Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-crypt/tpm2-tss
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/tpm2-tss')
-rw-r--r--app-crypt/tpm2-tss/Manifest4
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch15
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch22
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch26
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch27
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch50
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch26
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch24
-rw-r--r--app-crypt/tpm2-tss/metadata.xml11
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild77
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild109
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild97
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild110
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild109
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild110
15 files changed, 697 insertions, 120 deletions
diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest
index e25f40f7a50d..e08c54ad4a15 100644
--- a/app-crypt/tpm2-tss/Manifest
+++ b/app-crypt/tpm2-tss/Manifest
@@ -1 +1,3 @@
-DIST tpm2-tss-2.4.0.tar.gz 1446509 BLAKE2B bb078719fa85d9ea07b9710b5ac5d2f9c2b842700ed5b26a30ab2708a227b4bd599563c76e648d6f0b9dfe7785a25c049826f953baffdd39113bd62e7b4563df SHA512 763370381584f2124f751f0736e6a8b34428fd52134fd9966f3581e128f3b74b3f1261992f5d6162d7c866e47f7e5519ea80c1d1d39b80d5ed6e067eb2cd35a0
+DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d
+DIST tpm2-tss-4.0.2.tar.gz 1833499 BLAKE2B 91e70bcc66099fe5d7d53cf98a2c46582e96f204fc7bcb89c46497cc811ca1eb39c752be077a6e8132fc980a6581a2df075fcc6670d646d1270e642c144f043c SHA512 e92038de985ac928bf87a707b0f9b190aaa936827923ea5e3cbdda216cbc6cf8590af650c59c2e1e420ad9914dc6c1f14232ab7930ffc1a50fb0c49fdef6d3f0
+DIST tpm2-tss-4.1.3.tar.gz 1902009 BLAKE2B d8592f4797a4254883667476efb2fdf3c95547d9c472fe3557031e934c725e20e3cc70a9b7b41eaddac71e8d9f94beb5fbb39aec5d81b3eeb1b612df27312923 SHA512 c9a5e1e90f6545a466d43790ab2d67c52c4b788a0b21f8212575e27e04e0ac663105863fe00824e08a4e56a4f8c6b00c48c1a1c132531b8569cd5042c3bb9e69
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch
deleted file mode 100644
index c916bbf0133c..000000000000
--- a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/Makefile.am b/Makefile.am
-index c543a287..58187f7e 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -558,10 +558,6 @@ uninstall-local:
- -rm $(DESTDIR)$(udevrulesdir)/$(udevrulesprefix)tpm-udev.rules
- endif
-
--# Create tss user and FAPI directories directly after installation (vs. after a reboot)
--install-exec-hook:
-- systemd-sysusers && systemd-tmpfiles --create || true
--
- uninstall-hook:
- cd $(DESTDIR)$(man3dir) && \
- [ -L Tss2_TctiLdr_Initialize_Ex.3 ] && \
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch
deleted file mode 100644
index 93a1fed8a877..000000000000
--- a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-fix-tmpfiles-path.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-diff --git a/dist/fapi-config.json.in b/dist/fapi-config.json.in
-index e32a3c36..4aa636e2 100644
---- a/dist/fapi-config.json.in
-+++ b/dist/fapi-config.json.in
-@@ -2,7 +2,7 @@
- "profile_name": "P_RSA2048SHA256",
- "profile_dir": "@sysconfdir@/tpm2-tss/fapi-profiles/",
- "user_dir": "~/@userstatedir@/tpm2-tss/user/keystore",
-- "system_dir": "@localstatedir@/lib/tpm2-tss/system/keystore",
-+ "system_dir": "@localstatedir@/tpm2-tss/system/keystore",
- "tcti": "",
- "system_pcrs" : [],
- "log_dir" : "@runstatedir@/tpm2-tss/eventlog/"
-diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
-index 1793c4d7..3f0c8380 100644
---- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
-+++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
-@@ -1,3 +1,3 @@
- #Type Path Mode User Group Age Argument
--d @localstatedir@/lib/tpm2-tss/system/keystore 775 tss tss - -
-+d @localstatedir@/tpm2-tss/system/keystore 775 tss tss - -
- d @runstatedir@/tpm2-tss/eventlog 775 tss tss - -
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch
new file mode 100644
index 000000000000..ca51ab7f9382
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.0-Dont-install-files-into-run.patch
@@ -0,0 +1,26 @@
+diff --git a/Makefile.am b/Makefile.am
+index 2c81cfa9..2673995c 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -767,13 +767,11 @@ define set_tss_permissions
+ endef
+
+ define make_fapi_dirs
+- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \
+ ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/))
+ endef
+
+ define set_fapi_permissions
+ if test -z "${DESTDIR}"; then \ e
+- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \
+ ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \
+ fi
+ endef
+@@ -784,7 +782,6 @@ endef
+
+ define check_fapi_dirs
+ if test -z "${DESTDIR}"; then \
+- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \
+ ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \
+ fi;
+ endef
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
new file mode 100644
index 000000000000..83f123ffdc52
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
@@ -0,0 +1,27 @@
+From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Fri, 4 Aug 2023 16:07:52 +0200
+Subject: [PATCH] Do not consider failures to write files in /sys hard errors
+
+systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors.
+
+Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
+---
+ dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+index 7ea3c652..51ff78e5 100644
+--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
++++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+@@ -3,5 +3,5 @@ d @localstatedir@/lib/tpm2-tss/system/keystore 2775 tss tss -
+ a+ @localstatedir@/lib/tpm2-tss/system/keystore - - - - default:group:tss:rwx
+ d @runstatedir@/tpm2-tss/eventlog 2775 tss tss - -
+ a+ @runstatedir@/tpm2-tss/eventlog - - - - default:group:tss:rwx
+-z /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
+-z /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
++z- /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
++z- /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
+--
+2.43.0
+
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch
new file mode 100644
index 000000000000..d93fcf9ef2d6
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch
@@ -0,0 +1,50 @@
+From 75f53cf7eab591870ce735203995d01d2f577187 Mon Sep 17 00:00:00 2001
+From: Christopher Byrne <salah.coronya@gmail.com>
+Date: Tue, 13 Jun 2023 21:40:56 -0500
+Subject: [PATCH] configure.ac: Make sysusers and tmpfiles optional
+
+Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
+---
+ Makefile.am | 6 +++++-
+ configure.ac | 4 ++--
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 2c81cfa9..98965fa7 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -563,10 +563,14 @@ fapi-config.json: dist/fapi-config.json.in
+ -e 's|[@]sysmeasurements@|$(sysmeasurements)|g' \
+ < "$<" > "$@"
+
++if SYSD_SYSUSERS
+ sysusers_DATA = dist/sysusers.d/tpm2-tss.conf
+-tmpfiles_DATA = tpm2-tss-fapi.conf
++endif
+
++if SYSD_TMPFILES
++tmpfiles_DATA = tpm2-tss-fapi.conf
+ CLEANFILES += tpm2-tss-fapi.conf
++endif
+
+ # We have to do this ourselves, in order to get absolute paths
+ tpm2-tss-fapi.conf: dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+diff --git a/configure.ac b/configure.ac
+index b6550278..2d478147 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -550,9 +550,9 @@ AS_IF([test "x$enable_integration" = "xyes" && test "x$enable_self_generated_cer
+
+ # Check for systemd helper tools used by make install
+ AC_CHECK_PROG(systemd_sysusers, systemd-sysusers, yes)
+-AM_CONDITIONAL(SYSD_SYSUSERS, test "x$systemd_sysusers" = "xyes")
++AM_CONDITIONAL([SYSD_SYSUSERS], [test "x$systemd_sysusers" = "xyes" && test "x$sysusersdir" != "xno"])
+ AC_CHECK_PROG(systemd_tmpfiles, systemd-tmpfiles, yes)
+-AM_CONDITIONAL(SYSD_TMPFILES, test "x$systemd_tmpfiles" = "xyes")
++AM_CONDITIONAL([SYSD_TMPFILES], [test "x$systemd_tmpfiles" = "xyes" && test "x$tmpfilesdir" != "xno"])
+
+ # Check all tools used by make install
+ AS_IF([test "$HOSTOS" = "Linux" && test "x$systemd_sysusers" != "xyes"],
+--
+2.39.3
+
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch
new file mode 100644
index 000000000000..022cd6145c18
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch
@@ -0,0 +1,26 @@
+diff --git a/Makefile.am b/Makefile.am
+index 07b7a2bf..e478fc77 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -770,13 +770,11 @@ define set_tss_permissions
+ endef
+
+ define make_fapi_dirs
+- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \
+ ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/))
+ endef
+
+ define set_fapi_permissions
+ if test -z "${DESTDIR}"; then \
+- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \
+ ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \
+ fi
+ endef
+@@ -787,7 +785,6 @@ endef
+
+ define check_fapi_dirs
+ if test -z "${DESTDIR}"; then \
+- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \
+ ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \
+ fi;
+ endef
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch
new file mode 100644
index 000000000000..bd682df53bac
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch
@@ -0,0 +1,24 @@
+diff --git a/src/util/io.c b/src/util/io.c
+index c6446826..50c0fd6c 100644
+--- a/src/util/io.c
++++ b/src/util/io.c
+@@ -81,6 +81,7 @@ read_all (
+ return recvd_total;
+ }
+
++__attribute__ ((visibility("hidden")))
+ ssize_t
+ write_all (
+ SOCKET fd,
+diff --git a/src/util/io.h b/src/util/io.h
+index 25dd5c45..fec391d8 100644
+--- a/src/util/io.h
++++ b/src/util/io.h
+@@ -70,6 +70,7 @@ read_all (
+ * are detected. This is currently limited to interrupted system calls and
+ * short writes.
+ */
++__attribute__ ((visibility("hidden")))
+ ssize_t
+ write_all (
+ SOCKET fd,
diff --git a/app-crypt/tpm2-tss/metadata.xml b/app-crypt/tpm2-tss/metadata.xml
index ca0c0ecca084..ada5791c33d5 100644
--- a/app-crypt/tpm2-tss/metadata.xml
+++ b/app-crypt/tpm2-tss/metadata.xml
@@ -1,18 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer type="person">
+ <maintainer type="person" proxied="yes">
<email>salah.coronya@gmail.com</email>
- <name>Salah Coronya</name>
+ <name>Christopher Byrne</name>
</maintainer>
- <maintainer type="project">
+ <maintainer type="project" proxied="proxy">
<email>proxy-maint@gentoo.org</email>
<name>Proxy Maintainers</name>
</maintainer>
<use>
<flag name="fapi">Enable feature API (requires openssl as crypto backend)</flag>
- <flag name="gcrypt">Use <pkg>dev-libs/libgcrypt</pkg> as crypto engine</flag>
+ <flag name="mbedtls">Use <pkg>net-libs/mbedtls</pkg> as crypto engine</flag>
<flag name="openssl">Use <pkg>dev-libs/openssl</pkg> as crypto engine</flag>
+ <flag name="policy">Enable policy library (requires openssl as crypto backend)</flag>
</use>
<upstream>
<remote-id type="github">tpm2-software/tpm2-tss</remote-id>
diff --git a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild b/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild
deleted file mode 100644
index 9f3fd54be541..000000000000
--- a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild
+++ /dev/null
@@ -1,77 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools linux-info tmpfiles udev
-
-DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
-HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
-SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
-
-LICENSE="BSD-2"
-SLOT="0"
-KEYWORDS="~amd64 ~arm64 ~x86"
-IUSE="doc +fapi gcrypt +openssl static-libs test"
-
-RESTRICT="!test? ( test )"
-
-REQUIRED_USE="^^ ( gcrypt openssl )
- fapi? ( openssl !gcrypt )"
-
-RDEPEND="acct-group/tss
- acct-user/tss
- fapi? (
- dev-libs/json-c
- net-misc/curl
- )
- gcrypt? ( dev-libs/libgcrypt:0= )
- openssl? ( dev-libs/openssl:0= )"
-DEPEND="${RDEPEND}
- test? ( dev-util/cmocka )"
-BDEPEND="virtual/pkgconfig
- doc? ( app-doc/doxygen )"
-
-PATCHES=(
- "${FILESDIR}/${PN}-2.4.0-fix-tmpfiles-path.patch"
- "${FILESDIR}/${PN}-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch"
- )
-
-pkg_setup() {
- local CONFIG_CHECK=" \
- ~TCG_TPM
- "
- linux-info_pkg_setup
- kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
-}
-
-src_prepare() {
- default
- eautoreconf
-}
-
-src_configure() {
- econf \
- $(use_enable doc doxygen-doc) \
- $(use_enable fapi) \
- $(use_enable static-libs static) \
- $(use_enable test unit) \
- --disable-tcti-mssim \
- --disable-defaultflags \
- --disable-weakcrypto \
- --with-crypto="$(usex gcrypt gcrypt ossl)" \
- --with-runstatedir=/run \
- --with-udevrulesdir="$(get_udevdir)/rules.d" \
- --with-udevrulesprefix=60- \
- --with-sysusersdir="/usr/lib/sysusers.d" \
- --with-tmpfilesdir="/usr/lib/tmpfiles.d"
-}
-
-src_install() {
- default
- find "${D}" -name '*.la' -delete || die
-}
-
-pkg_postinst() {
- tmpfiles_process tpm2-tss-fapi.conf
-}
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
new file mode 100644
index 000000000000..558f221a5be8
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+ ^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+ acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? (
+ dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+ )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+ ${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+ sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
+ "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+ "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
+)
+
+pkg_setup() {
+ local CONFIG_CHECK="~TCG_TPM"
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ local myconf=(
+ --localstatedir=/var
+ $(multilib_native_use_enable doc doxygen-doc)
+ $(use_enable fapi)
+ $(use_enable policy)
+ $(use_enable static-libs static)
+ $(multilib_native_use_enable test unit)
+ $(multilib_native_use_enable test integration)
+ $(multilib_native_use_enable test self-generated-certificate)
+ --disable-tcti-libtpms
+ --disable-defaultflags
+ --disable-weakcrypto
+ --with-crypto="$(usex mbedtls mbed ossl)"
+ --with-runstatedir=/run
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-udevrulesprefix=60-
+ --without-sysusersdir
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+ )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild
new file mode 100644
index 000000000000..d4391f09ea96
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1.ebuild
@@ -0,0 +1,97 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )"
+
+RDEPEND="acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? ( dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )"
+
+DEPEND="${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )"
+BDEPEND="sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
+ "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+ )
+
+pkg_setup() {
+ local CONFIG_CHECK=" \
+ ~TCG_TPM
+ "
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ ECONF_SOURCE=${S} econf \
+ --localstatedir=/var \
+ $(multilib_native_use_enable doc doxygen-doc) \
+ $(use_enable fapi) \
+ $(use_enable policy) \
+ $(use_enable static-libs static) \
+ $(multilib_native_use_enable test unit) \
+ $(multilib_native_use_enable test integration) \
+ $(multilib_native_use_enable test self-generated-certificate) \
+ --disable-tcti-libtpms \
+ --disable-defaultflags \
+ --disable-weakcrypto \
+ --with-crypto="$(usex mbedtls mbed ossl)" \
+ --with-runstatedir=/run \
+ --with-udevrulesdir="$(get_udevdir)/rules.d" \
+ --with-udevrulesprefix=60- \
+ --without-sysusersdir \
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild
new file mode 100644
index 000000000000..1ada848dd5d2
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild
@@ -0,0 +1,110 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+ ^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+ acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? (
+ dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+ )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+ ${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+ sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch"
+ "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+ "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
+ "${FILESDIR}/${PN}-4.0.2-Hide-write-all-function.patch"
+)
+
+pkg_setup() {
+ local CONFIG_CHECK="~TCG_TPM"
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ local myconf=(
+ --localstatedir=/var
+ $(multilib_native_use_enable doc doxygen-doc)
+ $(use_enable fapi)
+ $(use_enable policy)
+ $(use_enable static-libs static)
+ $(multilib_native_use_enable test unit)
+ $(multilib_native_use_enable test integration)
+ $(multilib_native_use_enable test self-generated-certificate)
+ --disable-tcti-libtpms
+ --disable-defaultflags
+ --disable-weakcrypto
+ --with-crypto="$(usex mbedtls mbed ossl)"
+ --with-runstatedir=/run
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-udevrulesprefix=60-
+ --without-sysusersdir
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+ )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild
new file mode 100644
index 000000000000..40a410cf2a97
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+ ^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+ acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? (
+ dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+ )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+ ${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+ sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch"
+ "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+ "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
+)
+
+pkg_setup() {
+ local CONFIG_CHECK="~TCG_TPM"
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ local myconf=(
+ --localstatedir=/var
+ $(multilib_native_use_enable doc doxygen-doc)
+ $(use_enable fapi)
+ $(use_enable policy)
+ $(use_enable static-libs static)
+ $(multilib_native_use_enable test unit)
+ $(multilib_native_use_enable test integration)
+ $(multilib_native_use_enable test self-generated-certificate)
+ --disable-tcti-libtpms
+ --disable-defaultflags
+ --disable-weakcrypto
+ --with-crypto="$(usex mbedtls mbed ossl)"
+ --with-runstatedir=/run
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-udevrulesprefix=60-
+ --without-sysusersdir
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+ )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild
new file mode 100644
index 000000000000..79327c45219d
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild
@@ -0,0 +1,110 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+ ^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+ acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? (
+ dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+ )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+ ${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+ sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch"
+)
+
+pkg_setup() {
+ local CONFIG_CHECK="~TCG_TPM"
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ local myconf=(
+ --localstatedir=/var
+ $(multilib_native_use_enable doc doxygen-doc)
+ $(use_enable fapi)
+ $(use_enable policy)
+ $(use_enable static-libs static)
+ $(multilib_native_use_enable test unit)
+ $(multilib_native_use_enable test integration)
+ $(multilib_native_use_enable test self-generated-certificate)
+ --disable-tcti-libtpms
+ --disable-tcti-spi-ltt2go
+ --disable-tcti-spi-ftdi
+ --disable-tcti-i2c-ftdi
+ --disable-defaultflags
+ --disable-weakcrypto
+ --with-crypto="$(usex mbedtls mbed ossl)"
+ --with-runstatedir=/run
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-udevrulesprefix=60-
+ --without-sysusersdir
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+ )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}