From fe1ddf8a2e0c71a1cde70f0b38a389f5e71bba0571306fe91eff3cbf2c146cec Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.com>
Date: Thu, 19 May 2016 10:40:21 +0000
Subject: [PATCH] - Updated to 1.9.4/20160518 (FATE#320665)   Added TPM 2.0 CRB
 support   Increased BSP and AP stacks to avoid stack overflow   Added an
 ACPI_RSDP structure g_rsdp in tboot to avoid potential memory overwritten
 issue on TPM 2.0 UEFI platforms   Added support to both Intel TPM nv index
 set and TCG TPM nv index set   grub2: tboot doesn't skip first argument any
 more   grub2: sanitize whitespace in command lines   grub2: Allow addition of
 policy data in grub.cfg   grub2 support: allow the user to customize the
 command line   Mitigated S3 resume delay by adjusting LZ_MAX_OFFSET to 5000
 in lz.c.   Added SGX TPM  nv index support   Add 64 bit ELF object support  
 Gentoo Hardened, which uses the GRSecurity and PaX patch sets   Disable
 -fstack-check in CFLAG for compatibility with Gentoo Linux.   Enhanced tboot
 compatiblity running on non-Intel TXT platform with a fix of is_launched()  
 LCP documentation improvements - tboot-grub2-suse.patch: refreshed -
 tboot-grub2-fix-xen-submenu-name.patch: refreshed

OBS-URL: https://build.opensuse.org/package/show/security/tboot?expand=0&rev=46
---
 tboot-1.9.4.tar.gz                     |  3 ++
 tboot-grub2-fix-xen-submenu-name.patch | 10 +++---
 tboot-grub2-suse.patch                 | 44 ++++++++++++--------------
 tboot.changes                          | 22 +++++++++++++
 tboot.spec                             |  6 ++--
 5 files changed, 53 insertions(+), 32 deletions(-)
 create mode 100644 tboot-1.9.4.tar.gz

diff --git a/tboot-1.9.4.tar.gz b/tboot-1.9.4.tar.gz
new file mode 100644
index 0000000..b3f3921
--- /dev/null
+++ b/tboot-1.9.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7167e5615def4ac0f25b2f9139b3d361a0a20d91386d80b1d865107b3f552f39
+size 2107175
diff --git a/tboot-grub2-fix-xen-submenu-name.patch b/tboot-grub2-fix-xen-submenu-name.patch
index 30fbc71..4b9b787 100644
--- a/tboot-grub2-fix-xen-submenu-name.patch
+++ b/tboot-grub2-fix-xen-submenu-name.patch
@@ -4,13 +4,13 @@ Subject: fix xen submenu name to show tboot version
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.8.3/tboot/20_linux_xen_tboot
+Index: tboot-1.9.4/tboot/20_linux_xen_tboot
 ===================================================================
---- tboot-1.8.3.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.8.3/tboot/20_linux_xen_tboot
-@@ -187,7 +187,7 @@ while [ "x${xen_list}" != "x" ] ; do
+--- tboot-1.9.4.orig/tboot/20_linux_xen_tboot
++++ tboot-1.9.4/tboot/20_linux_xen_tboot
+@@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do
          rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname`
-         tboot_version="1.8.3"
+         tboot_version="1.9.4"
          list="${linux_list}"
 -        echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 +        echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"
diff --git a/tboot-grub2-suse.patch b/tboot-grub2-suse.patch
index 4024131..9e10e1b 100644
--- a/tboot-grub2-suse.patch
+++ b/tboot-grub2-suse.patch
@@ -1,28 +1,24 @@
-Index: tboot-1.8.0/tboot/20_linux_tboot
+Index: tboot-1.9.4/tboot/20_linux_tboot
 ===================================================================
---- tboot-1.8.0.orig/tboot/20_linux_tboot
-+++ tboot-1.8.0/tboot/20_linux_tboot
-@@ -21,8 +21,8 @@ prefix=/usr
- exec_prefix=${prefix}
- bindir=${exec_prefix}/bin
- libdir=${exec_prefix}/lib
--if test -e /usr/share/grub/grub-mkconfig_lib; then
--  . /usr/share/grub/grub-mkconfig_lib
-+if test -e /usr/share/grub2/grub-mkconfig_lib; then
-+  . /usr/share/grub2/grub-mkconfig_lib
- elif test -e ${libdir}/grub/grub-mkconfig_lib; then
-   . ${libdir}/grub/grub-mkconfig_lib
- fi
-Index: tboot-1.8.0/tboot/20_linux_xen_tboot
-===================================================================
---- tboot-1.8.0.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.8.0/tboot/20_linux_xen_tboot
-@@ -21,8 +21,8 @@ prefix=/usr
- exec_prefix=${prefix}
- bindir=${exec_prefix}/bin
- libdir=${exec_prefix}/lib
--if test -e /usr/share/grub/grub-mkconfig_lib; then
--  . /usr/share/grub/grub-mkconfig_lib
+--- tboot-1.9.4.orig/tboot/20_linux_tboot
++++ tboot-1.9.4/tboot/20_linux_tboot
+@@ -24,6 +24,8 @@ libdir=${exec_prefix}/lib
+ sysconfdir=/etc
+ if test -e /usr/share/grub/grub-mkconfig_lib; then
+   . /usr/share/grub/grub-mkconfig_lib
++elif test -e /usr/share/grub2/grub-mkconfig_lib; then
++  . /usr/share/grub2/grub-mkconfig_lib
+ elif test -e ${libdir}/grub/grub-mkconfig_lib; then
+   . ${libdir}/grub/grub-mkconfig_lib
+ fi
+Index: tboot-1.9.4/tboot/20_linux_xen_tboot
+===================================================================
+--- tboot-1.9.4.orig/tboot/20_linux_xen_tboot
++++ tboot-1.9.4/tboot/20_linux_xen_tboot
+@@ -24,6 +24,8 @@ libdir=${exec_prefix}/lib
+ sysconfdir=/etc
+ if test -e /usr/share/grub/grub-mkconfig_lib; then
+   . /usr/share/grub/grub-mkconfig_lib
 +if test -e /usr/share/grub2/grub-mkconfig_lib; then
 +  . /usr/share/grub2/grub-mkconfig_lib
  elif test -e ${libdir}/grub/grub-mkconfig_lib; then
diff --git a/tboot.changes b/tboot.changes
index ed65d50..1965f94 100644
--- a/tboot.changes
+++ b/tboot.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Thu May 19 10:35:27 UTC 2016 - meissner@suse.com
+
+- Updated to 1.9.4/20160518 (FATE#320665)
+  Added TPM 2.0 CRB support
+  Increased BSP and AP stacks to avoid stack overflow 
+  Added an ACPI_RSDP structure g_rsdp in tboot to avoid potential memory overwritten issue on TPM 2.0 UEFI platforms
+  Added support to both Intel TPM nv index set and TCG TPM nv index set
+  grub2: tboot doesn't skip first argument any more
+  grub2: sanitize whitespace in command lines        
+  grub2: Allow addition of policy data in grub.cfg
+  grub2 support: allow the user to customize the command line
+  Mitigated S3 resume delay by adjusting LZ_MAX_OFFSET to 5000 in lz.c.        
+  Added SGX TPM  nv index support
+  Add 64 bit ELF object support
+  Gentoo Hardened, which uses the GRSecurity and PaX patch sets
+  Disable -fstack-check in CFLAG for compatibility with Gentoo Linux.
+  Enhanced tboot compatiblity running on non-Intel TXT platform with a fix of is_launched()
+  LCP documentation improvements
+- tboot-grub2-suse.patch: refreshed
+- tboot-grub2-fix-xen-submenu-name.patch: refreshed
+
 -------------------------------------------------------------------
 Fri May  8 12:08:52 UTC 2015 - meissner@suse.com
 
diff --git a/tboot.spec b/tboot.spec
index 4ccb099..f0b2246 100644
--- a/tboot.spec
+++ b/tboot.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:           tboot
-%define ver 1.8.3
-Version:        20140728_1.8.3
+%define ver 1.9.4
+Version:        20160518_1.9.4
 Release:        0
 Summary:        Performs a verified launch using Intel(R) TXT
 License:        BSD-3-Clause