Sync from SUSE:SLFO:Main ibmswtpm2 revision 55d8dec5c03f8288a6d6a8e84111464f

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

ibmswtpm2-Add-support-for-OpenSSL-3.2.x.patch

@@ -0,0 +1,29 @@
+From beea0f97b3c95ec69f3e269df1af87eb2cdd3c46 Mon Sep 17 00:00:00 2001
+From: Otto Hollmann <otto@hollmann.cz>
+Date: Tue, 12 Dec 2023 13:58:32 +0100
+Subject: [PATCH] Add support for OpenSSL 3.2.x
+
+---
+ src/TpmToOsslMath.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/TpmToOsslMath.h b/src/TpmToOsslMath.h
+index 0b18191..1271937 100644
+--- a/src/TpmToOsslMath.h
++++ b/src/TpmToOsslMath.h
+@@ -76,10 +76,10 @@
+  * As of release 3.0.0, OPENSSL_VERSION_NUMBER is a combination of the
+  * major (M), minor (NN) and patch (PP) version into a single integer 0xMNN00PP0L
+  */
+-#if OPENSSL_VERSION_NUMBER > 0x30100ff0L
++#if OPENSSL_VERSION_NUMBER > 0x30200ff0L
+ // Check the bignum_st definition in crypto/bn/bn_lcl.h or crypto/bn/bn_local.h and either update
+ // the version check or provide the new definition for this version.
+-// Currently safe for all 3.1.x
++// Currently safe for all 3.2.x
+ #   error Untested OpenSSL version
+ #elif OPENSSL_VERSION_NUMBER >= 0x10100000L
+ // from crypto/bn/bn_lcl.h
+-- 
+2.42.0
+

ibmswtpm2-NVDynamic-Fix-use-of-uninitialized-value.patch

@@ -0,0 +1,34 @@
+From 8c160d2c7a17eb842fae82de3638b834976f2aa2 Mon Sep 17 00:00:00 2001
+From: Michal Suchanek <msuchanek@suse.de>
+Date: Thu, 20 Aug 2020 16:42:54 +0200
+Subject: [PATCH] NVDynamic: Fix use of uninitialized value.
+
+There is a theoretical possibility that the cycle in NvNextByType does
+not run at all because NvNext fails immediately and never sets nvHandle.
+
+The cycle only runs and nvHandle is set on non-zero addr, and in that
+case addr remains non-zero when breaking out of the cycle.
+
+Use nvHandle only when addr is non-zero.
+
+Signed-off-by: Michal Suchanek <msuchanek@suse.de>
+---
+ src/NVDynamic.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/NVDynamic.c b/src/NVDynamic.c
+index 8ede9e4..535ea03 100644
+--- a/src/NVDynamic.c
++++ b/src/NVDynamic.c
+@@ -122,7 +122,7 @@ NvNextByType(
+ 	    if(HandleGetType(nvHandle) == type)
+ 		break;
+ 	}
+-    if(handle != NULL)
++    if(addr && (handle != NULL))
+ 	*handle = nvHandle;
+     return addr;
+ }
+-- 
+2.42.0
+

ibmswtpm2-TcpServerPosix-Fix-use-of-uninitialized-value.patch

@@ -0,0 +1,30 @@
+From 1f64c0bf768f05bfb1980fa354d99a29b26ce99a Mon Sep 17 00:00:00 2001
+From: Michal Suchanek <msuchanek@suse.de>
+Date: Mon, 17 Aug 2020 19:28:51 +0200
+Subject: [PATCH] TcpServerPosix: Fix use of uninitialized value.
+
+ReadUINT32 does not modify the output when it fails. Do not use the
+output in that case.
+
+Signed-off-by: Michal Suchanek <msuchanek@suse.de>
+---
+ src/TcpServerPosix.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/TcpServerPosix.c b/src/TcpServerPosix.c
+index ca9e2fd..b776448 100644
+--- a/src/TcpServerPosix.c
++++ b/src/TcpServerPosix.c
+@@ -264,7 +264,8 @@ PlatformServer(
+ 		      {
+ 			  uint32_t actHandle;
+ 			  ok = ReadUINT32(s, &actHandle);
+-			  WriteUINT32(s, _rpc__ACT_GetSignaled(actHandle));
++			  if(ok)
++			      WriteUINT32(s, _rpc__ACT_GetSignaled(actHandle));
+ 			  break;
+ 		      }
+ 		  default:
+-- 
+2.42.0
+

ibmswtpm2.changes

@@ -0,0 +1,118 @@
+-------------------------------------------------------------------
+Tue Dec 12 14:06:34 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
+
+- Add support for OpenSSL 3.2.x
+  * Add ibmswtpm2-Add-support-for-OpenSSL-3.2.x.patch
+
+-------------------------------------------------------------------
+Fri Dec  1 15:34:44 UTC 2023 - Michal Suchanek <msuchanek@suse.com>
+
+- Update to version 164-2020-192.2
+  * Implement the RSA 5 primes optimization.
+  * Check command size for int32 overflow.
+  * Add support for OpenSSL 3.1.x
+  * Do not accept a NULL signKey in TPM2_CertifyX509
+  * Add Nuvoton to gcc makefile
+- New project URL - move to github
+- Drop usptreamed ibmswtpm2-OpenSSL-3.1.patch
+
+-------------------------------------------------------------------
+Wed Mar 15 08:21:19 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
+
+- Add support for OpenSSL 3.1.x
+  * Add ibmswtpm2-OpenSSL-3.1.patch
+
+-------------------------------------------------------------------
+Sat Sep 24 08:23:47 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1682:
+  * tpm: Fix cast in BnSetBit.
+  * tpm2: Fix size check in CryptSecretDecrypt
+  * tpm: Port Windows code for OpenSSL 3.0
+  * tpm: Update to openssl 3.0.2
+  * tpm: Add command and handle tracing
+  * tpm: Update for openssl 3.0.1
+  * tpm: Add ECC encrypt and decrypt commands
+  * Fix compilation on RISC-V
+  * PlatformSvc: return error on control socket failure
+  * main: set a return code if StartTcpServer fails
+  * tpm: Add all updates to TPM specification 164.
+- drop ibmswtpm2-fix-ppc32.patch (upstream)
+- makefile.patch: refresh
+
+-------------------------------------------------------------------
+Tue Sep  1 12:34:41 UTC 2020 - Michal Suchanek <msuchanek@suse.de>
+
+- Fix ppc32 build.
+  + ibmswtpm2-fix-ppc32.patch
+
+-------------------------------------------------------------------
+Mon Aug 17 16:59:04 UTC 2020 - Michal Suchanek <msuchanek@suse.de>
+
+- Update to upstream version 1637
+  * fixes build of ibmtss 1.5.0
+  * Refresh makefile.patch
+  * Drop upstreamed patches
+    - ibmswtpm2-fix-uninitialized.patch
+    - ibmswtpm2-fix-empty-decrypt.patch
+  * Fix use of uninitialized value:
+    + ibmswtpm2-TcpServerPosix-Fix-use-of-uninitialized-value.patch
+    + ibmswtpm2-NVDynamic-Fix-use-of-uninitialized-value.patch
+
+-------------------------------------------------------------------
+Mon Dec 23 12:06:22 UTC 2019 - mgerstner <matthias.gerstner@suse.com>
+
+- Add ibmswtpm2-fix-empty-decrypt.patch: Fix a corner case in the emulator
+  that causes an error when trying to RSA-decrypt an empty message
+  (bsc#1159510). This fix was confirmed to be by the upstream author and is
+  supposed to be contained in the next release.
+
+-------------------------------------------------------------------
+Thu Jul  4 17:02:41 UTC 2019 - Michal Suchanek <msuchanek@suse.de>
+
+- Update to upstream version 1332
+  * fixes build of ibmtpm v1470
+  * add ibmswtpm2-fix-uninitialized.patch
+  * run through spec-cleaner
+
+-------------------------------------------------------------------
+Thu Jan 18 08:31:26 UTC 2018 - msuchanek@suse.com
+
+- Enable bigendian build
+
+-------------------------------------------------------------------
+Tue Jan 16 11:33:14 UTC 2018 - vcizek@suse.com
+
+- Update to upstream version 1119
+  * adds openssl 1.1 support (bsc#1066916)
+- drop patches (upstream):
+  * bits.patch
+  * fix_unreferenced_macro-gcc7.patch
+
+-------------------------------------------------------------------
+Wed Nov  8 15:04:35 UTC 2017 - msuchanek@suse.com
+
+- Update to upstream version 974
+  - deal with openssl 1.0 vs 1.1 split (bsc#1066916)
+
+-------------------------------------------------------------------
+Mon Jun  5 11:49:18 UTC 2017 - msuchanek@suse.com
+
+- fix build with gcc7: fix_unreferenced_macro-gcc7.patch
+
+-------------------------------------------------------------------
+Tue Feb 14 12:16:37 UTC 2017 - msuchanek@suse.com
+
+- Drop a pointer cast hack in bits.patch. It builds without the hack.
+
+-------------------------------------------------------------------
+Wed Feb  8 09:38:18 UTC 2017 - jengelh@inai.de
+
+- Wrap description, drop empty scriptlets.
+
+-------------------------------------------------------------------
+Fri Jan 27 11:49:20 UTC 2017 - msuchanek@suse.com
+
+- Import version 832 (FATE#321601)
+- bits.patch: handle some 32/64bit issues
+- makefile.patch: some compiler flag adjustments

ibmswtpm2.spec

@@ -0,0 +1,68 @@
+#
+# spec file for package ibmswtpm2
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%define suite ibmtss
+%define download_version 164-2020-192.2
+%ifarch    ppc ppc64 s390 s390x
+%define extra_ccflags -DBIG_ENDIAN_TPM=1
+%else
+%define extra_ccflags ""
+%endif
+Name:           ibmswtpm2
+Version:        %(echo %{download_version} | tr '-' '+')
+Release:        0
+Summary:        IBM's Software TPM 2.0
+License:        BSD-3-Clause
+Group:          Development/Tools/Other
+URL:            https://github.com/kgoldman/ibmswtpm2
+Source:         https://github.com/kgoldman/ibmswtpm2/archive/rev%{download_version}.tar.gz#/%{name}-%{download_version}.tar.gz
+Patch0:         makefile.patch
+Patch1:         ibmswtpm2-TcpServerPosix-Fix-use-of-uninitialized-value.patch
+Patch2:         ibmswtpm2-NVDynamic-Fix-use-of-uninitialized-value.patch
+# PATCH-FIX-UPSTREAM https://github.com/kgoldman/ibmswtpm2/pull/13
+Patch3:         ibmswtpm2-Add-support-for-OpenSSL-3.2.x.patch
+BuildRequires:  libopenssl-devel >= 1.0
+
+%description
+An implementation of the TCG TPM 2.0 specification. It is based on
+the TPM specification Parts 3 and 4 source code donated by Microsoft,
+with additional files to complete the implementation.
+
+This TPM emulator listens on TCP ports (default 2321 and 2322) and
+saves state to the file "NVChip" in the current directory.
+
+It is probably not of much use other than testing the IBM TSS
+implementation because of this specific interface.
+
+%prep
+%autosetup -p 1 -n %{name}-rev%{download_version}
+
+%build
+cd src
+CCFLAGS="%{optflags} "%{extra_ccflags} make %{?_smp_mflags}
+
+%install
+cd src
+install -m 755 -D -t %{buildroot}/%{_libexecdir}/%{suite} tpm_server
+
+%files
+%dir %{_libexecdir}/%{suite}
+%{_libexecdir}/%{suite}/tpm_server
+%doc ibmtpm.doc
+
+%changelog

makefile.patch

@@ -0,0 +1,28 @@
+Index: ibmswtpm2-1682/src/makefile
+===================================================================
+--- ibmswtpm2-1682.orig/src/makefile
++++ ibmswtpm2-1682/src/makefile
+@@ -40,11 +40,11 @@
+ 
+ CC = /usr/bin/gcc
+ 
+-CCFLAGS = -Wall  			\
++CCFLAGS += -fno-strict-aliasing -fno-aggressive-loop-optimizations -Wno-unused-result \
+ 	-Wmissing-declarations -Wmissing-prototypes -Wnested-externs \
+-	-Werror -Wsign-compare \
++	-Werror -Wsign-compare -Wno-unused-value -Wno-aggressive-loop-optimizations \
+ 	-Wno-deprecated-declarations	\
+-	 -c -ggdb -O0 			\
++	 -c -ggdb 			\
+ 	-DTPM_POSIX			\
+ 	-D_POSIX_			\
+ 	-DTPM_NUVOTON
+@@ -55,7 +55,7 @@ CCFLAGS = -Wall  			\
+ #	--coverage			\
+ #	-fprofile-arcs -ftest-coverage
+ 
+-LNFLAGS = -ggdb 			\
++LNFLAGS += -ggdb 			\
+ 	-lcrypto			\
+ 	-lpthread			\
+ 	-lrt				\