mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-06-03 01:40:53 +00:00
Code Issues Projects Releases Wiki Activity

swtpm: update to 0.7.1

Browse Source 
fixes: CVE-2022-23645.
Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs

Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Armin Kuster
2022-03-04 16:12:30 -08:00
parent 6c3262f5bb
commit 6ea6a4982c
2 changed files with 2 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch
-65
View File
@@ -1,65 +0,0 @@
Don't check for tscd deamon on host.
Upstream-Status: OE Specific
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Index: git/configure.ac
===================================================================
--- git.orig/configure.ac
+++ git/configure.ac
@@ -179,15 +179,6 @@ AC_SUBST([LIBTPMS_LIBS])
AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
AC_SUBST([LIBRT_LIBS])
-AC_PATH_PROG([TCSD], tcsd)
-if test "x$TCSD" = "x"; then
- have_tcsd=no
- AC_MSG_WARN([tcsd could not be found; typically need it for tss user account and tests])
-else
- have_tcsd=yes
-fi
-AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no")
-
dnl We either need netstat (more common across systems) or 'ss' for test cases
AC_PATH_PROG([NETSTAT], [netstat])
if test "x$NETSTAT" = "x"; then
@@ -440,23 +431,6 @@ AC_ARG_WITH([tss-group],
[TSS_GROUP="tss"]
)
-case $have_tcsd in
-yes)
- AC_MSG_CHECKING([whether TSS_USER $TSS_USER is available])
- if ! test $(id -u $TSS_USER); then
- AC_MSG_ERROR(["$TSS_USER is not available"])
- else
- AC_MSG_RESULT([yes])
- fi
- AC_MSG_CHECKING([whether TSS_GROUP $TSS_GROUP is available])
- if ! test $(id -g $TSS_GROUP); then
- AC_MSG_ERROR(["$TSS_GROUP is not available"])
- else
- AC_MSG_RESULT([yes])
- fi
- ;;
-esac
-
AC_SUBST([TSS_USER])
AC_SUBST([TSS_GROUP])
Index: git/tests/Makefile.am
===================================================================
--- git.orig/tests/Makefile.am
+++ git/tests/Makefile.am
@@ -83,10 +83,6 @@ TESTS += \
test_tpm2_swtpm_cert \
test_tpm2_swtpm_cert_ecc \
test_tpm2_swtpm_setup_create_cert
-if HAVE_TCSD
-TESTS += \
- test_tpm2_samples_create_tpmca
-endif
endif
EXTRA_DIST=$(TESTS) \
meta-tpm/recipes-tpm/swtpm/swtpm_0.6.1.bb → meta-tpm/recipes-tpm/swtpm/swtpm_0.7.1.bb
+2 -3
View File
@@ -6,10 +6,9 @@ SECTION = "apps"
# expect-native, socat-native, coreutils-native and net-tools-native are reportedly only required for the tests # expect-native, socat-native, coreutils-native and net-tools-native are reportedly only required for the tests
DEPENDS = "libtasn1 coreutils-native expect-native socat-native glib-2.0 net-tools-native libtpm json-glib" DEPENDS = "libtasn1 coreutils-native expect-native socat-native glib-2.0 net-tools-native libtpm json-glib"
SRCREV = "98187d24fe14851653a7c46eb16e9c5f0b9beaa1" SRCREV = "92a7035f45d9b08aa7c6b8bd6fa4c6916ef07a9e"
SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.6;protocol=https \ SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-0.7-next;protocol=https \
file://ioctl_h.patch \ file://ioctl_h.patch \
file://oe_configure.patch \
" "
PE = "1" PE = "1"