diff options
Diffstat (limited to 'app-crypt/tpm2-openssl')
4 files changed, 167 insertions, 64 deletions
diff --git a/app-crypt/tpm2-openssl/Manifest b/app-crypt/tpm2-openssl/Manifest index 6805d2c69cc3..11808a412dde 100644 --- a/app-crypt/tpm2-openssl/Manifest +++ b/app-crypt/tpm2-openssl/Manifest @@ -1,4 +1,6 @@ AUX tpm2-openssl-1.1.1-build-Fix-undefined-references-when-using-slibtool.patch 975 BLAKE2B 6a7b744513e026cbcc916543d3aa17300a63185eb112c3f1afb1eb4ffb0a02554c18759106c0c7d82efab9bc7b8c9e9f8809f06959edf763d6b38458416d160e SHA512 a4bc43d08f4cd70ba39a3396351894454edbb4ef284344a3184c8538685b15d85a8554619077d03d694e1355dcac5ab57976531f47158f5d2575c5bf7207e966 +AUX tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch 800 BLAKE2B 8e7795ec80c60308e1c2f4a20ff1fb41cada0479a0a5fc6ad393d066174460e9088728f535b4b5cff1cb57392f3eef683639255e8684274b346632db42d9f6e8 SHA512 946891b571d109272a8c82efd985cac4071ef97cd5be7109cc14652a1e92b27f05d4df0cab27ab2ac7bf0cd54181ae9b480123dbc97c6ab0c6400d33f7c4bd30 +AUX tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch 3843 BLAKE2B 12447aa593fed49b360b6a6f51d53c363b5034f434fb9a8ae5099d13199a11b2359b79ed6a5d8af41a4ca98d77426ca652b72b322dbc7e830dfd722ed5c43b25 SHA512 1b26c5aef886cbfebd012088ecec6782d7abb63ef2dde27cd21fce0982c8394445686e08efc6760a4b0217bfb45560aa6594c242f61bb59fd35706110cc7cae1 DIST tpm2-openssl-1.2.0.tar.gz 424967 BLAKE2B 9bcdc47b2eb94329caace24f10e8c234cdd92250ee7fdd4f6156c278328c0103a2285234e64f48f951f5e1b77e72341eb129ee996e628641a4032849fe5a62ce SHA512 4a12c83a0687768cd972a8d7e544f4bba2debcd24d7da2d2ee9adb097d1565bb1d69d1c448edff05f040b95700847293a8e33bfe92f43e536d13bc734ded1e1d -EBUILD tpm2-openssl-1.2.0.ebuild 2368 BLAKE2B 70e40eafa27deb789df273f38679cf960f7fbb1e547819a31054c97c64598a0383b49b1efb8b3c9d0929c9026e82bbab38768c2617e8771695dc030c68703616 SHA512 52789fca0b21937fd09e7003c6bd4f99c5188ee8af65dcc9190fb7d582a40f146e9e92e5f4209cd2a79fae2123c23375d14742c945a8fc266b0e6f001b86beb9 +EBUILD tpm2-openssl-1.2.0.ebuild 1083 BLAKE2B 7fcacbfd8cfe0569513244b5084897d9566027f00132f44a98370da2b3ac90424eafc089c31404b98a30fa375238a908b97d183469ad2e94946245647a0c6d0f SHA512 493e5735afb7b29c1b5ae5ad4af17d99f0d1ee15d269b2dec54bd490f810af73f0bd443056b2af2dbefd5127667ca456e87bd719e822011f36414253203d0c34 MISC metadata.xml 495 BLAKE2B 2859f35839200edede18d42a8c1e04c3eb2a8983e35a6aa73352d20f5f1a9b8e2685091ab6c121442bbc23ef232ab701cfe1e5eb2f1e2fbd8c3fa1cafd51b749 SHA512 cf93a17e4ef6cf8e9294fadd0b7a33ccf21196bf648f1239a99cb0d8675c130e7e5ab7990b9a292f0814072ee3d234085d92e250f72b86ad854d81a68a642879 diff --git a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch new file mode 100644 index 000000000000..326fb10767f9 --- /dev/null +++ b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch @@ -0,0 +1,28 @@ +From be35c35ace48647bb73ae5028db7e8caaccd038d Mon Sep 17 00:00:00 2001 +From: Adrian Freihofer <adrian.freihofer@gmail.com> +Date: Fri, 8 Dec 2023 14:24:17 +0100 +Subject: [PATCH 1/2] Makefile: add run-with-simulator to extra dists + +The run-with-simulator script is executed by the make check step of +the rpm build process. Therefore it should be packaged into the release +tar bundles. + +Signed-off-by: Adrian Freihofer <adrian.freihofer@gmail.com> +--- + Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Makefile.am b/Makefile.am +index 160d84e..994a8e3 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -143,5 +143,6 @@ EXTRA_DIST = \ + VERSION \ + $(TESTS_SHELL) \ + $(SH_LOG_COMPILER) \ ++ test/run-with-simulator \ + test/ec_pki/openssl.cnf \ + test/rsa_pki/etc +-- +2.43.0 + diff --git a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch new file mode 100644 index 000000000000..33b51b6b1028 --- /dev/null +++ b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch @@ -0,0 +1,132 @@ +diff --git a/home/salahx/Downloads/run-with-simulator b/home/salahx/Downloads/run-with-simulator +new file mode 100755 +index 000000000000..e29b591f8d8b +--- /dev/null ++++ b/test/run-with-simulator +@@ -0,0 +1,126 @@ ++#!/bin/bash ++# SPDX-License-Identifier: BSD-3-Clause ++ ++SIM_PORT_DATA=2321 ++SIM_PORT_CMD=$((SIM_PORT_DATA+1)) ++ ++# Run from top dir of this repository ++SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) ++TOP_DIR="$(realpath "$SCRIPT_DIR/..")" ++cd "$TOP_DIR" || { echo "Error: cd to cd $TOP_DIR failed"; exit 1; } ++ ++ ++verify_simulator_is_running() { ++ local pid_tpm=$1 ++ ++ sleep 1 ++ ss -lntp4 2> /dev/null | grep "${pid_tpm}" | grep -q "${SIM_PORT_DATA}" ++ ret_data=$? ++ ss -lntp4 2> /dev/null | grep "${pid_tpm}" | grep -q "${SIM_PORT_CMD}" ++ ret_cmd=$? ++ if [ $ret_data -eq 0 ] && [ $ret_cmd -eq 0 ]; then ++ echo "Simulator with PID ${pid_tpm} bound to port ${SIM_PORT_DATA} and ${SIM_PORT_CMD} successfully." ++ return 0 ++ else ++ echo "Error: Port conflict? Cleaning up PID: ${pid_tpm}" ++ return 1 ++ fi ++} ++ ++build_tpm2_simulator_ibm() ( ++ test -d ibmtpm && return ++ echo "---> compiling IBM tpm simulator" ++ mkdir ibmtpm ++ curl -Ls https://downloads.sourceforge.net/project/ibmswtpm2/ibmtpm1682.tar.gz | tar xz -C ibmtpm ++ cd ibmtpm/src && make ++) ++ ++start_tpm2_simulator_ibm () { ++ build_tpm2_simulator_ibm || return 1 ++ ++ echo "---> starting IBM tpm simulator" ++ ibmtpm/src/tpm_server & ++ pid_tpm=$! ++ verify_simulator_is_running $pid_tpm ++} ++ ++start_tpm2_simulator_swtpm () { ++ echo "---> starting swtpm simulator" ++ swtpm socket --tpm2 \ ++ --server port=$SIM_PORT_DATA \ ++ --ctrl type=tcp,port=$SIM_PORT_CMD \ ++ --flags not-need-init \ ++ --tpmstate dir="$PWD" \ ++ --seccomp action=none & ++ pid_tpm=$! ++ verify_simulator_is_running $pid_tpm ++} ++ ++start_dbusd () { ++ echo "---> starting dbus daemon" ++ dbus-daemon --session --print-address > /tmp/bus-socket-path.txt & ++ sleep 1 ++ DBUS_SESSION_BUS_ADDRESS="$(tail -n1 /tmp/bus-socket-path.txt)" ++ export DBUS_SESSION_BUS_ADDRESS ++} ++ ++start_tpm2_abrmd() { ++ local tabrmd_tcti=$1 ++ ++ echo "---> starting abrmd" ++ local tabrmd_name="com.intel.tss2.Tabrmd${SIM_PORT_DATA}" ++ tpm2-abrmd --session --dbus-name="${tabrmd_name}" --tcti "${tabrmd_tcti}:host=localhost,port=${SIM_PORT_DATA}" & ++ TCTI_ADDRESS="tabrmd:bus_name=${tabrmd_name},bus_type=session" ++ TPM2TOOLS_TCTI="$TCTI_ADDRESS" ++ TPM2OPENSSL_TCTI="$TCTI_ADDRESS" ++ export TPM2TOOLS_TCTI ++ export TPM2OPENSSL_TCTI ++ sleep 1 ++# busctl --address="${DBUS_SESSION_BUS_ADDRESS}" list | grep "$tabrmd_name" ++} ++ ++start_tpm2_sim_env() { ++ local sim_type=$1 ++ ++ start_dbusd ++ ++ if [ "$sim_type" = "swtpm" ]; then ++ start_tpm2_simulator_swtpm || return 1 ++ start_tpm2_abrmd swtpm || return 1 ++ elif [ "$sim_type" = "ibm" ]; then ++ start_tpm2_simulator_ibm || return 1 ++ start_tpm2_abrmd mssim || return 1 ++ else ++ echo "invalid tpm simulator typ" ++ return 1 ++ fi ++} ++ ++make_check () { ++ echo "Running make check" ++ openssl version ++ tpm2_getcap properties-fixed | head -n 20 ++ make check ++} ++ ++function cleanup() ++{ ++ pkill -P $$ ++} ++trap cleanup EXIT ++ ++build_tpm2_openssl() { ++ ./bootstrap ++ ./configure CC=gcc --enable-op-digest --enable-op-cipher ++ make ++} ++ ++SIM_TYPE=${1:-swtpm} ++SKIP_BUILD=${2:-build} ++if [ "$SKIP_BUILD" = "skip-build" ]; then ++ echo "Skipping the build" ++else ++ build_tpm2_openssl || { echo "Compiling tpm2-openssl failed"; exit 1; } ++fi ++start_tpm2_sim_env "${SIM_TYPE}" || { echo "Starting tpm2 simulator failed ($SIM_TYPE)"; exit 1; } ++make_check || { echo "tpm2-openssl make check failed"; exit 1; } diff --git a/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild b/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild index c2be93546c0c..03767401d089 100644 --- a/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild +++ b/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild @@ -29,77 +29,18 @@ BDEPEND=" virtual/pkgconfig" PATCHES=( + "${FILESDIR}/${PN}-1.2.0-tests-run-with-simulator-in-container.patch" + "${FILESDIR}/${PN}-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch" "${FILESDIR}/${PN}-1.1.1-build-Fix-undefined-references-when-using-slibtool.patch" ) src_prepare() { - eautoreconf default + eautoreconf } src_test() { - dbus_run() { - ( - # start isolated dbus session bus - local dbus_data=$(dbus-launch --sh-syntax) || exit - eval "${dbus_data}" - - $@ - ret=${?} - - kill "${DBUS_SESSION_BUS_PID}" - exit "${ret}" - ) || die - } - - tpm2_run_with_emulator() { - local -x XDG_CONFIG_HOME="${T}"/.config/swtpm - "${BROOT}"/usr/share/swtpm/swtpm-create-user-config-files || die - - mkdir -p "${XDG_CONFIG_HOME}"/mytpm1 || die - local swtpm_setup_args=( - --tpm2 - --tpmstate "${XDG_CONFIG_HOME}"/mytpm1 - --createek - --allow-signing - --decryption - --create-ek-cert - --create-platform-cert - --lock-nvram - --overwrite - --display - ) - swtpm_setup "${swtpm_setup_args[@]}" || die - - local swtpm_socket_args=( - --tpm2 - --tpmstate dir="${XDG_CONFIG_HOME}"/mytpm1 - --flags startup-clear - --ctrl type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket.ctrl - --server type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket - --pid file="${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid - --daemon - ) - swtpm socket "${swtpm_socket_args[@]}" || die - - local tpm2_abrmd_args=( - --logger=stdout - --tcti=swtpm:path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket - --session - --flush-all - ) - tpm2-abrmd "${tpm2_abrmd_args[@]}" & - - local -x TPM2OPENSSL_TCTI="tabrmd:bus_type=session" - local -x TPM2TOOLS_TCTI="tabrmd:bus_type=session" - - $@ || die - - # When swtpm dies, tmp2-abrmd will exit - kill $(< "${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid) || die - } - - dbus_run tpm2_run_with_emulator make check + "${S}/test/run-with-simulator" swtpm skip-build || die } src_install() { |