SHA256
1
0
forked from pool/tpm2.0-tools

Accepting request 500551 from security

- tpm2.0-tools-fix-hardening.patch: do not disable fortify,
  do not use -Wstack-protector as it warns also for non-utilized
  functions and then -Werror fails.
- tpm2.0-tools-fix-gcc7.patch: fixed gcc7 case fallthrough errors

- Major update to 2.0.0
  - dropped fixes.patch, now part of the upstream version
  - a set of man pages have been added to the package
  - Upstream changes:
    * Tracked on the milestone: https://github.com/01org/tpm2.0-tools/milestone/2
    * Reworked all the tools to support configurable TCTIs, based on build time
      configuration, one can specify the tcti via the --tcti (-T) option to all
      tools.
    * tpm2_getrandom interface made -s a positional argument.
    * Numerous bug fixes.

OBS-URL: https://build.opensuse.org/request/show/500551
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tpm2.0-tools?expand=0&rev=4
This commit is contained in:
Dominique Leuenberger 2017-06-04 00:00:01 +00:00 committed by Git OBS Bridge
commit 7a34ca473f
7 changed files with 71 additions and 31 deletions

3
2.0.0.zip Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:677458f94a1d29662cb2d02401c086d381c3642c1288374b802975e6581c9231
size 318022

View File

@ -1,25 +0,0 @@
Index: tpm2.0-tools-1.1.0/src/tpm2_listpcrs.cpp
===================================================================
--- tpm2.0-tools-1.1.0.orig/src/tpm2_listpcrs.cpp
+++ tpm2.0-tools-1.1.0/src/tpm2_listpcrs.cpp
@@ -159,7 +159,7 @@ int readPcrValues()
return 0;
}
-int preparePcrSelections_g(TPMI_ALG_HASH algId)
+void preparePcrSelections_g(TPMI_ALG_HASH algId)
{
UINT32 pcrId = 0;
Index: tpm2.0-tools-1.1.0/src/tpm2_rc_decode.c
===================================================================
--- tpm2.0-tools-1.1.0.orig/src/tpm2_rc_decode.c
+++ tpm2.0-tools-1.1.0/src/tpm2_rc_decode.c
@@ -246,6 +246,7 @@ print_tpm_rc_tpm_error_code (TPM_RC rc)
fprintf (stderr, "Unknown TPM_RC format\n");
return -1;
}
+ return 0;
}
/* Top level function to dump human readable data about TPM_RCs.
*/

View File

@ -0,0 +1,26 @@
Index: tpm2.0-tools-2.0.0/tools/main.c
===================================================================
--- tpm2.0-tools-2.0.0.orig/tools/main.c
+++ tpm2.0-tools-2.0.0/tools/main.c
@@ -61,7 +61,7 @@ main (int argc,
execute_man (argv[0], envp);
fprintf (stderr,
"failed to load manpage, check your environment / PATH\n");
- /* no break */
+ /* FALLTHROUGH */
case 2:
exit (1);
}
Index: tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
===================================================================
--- tpm2.0-tools-2.0.0.orig/tools/tpm2_dump_capability.c
+++ tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
@@ -595,7 +595,7 @@ dump_tpm_capability (TPMU_CAPABILITIES
case TPM_CAP_COMMANDS:
dump_command_attr_array (capabilities->command.commandAttributes,
capabilities->command.count);
- /* no break */
+ /* FALLTHROUGH */
default:
return 1;
}

View File

@ -0,0 +1,14 @@
--- tpm2.0-tools-2.0.0/configure.ac.fix 2017-06-02 09:15:49.118425187 +0200
+++ tpm2.0-tools-2.0.0/configure.ac 2017-06-02 09:15:59.698416673 +0200
@@ -100,11 +100,9 @@
add_hardened_c_flag([-Wformat])
add_hardened_c_flag([-Wformat-security])
- add_hardened_c_flag([-Wstack-protector])
add_hardened_c_flag([-fstack-protector-all])
add_hardened_define_flag([-D_FORTIFY_SOURCE=2])
- add_hardened_define_flag([-U_FORTIFY_SOURCE])
add_hardened_c_flag([-fPIC])
add_hardened_ld_flag([[-shared]])

View File

@ -1,3 +1,25 @@
-------------------------------------------------------------------
Fri Jun 2 07:16:45 UTC 2017 - meissner@suse.com
- tpm2.0-tools-fix-hardening.patch: do not disable fortify,
do not use -Wstack-protector as it warns also for non-utilized
functions and then -Werror fails.
- tpm2.0-tools-fix-gcc7.patch: fixed gcc7 case fallthrough errors
-------------------------------------------------------------------
Wed May 10 11:52:40 UTC 2017 - matthias.gerstner@suse.com
- Major update to 2.0.0
- dropped fixes.patch, now part of the upstream version
- a set of man pages have been added to the package
- Upstream changes:
* Tracked on the milestone: https://github.com/01org/tpm2.0-tools/milestone/2
* Reworked all the tools to support configurable TCTIs, based on build time
configuration, one can specify the tcti via the --tcti (-T) option to all
tools.
* tpm2_getrandom interface made -s a positional argument.
* Numerous bug fixes.
-------------------------------------------------------------------
Mon Mar 6 16:23:15 UTC 2017 - meissner@suse.com

View File

@ -17,14 +17,15 @@
Name: tpm2.0-tools
Version: 1.1.0
Version: 2.0.0
Release: 0
Summary: Trusted Platform Module (TPM) 2.0 administration tools
License: BSD-3-Clause
Group: Productivity/Security
Url: https://github.com/01org/tpm2.0-tools
Source0: https://github.com/01org/tpm2.0-tools/archive/v%{version}.zip
Patch0: fixes.patch
Source0: https://github.com/01org/tpm2.0-tools/archive/%{version}.zip
Patch0: tpm2.0-tools-fix-hardening.patch
Patch1: tpm2.0-tools-fix-gcc7.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: gcc-c++
@ -46,6 +47,7 @@ associated interfaces.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%build
bash ./bootstrap
@ -63,5 +65,6 @@ find %{buildroot} -type f -name "*.la" -delete -print
%defattr(-,root,root)
%doc README.md manual LICENSE
/usr/sbin/tpm2_*
%{_mandir}/man8/tpm2_*
%changelog

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8410472b4166035beba9eedc54c7f499666aee1d0258706eb0c9ddf7052e0dbb
size 251778