forked from pool/tpm2.0-tools
Accepting request 517972 from security
- update to version 2.1.0: - dropped 0002-kdfa-use-openssl-for-hmac-not-tpm.patch, was backported upstream in commit 788a17abbe0000c560935ef9f31c9a6892d9ea33 - this version now can interact with the new resource manager tpm2.0-abrmd - Upstream changes: * Fix readx and writex on multiple EINTR returns. * Add support for the tabrmd TCTI. This is the new default. * Change default socket port from 2323 (the old resourcemgr) to 2321 (default simulator port). * Cherry-pick fix for CVE-2017-7524. * Fix tpm2_listpcr command line option handling. * Fix tpm2_getmanufec memory issues. (forwarded request 517963 from mgerstner) OBS-URL: https://build.opensuse.org/request/show/517972 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tpm2.0-tools?expand=0&rev=8
This commit is contained in:
commit
f8ff91ad97
@ -22,11 +22,11 @@ Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
|
||||
tools/tpm2_listpcrs.c | 55 +++++++++++++++++++++++++--------------------------
|
||||
1 file changed, 27 insertions(+), 28 deletions(-)
|
||||
|
||||
diff --git a/tools/tpm2_listpcrs.c b/tools/tpm2_listpcrs.c
|
||||
index f50c200..42bb8c6 100644
|
||||
--- a/tools/tpm2_listpcrs.c
|
||||
+++ b/tools/tpm2_listpcrs.c
|
||||
@@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_context *context) {
|
||||
Index: tpm2-tools-2.1.0/tools/tpm2_listpcrs.c
|
||||
===================================================================
|
||||
--- tpm2-tools-2.1.0.orig/tools/tpm2_listpcrs.c
|
||||
+++ tpm2-tools-2.1.0/tools/tpm2_listpcrs.c
|
||||
@@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_cont
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -38,14 +38,15 @@ index f50c200..42bb8c6 100644
|
||||
- pcr_selections->pcrSelections[0].hash = alg_id;
|
||||
- set_pcr_select_size(&pcr_selections->pcrSelections[0], 3);
|
||||
- clear_pcr_select_bits(&pcr_selections->pcrSelections[0]);
|
||||
-
|
||||
- UINT32 pcr_id;
|
||||
- for (pcr_id = 0; pcr_id < 24; pcr_id++) {
|
||||
- set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id);
|
||||
+ TPMI_YES_NO moreData;
|
||||
+ TPMS_CAPABILITY_DATA cap_data;
|
||||
+ TPML_PCR_SELECTION *pcr_sel = &context->pcr_selections;
|
||||
+ UINT32 rval, i, j;
|
||||
|
||||
- UINT32 pcr_id;
|
||||
- for (pcr_id = 0; pcr_id < 24; pcr_id++) {
|
||||
- set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id);
|
||||
+
|
||||
+ rval = Tss2_Sys_GetCapability(context->sapi_context, 0, TPM_CAP_PCRS, 0, 1, &moreData, &cap_data, 0);
|
||||
+ if (rval != TPM_RC_SUCCESS) {
|
||||
+ LOG_ERR("GetCapability: Get PCR allocation status Error. TPM Error:0x%x......\n", rval);
|
||||
@ -56,9 +57,21 @@ index f50c200..42bb8c6 100644
|
||||
-/* XXX Could this internally call init_pcr_selection_from_algorithm to reduce duplicate code? */
|
||||
-static void init_pcr_selection_all(tpm2_algorithm *algorithm,
|
||||
- TPML_PCR_SELECTION *pcr_selections) {
|
||||
-
|
||||
- pcr_selections->count = 0;
|
||||
-
|
||||
- int i;
|
||||
- for (i = 0; i < algorithm->count; i++) {
|
||||
- pcr_selections->pcrSelections[i].hash = algorithm->alg[i];
|
||||
- set_pcr_select_size(&pcr_selections->pcrSelections[i], 3);
|
||||
- clear_pcr_select_bits(&pcr_selections->pcrSelections[i]);
|
||||
+ pcr_sel->count = 0;
|
||||
|
||||
- pcr_selections->count = 0;
|
||||
- UINT32 pcr_id;
|
||||
- for (pcr_id = 0; pcr_id < 24; pcr_id++) {
|
||||
- set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id);
|
||||
- }
|
||||
- pcr_selections->count++;
|
||||
+ for (i = 0; i < cap_data.data.assignedPCR.count; i++) {
|
||||
+ if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != alg_id))
|
||||
+ continue;
|
||||
@ -67,27 +80,16 @@ index f50c200..42bb8c6 100644
|
||||
+ for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; j++)
|
||||
+ pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j];
|
||||
+ pcr_sel->count++;
|
||||
+ }
|
||||
|
||||
- int i;
|
||||
- for (i = 0; i < algorithm->count; i++) {
|
||||
- pcr_selections->pcrSelections[i].hash = algorithm->alg[i];
|
||||
- set_pcr_select_size(&pcr_selections->pcrSelections[i], 3);
|
||||
- clear_pcr_select_bits(&pcr_selections->pcrSelections[i]);
|
||||
}
|
||||
+
|
||||
+ if (pcr_sel->count == 0)
|
||||
+ return false;
|
||||
|
||||
- UINT32 pcr_id;
|
||||
- for (pcr_id = 0; pcr_id < 24; pcr_id++) {
|
||||
- set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id);
|
||||
- }
|
||||
- pcr_selections->count++;
|
||||
- }
|
||||
+
|
||||
+ return true;
|
||||
}
|
||||
|
||||
// show all PCR banks according to g_pcrSelection & g_pcrs->
|
||||
@@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_context *context) {
|
||||
@@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_cont
|
||||
context->pcr_selections.pcrSelections[i].hash);
|
||||
|
||||
UINT32 pcr_id;
|
||||
@ -96,7 +98,7 @@ index f50c200..42bb8c6 100644
|
||||
if (!is_pcr_select_bit_set(&context->pcr_selections.pcrSelections[i],
|
||||
pcr_id)) {
|
||||
continue;
|
||||
@@ -271,14 +268,16 @@ static bool show_selected_pcr_values(listpcr_context *context) {
|
||||
@@ -271,14 +268,16 @@ static bool show_selected_pcr_values(lis
|
||||
|
||||
static bool show_all_pcr_values(listpcr_context *context) {
|
||||
|
||||
@ -115,6 +117,3 @@ index f50c200..42bb8c6 100644
|
||||
|
||||
return show_selected_pcr_values(context);
|
||||
}
|
||||
--
|
||||
2.12.3
|
||||
|
||||
|
@ -1,207 +0,0 @@
|
||||
From c5d72beaab1cbbbe68271f4bc4b6670d69985157 Mon Sep 17 00:00:00 2001
|
||||
From: William Roberts <william.c.roberts@intel.com>
|
||||
Date: Wed, 21 Jun 2017 09:32:32 -0700
|
||||
Subject: [PATCH] kdfa: use openssl for hmac not tpm
|
||||
|
||||
While not reachable in the current code base tools, a potential
|
||||
security bug lurked in tpm_kdfa().
|
||||
|
||||
If using that routine for an hmac authorization, the hmac was
|
||||
calculated using the tpm. A user of an object wishing to
|
||||
authenticate via hmac, would expect that the password is never
|
||||
sent to the tpm. However, since the hmac calculation relies on
|
||||
password, and is performed by the tpm, the password ends up
|
||||
being sent in plain text to the tpm.
|
||||
|
||||
The fix is to use openssl to generate the hmac on the host.
|
||||
|
||||
Fixes: CVE-2017-7524
|
||||
|
||||
Signed-off-by: William Roberts <william.c.roberts@intel.com>
|
||||
---
|
||||
Makefile.am | 4 +--
|
||||
configure.ac | 3 ++-
|
||||
lib/tpm_kdfa.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++--------
|
||||
lib/tpm_kdfa.h | 2 +-
|
||||
lib/tpm_session.c | 2 +-
|
||||
5 files changed, 72 insertions(+), 15 deletions(-)
|
||||
|
||||
Index: tpm2.0-tools-2.0.0/Makefile.am
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/Makefile.am
|
||||
+++ tpm2.0-tools-2.0.0/Makefile.am
|
||||
@@ -35,10 +35,10 @@ ACLOCAL_AMFLAGS = -I m4
|
||||
INCLUDE_DIRS = -I$(srcdir)/src -I$(srcdir)/lib
|
||||
LIB_COMMON := lib/libcommon.a
|
||||
|
||||
-AM_CFLAGS := $(INCLUDE_DIRS) $(TPM20_TSS_CFLAGS) $(EXTRA_CFLAGS)
|
||||
+AM_CFLAGS := $(INCLUDE_DIRS) $(TPM20_TSS_CFLAGS) $(EXTRA_CFLAGS) $(CRYPTO_FLAGS)
|
||||
AM_LDFLAGS := $(EXTRA_LDFLAGS)
|
||||
|
||||
-LDADD = $(LIB_COMMON) $(TPM20_TSS_LIBS) $(TCTI_SOCK_LIBS) $(TCTI_DEV_LIBS)
|
||||
+LDADD = $(LIB_COMMON) $(TPM20_TSS_LIBS) $(TCTI_SOCK_LIBS) $(TCTI_DEV_LIBS) $(CRYPTO_LIBS)
|
||||
|
||||
sbin_PROGRAMS = \
|
||||
tools/tpm2_create \
|
||||
Index: tpm2.0-tools-2.0.0/configure.ac
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/configure.ac
|
||||
+++ tpm2.0-tools-2.0.0/configure.ac
|
||||
@@ -49,7 +49,8 @@ AS_IF(
|
||||
[AC_MSG_ERROR(
|
||||
[no TCTIs: at least one TCTI library must be enabled],
|
||||
[1])])
|
||||
-PKG_CHECK_MODULES([CURL],[libcurl libcrypto])
|
||||
+PKG_CHECK_MODULES([CRYPTO],[libcrypto])
|
||||
+PKG_CHECK_MODULES([CURL],[libcurl])
|
||||
AC_ARG_ENABLE([unit],
|
||||
[AS_HELP_STRING([--enable-unit],
|
||||
[build cmocka unit tests (default is no)])],
|
||||
Index: tpm2.0-tools-2.0.0/lib/tpm_kdfa.c
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/lib/tpm_kdfa.c
|
||||
+++ tpm2.0-tools-2.0.0/lib/tpm_kdfa.c
|
||||
@@ -27,20 +27,40 @@
|
||||
|
||||
#include <sapi/tpm20.h>
|
||||
|
||||
+ #include <openssl/err.h>
|
||||
+#include <openssl/hmac.h>
|
||||
+
|
||||
#include "string-bytes.h"
|
||||
#include "tpm_hmac.h"
|
||||
+#include "log.h"
|
||||
+
|
||||
+static const EVP_MD *tpm_algorithm_to_openssl_digest(TPMI_ALG_HASH algorithm) {
|
||||
|
||||
-TPM_RC tpm_kdfa(TSS2_SYS_CONTEXT *sapi_context, TPMI_ALG_HASH hashAlg,
|
||||
+ switch(algorithm) {
|
||||
+ case TPM_ALG_SHA1:
|
||||
+ return EVP_sha1();
|
||||
+ case ALG_SHA256_VALUE:
|
||||
+ return EVP_sha256();
|
||||
+ case TPM_ALG_SHA384:
|
||||
+ return EVP_sha384();
|
||||
+ case TPM_ALG_SHA512:
|
||||
+ return EVP_sha512();
|
||||
+ default:
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ /* no return, not possible */
|
||||
+}
|
||||
+
|
||||
+TPM_RC tpm_kdfa(TPMI_ALG_HASH hashAlg,
|
||||
TPM2B *key, char *label, TPM2B *contextU, TPM2B *contextV, UINT16 bits,
|
||||
TPM2B_MAX_BUFFER *resultKey )
|
||||
{
|
||||
- TPM2B_DIGEST tmpResult;
|
||||
TPM2B_DIGEST tpm2bLabel, tpm2bBits, tpm2b_i_2;
|
||||
UINT8 *tpm2bBitsPtr = &tpm2bBits.t.buffer[0];
|
||||
UINT8 *tpm2b_i_2Ptr = &tpm2b_i_2.t.buffer[0];
|
||||
TPM2B_DIGEST *bufferList[8];
|
||||
UINT32 bitsSwizzled, i_Swizzled;
|
||||
- TPM_RC rval;
|
||||
+ TPM_RC rval = TPM_RC_SUCCESS;
|
||||
int i, j;
|
||||
UINT16 bytes = bits / 8;
|
||||
|
||||
@@ -64,8 +84,24 @@ TPM_RC tpm_kdfa(TSS2_SYS_CONTEXT *sapi_c
|
||||
|
||||
i = 1;
|
||||
|
||||
+ const EVP_MD *md = tpm_algorithm_to_openssl_digest(hashAlg);
|
||||
+ if (!md) {
|
||||
+ LOG_ERR("Algorithm not supported for hmac: %x", hashAlg);
|
||||
+ return TPM_RC_HASH;
|
||||
+ }
|
||||
+
|
||||
+ HMAC_CTX ctx;
|
||||
+ HMAC_CTX_init(&ctx);
|
||||
+ int rc = HMAC_Init_ex(&ctx, key->buffer, key->size, md, NULL);
|
||||
+ if (!rc) {
|
||||
+ LOG_ERR("HMAC Init failed: %s", ERR_error_string(rc, NULL));
|
||||
+ return TPM_RC_MEMORY;
|
||||
+ }
|
||||
+
|
||||
+ // TODO Why is this a loop? It appears to only execute once.
|
||||
while( resultKey->t.size < bytes )
|
||||
{
|
||||
+ TPM2B_DIGEST tmpResult;
|
||||
// Inner loop
|
||||
|
||||
i_Swizzled = string_bytes_endian_convert_32( i );
|
||||
@@ -77,21 +113,41 @@ TPM_RC tpm_kdfa(TSS2_SYS_CONTEXT *sapi_c
|
||||
bufferList[j++] = (TPM2B_DIGEST *)contextU;
|
||||
bufferList[j++] = (TPM2B_DIGEST *)contextV;
|
||||
bufferList[j++] = (TPM2B_DIGEST *)&(tpm2bBits.b);
|
||||
- bufferList[j++] = (TPM2B_DIGEST *)0;
|
||||
- rval = tpm_hmac(sapi_context, hashAlg, key, (TPM2B **)&( bufferList[0] ), &tmpResult );
|
||||
- if( rval != TPM_RC_SUCCESS )
|
||||
- {
|
||||
- return( rval );
|
||||
+ bufferList[j] = (TPM2B_DIGEST *)0;
|
||||
+
|
||||
+ int c;
|
||||
+ for(c=0; c < j; c++) {
|
||||
+ TPM2B_DIGEST *digest = bufferList[c];
|
||||
+ int rc = HMAC_Update(&ctx, digest->b.buffer, digest->b.size);
|
||||
+ if (!rc) {
|
||||
+ LOG_ERR("HMAC Update failed: %s", ERR_error_string(rc, NULL));
|
||||
+ rval = TPM_RC_MEMORY;
|
||||
+ goto err;
|
||||
+ }
|
||||
}
|
||||
|
||||
+ unsigned size = sizeof(tmpResult.t.buffer);
|
||||
+ int rc = HMAC_Final(&ctx, tmpResult.t.buffer, &size);
|
||||
+ if (!rc) {
|
||||
+ LOG_ERR("HMAC Final failed: %s", ERR_error_string(rc, NULL));
|
||||
+ rval = TPM_RC_MEMORY;
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ tmpResult.t.size = size;
|
||||
+
|
||||
bool res = string_bytes_concat_buffer(resultKey, &(tmpResult.b));
|
||||
if (!res) {
|
||||
- return TSS2_SYS_RC_BAD_VALUE;
|
||||
+ rval = TSS2_SYS_RC_BAD_VALUE;
|
||||
+ goto err;
|
||||
}
|
||||
}
|
||||
|
||||
// Truncate the result to the desired size.
|
||||
resultKey->t.size = bytes;
|
||||
|
||||
- return TPM_RC_SUCCESS;
|
||||
+err:
|
||||
+ HMAC_CTX_cleanup(&ctx);
|
||||
+
|
||||
+ return rval;
|
||||
}
|
||||
Index: tpm2.0-tools-2.0.0/lib/tpm_kdfa.h
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/lib/tpm_kdfa.h
|
||||
+++ tpm2.0-tools-2.0.0/lib/tpm_kdfa.h
|
||||
@@ -42,7 +42,7 @@
|
||||
* @param resultKey
|
||||
* @return
|
||||
*/
|
||||
-TPM_RC tpm_kdfa(TSS2_SYS_CONTEXT *sapi_context, TPMI_ALG_HASH hashAlg,
|
||||
+TPM_RC tpm_kdfa(TPMI_ALG_HASH hashAlg,
|
||||
TPM2B *key, char *label, TPM2B *contextU, TPM2B *contextV,
|
||||
UINT16 bits, TPM2B_MAX_BUFFER *resultKey );
|
||||
|
||||
Index: tpm2.0-tools-2.0.0/lib/tpm_session.c
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/lib/tpm_session.c
|
||||
+++ tpm2.0-tools-2.0.0/lib/tpm_session.c
|
||||
@@ -198,7 +198,7 @@ static TPM_RC StartAuthSession(TSS2_SYS_
|
||||
}
|
||||
else
|
||||
{
|
||||
- rval = tpm_kdfa(sapi_context, session->authHash, &(key.b), label, &( session->nonceNewer.b ),
|
||||
+ rval = tpm_kdfa(session->authHash, &(key.b), label, &( session->nonceNewer.b ),
|
||||
&( session->nonceOlder.b ), bytes * 8, (TPM2B_MAX_BUFFER *)&( session->sessionKey ) );
|
||||
}
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:677458f94a1d29662cb2d02401c086d381c3642c1288374b802975e6581c9231
|
||||
size 318022
|
3
2.1.0.zip
Normal file
3
2.1.0.zip
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d570da952af40584caf7bedd8adb3d7f2ed2deb273eba65cfe953ca67ec905f4
|
||||
size 321817
|
@ -1,7 +1,7 @@
|
||||
Index: tpm2.0-tools-2.0.0/tools/main.c
|
||||
Index: tpm2-tools-2.1.0/tools/main.c
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/tools/main.c
|
||||
+++ tpm2.0-tools-2.0.0/tools/main.c
|
||||
--- tpm2-tools-2.1.0.orig/tools/main.c
|
||||
+++ tpm2-tools-2.1.0/tools/main.c
|
||||
@@ -61,7 +61,7 @@ main (int argc,
|
||||
execute_man (argv[0], envp);
|
||||
fprintf (stderr,
|
||||
@ -11,10 +11,10 @@ Index: tpm2.0-tools-2.0.0/tools/main.c
|
||||
case 2:
|
||||
exit (1);
|
||||
}
|
||||
Index: tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
|
||||
Index: tpm2-tools-2.1.0/tools/tpm2_dump_capability.c
|
||||
===================================================================
|
||||
--- tpm2.0-tools-2.0.0.orig/tools/tpm2_dump_capability.c
|
||||
+++ tpm2.0-tools-2.0.0/tools/tpm2_dump_capability.c
|
||||
--- tpm2-tools-2.1.0.orig/tools/tpm2_dump_capability.c
|
||||
+++ tpm2-tools-2.1.0/tools/tpm2_dump_capability.c
|
||||
@@ -595,7 +595,7 @@ dump_tpm_capability (TPMU_CAPABILITIES
|
||||
case TPM_CAP_COMMANDS:
|
||||
dump_command_attr_array (capabilities->command.commandAttributes,
|
||||
|
@ -1,6 +1,8 @@
|
||||
--- tpm2.0-tools-2.0.0/configure.ac.fix 2017-06-02 09:15:49.118425187 +0200
|
||||
+++ tpm2.0-tools-2.0.0/configure.ac 2017-06-02 09:15:59.698416673 +0200
|
||||
@@ -100,11 +100,9 @@
|
||||
Index: tpm2-tools-2.1.0/configure.ac
|
||||
===================================================================
|
||||
--- tpm2-tools-2.1.0.orig/configure.ac
|
||||
+++ tpm2-tools-2.1.0/configure.ac
|
||||
@@ -121,11 +121,9 @@ AS_IF([test x"$hardening" != x"no"], [
|
||||
|
||||
add_hardened_c_flag([-Wformat])
|
||||
add_hardened_c_flag([-Wformat-security])
|
||||
|
@ -1,3 +1,19 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 21 14:32:13 UTC 2017 - matthias.gerstner@suse.com
|
||||
|
||||
- update to version 2.1.0:
|
||||
- dropped 0002-kdfa-use-openssl-for-hmac-not-tpm.patch, was backported
|
||||
upstream in commit 788a17abbe0000c560935ef9f31c9a6892d9ea33
|
||||
- this version now can interact with the new resource manager tpm2.0-abrmd
|
||||
- Upstream changes:
|
||||
* Fix readx and writex on multiple EINTR returns.
|
||||
* Add support for the tabrmd TCTI. This is the new default.
|
||||
* Change default socket port from 2323 (the old resourcemgr) to 2321
|
||||
(default simulator port).
|
||||
* Cherry-pick fix for CVE-2017-7524.
|
||||
* Fix tpm2_listpcr command line option handling.
|
||||
* Fix tpm2_getmanufec memory issues.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 20 13:50:28 UTC 2017 - matthias.gerstner@suse.com
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: tpm2.0-tools
|
||||
Version: 2.0.0
|
||||
Version: 2.1.0
|
||||
Release: 0
|
||||
Summary: Trusted Platform Module (TPM) 2.0 administration tools
|
||||
License: BSD-3-Clause
|
||||
@ -29,7 +29,6 @@ Patch1: tpm2.0-tools-fix-gcc7.patch
|
||||
# this fixes an error with an unexpectedly large number of PCRS (bnc#1044419)
|
||||
# there's no release containing this fix yet
|
||||
Patch2: 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch
|
||||
Patch3: 0002-kdfa-use-openssl-for-hmac-not-tpm.patch
|
||||
BuildRequires: autoconf-archive
|
||||
BuildRequires: automake
|
||||
BuildRequires: gcc-c++
|
||||
@ -38,6 +37,7 @@ BuildRequires: libopenssl-devel
|
||||
BuildRequires: libtool
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: tpm2-0-tss-devel
|
||||
BuildRequires: tpm2.0-abrmd-devel
|
||||
BuildRequires: unzip
|
||||
Recommends: tpm2.0-abrmd
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -50,11 +50,10 @@ provides tools for enablement and configuration of the TPM 2.0 and
|
||||
associated interfaces.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%setup -q -n tpm2-tools-2.1.0
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
%build
|
||||
bash ./bootstrap
|
||||
|
Loading…
Reference in New Issue
Block a user