From 616c93db729d3e5009b97d565a83a308939854d864e5d3ebb2304718fede4f00 Mon Sep 17 00:00:00 2001 From: Alberto Planas Dominguez Date: Mon, 13 Dec 2021 16:09:07 +0000 Subject: [PATCH] Accepting request 940292 from home:aplanas:branches:security - Update to version 0.1.0+git.1639176416.fc90088: * Code refactor to use updated tss-esapi - Drop add_property_tag_variant_for_maxcapbuffer.patch, included in the upstream crate OBS-URL: https://build.opensuse.org/request/show/940292 OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=7 --- _servicedata | 2 +- ...roperty_tag_variant_for_maxcapbuffer.patch | 43 ------------------- cargo_config | 5 +-- ...eylime-0.1.0+git.1637095429.d5a3191.tar.xz | 3 -- ...eylime-0.1.0+git.1639176416.fc90088.tar.xz | 3 ++ rust-keylime.changes | 8 ++++ rust-keylime.spec | 13 +----- vendor.tar.xz | 4 +- 8 files changed, 17 insertions(+), 64 deletions(-) delete mode 100644 add_property_tag_variant_for_maxcapbuffer.patch delete mode 100644 rust-keylime-0.1.0+git.1637095429.d5a3191.tar.xz create mode 100644 rust-keylime-0.1.0+git.1639176416.fc90088.tar.xz diff --git a/_servicedata b/_servicedata index 3f267d8..c73591a 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/keylime/rust-keylime.git - d5a31912eb9f69ea1c8fed59811089ff7c4ccebf \ No newline at end of file + fc90088c2ca50d7fca1a5f03c34eddc88810681a \ No newline at end of file diff --git a/add_property_tag_variant_for_maxcapbuffer.patch b/add_property_tag_variant_for_maxcapbuffer.patch deleted file mode 100644 index 18ab88a..0000000 --- a/add_property_tag_variant_for_maxcapbuffer.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 6dc9f3ccb0e5ce6561aeef73e9f757b4c193c3c4 Mon Sep 17 00:00:00 2001 -From: Rob Shearman -Date: Tue, 28 Sep 2021 14:22:10 +0100 -Subject: [PATCH] Add property tag variant for MaxCapBuffer - -As per "TCG TSS 2.0 Overview and Common Structures Specification" v0.9 -rev 03, and tpm2-tss >= 2.4.0, add a constant for -TPM2_PT_MAX_CAP_BUFFER and a corresponding PropertyTag variant, -MaxCapBuffer. - -This avoids an error for "value = 302 did not match any PropertyTag" -that may be seen with some TPM implementations. - -Signed-off-by: Rob Shearman ---- - tss-esapi/src/constants/property_tag.rs | 1 + - tss-esapi/src/constants/tss.rs | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/tss-esapi/src/constants/property_tag.rs b/tss-esapi/src/constants/property_tag.rs -index 1849efe5..db36c6ef 100644 ---- a/vendor/tss-esapi/src/constants/property_tag.rs -+++ b/vendor/tss-esapi/src/constants/property_tag.rs -@@ -56,6 +56,7 @@ pub enum PropertyTag { - VendorCommands = TPM2_PT_VENDOR_COMMANDS, - NvBufferMax = TPM2_PT_NV_BUFFER_MAX, - Modes = TPM2_PT_MODES, -+ MaxCapBuffer = TPM2_PT_MAX_CAP_BUFFER, - // Variable - Permanent = TPM2_PT_PERMANENT, - StartupClear = TPM2_PT_STARTUP_CLEAR, -diff --git a/tss-esapi/src/constants/tss.rs b/tss-esapi/src/constants/tss.rs -index 72d1eedb..03f412e7 100644 ---- a/vendor/tss-esapi/src/constants/tss.rs -+++ b/vendor/tss-esapi/src/constants/tss.rs -@@ -423,6 +423,7 @@ pub const TPM2_PT_LIBRARY_COMMANDS: TPM2_PT = TPM2_PT_FIXED + 42; /* number of c - pub const TPM2_PT_VENDOR_COMMANDS: TPM2_PT = TPM2_PT_FIXED + 43; /* number of vendor commands that are implemented */ - pub const TPM2_PT_NV_BUFFER_MAX: TPM2_PT = TPM2_PT_FIXED + 44; /* the maximum data size in one NV write command */ - pub const TPM2_PT_MODES: TPM2_PT = TPM2_PT_FIXED + 45; /* a TPMA_MODES value indicating that the TPM is designed for these modes. */ -+pub const TPM2_PT_MAX_CAP_BUFFER: TPM2_PT = TPM2_PT_FIXED + 46; /* the maximum size of a TPMS_CAPABILITY_DATA structure returned in TPM2_GetCapability(). */ - pub const TPM2_PT_VAR: TPM2_PT = TPM2_PT_GROUP * 2; /* the group of variable properties returned as TPMS_TAGGED_PROPERTY. The properties in this group change because of a Protected Capability other than a firmware update. The values are not necessarily persistent across all power transitions. */ - pub const TPM2_PT_PERMANENT: TPM2_PT = TPM2_PT_VAR + 0; /* TPMA_PERMANENT */ - pub const TPM2_PT_STARTUP_CLEAR: TPM2_PT = TPM2_PT_VAR + 1; /* TPMA_STARTUP_CLEAR */ diff --git a/cargo_config b/cargo_config index 9b81b48..e2342c9 100644 --- a/cargo_config +++ b/cargo_config @@ -1,9 +1,8 @@ [source.crates-io] replace-with = "vendored-sources" -[source."https://github.com/puiterwijk/rust-tss-esapi.git"] -git = "https://github.com/puiterwijk/rust-tss-esapi.git" -branch = "keylime" +[source."https://github.com/parallaxsecond/rust-tss-esapi.git"] +git = "https://github.com/parallaxsecond/rust-tss-esapi.git" replace-with = "vendored-sources" [source.vendored-sources] diff --git a/rust-keylime-0.1.0+git.1637095429.d5a3191.tar.xz b/rust-keylime-0.1.0+git.1637095429.d5a3191.tar.xz deleted file mode 100644 index e1c9d68..0000000 --- a/rust-keylime-0.1.0+git.1637095429.d5a3191.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9ff2e8753fdaf96f5d558f10e664f13208c88389fdd36a86a5cdd5a95ef53495 -size 99716 diff --git a/rust-keylime-0.1.0+git.1639176416.fc90088.tar.xz b/rust-keylime-0.1.0+git.1639176416.fc90088.tar.xz new file mode 100644 index 0000000..42bf9fd --- /dev/null +++ b/rust-keylime-0.1.0+git.1639176416.fc90088.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b100a419e2d552ea5ccdc4abf17b37e3fa90cf79d41d21f001f669d29340b485 +size 99852 diff --git a/rust-keylime.changes b/rust-keylime.changes index 948cdb8..7dcab02 100644 --- a/rust-keylime.changes +++ b/rust-keylime.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Dec 13 15:53:39 UTC 2021 - aplanas@suse.com + +- Update to version 0.1.0+git.1639176416.fc90088: + * Code refactor to use updated tss-esapi +- Drop add_property_tag_variant_for_maxcapbuffer.patch, included in + the upstream crate + ------------------------------------------------------------------- Wed Nov 24 13:48:07 UTC 2021 - Alberto Planas Dominguez diff --git a/rust-keylime.spec b/rust-keylime.spec index dfb530f..9374aec 100644 --- a/rust-keylime.spec +++ b/rust-keylime.spec @@ -18,7 +18,7 @@ %global rustflags '-Clink-arg=-Wl,-z,relro,-z,now' Name: rust-keylime -Version: 0.1.0+git.1637095429.d5a3191 +Version: 0.1.0+git.1639176416.fc90088 Release: 0 Summary: Rust implementation of the keylime agent License: Apache-2.0 AND MIT @@ -30,8 +30,6 @@ Source3: keylime_agent.service Source4: keylime.xml # PATCH-FIX-OPENSUSE keylime.conf.diff Patch1: keylime.conf.diff -# PATCH-FIX-UPSTREAM add_property_tag_variant_for_maxcapbuffer.patch -Patch2: add_property_tag_variant_for_maxcapbuffer.patch BuildRequires: cargo BuildRequires: firewall-macros BuildRequires: libarchive-devel @@ -53,15 +51,6 @@ monitoring system. mkdir .cargo cp %{SOURCE2} .cargo/config -# We patched a vendored component, we cannot use it as cargo will -# validate the source hash. The solution is move it out and add a -# [patch] section in Cargo.toml -mv vendor/tss-esapi . -cat <> Cargo.toml -[patch.crates-io] -tss-esapi = { path = "tss-esapi" } -EOF - %build RUSTFLAGS=%{rustflags} cargo build --release diff --git a/vendor.tar.xz b/vendor.tar.xz index 9307aae..8b1c509 100644 --- a/vendor.tar.xz +++ b/vendor.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:5aec49064dfd5872ddac53168ddf2a1956b122eb6a687e67bed81b9e2168f9d7 -size 15777356 +oid sha256:4f93de890a7e1817a88878a2d63b0d5c40ffe4caf38327a60981fdd27440f336 +size 15894580