diff options
Diffstat (limited to 'app-crypt/tpm2-tss')
15 files changed, 697 insertions, 120 deletions
diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest index e25f40f7a50d..e08c54ad4a15 100644 --- a/app-crypt/tpm2-tss/Manifest +++ b/app-crypt/tpm2-tss/Manifest @@ -1 +1,3 @@ -DIST tpm2-tss-2.4.0.tar.gz 1446509 BLAKE2B bb078719fa85d9ea07b9710b5ac5d2f9c2b842700ed5b26a30ab2708a227b4bd599563c76e648d6f0b9dfe7785a25c049826f953baffdd39113bd62e7b4563df SHA512 763370381584f2124f751f0736e6a8b34428fd52134fd9966f3581e128f3b74b3f1261992f5d6162d7c866e47f7e5519ea80c1d1d39b80d5ed6e067eb2cd35a0 +DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d +DIST tpm2-tss-4.0.2.tar.gz 1833499 BLAKE2B 91e70bcc66099fe5d7d53cf98a2c46582e96f204fc7bcb89c46497cc811ca1eb39c752be077a6e8132fc980a6581a2df075fcc6670d646d1270e642c144f043c SHA512 e92038de985ac928bf87a707b0f9b190aaa936827923ea5e3cbdda216cbc6cf8590af650c59c2e1e420ad9914dc6c1f14232ab7930ffc1a50fb0c49fdef6d3f0 +DIST tpm2-tss-4.1.3.tar.gz 1902009 BLAKE2B d8592f4797a4254883667476efb2fdf3c95547d9c472fe3557031e934c725e20e3cc70a9b7b41eaddac71e8d9f94beb5fbb39aec5d81b3eeb1b612df27312923 SHA512 c9a5e1e90f6545a466d43790ab2d67c52c4b788a0b21f8212575e27e04e0ac663105863fe00824e08a4e56a4f8c6b00c48c1a1c132531b8569cd5042c3bb9e69 diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch deleted file mode 100644 index c916bbf0133c..000000000000 --- a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/Makefile.am b/Makefile.am -index c543a287..58187f7e 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -558,10 +558,6 @@ uninstall-local: - -rm $(DESTDIR)$(udevrulesdir)/$(udevrulesprefix)tpm-udev.rules - endif - --# Create tss user and FAPI directories directly after installation (vs. after a reboot) --install-exec-hook: -- systemd-sysusers && systemd-tmpfiles --create || true -- - uninstall-hook: - cd $(DESTDIR)$(man3dir) && \ - [ -L Tss2_TctiLdr_Initialize_Ex.3 ] && \ diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch deleted file mode 100644 index 93a1fed8a877..000000000000 --- a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/dist/fapi-config.json.in b/dist/fapi-config.json.in -index e32a3c36..4aa636e2 100644 ---- a/dist/fapi-config.json.in -+++ b/dist/fapi-config.json.in -@@ -2,7 +2,7 @@ - "profile_name": "P_RSA2048SHA256", - "profile_dir": "@sysconfdir@/tpm2-tss/fapi-profiles/", - "user_dir": "~/@userstatedir@/tpm2-tss/user/keystore", -- "system_dir": "@localstatedir@/lib/tpm2-tss/system/keystore", -+ "system_dir": "@localstatedir@/tpm2-tss/system/keystore", - "tcti": "", - "system_pcrs" : [], - "log_dir" : "@runstatedir@/tpm2-tss/eventlog/" -diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in -index 1793c4d7..3f0c8380 100644 ---- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in -+++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in -@@ -1,3 +1,3 @@ - #Type Path Mode User Group Age Argument --d @localstatedir@/lib/tpm2-tss/system/keystore 775 tss tss - - -+d @localstatedir@/tpm2-tss/system/keystore 775 tss tss - - - d @runstatedir@/tpm2-tss/eventlog 775 tss tss - - diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch new file mode 100644 index 000000000000..ca51ab7f9382 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch @@ -0,0 +1,26 @@ +diff --git a/Makefile.am b/Makefile.am +index 2c81cfa9..2673995c 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -767,13 +767,11 @@ define set_tss_permissions + endef + + define make_fapi_dirs +- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \ + ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) + endef + + define set_fapi_permissions + if test -z "${DESTDIR}"; then \ e +- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \ + ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \ + fi + endef +@@ -784,7 +782,6 @@ endef + + define check_fapi_dirs + if test -z "${DESTDIR}"; then \ +- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \ + ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \ + fi; + endef diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch new file mode 100644 index 000000000000..83f123ffdc52 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch @@ -0,0 +1,27 @@ +From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001 +From: Daan De Meyer <daan.j.demeyer@gmail.com> +Date: Fri, 4 Aug 2023 16:07:52 +0200 +Subject: [PATCH] Do not consider failures to write files in /sys hard errors + +systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors. + +Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com> +--- + dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in +index 7ea3c652..51ff78e5 100644 +--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in ++++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in +@@ -3,5 +3,5 @@ d @localstatedir@/lib/tpm2-tss/system/keystore 2775 tss tss - + a+ @localstatedir@/lib/tpm2-tss/system/keystore - - - - default:group:tss:rwx + d @runstatedir@/tpm2-tss/eventlog 2775 tss tss - - + a+ @runstatedir@/tpm2-tss/eventlog - - - - default:group:tss:rwx +-z /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - - +-z /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - - ++z- /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - - ++z- /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - - +-- +2.43.0 + diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch new file mode 100644 index 000000000000..d93fcf9ef2d6 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch @@ -0,0 +1,50 @@ +From 75f53cf7eab591870ce735203995d01d2f577187 Mon Sep 17 00:00:00 2001 +From: Christopher Byrne <salah.coronya@gmail.com> +Date: Tue, 13 Jun 2023 21:40:56 -0500 +Subject: [PATCH] configure.ac: Make sysusers and tmpfiles optional + +Signed-off-by: Christopher Byrne <salah.coronya@gmail.com> +--- + Makefile.am | 6 +++++- + configure.ac | 4 ++-- + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index 2c81cfa9..98965fa7 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -563,10 +563,14 @@ fapi-config.json: dist/fapi-config.json.in + -e 's|[@]sysmeasurements@|$(sysmeasurements)|g' \ + < "$<" > "$@" + ++if SYSD_SYSUSERS + sysusers_DATA = dist/sysusers.d/tpm2-tss.conf +-tmpfiles_DATA = tpm2-tss-fapi.conf ++endif + ++if SYSD_TMPFILES ++tmpfiles_DATA = tpm2-tss-fapi.conf + CLEANFILES += tpm2-tss-fapi.conf ++endif + + # We have to do this ourselves, in order to get absolute paths + tpm2-tss-fapi.conf: dist/tmpfiles.d/tpm2-tss-fapi.conf.in +diff --git a/configure.ac b/configure.ac +index b6550278..2d478147 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -550,9 +550,9 @@ AS_IF([test "x$enable_integration" = "xyes" && test "x$enable_self_generated_cer + + # Check for systemd helper tools used by make install + AC_CHECK_PROG(systemd_sysusers, systemd-sysusers, yes) +-AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes") ++AM_CONDITIONAL([SYSD_SYSUSERS], [test "x$systemd_sysusers" = "xyes" && test "x$sysusersdir" != "xno"]) + AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes) +-AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes") ++AM_CONDITIONAL([SYSD_TMPFILES], [test "x$systemd_tmpfiles" = "xyes" && test "x$tmpfilesdir" != "xno"]) + + # Check all tools used by make install + AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"], +-- +2.39.3 + diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch new file mode 100644 index 000000000000..022cd6145c18 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch @@ -0,0 +1,26 @@ +diff --git a/Makefile.am b/Makefile.am +index 07b7a2bf..e478fc77 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -770,13 +770,11 @@ define set_tss_permissions + endef + + define make_fapi_dirs +- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \ + ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) + endef + + define set_fapi_permissions + if test -z "${DESTDIR}"; then \ +- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \ + ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \ + fi + endef +@@ -787,7 +785,6 @@ endef + + define check_fapi_dirs + if test -z "${DESTDIR}"; then \ +- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \ + ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \ + fi; + endef diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch new file mode 100644 index 000000000000..bd682df53bac --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch @@ -0,0 +1,24 @@ +diff --git a/src/util/io.c b/src/util/io.c +index c6446826..50c0fd6c 100644 +--- a/src/util/io.c ++++ b/src/util/io.c +@@ -81,6 +81,7 @@ read_all ( + return recvd_total; + } + ++__attribute__ ((visibility("hidden"))) + ssize_t + write_all ( + SOCKET fd, +diff --git a/src/util/io.h b/src/util/io.h +index 25dd5c45..fec391d8 100644 +--- a/src/util/io.h ++++ b/src/util/io.h +@@ -70,6 +70,7 @@ read_all ( + * are detected. This is currently limited to interrupted system calls and + * short writes. + */ ++__attribute__ ((visibility("hidden"))) + ssize_t + write_all ( + SOCKET fd, diff --git a/app-crypt/tpm2-tss/metadata.xml b/app-crypt/tpm2-tss/metadata.xml index ca0c0ecca084..ada5791c33d5 100644 --- a/app-crypt/tpm2-tss/metadata.xml +++ b/app-crypt/tpm2-tss/metadata.xml @@ -1,18 +1,19 @@ <?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer type="person"> + <maintainer type="person" proxied="yes"> <email>salah.coronya@gmail.com</email> - <name>Salah Coronya</name> + <name>Christopher Byrne</name> </maintainer> - <maintainer type="project"> + <maintainer type="project" proxied="proxy"> <email>proxy-maint@gentoo.org</email> <name>Proxy Maintainers</name> </maintainer> <use> <flag name="fapi">Enable feature API (requires openssl as crypto backend)</flag> - <flag name="gcrypt">Use <pkg>dev-libs/libgcrypt</pkg> as crypto engine</flag> + <flag name="mbedtls">Use <pkg>net-libs/mbedtls</pkg> as crypto engine</flag> <flag name="openssl">Use <pkg>dev-libs/openssl</pkg> as crypto engine</flag> + <flag name="policy">Enable policy library (requires openssl as crypto backend)</flag> </use> <upstream> <remote-id type="github">tpm2-software/tpm2-tss</remote-id> diff --git a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild b/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild deleted file mode 100644 index 9f3fd54be541..000000000000 --- a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools linux-info tmpfiles udev - -DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" -HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" -SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" - -LICENSE="BSD-2" -SLOT="0" -KEYWORDS="~amd64 ~arm64 ~x86" -IUSE="doc +fapi gcrypt +openssl static-libs test" - -RESTRICT="!test? ( test )" - -REQUIRED_USE="^^ ( gcrypt openssl ) - fapi? ( openssl !gcrypt )" - -RDEPEND="acct-group/tss - acct-user/tss - fapi? ( - dev-libs/json-c - net-misc/curl - ) - gcrypt? ( dev-libs/libgcrypt:0= ) - openssl? ( dev-libs/openssl:0= )" -DEPEND="${RDEPEND} - test? ( dev-util/cmocka )" -BDEPEND="virtual/pkgconfig - doc? ( app-doc/doxygen )" - -PATCHES=( - "${FILESDIR}/${PN}-2.4.0-fix-tmpfiles-path.patch" - "${FILESDIR}/${PN}-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch" - ) - -pkg_setup() { - local CONFIG_CHECK=" \ - ~TCG_TPM - " - linux-info_pkg_setup - kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - econf \ - $(use_enable doc doxygen-doc) \ - $(use_enable fapi) \ - $(use_enable static-libs static) \ - $(use_enable test unit) \ - --disable-tcti-mssim \ - --disable-defaultflags \ - --disable-weakcrypto \ - --with-crypto="$(usex gcrypt gcrypt ossl)" \ - --with-runstatedir=/run \ - --with-udevrulesdir="$(get_udevdir)/rules.d" \ - --with-udevrulesprefix=60- \ - --with-sysusersdir="/usr/lib/sysusers.d" \ - --with-tmpfilesdir="/usr/lib/tmpfiles.d" -} - -src_install() { - default - find "${D}" -name '*.la' -delete || die -} - -pkg_postinst() { - tmpfiles_process tpm2-tss-fapi.conf -} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild new file mode 100644 index 000000000000..558f221a5be8 --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + $(multilib_native_use_enable test self-generated-certificate) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild new file mode 100644 index 000000000000..d4391f09ea96 --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild @@ -0,0 +1,97 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" + +RESTRICT="!test? ( test )" + +REQUIRED_USE="^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls )" + +RDEPEND="acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )" + +DEPEND="${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) )" +BDEPEND="sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen )" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + ) + +pkg_setup() { + local CONFIG_CHECK=" \ + ~TCG_TPM + " + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + ECONF_SOURCE=${S} econf \ + --localstatedir=/var \ + $(multilib_native_use_enable doc doxygen-doc) \ + $(use_enable fapi) \ + $(use_enable policy) \ + $(use_enable static-libs static) \ + $(multilib_native_use_enable test unit) \ + $(multilib_native_use_enable test integration) \ + $(multilib_native_use_enable test self-generated-certificate) \ + --disable-tcti-libtpms \ + --disable-defaultflags \ + --disable-weakcrypto \ + --with-crypto="$(usex mbedtls mbed ossl)" \ + --with-runstatedir=/run \ + --with-udevrulesdir="$(get_udevdir)/rules.d" \ + --with-udevrulesprefix=60- \ + --without-sysusersdir \ + --with-tmpfilesdir="/usr/lib/tmpfiles.d" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild new file mode 100644 index 000000000000..1ada848dd5d2 --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild @@ -0,0 +1,110 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" + "${FILESDIR}/${PN}-4.0.2-Hide-write-all-function.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + $(multilib_native_use_enable test self-generated-certificate) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild new file mode 100644 index 000000000000..40a410cf2a97 --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + $(multilib_native_use_enable test self-generated-certificate) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild new file mode 100644 index 000000000000..79327c45219d --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild @@ -0,0 +1,110 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + $(multilib_native_use_enable test self-generated-certificate) + --disable-tcti-libtpms + --disable-tcti-spi-ltt2go + --disable-tcti-spi-ftdi + --disable-tcti-i2c-ftdi + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} |