update URLs to point to the new project location +- Make the package to obsolete version 2.1.1 + +* Wed Nov 01 2017 Javier Martinez Canillas - 2.1.1-1 +- Rename remaining tpm2.0-tools prefixes to tpm2-tools +- Remove global pkg_prefix since now the upstream repo and package names match +- Remove downstream patches since now these are in the latest upstream release +- Update to 2.1.1 release (RHBZ#1504438) + +* Thu Oct 19 2017 Jerry Snitselaar - 2.1.0-7 +- Clean up potential memleak (RHBZ#1503959) + +* Thu Oct 05 2017 Javier Martinez Canillas - 2.1.0-6 +- Add tpm2-abrmd-devel BuildRequires so tools have abrmd support (RHBZ#1498909) + +* Fri Aug 18 2017 Javier Martinez Canillas - 2.1.0-5 +- Remove unneeded source tarballs (RHBZ#1482830) + +* Tue Aug 15 2017 Sun Yunying - 2.1.0-4 +- Add patch to fix build error when openssl-devel is installed(RHBZ#1481236) + +* Thu Aug 03 2017 Fedora Release Engineering - 2.1.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Mon Jul 31 2017 Sun Yunying - 2.1.0-2 +- Add patch to fix gcc7 complaining about implicit-fallthrough cases + +* Fri Jul 28 2017 Sun Yunying - 2.1.0-1 +- Update to latest upstream release 2.1.0 + +* Fri Jul 28 2017 Sun Yunying - 1.1.0-9 +- Update Requires dependency so that tpm2-tss update won't break tpm2-tools + +* Thu Jul 27 2017 Fedora Release Engineering - 1.1.0-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed May 10 2017 Sun Yunying - 1.1.0-7 +- Only update release version to make fedpkg build works for f26 + +* Wed Mar 1 2017 Sun Yunying - 1.1.0-6 +- Update tpm2-tss version to 1.0-3 to fix broken dependency on f26 + +* Sat Feb 11 2017 Fedora Release Engineering - 1.1.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Jan 20 2017 Sun Yunying - 1.1.0-4 +- Dependency check failed for Requires again, here to fix this +- Update release version and changelog + +* Thu Jan 19 2017 Sun Yunying - 1.1.0-3 +- Change spec file permission to 644 to avoid rpmlint complain +- Update Requires to fix dependency check error reported in Bodhi +- Remove tpm2-tss-devel version in BuildRequires comment +- Update release version and changelog + +* Wed Dec 21 2016 Sun Yunying - 1.1.0-2 +- Remove pkg_version to avoid dupliate use of version +- Remove redundant BuildRequires for autoconf/automake/pkgconfig +- Add comments for BuildRequires of sapi/tcti-device/tcti-socket +- Use ExclusiveArch instead of ExcludeArch +- Requires tpm2-tss version updated to 1.0-2 +- Updated release version and changelog + +* Fri Dec 2 2016 Sun Yunying - 1.1.0-1 +- Initial version of the package