[gentoo-commits] repo/gentoo:master commit in: app-crypt/tpm2-openssl/files/, app-crypt/tpm2-openssl/

Joonas Niilola Sat, 16 Mar 2024 02:09:45 -0700

commit:     0ea6df2205562e352e7dd6544eedb7aa235bd693
Author:     Christopher Byrne <salah.coronya <AT> gmail <DOT> com>
AuthorDate: Mon Feb  5 04:13:07 2024 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Sat Mar 16 09:05:10 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ea6df22


app-crypt/tpm2-openssl: Fix src_prepare and let upstream script setup TPM 
simulator

Signed-off-by: Christopher Byrne <salah.coronya <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/35187
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 ...ile-add-run-with-simulator-to-extra-dists.patch |  28 +++++
 ...2.0-tests-run-with-simulator-in-container.patch | 132 +++++++++++++++++++++
 app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild   |  67 +----------
 3 files changed, 164 insertions(+), 63 deletions(-)

diff --git 
a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch
 
b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch
new file mode 100644
index 000000000000..326fb10767f9
--- /dev/null
+++ 
b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch
@@ -0,0 +1,28 @@
+From be35c35ace48647bb73ae5028db7e8caaccd038d Mon Sep 17 00:00:00 2001
+From: Adrian Freihofer <[email protected]>
+Date: Fri, 8 Dec 2023 14:24:17 +0100
+Subject: [PATCH 1/2] Makefile: add run-with-simulator to extra dists
+
+The run-with-simulator script is executed by the make check step of
+the rpm build process. Therefore it should be packaged into the release
+tar bundles.
+
+Signed-off-by: Adrian Freihofer <[email protected]>
+---
+ Makefile.am | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Makefile.am b/Makefile.am
+index 160d84e..994a8e3 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -143,5 +143,6 @@ EXTRA_DIST = \
+     VERSION \
+     $(TESTS_SHELL) \
+     $(SH_LOG_COMPILER) \
++    test/run-with-simulator \
+     test/ec_pki/openssl.cnf \
+     test/rsa_pki/etc
+-- 
+2.43.0
+

diff --git 
a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch
 
b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch
new file mode 100644
index 000000000000..33b51b6b1028
--- /dev/null
+++ 
b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.2.0-tests-run-with-simulator-in-container.patch
@@ -0,0 +1,132 @@
+diff --git a/home/salahx/Downloads/run-with-simulator 
b/home/salahx/Downloads/run-with-simulator
+new file mode 100755
+index 000000000000..e29b591f8d8b
+--- /dev/null
++++ b/test/run-with-simulator
+@@ -0,0 +1,126 @@
++#!/bin/bash
++# SPDX-License-Identifier: BSD-3-Clause
++
++SIM_PORT_DATA=2321
++SIM_PORT_CMD=$((SIM_PORT_DATA+1))
++
++# Run from top dir of this repository
++SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd 
)
++TOP_DIR="$(realpath "$SCRIPT_DIR/..")"
++cd "$TOP_DIR" || { echo "Error: cd to cd $TOP_DIR failed"; exit 1; }
++
++
++verify_simulator_is_running() {
++    local pid_tpm=$1
++
++    sleep 1
++    ss -lntp4 2> /dev/null | grep "${pid_tpm}" | grep -q "${SIM_PORT_DATA}"
++    ret_data=$?
++    ss -lntp4 2> /dev/null | grep "${pid_tpm}" | grep -q "${SIM_PORT_CMD}"
++    ret_cmd=$?
++    if [ $ret_data -eq 0 ] && [ $ret_cmd -eq 0 ]; then
++        echo "Simulator with PID ${pid_tpm} bound to port ${SIM_PORT_DATA} 
and ${SIM_PORT_CMD} successfully."
++        return 0
++    else
++        echo "Error: Port conflict? Cleaning up PID: ${pid_tpm}"
++        return 1
++    fi
++}
++
++build_tpm2_simulator_ibm() (
++    test -d ibmtpm && return
++    echo "---> compiling IBM tpm simulator"
++    mkdir ibmtpm
++    curl -Ls 
https://downloads.sourceforge.net/project/ibmswtpm2/ibmtpm1682.tar.gz | tar xz 
-C ibmtpm
++    cd ibmtpm/src && make
++)
++
++start_tpm2_simulator_ibm () {
++    build_tpm2_simulator_ibm || return 1
++
++    echo "---> starting IBM tpm simulator"
++    ibmtpm/src/tpm_server &
++    pid_tpm=$!
++    verify_simulator_is_running $pid_tpm
++}
++
++start_tpm2_simulator_swtpm () {
++    echo "---> starting swtpm simulator"
++    swtpm socket --tpm2 \
++        --server port=$SIM_PORT_DATA \
++        --ctrl type=tcp,port=$SIM_PORT_CMD \
++        --flags not-need-init \
++        --tpmstate dir="$PWD" \
++        --seccomp action=none &
++    pid_tpm=$!
++    verify_simulator_is_running $pid_tpm
++}
++
++start_dbusd () {
++    echo "---> starting dbus daemon"
++    dbus-daemon --session --print-address > /tmp/bus-socket-path.txt &
++    sleep 1
++    DBUS_SESSION_BUS_ADDRESS="$(tail -n1 /tmp/bus-socket-path.txt)"
++    export DBUS_SESSION_BUS_ADDRESS
++}
++
++start_tpm2_abrmd() {
++    local tabrmd_tcti=$1
++
++    echo "---> starting abrmd"
++    local tabrmd_name="com.intel.tss2.Tabrmd${SIM_PORT_DATA}"
++    tpm2-abrmd --session --dbus-name="${tabrmd_name}" --tcti 
"${tabrmd_tcti}:host=localhost,port=${SIM_PORT_DATA}" &
++    TCTI_ADDRESS="tabrmd:bus_name=${tabrmd_name},bus_type=session"
++    TPM2TOOLS_TCTI="$TCTI_ADDRESS"
++    TPM2OPENSSL_TCTI="$TCTI_ADDRESS"
++    export TPM2TOOLS_TCTI
++    export TPM2OPENSSL_TCTI
++    sleep 1
++#    busctl --address="${DBUS_SESSION_BUS_ADDRESS}" list | grep "$tabrmd_name"
++}
++
++start_tpm2_sim_env() {
++    local sim_type=$1
++
++    start_dbusd
++
++    if [ "$sim_type" = "swtpm" ]; then
++        start_tpm2_simulator_swtpm || return 1
++        start_tpm2_abrmd swtpm || return 1
++    elif [ "$sim_type" = "ibm" ]; then
++        start_tpm2_simulator_ibm || return 1
++        start_tpm2_abrmd mssim || return 1
++    else
++        echo "invalid tpm simulator typ"
++        return 1
++    fi
++}
++
++make_check () {
++    echo "Running make check"
++    openssl version
++    tpm2_getcap properties-fixed | head -n 20
++    make check
++}
++
++function cleanup()
++{
++    pkill -P $$
++}
++trap cleanup EXIT
++
++build_tpm2_openssl() {
++    ./bootstrap
++    ./configure CC=gcc --enable-op-digest --enable-op-cipher
++    make
++}
++
++SIM_TYPE=${1:-swtpm}
++SKIP_BUILD=${2:-build}
++if [ "$SKIP_BUILD" = "skip-build" ]; then
++    echo "Skipping the build"
++else
++    build_tpm2_openssl || { echo "Compiling tpm2-openssl failed"; exit 1; }
++fi
++start_tpm2_sim_env "${SIM_TYPE}" || { echo "Starting tpm2 simulator failed 
($SIM_TYPE)"; exit 1; }
++make_check || { echo "tpm2-openssl make check failed"; exit 1; }

diff --git a/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild 
b/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild
index c2be93546c0c..03767401d089 100644
--- a/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild
+++ b/app-crypt/tpm2-openssl/tpm2-openssl-1.2.0.ebuild
@@ -29,77 +29,18 @@ BDEPEND="
        virtual/pkgconfig"
 
 PATCHES=(
+       "${FILESDIR}/${PN}-1.2.0-tests-run-with-simulator-in-container.patch"
+       
"${FILESDIR}/${PN}-1.2.0-Makefile-add-run-with-simulator-to-extra-dists.patch"
        
"${FILESDIR}/${PN}-1.1.1-build-Fix-undefined-references-when-using-slibtool.patch"
 )
 
 src_prepare() {
-       eautoreconf
        default
+       eautoreconf
 }
 
 src_test() {
-       dbus_run() {
-               (
-                       # start isolated dbus session bus
-                       local dbus_data=$(dbus-launch --sh-syntax) || exit
-                       eval "${dbus_data}"
-
-                       $@
-                       ret=${?}
-
-                       kill "${DBUS_SESSION_BUS_PID}"
-                       exit "${ret}"
-               ) || die
-       }
-
-       tpm2_run_with_emulator() {
-               local -x XDG_CONFIG_HOME="${T}"/.config/swtpm
-               "${BROOT}"/usr/share/swtpm/swtpm-create-user-config-files || die
-
-               mkdir -p "${XDG_CONFIG_HOME}"/mytpm1 || die
-               local swtpm_setup_args=(
-                       --tpm2
-                       --tpmstate "${XDG_CONFIG_HOME}"/mytpm1
-                       --createek
-                       --allow-signing
-                       --decryption
-                       --create-ek-cert
-                       --create-platform-cert
-                       --lock-nvram
-                       --overwrite
-                       --display
-               )
-               swtpm_setup "${swtpm_setup_args[@]}" || die
-
-               local swtpm_socket_args=(
-                       --tpm2
-                       --tpmstate dir="${XDG_CONFIG_HOME}"/mytpm1
-                       --flags startup-clear
-                       --ctrl 
type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket.ctrl
-                       --server 
type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket
-                       --pid file="${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid
-                       --daemon
-               )
-               swtpm socket "${swtpm_socket_args[@]}" || die
-
-               local tpm2_abrmd_args=(
-                       --logger=stdout
-                       
--tcti=swtpm:path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket
-                       --session
-                       --flush-all
-               )
-               tpm2-abrmd "${tpm2_abrmd_args[@]}" &
-
-               local -x TPM2OPENSSL_TCTI="tabrmd:bus_type=session"
-               local -x TPM2TOOLS_TCTI="tabrmd:bus_type=session"
-
-               $@ || die
-
-               # When swtpm dies, tmp2-abrmd will exit
-               kill $(< "${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid) || die
-       }
-
-       dbus_run tpm2_run_with_emulator make check
+       "${S}/test/run-with-simulator" swtpm skip-build || die
 }
 
 src_install() {

[gentoo-commits] repo/gentoo:master commit in: app-crypt/tpm2-openssl/files/, app-crypt/tpm2-openssl/

Reply via email to