Accepting request 453674 from home:michals

TPM 2.0 emulator (for testing ibmtss during build)

OBS-URL: https://build.opensuse.org/request/show/453674
OBS-URL: https://build.opensuse.org/package/show/security/ibmswtpm2?expand=0&rev=1

.gitattributes

@@ -0,0 +1,25 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
+## Specific LFS patterns
+ibmtpm832.tar filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

bits.patch

@@ -0,0 +1,78 @@
+diff -ur ibmtpm832/src/Implementation.h ibmswtpm2-832/src/Implementation.h
+--- ibmtpm832/src/Implementation.h	2016-11-18 22:42:16.000000000 +0100
++++ ibmswtpm2-832/src/Implementation.h	2017-01-30 17:36:16.279264575 +0100
+@@ -301,7 +301,11 @@
+ /* From Vendor-Specific: Table 7 - Defines for Implementation Values */
+ #define  FIELD_UPGRADE_IMPLEMENTED      NO
+ #ifdef TPM_POSIX
++#if defined(__LP64__) || defined(_LP64)
+ #define  RADIX_BITS                     64	/* kgold */
++#else
++#define  RADIX_BITS                     32	/* kgold */
++#endif
+ #endif
+ #ifdef TPM_WINDOWS
+ #define  RADIX_BITS                     32	/* kgold */
+diff -ur ibmtpm832/src/Clock.c ibmswtpm2-832/src/Clock.c
+--- ibmtpm832/src/Clock.c	2016-11-18 22:41:02.000000000 +0100
++++ ibmswtpm2-832/src/Clock.c	2017-01-30 17:55:23.251624384 +0100
+@@ -164,7 +164,7 @@
+ 	clock_t         timeDiff;
+     uint64_t        adjusted;
+     /* TOP is a base line or reference point, and BOTTOM is the current scale factor. */
+-#   define  TOP     (CLOCKS_PER_SEC * CLOCK_NOMINAL)	/* kgold */
++#   define  TOP     ((uint64_t)CLOCKS_PER_SEC * CLOCK_NOMINAL)	/* kgold */
+     /* #   define  BOTTOM  ((uint64_t)s_adjustRate * CLOCKS_PER_SEC) */
+ #   define  BOTTOM  ((uint64_t)s_adjustRate * CLOCKS_PER_SEC)
+     // Save the value previously read from the system clock
+
+For some reason on 32bit this does not build. The OpenSSL d is unsigned int
+AFAICT and the swtpm d is uint32_t. gcc does not tell what pointer types it
+compares when it gives a mismatch error. Use an inline function so the pointers
+are passed as arguments and any mismatch is reported including exact type.
+
+diff -ur ibmtpm832/src/TpmToOsslMath.c ibmswtpm2-832/src/TpmToOsslMath.c
+--- ibmtpm832/src/TpmToOsslMath.c	2016-11-16 19:31:54.000000000 +0100
++++ ibmswtpm2-832/src/TpmToOsslMath.c	2017-01-31 19:27:28.229651500 +0100
+@@ -88,6 +88,23 @@
+ 	}
+ }
+ #endif
++#if (RADIX_BITS == 32)
++#define        ossl_crypt_uword_t      unsigned int
++#elif (RADIX_BITS == 64)
++#define        ossl_crypt_uword_t      unsigned long int
++#endif
++
++static int d_equal(const ossl_crypt_uword_t * d1, const crypt_uword_t *d2)
++{
++  pAssert(sizeof(ossl_crypt_uword_t) == sizeof(crypt_uword_t));
++  return (const void *)d1 == (const void *)d2;
++}
++static void d_assign(ossl_crypt_uword_t ** d, const crypt_uword_t * src)
++{
++  pAssert(sizeof(ossl_crypt_uword_t) == sizeof(crypt_uword_t));
++  *d=(ossl_crypt_uword_t *)src;
++}
++
+ /* B.2.3.2.3.1. OsslToTpmBn() */
+ /* This function converts an OpenSSL() BIGNUM to a TPM bignum. In this implementation it is assumed
+    that OpenSSL() used the same format for a big number as does the TPM -- an array of native-endian
+@@ -102,7 +119,7 @@
+ {
+     if(bn != NULL)
+ 	{
+-	    if(osslBn->d != bn->d)
++	    if(!d_equal(osslBn->d, bn->d))
+ 		{
+ 		    int         i;
+ 		    pAssert((unsigned)osslBn->top <= BnGetAllocated(bn));
+@@ -120,7 +137,7 @@
+ {
+     if(toInit == NULL || initializer == NULL)
+ 	return NULL;
+-    toInit->d = (crypt_uword_t *)&initializer->d[0];
++    d_assign(&toInit->d, initializer->d);
+     toInit->dmax = initializer->allocated;
+     toInit->top = initializer->size;
+     toInit->neg = 0;

ibmswtpm2.changes

@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Fri Jan 27 11:49:20 UTC 2017 - msuchanek@suse.com
+
+- Import version 832

ibmswtpm2.spec

@@ -0,0 +1,62 @@
+#
+# spec file for package ibmtss
+#
+# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+%define suite ibmtss
+
+Name:           ibmswtpm2
+Version: 832
+Release: 0
+License: BSD-3-Clause
+Summary: IBM's Software TPM 2.0
+Url: https://sourceforge.net/projects/ibmswtpm2
+Group: Development/Tools
+Source: ibmtpm%{version}.tar
+Patch1: makefile.patch
+Patch2: bits.patch
+# FIXME this is broken on BE - upstream is waiting for current spec testing to finish before porting
+ExcludeArch: ppc ppc64 s390 s390x
+BuildRequires: libopenssl-devel < 1.1, libopenssl-devel >= 1.0
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+
+%description
+An implementation of the TCG TPM 2.0 specification. It is based on the TPM specification Parts 3 and 4 source code donated by Microsoft, with additional files to complete the implementation.
+
+This TPM emulator listens on TCP ports (default 2321 and 2322) and saves state to file NVChip in current directory.
+
+It is probably not of much use other than testing the IBM TSS implementation because of this specific interface.
+
+%prep
+%setup -c -q
+%patch1 -p 1
+%patch2 -p 1
+
+%build
+cd src
+CCFLAGS="%{optflags}" make %{?_smp_mflags}
+
+%install
+cd src
+install -m 755 -D -t %{buildroot}/%{_libexecdir}/%{suite} tpm_server
+
+%post
+
+%postun
+
+%files
+%defattr(-,root,root)
+%dir %{_libexecdir}/%{suite}
+%{_libexecdir}/%{suite}/tpm_server
+%doc ibmtpm.doc

ibmtpm832.tar

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cd5aa466292c6a5bd957496987235acb405210d9a860f9286d7944ac1c1cf1d8
+size 552189

makefile.patch

@@ -0,0 +1,23 @@
+--- ibmtpm832/src/makefile~	2017-01-30 16:31:06.903692292 +0100
++++ ibmtpm832/src/makefile	2017-01-30 16:31:17.391841670 +0100
+@@ -41,16 +41,16 @@
+ 
+ CC = /usr/bin/gcc
+ 
+-CCFLAGS = -Wall  			\
++CCFLAGS += -fno-strict-aliasing -fno-aggressive-loop-optimizations -Wno-unused-result \
+ 	-Wmissing-declarations -Wmissing-prototypes -Wnested-externs \
+-	-Werror -Wsign-compare \
++	-Werror -Wsign-compare -Wno-unused-value -Wno-aggressive-loop-optimizations \
+-	 -c -ggdb -O0 			\
++	 -c -ggdb -O 			\
+ 	-DTPM_POSIX			\
+ 	-D_POSIX_			\
+ 	-I../utils			\
+ 	-I.
+ 
+-LNFLAGS = -ggdb 			\
++LNFLAGS += -ggdb 			\
+ 	-DTPM_POSIX			\
+ 	-lcrypto			\
+ 	-lpthread			\