Hello community, here is the log from the commit of package tpm2.0-tools for openSUSE:Factory checked in at 2017-06-21 13:57:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tpm2.0-tools (Old) and /work/SRC/openSUSE:Factory/.tpm2.0-tools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tpm2.0-tools" Wed Jun 21 13:57:31 2017 rev:5 rq:505011 version:2.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/tpm2.0-tools/tpm2.0-tools.changes 2017-06-04 02:00:03.658235830 +0200 +++ /work/SRC/openSUSE:Factory/.tpm2.0-tools.new/tpm2.0-tools.changes 2017-06-21 13:57:32.304435316 +0200 @@ -1,0 +2,6 @@ +Tue Jun 20 08:35:29 UTC 2017 - [email protected] + +- 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch: fixed + tpm2_listpcrs aborting saying "too much pcrs to get!" (bnc#1044419) + +------------------------------------------------------------------- New: ---- 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tpm2.0-tools.spec ++++++ --- /var/tmp/diff_new_pack.azxViM/_old 2017-06-21 13:57:32.840359719 +0200 +++ /var/tmp/diff_new_pack.azxViM/_new 2017-06-21 13:57:32.844359155 +0200 @@ -26,6 +26,9 @@ Source0: https://github.com/01org/tpm2.0-tools/archive/%{version}.zip Patch0: tpm2.0-tools-fix-hardening.patch Patch1: tpm2.0-tools-fix-gcc7.patch +# this fixes an error with an unexpectedly large number of PCRS (bnc#1044419) +# there's no release containing this fix yet +Patch2: 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: gcc-c++ @@ -48,6 +51,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %build bash ./bootstrap ++++++ 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch ++++++ >From c2586d4116b29436baa6608c5c3a222aae8bf193 Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar <[email protected]> Date: Mon, 15 May 2017 14:01:24 -0700 Subject: [PATCH] tpm2_listpcrs: use TPM2_GetCapability to determine PCRs to read Allow TPM to tell us PCRs that are available to be read in a bank instead of assuming there will be 24. This resolves an issue on a system where in the bios you can choose between hash functions (sha1 and sha256 in this case). Both will show up as supported, but when it tries reading the bank that isn't selected in the bios it makes no progress, and then fails saying that there are too many PCRs to read. This consolidates the pcr_selections init code into one function. Also a minor change to show_pcr_values to use sizeofSelect to determine loop iteration instead of hardcoding 24. Signed-off-by: Jerry Snitselaar <[email protected]> --- tools/tpm2_listpcrs.c | 55 +++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/tools/tpm2_listpcrs.c b/tools/tpm2_listpcrs.c index f50c200..42bb8c6 100644 --- a/tools/tpm2_listpcrs.c +++ b/tools/tpm2_listpcrs.c @@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_context *context) { return true; } -static void init_pcr_selection_from_algorithm(TPMI_ALG_HASH alg_id, - TPML_PCR_SELECTION *pcr_selections) { +static bool init_pcr_selection(TPMI_ALG_HASH alg_id, listpcr_context *context) { - pcr_selections->count = 1; - pcr_selections->pcrSelections[0].hash = alg_id; - set_pcr_select_size(&pcr_selections->pcrSelections[0], 3); - clear_pcr_select_bits(&pcr_selections->pcrSelections[0]); + TPMI_YES_NO moreData; + TPMS_CAPABILITY_DATA cap_data; + TPML_PCR_SELECTION *pcr_sel = &context->pcr_selections; + UINT32 rval, i, j; - UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { - set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id); + rval = Tss2_Sys_GetCapability(context->sapi_context, 0, TPM_CAP_PCRS, 0, 1, &moreData, &cap_data, 0); + if (rval != TPM_RC_SUCCESS) { + LOG_ERR("GetCapability: Get PCR allocation status Error. TPM Error:0x%x......\n", rval); + return false; } -} -/* XXX Could this internally call init_pcr_selection_from_algorithm to reduce duplicate code? */ -static void init_pcr_selection_all(tpm2_algorithm *algorithm, - TPML_PCR_SELECTION *pcr_selections) { + pcr_sel->count = 0; - pcr_selections->count = 0; + for (i = 0; i < cap_data.data.assignedPCR.count; i++) { + if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != alg_id)) + continue; + pcr_sel->pcrSelections[pcr_sel->count].hash = cap_data.data.assignedPCR.pcrSelections[i].hash; + set_pcr_select_size(&pcr_sel->pcrSelections[pcr_sel->count], cap_data.data.assignedPCR.pcrSelections[i].sizeofSelect); + for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; j++) + pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j]; + pcr_sel->count++; + } - int i; - for (i = 0; i < algorithm->count; i++) { - pcr_selections->pcrSelections[i].hash = algorithm->alg[i]; - set_pcr_select_size(&pcr_selections->pcrSelections[i], 3); - clear_pcr_select_bits(&pcr_selections->pcrSelections[i]); + if (pcr_sel->count == 0) + return false; - UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { - set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id); - } - pcr_selections->count++; - } + return true; } // show all PCR banks according to g_pcrSelection & g_pcrs-> @@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_context *context) { context->pcr_selections.pcrSelections[i].hash); UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { + for (pcr_id = 0; pcr_id < context->pcr_selections.pcrSelections[i].sizeofSelect * 8; pcr_id++) { if (!is_pcr_select_bit_set(&context->pcr_selections.pcrSelections[i], pcr_id)) { continue; @@ -271,14 +268,16 @@ static bool show_selected_pcr_values(listpcr_context *context) { static bool show_all_pcr_values(listpcr_context *context) { - init_pcr_selection_all(&context->algs, &context->pcr_selections); + if (!init_pcr_selection(0, context)) + return false; return show_selected_pcr_values(context); } static bool show_alg_pcr_values(listpcr_context *context, TPMI_ALG_HASH alg_id) { - init_pcr_selection_from_algorithm(alg_id, &context->pcr_selections); + if (!init_pcr_selection(alg_id, context)) + return false; return show_selected_pcr_values(context); } -- 2.12.3
