diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..37b6e61 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/TPM2.0-TSS-1.0.tar.gz diff --git a/.tpm2-tss.metadata b/.tpm2-tss.metadata new file mode 100644 index 0000000..5394e16 --- /dev/null +++ b/.tpm2-tss.metadata @@ -0,0 +1 @@ +c610fa5273909394fa54174afcd7541a5c87d16b SOURCES/TPM2.0-TSS-1.0.tar.gz diff --git a/README.md b/README.md deleted file mode 100644 index 98f42b4..0000000 --- a/README.md +++ /dev/null @@ -1,4 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/Fix-memory-leaks-on-error-conditions-in-InitSysConte.patch b/SOURCES/Fix-memory-leaks-on-error-conditions-in-InitSysConte.patch new file mode 100644 index 0000000..bedd07d --- /dev/null +++ b/SOURCES/Fix-memory-leaks-on-error-conditions-in-InitSysConte.patch @@ -0,0 +1,38 @@ +diff -ur TPM2.0-TSS-1.0/common/syscontext.c TPM2.0-TSS-1.0-new/common/syscontext.c +--- TPM2.0-TSS-1.0/common/syscontext.c 2016-11-01 06:53:15.000000000 -0700 ++++ TPM2.0-TSS-1.0-new/common/syscontext.c 2017-04-02 16:36:47.603294296 -0700 +@@ -58,10 +58,12 @@ + // Initialized the system context structure. + rval = Tss2_Sys_Initialize( sysContext, contextSize, tctiContext, abiVersion ); + +- if( rval == TSS2_RC_SUCCESS ) ++ if( rval == TSS2_RC_SUCCESS ) { + return sysContext; +- else +- return 0; ++ } else { ++ free (sysContext); ++ return NULL; ++ } + } + else + { +diff -ur TPM2.0-TSS-1.0/resourcemgr/resourcemgr.c TPM2.0-TSS-1.0-new/resourcemgr/resourcemgr.c +--- TPM2.0-TSS-1.0/resourcemgr/resourcemgr.c 2016-11-01 06:53:15.000000000 -0700 ++++ TPM2.0-TSS-1.0-new/resourcemgr/resourcemgr.c 2017-04-02 16:36:47.604294312 -0700 +@@ -2708,6 +2708,7 @@ + if( cmdServerStruct->connectSock == INVALID_SOCKET ) + { + printf( "Accept failed. Error is 0x%x\n", WSAGetLastError() ); ++ (*rmFree)( cmdServerStruct ); + continue; + } + +@@ -2752,6 +2753,7 @@ + if( 0 == strcmp( &otherCmdStr[0], serverStruct->serverName ) ) + { + printf( "SockServer died (%s), socket: 0x%x.\n", serverStruct->serverName, serverStruct->connectSock ); ++ (*rmFree)( cmdServerStruct ); + ExitThread( 0 ); + } + diff --git a/SOURCES/avoid-potential-null-deref.patch b/SOURCES/avoid-potential-null-deref.patch new file mode 100644 index 0000000..b71ff66 --- /dev/null +++ b/SOURCES/avoid-potential-null-deref.patch @@ -0,0 +1,24 @@ +diff -ur TPM2.0-TSS-1.0/sysapi/sysapi_util/CommandUtil.c TPM2.0-TSS-1.0-new/sysapi/sysapi_util/CommandUtil.c +--- TPM2.0-TSS-1.0/sysapi/sysapi_util/CommandUtil.c 2016-11-01 06:53:15.000000000 -0700 ++++ TPM2.0-TSS-1.0-new/sysapi/sysapi_util/CommandUtil.c 2017-04-03 10:19:11.337348997 -0700 +@@ -184,13 +184,18 @@ + // Common to all _Complete + TSS2_RC CommonComplete( TSS2_SYS_CONTEXT *sysContext ) + { +- UINT32 rspSize = CHANGE_ENDIAN_DWORD( ( (TPM20_Header_Out *)( SYS_CONTEXT->tpmOutBuffPtr ) )->responseSize ); ++ UINT32 rspSize; + + if( sysContext == NULL ) + { + return TSS2_SYS_RC_BAD_REFERENCE; + } +- else if( SYS_CONTEXT->previousStage != CMD_STAGE_RECEIVE_RESPONSE || SYS_CONTEXT->rval != TSS2_RC_SUCCESS ) ++ else ++ { ++ rspSize = CHANGE_ENDIAN_DWORD( ( (TPM20_Header_Out *)( SYS_CONTEXT->tpmOutBuffPtr ) )->responseSize ); ++ } ++ ++ if( SYS_CONTEXT->previousStage != CMD_STAGE_RECEIVE_RESPONSE || SYS_CONTEXT->rval != TSS2_RC_SUCCESS ) + { + SYS_CONTEXT->rval = TSS2_SYS_RC_BAD_SEQUENCE; + } diff --git a/SOURCES/resourcemgr.8 b/SOURCES/resourcemgr.8 new file mode 100644 index 0000000..4c5f45d --- /dev/null +++ b/SOURCES/resourcemgr.8 @@ -0,0 +1,28 @@ +.TH RESOURCEMGR "8" "2017-05-24" "TPM Management" +.SH NAME +resourcemgr \- TPM resource manager +.SH SYNOPSIS +.B resourcemgr +[\fIOPTION\fR]... +.SH DESCRIPTION +.PP +Manage resources for Trusted Platform Module usage. +.TP +\fB\-h\fR, \fB\-\-help\fR +display this help and exit +.TP +\fB\-sim\fR +Tells resource manager to communicate with TPM 2.0 simulator (default: communicates with local TPM) +.TP +\fB\-tpmhost \fIaddress\fB\fR +Specifies the host IP address for communicating with the TPM (default: 127.0.0.1; only valid if -sim used) +.TP +\fB\-tpmport \fIport\fB\fR +Specifies the port number for communicating with the TPM (default: 2321; only valid if -sim used) +.TP +\fB\-apport \fIport\fB\fR +Specifies the port number for communicating with the calling application (default: 2323) +.SH AUTHOR +Written by Jerry Snitselaar. +.SH COPYRIGHT +Copyright \(co 2017 Red Hat Inc. diff --git a/SOURCES/resourcemgr.service b/SOURCES/resourcemgr.service new file mode 100644 index 0000000..9c3b3b4 --- /dev/null +++ b/SOURCES/resourcemgr.service @@ -0,0 +1,10 @@ +[Unit] +Description=TPM2 resource manager & access broker +Documentation=http://www.github.com/01org/TPM2.0-TSS + +[Service] +Type=simple +ExecStart=/usr/sbin/resourcemgr + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/swap-pthread-check.patch b/SOURCES/swap-pthread-check.patch new file mode 100644 index 0000000..a724fa0 --- /dev/null +++ b/SOURCES/swap-pthread-check.patch @@ -0,0 +1,15 @@ +diff -ur TPM2.0-TSS-1.0/configure.ac TPM2.0-TSS-1.0-new/configure.ac +--- TPM2.0-TSS-1.0/configure.ac 2016-11-01 06:53:15.000000000 -0700 ++++ TPM2.0-TSS-1.0-new/configure.ac 2017-03-05 23:59:35.063459673 -0700 +@@ -7,7 +7,9 @@ + AC_PROG_CC + AC_PROG_CXX + LT_INIT() +-AX_PTHREAD([], [AC_MSG_ERROR([requires pthread])]) ++AC_CHECK_LIB([pthread], [pthread_create], [PTHREAD_CFLAGS+=-pthread], ++ [AC_MSG_ERROR([requires pthread])]) ++AC_SUBST([PTHREAD_CFLAGS]) + AM_INIT_AUTOMAKE([foreign + subdir-objects]) + AC_CONFIG_FILES([Makefile]) +Only in TPM2.0-TSS-1.0-new/: configure.ac~ diff --git a/SOURCES/test-app.patch b/SOURCES/test-app.patch new file mode 100644 index 0000000..f9dbd05 --- /dev/null +++ b/SOURCES/test-app.patch @@ -0,0 +1,12 @@ +diff -ur TPM2.0-TSS-1.0/Makefile.am TPM2.0-TSS-1.0-new/Makefile.am +--- TPM2.0-TSS-1.0/Makefile.am 2016-11-01 06:53:15.000000000 -0700 ++++ TPM2.0-TSS-1.0-new/Makefile.am 2017-03-11 16:51:38.164636194 -0700 +@@ -34,7 +34,7 @@ + + # stuff to build, what that stuff is, and where/if to install said stuff + sbin_PROGRAMS = $(resourcemgr) +-noinst_PROGRAMS = $(tpmclient) $(tpmtest) ++bin_PROGRAMS = $(tpmclient) $(tpmtest) + lib_LTLIBRARIES = $(libsapi) $(libtcti_device) $(libtcti_socket) + + # unit tests diff --git a/SPECS/tpm2-tss.spec b/SPECS/tpm2-tss.spec new file mode 100755 index 0000000..ea21221 --- /dev/null +++ b/SPECS/tpm2-tss.spec @@ -0,0 +1,142 @@ +Name: tpm2-tss +Version: 1.0 +Release: 5%{?dist} +Summary: TPM2.0 Software Stack + +%global pkg_prefix TPM2.0-TSS + +# The entire source code is under BSD except implementation.h and tpmb.h which +# is under TCGL(Trusted Computing Group License). +License: BSD and TCGL +URL: https://github.com/01org/TPM2.0-TSS +Source0: https://github.com/01org/TPM2.0-TSS/archive/%{version}.tar.gz#/%{pkg_prefix}-%{version}.tar.gz +Source1: resourcemgr.service +Source2: resourcemgr.8 + +# RHEL only (resolves building on RHEL) +Patch0001: swap-pthread-check.patch +# RHEL only (enable install of test programs) +Patch0002: test-app.patch +# backport of upstream commit b0f09514467f3 +Patch0003: Fix-memory-leaks-on-error-conditions-in-InitSysConte.patch +# backport of upstream commit b6ad056f2050b +Patch0004: avoid-potential-null-deref.patch + +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: libtool +BuildRequires: pkgconfig +BuildRequires: systemd-units +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units + +# this package does not support big endian arch so far, +# and has been verified only on Intel platforms. +ExclusiveArch: %{ix86} x86_64 + +%description +tpm2-tss is a software stack supporting Trusted Platform Module(TPM) 2.0 system +APIs. It sits between TPM driver and applications, providing TPM2.0 specified +APIs for applications to access TPM module through kernel TPM drivers. + +%prep +%autosetup -p1 -n %{pkg_prefix}-%{version} +./bootstrap + + +%build +%configure --disable-static --disable-silent-rules +%make_build + +%install +%make_install +find %{buildroot}%{_libdir} -type f -name \*.la -delete +mkdir -p %{buildroot}%{_bindir} +mkdir -p %{buildroot}%{_unitdir}/ +install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/ +mkdir -p %{buildroot}%{_mandir}/man8/ +install -m 0644 %{SOURCE2} %{buildroot}%{_mandir}/man8/ + +%clean +rm -rf %{buildroot} + +%post +%systemd_post resourcemgr.service +/sbin/ldconfig + +%preun +%systemd_preun resourcemgr.service + +%postun +%systemd_postun resourcemgr.service +/sbin/ldconfig + +%files +%doc README.md CHANGELOG.md +%license LICENSE +%{_libdir}/libsapi.so.* +%{_libdir}/libtcti-device.so.* +%{_libdir}/libtcti-socket.so.* +%{_sbindir}/resourcemgr +%attr(644,root,root) %{_unitdir}/resourcemgr.service +%{_mandir}/man8/resourcemgr.8.gz + +%package devel +Summary: Headers and libraries for building apps that use tpm2-tss +Requires: %{name}%{_isa} = %{version}-%{release} + +%description devel +This package contains headers and libraries required to build applications that +use tpm2-tss. + +%files devel +%{_includedir}/sapi/ +%{_includedir}/tcti/ +%{_libdir}/libsapi.so +%{_libdir}/libtcti-device.so +%{_libdir}/libtcti-socket.so +%{_libdir}/pkgconfig/sapi.pc +%{_libdir}/pkgconfig/tcti-device.pc +%{_libdir}/pkgconfig/tcti-socket.pc + +%package utils +Summary: Utilities for tpm2-tss +Requires: %{name}%{_isa} = %{version}-%{release} + +%description utils +Utilities for tpm2-tss, such as testing features of +tpm device or simulator. + +%files utils +%{_bindir}/tpmclient +%{_bindir}/tpmtest + +%changelog +* Wed Jun 07 2017 Jerry Snitselaar - 1.0-5 +- Add manpage for resourcemgr +resolves: rhbz#1459635 + +* Mon Apr 03 2017 Jerry Snitselaar - 1.0-4 +- Clean up potential null deref +- Clean up memory leaks +- Inrease release version to 4 + +* Fri Mar 10 2017 Jerry Snitselaar - 1.0-3 +- Add systemd unit for resourcemgr +- Add utils subpackage +- Add Makefile.am patch to install test programs +- Add patch to swap out AX_PTHREAD for different check +- Increase release version to 3 +resolves: rhbz#1275027 - Add TPM 2.0 System API (SAPI) library + +* Mon Dec 12 2016 Sun Yunying - 1.0-2 +- Remove global macro pkg_version to avoid duplicate of version +- Use ExclusiveArch instead of ExcludeArch +- Use less wildcard in %files section to be more specific +- Add trailing slash at end of added directory in %file section +- Remove autoconf/automake/pkgconfig(cmocka) from BuildRequires +- Increase release version to 2 + +* Fri Dec 2 2016 Sun Yunying - 1.0-1 +- Initial version of the package