summaryrefslogtreecommitdiffstats
path: root/meta-security/meta-tpm/recipes-tpm/trousers
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/meta-tpm/recipes-tpm/trousers')
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch68
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch49
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service10
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules2
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh67
-rw-r--r--meta-security/meta-tpm/recipes-tpm/trousers/trousers_git.bb118
6 files changed, 314 insertions, 0 deletions
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch b/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch
new file mode 100644
index 000000000..7b3cc77c5
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch
@@ -0,0 +1,68 @@
+From 3396fc7a184293c23135161f034802062f7f3816 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <adraszik@tycoint.com>
+Date: Wed, 1 Nov 2017 11:41:48 +0000
+Subject: [PATCH] build: don't override --localstatedir --mandir --sysconfdir
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+It is currently impossible to override localstatedir,
+mandir and sysconfdir during ./configure, because they
+are being overriden unconditionally because of they
+way trousers is built using rpmbuild.
+
+If they need massaging for rpmbuild, the values should
+be specified inside the spec file, not in ./configure
+and thereby overriding user-requested values.
+
+With this patch it is now possible to set above
+locations as needed. The .spec file is being modified
+as well so as to restore previous behaviour.
+
+Signed-off-by: André Draszik <adraszik@tycoint.com>
+---
+Upstream-Status: Submitted [https://sourceforge.net/p/trousers/mailman/message/36099290/]
+Signed-off-by: André Draszik <adraszik@tycoint.com>
+ configure.ac | 11 ++---------
+ dist/trousers.spec.in | 2 +-
+ 2 files changed, 3 insertions(+), 10 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index b9626af..7fe5f8e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -376,16 +376,9 @@ CFLAGS="$CFLAGS -I../include \
+ KERNEL_VERSION=`uname -r`
+ AC_SUBST(CFLAGS)
+
+-# When we build the rpms, prefix will be /usr. This'll do some things that make sense,
+-# like put our sbin stuff in /usr/sbin and our library in /usr/lib. It'll do some other
+-# things that don't make sense like put our config file in /usr/etc. So, I'll just hack
+-# it here. If the --prefix option isn't specified during configure, let it all go to
++# If the --prefix option isn't specified during configure, let it all go to
+ # /usr/local, even /usr/local/etc. :-P
+-if test x"${prefix}" = x"/usr"; then
+- sysconfdir="/etc"
+- localstatedir="/var"
+- mandir="/usr/share/man"
+-elif test x"${prefix}" = x"NONE"; then
++if test x"${prefix}" = x"NONE"; then
+ localstatedir="/usr/local/var"
+ fi
+
+diff --git a/dist/trousers.spec.in b/dist/trousers.spec.in
+index b298b0e..10ef178 100644
+--- a/dist/trousers.spec.in
++++ b/dist/trousers.spec.in
+@@ -45,7 +45,7 @@ applications.
+
+ %build
+ %{?arch64:export PKG_CONFIG_PATH=%{pkgconfig_path}:$PKG_CONFIG_PATH}
+-./configure --prefix=/usr --libdir=%{_libdir}
++./configure --prefix=/usr --libdir=%{_libdir} --sysconfdir=/etc --localstatedir=/var --mandir=/usr/share/man
+ make
+
+ %clean
+--
+2.15.0.rc1
+
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch b/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch
new file mode 100644
index 000000000..3f5a144d9
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch
@@ -0,0 +1,49 @@
+trousers: fix compiling with musl
+
+use POSIX getpwent instead of getpwent_r
+
+Upstream-Status: Submitted
+
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: git/src/tspi/ps/tspps.c
+===================================================================
+--- git.orig/src/tspi/ps/tspps.c
++++ git/src/tspi/ps/tspps.c
+@@ -66,9 +66,6 @@ get_user_ps_path(char **file)
+ TSS_RESULT result;
+ char *file_name = NULL, *home_dir = NULL;
+ struct passwd *pwp;
+-#if (defined (__linux) || defined (linux) || defined(__GLIBC__))
+- struct passwd pw;
+-#endif
+ struct stat stat_buf;
+ char buf[PASSWD_BUFSIZE];
+ uid_t euid;
+@@ -96,24 +93,15 @@ get_user_ps_path(char **file)
+ #else
+ setpwent();
+ while (1) {
+-#if (defined (__linux) || defined (linux) || defined(__GLIBC__))
+- rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp);
+- if (rc) {
+- LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s",
+- strerror(rc));
+- endpwent();
+- return TSPERR(TSS_E_INTERNAL_ERROR);
+- }
+-
+-#elif (defined (__FreeBSD__) || defined (__OpenBSD__))
+ if ((pwp = getpwent()) == NULL) {
+ LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s",
+ strerror(rc));
+ endpwent();
++#if (defined (__FreeBSD__) || defined (__OpenBSD__))
+ MUTEX_UNLOCK(user_ps_path);
++#endif
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+-#endif
+ if (euid == pwp->pw_uid) {
+ home_dir = strdup(pwp->pw_dir);
+ break;
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service b/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service
new file mode 100644
index 000000000..787d4e97b
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/tcsd.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=TCG Core Services Daemon
+After=syslog.target
+
+[Service]
+Type=forking
+ExecStart=@SBINDIR@/tcsd
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules
new file mode 100644
index 000000000..256babd73
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers-udev.rules
@@ -0,0 +1,2 @@
+# trousers daemon expects tpm device to be owned by tss user & group
+KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss"
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh
new file mode 100644
index 000000000..d0d6cb3c4
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/files/trousers.init.sh
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: tcsd trousers
+# Required-Start: $local_fs $remote_fs $network
+# Required-Stop: $local_fs $remote_fs $network
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: starts tcsd
+# Description: tcsd belongs to the TrouSerS TCG Software Stack
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/tcsd
+NAME=tcsd
+DESC="Trusted Computing daemon"
+USER="tss"
+
+test -x "${DAEMON}" || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+case "${1}" in
+ start)
+ echo "Starting $DESC: "
+
+ if [ ! -e /dev/tpm* ]
+ then
+ echo "device driver not loaded, skipping."
+ exit 0
+ fi
+
+ start-stop-daemon --start --quiet --oknodo \
+ --pidfile /var/run/${NAME}.pid --make-pidfile --background \
+ --user ${USER} --chuid ${USER} \
+ --exec ${DAEMON} -- ${DAEMON_OPTS} --foreground
+ RETVAL="$?"
+ echo "$NAME."
+ exit $RETVAL
+ ;;
+
+ stop)
+ echo "Stopping $DESC: "
+
+ start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON}
+ RETVAL="$?"
+ echo "$NAME."
+ rm -f /var/run/${NAME}.pid
+ exit $RETVAL
+ ;;
+
+ restart|force-reload)
+ "${0}" stop
+ sleep 1
+ "${0}" start
+ exit $?
+ ;;
+ *)
+ echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
diff --git a/meta-security/meta-tpm/recipes-tpm/trousers/trousers_git.bb b/meta-security/meta-tpm/recipes-tpm/trousers/trousers_git.bb
new file mode 100644
index 000000000..fe8f55714
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm/trousers/trousers_git.bb
@@ -0,0 +1,118 @@
+SUMMARY = "TrouSerS - An open-source TCG Software Stack implementation."
+LICENSE = "BSD"
+HOMEPAGE = "http://sourceforge.net/projects/trousers/"
+LIC_FILES_CHKSUM = "file://README;startline=3;endline=4;md5=2af28fbed0832e4d83a9e6dd68bb4413"
+SECTION = "security/tpm"
+
+DEPENDS = "openssl"
+
+SRCREV = "4b9a70d5789b0b74f43957a6c19ab2156a72d3e0"
+PV = "0.3.14+git${SRCPV}"
+
+SRC_URI = " \
+ git://git.code.sf.net/p/trousers/trousers \
+ file://trousers.init.sh \
+ file://trousers-udev.rules \
+ file://tcsd.service \
+ file://get-user-ps-path-use-POSIX-getpwent-instead-of-getpwe.patch \
+ file://0001-build-don-t-override-localstatedir-mandir-sysconfdir.patch \
+ "
+
+S = "${WORKDIR}/git"
+
+inherit autotools pkgconfig useradd update-rc.d ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
+
+PACKAGECONFIG ?= "gmp "
+PACKAGECONFIG[gmp] = "--with-gmp, --with-gmp=no, gmp"
+PACKAGECONFIG[gtk] = "--with-gui=gtk, --with-gui=none, gtk+"
+
+do_install () {
+ oe_runmake DESTDIR=${D} install
+}
+
+do_install_append() {
+ install -d ${D}${sysconfdir}/init.d
+ install -m 0755 ${WORKDIR}/trousers.init.sh ${D}${sysconfdir}/init.d/trousers
+ install -d ${D}${sysconfdir}/udev/rules.d
+ install -m 0644 ${WORKDIR}/trousers-udev.rules ${D}${sysconfdir}/udev/rules.d/45-trousers.rules
+
+ if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/tcsd.service ${D}${systemd_unitdir}/system/
+ sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/tcsd.service
+ fi
+}
+
+CONFFILES_${PN} += "${sysconfig}/tcsd.conf"
+
+PROVIDES = "${PACKAGES}"
+PACKAGES = " \
+ libtspi \
+ libtspi-dbg \
+ libtspi-dev \
+ libtspi-doc \
+ libtspi-staticdev \
+ trousers \
+ trousers-dbg \
+ trousers-doc \
+ "
+
+# libtspi needs tcsd for most (all?) operations, so suggest to
+# install that.
+RRECOMMENDS_libtspi = "${PN}"
+
+FILES_libtspi = " \
+ ${libdir}/*.so.1 \
+ ${libdir}/*.so.1.2.0 \
+ "
+FILES_libtspi-dbg = " \
+ ${libdir}/.debug \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/tspi \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/trspi \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/include/*.h \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/include/tss \
+ "
+FILES_libtspi-dev = " \
+ ${includedir} \
+ ${libdir}/*.so \
+ "
+FILES_libtspi-doc = " \
+ ${mandir}/man3 \
+ "
+FILES_libtspi-staticdev = " \
+ ${libdir}/*.la \
+ ${libdir}/*.a \
+ "
+FILES_${PN} = " \
+ ${sbindir}/tcsd \
+ ${sysconfdir} \
+ ${localstatedir} \
+ "
+
+FILES_${PN}-dev += "${libdir}/trousers"
+
+FILES_${PN}-dbg = " \
+ ${sbindir}/.debug \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/tcs \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/tcsd \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/tddl \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/trousers \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/git/src/include/trousers \
+ "
+FILES_${PN}-doc = " \
+ ${mandir}/man5 \
+ ${mandir}/man8 \
+ "
+
+INITSCRIPT_NAME = "trousers"
+INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ."
+
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM_${PN} = "--system tss"
+USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss"
+
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE_${PN} = "tcsd.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+BBCLASSEXTEND = "native"
OpenPOWER on IntegriCloud