diff --git a/0001-tpm2-Add-padding-to-OBJECT-for-32bit-targets.patch b/0001-tpm2-Add-padding-to-OBJECT-for-32bit-targets.patch new file mode 100644 index 0000000000000000000000000000000000000000..e5ee43e4c8850f813f1737ab4aaaee4a82dc6cb2 --- /dev/null +++ b/0001-tpm2-Add-padding-to-OBJECT-for-32bit-targets.patch @@ -0,0 +1,30 @@ +From e0a33c1645ec367b3eb6c768e86bfc63e41926bd Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Fri, 15 Nov 2024 08:07:23 -0500 +Subject: [PATCH] tpm2: Add padding to OBJECT for 32bit targets + +The nvram_offsets test fails on 32bit targets due to an unexpected size +of an OBJECT. This was due to missing padding. + +Signed-off-by: Stefan Berger +--- + src/tpm2/Global.h | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/tpm2/Global.h b/src/tpm2/Global.h +index 910b940e3..c4d7176f3 100644 +--- a/src/tpm2/Global.h ++++ b/src/tpm2/Global.h +@@ -265,6 +265,9 @@ typedef struct OBJECT + // this field carries additional metadata + // needed to derive the proof value for + // the object. ++#if __LONG_WIDTH__ == 32 ++ UINT8 _pad1[4]; /* 32 bit targets need padding */ ++#endif + + // libtpms added: SEED_COMPAT_LEVEL to use for deriving child keys + SEED_COMPAT_LEVEL seedCompatLevel; +-- +2.47.0 + diff --git a/gpgkey-B818B9CADF9089C2D5CEC66B75AD65802A0B4211.asc b/gpgkey-B818B9CADF9089C2D5CEC66B75AD65802A0B4211.asc new file mode 100644 index 0000000000000000000000000000000000000000..2d460e52677160f818af3d0b1f3070c36af75480 --- /dev/null +++ b/gpgkey-B818B9CADF9089C2D5CEC66B75AD65802A0B4211.asc @@ -0,0 +1,18 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFnVA4YBCAD3fs+WUzvB6OPoj0HhvBlemEV6I8AcDwZHCNvA4UMc03sSVl/Q +tDr4WuZd1v9utvi0xHjsTHbF1ndsgNkNzisvTIBHptcxw+Z3+VskOl3GTsfiKG22 +OfZJsdXfhjYW/Oezl2IVy6/QqOV0JeEtV3J10gCHR/5PKhOy+pP/8jlw3EA8GYtY +ojM4znfEXHh6vx//hbf8FVMlVcKwUKHB1zHhM5jF9Kx4ZLU8rYHkMiXXbzdWBkCa +L6E2P2T01hQ1wPpowU9aL/zLt7ISiKMcYLvZJYcgX3quPVSXJRG+y3q3lXv1IOrV +HoGJLdkNu/0bLJoeNBFXiEGs7+tfk4XAjBTTABEBAAG0KlN0ZWZhbiBCZXJnZXIg +PHN0ZWZhbmJAbGludXgudm5ldC5pYm0uY29tPokBPgQTAQIAKAUCWdUDhgIbAwUJ +EswDAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQda1lgCoLQhENQQf/XmyD +zWL5VSAKbDKcpI5t0PjiC/Brrs1xNtKLht5le4UdhAH6e/y+3H6lhoJCNbHGBE7r +cAM/LVv8MT+4WXhLvRDUkn6Z5cSiMx0ANWDABCHGI3+z2imqI5XjB5fwFq2FIRdu +MUhWRhxSYHDd4E0BN2FvHNUhqm60QlLCrH9zjar8XcJQ1lnDgcSDP9EWENZizYW9 +W5DKFiWR4vMXU0lvDpAYyDR1EU4pfnoMDc/19MoI3oR+wP0ELXI52CG0w4Lcs+Y5 +8ywb0/El789qRTNQG6bPcZYx6KrRNq8KSrtNY20ID2tyM4boRQ412mD87x/kNWqU +CHklMi79wKcJ7OA73g== +=l1ZJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/libtpms-0.10.0.tar.gz b/libtpms-0.10.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..6382d9cd7f3fb1dc3a173d734ec4e2e74b5d3767 Binary files /dev/null and b/libtpms-0.10.0.tar.gz differ diff --git a/libtpms-0.10.0.tar.gz.asc b/libtpms-0.10.0.tar.gz.asc new file mode 100644 index 0000000000000000000000000000000000000000..df133be6b7b488090882501451002365992db78c --- /dev/null +++ b/libtpms-0.10.0.tar.gz.asc @@ -0,0 +1,12 @@ +-----BEGIN PGP SIGNATURE----- + +iQFPBAABCAA5FiEEuBi5yt+QicLVzsZrda1lgCoLQhEFAmc2K9obHHN0ZWZhbmJA +bGludXgudm5ldC5pYm0uY29tAAoJEHWtZYAqC0IR748H/jpQWk/JLeCzMhkfhetY +BuHf/h1dbPeDYW8cbg6KgDr+kkKMJHmckuOE3hakXT18Uoe64v/3L260JqYqiG29 +xfvUuR+gXL9wasVw4/RicCHnR4m6vrF3kZT75a+ehYSUvmdN+TEZTuiro98h+5rY +JqTo36foE5t6B91L/vAwB9tiZPJQcZtDvD8xM61vjYZYMY50ZOz4xwrOLTs9E2ha +HC93gdpexiIQAnCg1KPJtoGyDJEvwqJM1trFHsHoJXD9SPeGdyyi2Vh+8cpKq8Qe +JihzNzNOJsCoJ3xBRMoDT9uwxOAiX0GKJrLs/CNkFJbhXeSoNDAJTtJnU9+HTWr3 +HVE= +=TFQu +-----END PGP SIGNATURE----- diff --git a/libtpms-0.9.6.tar.gz b/libtpms-0.9.6.tar.gz deleted file mode 100644 index dff25740329dca5ab64b917ba310f3d9b235f09f..0000000000000000000000000000000000000000 Binary files a/libtpms-0.9.6.tar.gz and /dev/null differ diff --git a/libtpms.spec b/libtpms.spec index a429f4ba650a6b2c40dcac962d0088c8b44907f2..f062c8265d3a83945f72134dd4a5d61a993490ef 100644 --- a/libtpms.spec +++ b/libtpms.spec @@ -1,19 +1,25 @@ %define anolis_release 1 Name: libtpms -Version: 0.9.6 +Version: 0.10.0 Release: %{anolis_release}%{?dist} Summary: Library providing Trusted Platform Module (TPM) functionality -License: BSD +License: BSD-3-Clause AND LicenseRef-TCGL -URL: http://github.com/stefanberger/libtpms +URL: https://github.com/stefanberger/libtpms Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz +Source1: %{url}/releases/download/v%{version}/v%{version}.tar.gz.asc#/%{name}-%{version}.tar.gz.asc +# https://github.com/stefanberger.gpg +Source2: gpgkey-B818B9CADF9089C2D5CEC66B75AD65802A0B4211.asc + +Patch0001: 0001-tpm2-Add-padding-to-OBJECT-for-32bit-targets.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: coreutils BuildRequires: gawk BuildRequires: gcc-c++ +BuildRequires: gnupg2 BuildRequires: libtool BuildRequires: make BuildRequires: openssl-devel @@ -40,7 +46,8 @@ BuildArch: noarch Doc files for %{name} %prep -%autosetup +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' +%autosetup -p1 %build NOCONFIGURE=1 ./autogen.sh @@ -49,14 +56,18 @@ NOCONFIGURE=1 ./autogen.sh %install %make_install +find %{buildroot} -type f -name '*.la' -print -delete %generate_compatibility_deps %check make check +%ldconfig_scriptlets + %files %license LICENSE +%doc README CHANGES %{_libdir}/%{name}.so.0{,.*} %dir %{abidir} %{abidir}/*.dump @@ -71,5 +82,11 @@ make check %doc README CHANGES %changelog +* Wed Jan 08 2024 mgb01105731 - 0.10.0-1 +- to #IBGGWG +- update version to 0.10.0 for CVE-2023-1017 +- Project: TC2024080204 +- Signed-off-by: mgb01105731 mgb01105731@alibaba-inc.com + * Sat Mar 18 2023 Chunmei Xu - 0.9.6-1 - init from upstream