Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2025-07-17 17:26:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and      /work/SRC/openSUSE:Factory/.tboot.new.8875 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tboot"

Thu Jul 17 17:26:43 2025 rev:52 rq:1294047 version:20250417_1.11.10

Changes:
--------
--- /work/SRC/openSUSE:Factory/tboot/tboot.changes      2025-02-20 
16:37:59.352043943 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new.8875/tboot.changes    2025-07-17 
17:26:45.067722072 +0200
@@ -1,0 +2,10 @@
+Wed Jul 16 09:04:58 UTC 2025 - Marcus Meissner <meiss...@suse.com>
+
+- updated to version 20250417: v1.11.10
+  - Fix the issue causing tboot to hang during waking up processors from
+    txt sleep on DMR simics
+- add .gpg signature and tboot.keyring
+- tboot-cet.patch: add a missing ENDBR64 instruction when kernel is
+  using CET (bsc#1246573)
+
+-------------------------------------------------------------------

Old:
----
  tboot-1.11.9.tar.gz

New:
----
  tboot-1.11.10.tar.gz
  tboot-1.11.10.tar.gz.gpg
  tboot-cet.patch
  tboot.keyring

----------(New B)----------
  New:- add .gpg signature and tboot.keyring
- tboot-cet.patch: add a missing ENDBR64 instruction when kernel is
  using CET (bsc#1246573)
----------(New E)----------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tboot.spec ++++++
--- /var/tmp/diff_new_pack.pHyK3l/_old  2025-07-17 17:26:46.299773367 +0200
+++ /var/tmp/diff_new_pack.pHyK3l/_new  2025-07-17 17:26:46.303773534 +0200
@@ -17,14 +17,16 @@
 
 
 Name:           tboot
-%define ver 1.11.9
-Version:        20250219_%{ver}
+%define ver 1.11.10
+Version:        20250417_%{ver}
 Release:        0
 Summary:        Program for performing a verified launch using Intel TXT
 License:        BSD-3-Clause
 Group:          Productivity/Security
 URL:            https://sourceforge.net/projects/tboot/
-Source0:        
https://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
+Source0:        
https://downloads.sourceforge.net/project/tboot/tboot-%{ver}.tar.gz
+Source2:        
https://downloads.sourceforge.net/project/tboot/tboot-%{ver}.tar.gz.gpg
+Source3:        
https://downloads.sourceforge.net/project/tboot/tboot-1.11.0-pub-key.key#/tboot.keyring
 Source1:        tboot.rpmlintrc
 Patch1:         tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch2:         tboot-grub2-fix-xen-submenu-name.patch
@@ -32,6 +34,7 @@
 Patch4:         tboot-grub2-refuse-secure-boot.patch
 Patch5:         tboot-bsc#1207833-copy-mbi.patch
 Patch6:         tboot-fix-alloc-size-warning.patch
+Patch7:         tboot-cet.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel

++++++ tboot-1.11.9.tar.gz -> tboot-1.11.10.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/.hg_archival.txt 
new/tboot-1.11.10/.hg_archival.txt
--- old/tboot-1.11.9/.hg_archival.txt   2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/.hg_archival.txt  2025-04-17 14:33:11.000000000 +0200
@@ -1,4 +1,4 @@
 repo: cedd93279188334eb41d248d5eb70a41a2bc70ca
-node: 93a7c34511548204c2921a5c427085d352e64eb7
+node: 4bf2e38197238a539530eab991244723fb127ba1
 branch: default
-tag: v1.11.9
+tag: v1.11.10
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/.hgtags new/tboot-1.11.10/.hgtags
--- old/tboot-1.11.9/.hgtags    2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/.hgtags   2025-04-17 14:33:11.000000000 +0200
@@ -47,3 +47,7 @@
 8a1423750815ecd495b089f78f85271db494ba8f v1.11.7
 ba65f5eab8dcf4c7e82960d187d6789a3cfb8e19 v1.11.8
 656ba831c3bbf6d9f2a28b00580165afe483df87 v1.11.9
+656ba831c3bbf6d9f2a28b00580165afe483df87 v1.11.9
+0000000000000000000000000000000000000000 v1.11.9
+0000000000000000000000000000000000000000 v1.11.9
+93a7c34511548204c2921a5c427085d352e64eb7 v1.11.9
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/CHANGELOG new/tboot-1.11.10/CHANGELOG
--- old/tboot-1.11.9/CHANGELOG  2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/CHANGELOG 2025-04-17 14:33:11.000000000 +0200
@@ -1,3 +1,6 @@
+20250417: v1.11.10
+               Fix the issue causing tboot to hang during waking up processors 
from
+               txt sleep on DMR simics
 20241011: v1.11.9
                Restore call to configure_vtd.
 20241004: v1.11.8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/tboot/20_linux_tboot 
new/tboot-1.11.10/tboot/20_linux_tboot
--- old/tboot-1.11.9/tboot/20_linux_tboot       2024-10-11 14:55:09.000000000 
+0200
+++ new/tboot-1.11.10/tboot/20_linux_tboot      2025-04-17 14:33:11.000000000 
+0200
@@ -195,7 +195,7 @@
     tboot_dirname=`dirname ${current_tboot}`
     rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname`
 #    tboot_version=`echo $tboot_basename | sed -e "s,.gz$,,g;s,^tboot-,,g"`
-    tboot_version="1.11.9"
+    tboot_version="1.11.10"
     echo "submenu \"tboot ${tboot_version}\" {"
     while [ "x$list" != "x" ] ; do
        linux=`version_find_latest $list`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/tboot/20_linux_xen_tboot 
new/tboot-1.11.10/tboot/20_linux_xen_tboot
--- old/tboot-1.11.9/tboot/20_linux_xen_tboot   2024-10-11 14:55:09.000000000 
+0200
+++ new/tboot-1.11.10/tboot/20_linux_xen_tboot  2025-04-17 14:33:11.000000000 
+0200
@@ -230,7 +230,7 @@
         tboot_basename=`basename ${current_tboot}`
         tboot_dirname=`dirname ${current_tboot}`
         rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
-        tboot_version="1.11.9"
+        tboot_version="1.11.10"
         list="${linux_list}"
         echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
         while [ "x$list" != "x" ] ; do
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/tboot/Config.mk 
new/tboot-1.11.10/tboot/Config.mk
--- old/tboot-1.11.9/tboot/Config.mk    2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/tboot/Config.mk   2025-04-17 14:33:11.000000000 +0200
@@ -6,8 +6,8 @@
 #
 # tboot-specific build settings
 #
-RELEASEVER  := "1.11.9"
-RELEASETIME := "2024-10-11 12:00 +0100"
+RELEASEVER  := "1.11.10"
+RELEASETIME := "2025-04-17 16:00 +0100"
 ROOTDIR ?= $(CURDIR)/..
 
 # tboot needs too many customized compiler settings to use system CFLAGS,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/tboot/txt/txt.c 
new/tboot-1.11.10/tboot/txt/txt.c
--- old/tboot-1.11.9/tboot/txt/txt.c    2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/tboot/txt/txt.c   2025-04-17 14:33:11.000000000 +0200
@@ -1207,10 +1207,9 @@
         return;
     }
 
-    printk(TBOOT_INFO"Mutex lock cpu %u\n", cpuid);
     mtx_enter(&ap_lock);
 
-    printk(TBOOT_INFO"cpu %u waking up from TXT sleep\n", cpuid);
+    printk(TBOOT_INFO"waking cpu %u\n", cpuid);
 
     /* restore LAPIC base address for AP */
     madt_apicbase = (uint64_t)get_madt_apic_base();
@@ -1221,7 +1220,6 @@
     }
     msr_apicbase = rdmsr(MSR_APICBASE);
     if ( madt_apicbase != (msr_apicbase & ~0xFFFULL) ) {
-        printk(TBOOT_INFO"cpu %u restore apic base to %llx\n", cpuid, 
madt_apicbase);
         wrmsr(MSR_APICBASE, (msr_apicbase & 0xFFFULL) | madt_apicbase);
     }
 
@@ -1238,7 +1236,6 @@
         apply_policy(TB_ERR_POST_LAUNCH_VERIFICATION);
 
     /* enable SMIs and NMI */
-    printk(TBOOT_DETA"enabling SMIs and NMI on cpu %u\n", cpuid);
     __getsec_smctrl();
     __enable_nmi();
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.11.9/tboot/txt/verify.c 
new/tboot-1.11.10/tboot/txt/verify.c
--- old/tboot-1.11.9/tboot/txt/verify.c 2024-10-11 14:55:09.000000000 +0200
+++ new/tboot-1.11.10/tboot/txt/verify.c        2025-04-17 14:33:11.000000000 
+0200
@@ -673,31 +673,19 @@
     apicbase = rdmsr(MSR_APICBASE);
     if ( apicbase & APICBASE_BSP ) {
         ilp_smm_mon_ctl = smm_mon_ctl;
-        printk(TBOOT_DETA"MSR for SMM monitor control on BSP is 0x%Lx.\n",
-               ilp_smm_mon_ctl);
 
         /* verify ILP's MSEG == TXT.MSEG.BASE */
-        printk(TBOOT_INFO"verifying ILP is opt-out "
-               "or has the same MSEG header with TXT.MSEG.BASE\n\t");
         if ( !verify_mseg(ilp_smm_mon_ctl) ) {
-            printk(TBOOT_ERR" : failed.\n");
+            printk(TBOOT_ERR"verifying ILP is opt-out or has the same MSEG 
header with TXT.MSEG.BASE failed.\n");
             return false;
         }
-        printk(TBOOT_INFO" : succeeded.\n");
     }
     else {
-        printk(TBOOT_DETA"MSR for SMM monitor control on cpu %u is 0x%Lx\n",
-               cpuid, smm_mon_ctl);
-
         /* verify ILP's SMM MSR == RLP's SMM MSR */
-        printk(TBOOT_INFO"verifying ILP's MSR_IA32_SMM_MONITOR_CTL with cpu 
%u\n\t",
-               cpuid);
         if ( smm_mon_ctl != ilp_smm_mon_ctl ) {
-            printk(TBOOT_ERR" : failed.\n");
+            printk(TBOOT_ERR" : verifying ILP's MSR_IA32_SMM_MONITOR_CTL with 
cpu %u failed.\n", cpuid);
             return false;
         }
-        printk(TBOOT_INFO" : succeeded.\n");
-
         /* since the RLP's MSR is the same. No need to verify MSEG header */
     }
 

++++++ tboot-cet.patch ++++++
Index: tboot-1.11.10/tboot/common/shutdown.S
===================================================================
--- tboot-1.11.10.orig/tboot/common/shutdown.S
+++ tboot-1.11.10/tboot/common/shutdown.S
@@ -116,6 +116,7 @@ shutdown_entry32:
  */
 ENTRY(shutdown_entry)
        .code64
+       endbr64
        cli
        wbinvd
 

++++++ tboot-grub2-fix-xen-submenu-name.patch ++++++
--- /var/tmp/diff_new_pack.pHyK3l/_old  2025-07-17 17:26:46.535783193 +0200
+++ /var/tmp/diff_new_pack.pHyK3l/_new  2025-07-17 17:26:46.539783360 +0200
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.11.9/tboot/20_linux_xen_tboot
+Index: tboot-1.11.10/tboot/20_linux_xen_tboot
 ===================================================================
---- tboot-1.11.9.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.11.9/tboot/20_linux_xen_tboot
+--- tboot-1.11.10.orig/tboot/20_linux_xen_tboot
++++ tboot-1.11.10/tboot/20_linux_xen_tboot
 @@ -246,7 +246,7 @@ while [ "x${xen_list}" != "x" ] ; do
          rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
-         tboot_version="1.11.9"
+         tboot_version="1.11.10"
          list="${linux_list}"
 -        echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 +        echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"

Reply via email to