commit tpm2.0-tools for openSUSE:Factory

root Mon, 28 Aug 2017 06:13:28 -0700

Hello community,

here is the log from the commit of package tpm2.0-tools for openSUSE:Factory 
checked in at 2017-08-28 15:12:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tpm2.0-tools (Old)
 and      /work/SRC/openSUSE:Factory/.tpm2.0-tools.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "tpm2.0-tools"

Mon Aug 28 15:12:10 2017 rev:8 rq:517972 version:2.1.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/tpm2.0-tools/tpm2.0-tools.changes        
2017-08-21 11:36:37.689672025 +0200
+++ /work/SRC/openSUSE:Factory/.tpm2.0-tools.new/tpm2.0-tools.changes   
2017-08-28 15:12:57.196242067 +0200
@@ -1,0 +2,16 @@
+Mon Aug 21 14:32:13 UTC 2017 - matthias.gerst...@suse.com
+
+- update to version 2.1.0:
+  - dropped 0002-kdfa-use-openssl-for-hmac-not-tpm.patch, was backported
+   upstream in commit 788a17abbe0000c560935ef9f31c9a6892d9ea33
+  - this version now can interact with the new resource manager tpm2.0-abrmd
+  - Upstream changes:
+    * Fix readx and writex on multiple EINTR returns.
+    * Add support for the tabrmd TCTI. This is the new default.
+    * Change default socket port from 2323 (the old resourcemgr) to 2321
+    (default simulator port).
+    * Cherry-pick fix for CVE-2017-7524.
+    * Fix tpm2_listpcr command line option handling.
+    * Fix tpm2_getmanufec memory issues.
+
+-------------------------------------------------------------------

Old:
----
  0002-kdfa-use-openssl-for-hmac-not-tpm.patch
  2.0.0.zip

New:
----
  2.1.0.zip

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tpm2.0-tools.spec ++++++
--- /var/tmp/diff_new_pack.pUuJfG/_old  2017-08-28 15:12:58.264091840 +0200
+++ /var/tmp/diff_new_pack.pUuJfG/_new  2017-08-28 15:12:58.272090714 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           tpm2.0-tools
-Version:        2.0.0
+Version:        2.1.0
 Release:        0
 Summary:        Trusted Platform Module (TPM) 2.0 administration tools
 License:        BSD-3-Clause
@@ -29,7 +29,6 @@
 # this fixes an error with an unexpectedly large number of PCRS (bnc#1044419)
 # there's no release containing this fix yet
 Patch2:         0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch
-Patch3:         0002-kdfa-use-openssl-for-hmac-not-tpm.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  gcc-c++
@@ -38,6 +37,7 @@
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
 BuildRequires:  tpm2-0-tss-devel
+BuildRequires:  tpm2.0-abrmd-devel
 BuildRequires:  unzip
 Recommends:     tpm2.0-abrmd
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -50,11 +50,10 @@
 associated interfaces.
 
 %prep
-%setup -q
+%setup -q -n tpm2-tools-2.1.0
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
-%patch3 -p1
 
 %build
 bash ./bootstrap

++++++ 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch ++++++
--- /var/tmp/diff_new_pack.pUuJfG/_old  2017-08-28 15:12:58.332082275 +0200
+++ /var/tmp/diff_new_pack.pUuJfG/_new  2017-08-28 15:12:58.336081712 +0200
@@ -22,11 +22,11 @@
  tools/tpm2_listpcrs.c | 55 +++++++++++++++++++++++++--------------------------
  1 file changed, 27 insertions(+), 28 deletions(-)
 
-diff --git a/tools/tpm2_listpcrs.c b/tools/tpm2_listpcrs.c
-index f50c200..42bb8c6 100644
---- a/tools/tpm2_listpcrs.c
-+++ b/tools/tpm2_listpcrs.c
-@@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_context *context) {
+Index: tpm2-tools-2.1.0/tools/tpm2_listpcrs.c
+===================================================================
+--- tpm2-tools-2.1.0.orig/tools/tpm2_listpcrs.c
++++ tpm2-tools-2.1.0/tools/tpm2_listpcrs.c
+@@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_cont
      return true;
  }
  
@@ -38,14 +38,15 @@
 -    pcr_selections->pcrSelections[0].hash = alg_id;
 -    set_pcr_select_size(&pcr_selections->pcrSelections[0], 3);
 -    clear_pcr_select_bits(&pcr_selections->pcrSelections[0]);
+-
+-    UINT32 pcr_id;
+-    for (pcr_id = 0; pcr_id < 24; pcr_id++) {
+-        set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id);
 +    TPMI_YES_NO moreData;
 +    TPMS_CAPABILITY_DATA cap_data;
 +    TPML_PCR_SELECTION *pcr_sel = &context->pcr_selections;
 +    UINT32 rval, i, j;
- 
--    UINT32 pcr_id;
--    for (pcr_id = 0; pcr_id < 24; pcr_id++) {
--        set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id);
++
 +    rval = Tss2_Sys_GetCapability(context->sapi_context, 0, TPM_CAP_PCRS, 0, 
1, &moreData, &cap_data, 0);
 +    if (rval != TPM_RC_SUCCESS) {
 +        LOG_ERR("GetCapability: Get PCR allocation status Error. TPM 
Error:0x%x......\n", rval);
@@ -56,38 +57,39 @@
 -/* XXX Could this internally call init_pcr_selection_from_algorithm to reduce 
duplicate code? */
 -static void init_pcr_selection_all(tpm2_algorithm *algorithm,
 -        TPML_PCR_SELECTION *pcr_selections) {
-+    pcr_sel->count = 0;
- 
+-
 -    pcr_selections->count = 0;
-+    for (i = 0; i < cap_data.data.assignedPCR.count; i++) {
-+        if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != 
alg_id))
-+            continue;
-+        pcr_sel->pcrSelections[pcr_sel->count].hash = 
cap_data.data.assignedPCR.pcrSelections[i].hash;
-+        set_pcr_select_size(&pcr_sel->pcrSelections[pcr_sel->count], 
cap_data.data.assignedPCR.pcrSelections[i].sizeofSelect);
-+        for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; 
j++)
-+            pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = 
cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j];
-+        pcr_sel->count++;
-+    }
- 
+-
 -    int i;
 -    for (i = 0; i < algorithm->count; i++) {
 -        pcr_selections->pcrSelections[i].hash = algorithm->alg[i];
 -        set_pcr_select_size(&pcr_selections->pcrSelections[i], 3);
 -        clear_pcr_select_bits(&pcr_selections->pcrSelections[i]);
-+    if (pcr_sel->count == 0)
-+        return false;
++    pcr_sel->count = 0;
  
 -        UINT32 pcr_id;
 -        for (pcr_id = 0; pcr_id < 24; pcr_id++) {
 -            set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id);
 -        }
 -        pcr_selections->count++;
--    }
++    for (i = 0; i < cap_data.data.assignedPCR.count; i++) {
++        if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != 
alg_id))
++            continue;
++        pcr_sel->pcrSelections[pcr_sel->count].hash = 
cap_data.data.assignedPCR.pcrSelections[i].hash;
++        set_pcr_select_size(&pcr_sel->pcrSelections[pcr_sel->count], 
cap_data.data.assignedPCR.pcrSelections[i].sizeofSelect);
++        for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; 
j++)
++            pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = 
cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j];
++        pcr_sel->count++;
+     }
++
++    if (pcr_sel->count == 0)
++        return false;
++
 +    return true;
  }
  
  // show all PCR banks according to g_pcrSelection & g_pcrs->
-@@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_context *context) {
+@@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_cont
                  context->pcr_selections.pcrSelections[i].hash);
  
          UINT32 pcr_id;
@@ -96,7 +98,7 @@
              if 
(!is_pcr_select_bit_set(&context->pcr_selections.pcrSelections[i],
                      pcr_id)) {
                  continue;
-@@ -271,14 +268,16 @@ static bool show_selected_pcr_values(listpcr_context 
*context) {
+@@ -271,14 +268,16 @@ static bool show_selected_pcr_values(lis
  
  static bool show_all_pcr_values(listpcr_context *context) {
  
@@ -115,6 +117,3 @@
  
      return show_selected_pcr_values(context);
  }
--- 
-2.12.3
-

++++++ tpm2.0-tools-fix-gcc7.patch ++++++
--- /var/tmp/diff_new_pack.pUuJfG/_old  2017-08-28 15:12:58.444066521 +0200
+++ /var/tmp/diff_new_pack.pUuJfG/_new  2017-08-28 15:12:58.444066521 +0200
@@ -1,7 +1,7 @@
-Index: tpm2.0-tools-2.0.0/tools/main.c
+Index: tpm2-tools-2.1.0/tools/main.c
 ===================================================================
---- tpm2.0-tools-2.0.0.orig/tools/main.c
-+++ tpm2.0-tools-2.0.0/tools/main.c
+--- tpm2-tools-2.1.0.orig/tools/main.c
++++ tpm2-tools-2.1.0/tools/main.c
 @@ -61,7 +61,7 @@ main (int   argc,
          execute_man (argv[0], envp);
          fprintf (stderr,
@@ -11,10 +11,10 @@
      case 2:
          exit (1);
      }
-Index: tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
+Index: tpm2-tools-2.1.0/tools/tpm2_dump_capability.c
 ===================================================================
---- tpm2.0-tools-2.0.0.orig/tools/tpm2_dump_capability.c
-+++ tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
+--- tpm2-tools-2.1.0.orig/tools/tpm2_dump_capability.c
++++ tpm2-tools-2.1.0/tools/tpm2_dump_capability.c
 @@ -595,7 +595,7 @@ dump_tpm_capability (TPMU_CAPABILITIES
      case TPM_CAP_COMMANDS:
          dump_command_attr_array (capabilities->command.commandAttributes,

++++++ tpm2.0-tools-fix-hardening.patch ++++++
--- /var/tmp/diff_new_pack.pUuJfG/_old  2017-08-28 15:12:58.456064833 +0200
+++ /var/tmp/diff_new_pack.pUuJfG/_new  2017-08-28 15:12:58.460064270 +0200
@@ -1,6 +1,8 @@
---- tpm2.0-tools-2.0.0/configure.ac.fix        2017-06-02 09:15:49.118425187 
+0200
-+++ tpm2.0-tools-2.0.0/configure.ac    2017-06-02 09:15:59.698416673 +0200
-@@ -100,11 +100,9 @@
+Index: tpm2-tools-2.1.0/configure.ac
+===================================================================
+--- tpm2-tools-2.1.0.orig/configure.ac
++++ tpm2-tools-2.1.0/configure.ac
+@@ -121,11 +121,9 @@ AS_IF([test x"$hardening" != x"no"], [
  
    add_hardened_c_flag([-Wformat])
    add_hardened_c_flag([-Wformat-security])

commit tpm2.0-tools for openSUSE:Factory

Reply via email to