commit: bf87663f6b97c34728808a5e7ca8218e7230a32f Author: orbea <orbea <AT> riseup <DOT> net> AuthorDate: Mon Nov 11 20:13:13 2024 +0000 Commit: orbea <orbea <AT> riseup <DOT> net> CommitDate: Mon Nov 11 20:14:39 2024 +0000 URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=bf87663f
app-crypt/tpm2-tss: add versions Signed-off-by: orbea <orbea <AT> riseup.net> app-crypt/tpm2-tss/Manifest | 2 + ...sider-failures-to-write-files-in-sys-hard.patch | 27 +++++ ...pm2-tss-4.0.2-Dont-install-files-into-run.patch | 26 +++++ .../tpm2-tss-4.0.2-Hide-write-all-function.patch | 24 +++++ .../tpm2-tss/files/tpm2-tss-4.1.3-libressl.patch | 24 +++++ app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild | 110 +++++++++++++++++++++ app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild | 110 +++++++++++++++++++++ app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild | 109 ++++++++++++++++++++ app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild | 110 +++++++++++++++++++++ 9 files changed, 542 insertions(+) diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest index e5a285d..e08c54a 100644 --- a/app-crypt/tpm2-tss/Manifest +++ b/app-crypt/tpm2-tss/Manifest @@ -1 +1,3 @@ DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d +DIST tpm2-tss-4.0.2.tar.gz 1833499 BLAKE2B 91e70bcc66099fe5d7d53cf98a2c46582e96f204fc7bcb89c46497cc811ca1eb39c752be077a6e8132fc980a6581a2df075fcc6670d646d1270e642c144f043c SHA512 e92038de985ac928bf87a707b0f9b190aaa936827923ea5e3cbdda216cbc6cf8590af650c59c2e1e420ad9914dc6c1f14232ab7930ffc1a50fb0c49fdef6d3f0 +DIST tpm2-tss-4.1.3.tar.gz 1902009 BLAKE2B d8592f4797a4254883667476efb2fdf3c95547d9c472fe3557031e934c725e20e3cc70a9b7b41eaddac71e8d9f94beb5fbb39aec5d81b3eeb1b612df27312923 SHA512 c9a5e1e90f6545a466d43790ab2d67c52c4b788a0b21f8212575e27e04e0ac663105863fe00824e08a4e56a4f8c6b00c48c1a1c132531b8569cd5042c3bb9e69 diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch new file mode 100644 index 0000000..83f123f --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch @@ -0,0 +1,27 @@ +From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001 +From: Daan De Meyer <[email protected]> +Date: Fri, 4 Aug 2023 16:07:52 +0200 +Subject: [PATCH] Do not consider failures to write files in /sys hard errors + +systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors. + +Signed-off-by: Daan De Meyer <[email protected]> +--- + dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in +index 7ea3c652..51ff78e5 100644 +--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in ++++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in +@@ -3,5 +3,5 @@ d @localstatedir@/lib/tpm2-tss/system/keystore 2775 tss tss - + a+ @localstatedir@/lib/tpm2-tss/system/keystore - - - - default:group:tss:rwx + d @runstatedir@/tpm2-tss/eventlog 2775 tss tss - - + a+ @runstatedir@/tpm2-tss/eventlog - - - - default:group:tss:rwx +-z /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - - +-z /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - - ++z- /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - - ++z- /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - - +-- +2.43.0 + diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch new file mode 100644 index 0000000..022cd61 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Dont-install-files-into-run.patch @@ -0,0 +1,26 @@ +diff --git a/Makefile.am b/Makefile.am +index 07b7a2bf..e478fc77 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -770,13 +770,11 @@ define set_tss_permissions + endef + + define make_fapi_dirs +- ($(call make_tss_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/) || true) && \ + ($(call make_tss_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) + endef + + define set_fapi_permissions + if test -z "${DESTDIR}"; then \ +- ($(call set_tss_permissions,$(DESTDIR)$(runstatedir)/tpm2-tss)) && \ + ($(call set_tss_permissions,$(DESTDIR)$(localstatedir)/lib/tpm2-tss)) \ + fi + endef +@@ -787,7 +785,6 @@ endef + + define check_fapi_dirs + if test -z "${DESTDIR}"; then \ +- ($(call check_dir,$(DESTDIR)$(runstatedir)/tpm2-tss/eventlog/)) && \ + ($(call check_dir,$(DESTDIR)$(localstatedir)/lib/tpm2-tss/system/keystore/)) \ + fi; + endef diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch new file mode 100644 index 0000000..bd682df --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.2-Hide-write-all-function.patch @@ -0,0 +1,24 @@ +diff --git a/src/util/io.c b/src/util/io.c +index c6446826..50c0fd6c 100644 +--- a/src/util/io.c ++++ b/src/util/io.c +@@ -81,6 +81,7 @@ read_all ( + return recvd_total; + } + ++__attribute__ ((visibility("hidden"))) + ssize_t + write_all ( + SOCKET fd, +diff --git a/src/util/io.h b/src/util/io.h +index 25dd5c45..fec391d8 100644 +--- a/src/util/io.h ++++ b/src/util/io.h +@@ -70,6 +70,7 @@ read_all ( + * are detected. This is currently limited to interrupted system calls and + * short writes. + */ ++__attribute__ ((visibility("hidden"))) + ssize_t + write_all ( + SOCKET fd, diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.1.3-libressl.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.1.3-libressl.patch new file mode 100644 index 0000000..5fdad44 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.1.3-libressl.patch @@ -0,0 +1,24 @@ +Based on https://github.com/tpm2-software/tpm2-tss/pull/2380 + +--- a/src/tss2-esys/esys_crypto_ossl.c ++++ b/src/tss2-esys/esys_crypto_ossl.c +@@ -563,7 +563,9 @@ iesys_cryptossl_random2b( + int rc; + #if OPENSSL_VERSION_NUMBER < 0x30000000L + const RAND_METHOD *rand_save = RAND_get_rand_method(); ++#ifndef LIBRESSL_VERSION_NUMBER + RAND_set_rand_method(RAND_OpenSSL()); ++#endif + #else + OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new(); + if (!libctx) +@@ -621,7 +623,9 @@ iesys_cryptossl_pk_encrypt(TPM2B_PUBLIC * pub_tpm_key, + const EVP_MD * hashAlg = NULL; + const RAND_METHOD *rand_save = RAND_get_rand_method(); + ++#ifndef LIBRESSL_VERSION_NUMBER + RAND_set_rand_method(RAND_OpenSSL()); ++#endif + #else + OSSL_LIB_CTX *libctx = NULL; + EVP_MD * hashAlg = NULL; diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild new file mode 100644 index 0000000..d5852e8 --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild @@ -0,0 +1,110 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"; +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"; + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-3.2.0-libressl.patch" + "${FILESDIR}/${PN}-4.0.0-libressl-no-cert-tests.patch" + "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild new file mode 100644 index 0000000..92363ec --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2-r1.ebuild @@ -0,0 +1,110 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"; +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"; + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-3.2.0-libressl.patch" + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" + "${FILESDIR}/${PN}-4.0.2-Hide-write-all-function.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild new file mode 100644 index 0000000..796825d --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.2.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"; +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"; + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-3.2.0-libressl.patch" + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch" + "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + --disable-tcti-libtpms + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +} diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild new file mode 100644 index 0000000..6584f2d --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-4.1.3.ebuild @@ -0,0 +1,110 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"; +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"; + +LICENSE="BSD-2" +SLOT="0/4" +KEYWORDS="amd64 arm arm64 ~loong ppc64 ~riscv x86" +IUSE="doc +fapi +openssl mbedtls +policy static-libs test" +RESTRICT="!test? ( test )" + +REQUIRED_USE=" + ^^ ( mbedtls openssl ) + fapi? ( openssl !mbedtls ) + policy? ( openssl !mbedtls ) +" + +RDEPEND=" + acct-group/tss + acct-user/tss + sys-apps/util-linux:=[${MULTILIB_USEDEP}] + fapi? ( + dev-libs/json-c:=[${MULTILIB_USEDEP}] + >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}] + ) + mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) + openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] ) +" + +DEPEND=" + ${RDEPEND} + test? ( app-crypt/swtpm + dev-libs/uthash + dev-util/cmocka + fapi? ( >=net-misc/curl-7.80.0 ) ) +" + +BDEPEND=" + sys-apps/acl + virtual/pkgconfig + doc? ( app-text/doxygen ) +" + +PATCHES=( + "${FILESDIR}/${PN}-4.0.2-Dont-install-files-into-run.patch" + "${FILESDIR}/${PN}-4.1.3-libressl.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~TCG_TPM" + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +multilib_src_configure() { + # Fails with inlining + filter-flags -fno-semantic-interposition + # tests fail with LTO enabbled. See bug 865275 and 865279 + filter-lto + + local myconf=( + --localstatedir=/var + $(multilib_native_use_enable doc doxygen-doc) + $(use_enable fapi) + $(use_enable policy) + $(use_enable static-libs static) + $(multilib_native_use_enable test unit) + $(multilib_native_use_enable test integration) + --disable-tcti-libtpms + --disable-tcti-spi-ltt2go + --disable-tcti-spi-ftdi + --disable-tcti-i2c-ftdi + --disable-defaultflags + --disable-weakcrypto + --with-crypto="$(usex mbedtls mbed ossl)" + --with-runstatedir=/run + --with-udevrulesdir="$(get_udevdir)/rules.d" + --with-udevrulesprefix=60- + --without-sysusersdir + --with-tmpfilesdir="/usr/lib/tmpfiles.d" + ) + + ECONF_SOURCE=${S} econf "${myconf[@]}" +} + +multilib_src_install() { + default + keepdir /var/lib/tpm2-tss/system/keystore + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + tmpfiles_process tpm2-tss-fapi.conf + udev_reload +} + +pkg_postrm() { + udev_reload +}
