commit tboot for openSUSE:Factory

2020-09-29 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2020-09-29 19:02:10

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.4249 (New)


Package is "tboot"

Tue Sep 29 19:02:10 2020 rev:42 rq:838277 version:20200429_1.9.12

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2019-07-16 
08:41:51.451025200 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new.4249/tboot.changes2020-09-29 
19:02:29.309823422 +0200
@@ -1,0 +2,23 @@
+Mon Sep 28 12:14:22 UTC 2020 - matthias.gerst...@suse.com
+
+- update to new upstream release 1.9.12:
+- changes from 1.9.12:
+- Release localities in S3 flow for CRB interface
+- Config.mk, safestringlib/makefile : allow tool overrides
+- safestringlib: fix warnings with GCC 6.4.0
+- Strip executable file before generating tboot.gz
+- Add support for EFI memory map parse/modification
+- Add SHA384 and SHA512 digest algorithms
+- lcptools-v2: add pconf2 policy element support
+- tb_polgen: Add SHA384 and SHA512 support
+- Disable GCC9 address-of-packed-member warning
+- Fix warnings after "Avoid unsafe functions" scan
+- Use SHA256 as default hashing algorithm
+- changes from 1.9.11:
+- tb_polgen: Add support for SHA256
+- Configure IOMMU before executing GETSEC[SENTER]
+- SINIT ACM can have padding, handle that when checking size
+- disable-address-of-packed-member-warning.patch: now contained upstream
+- tboot-grub2-fix-xen-submenu-name.patch: refreshed
+
+---

Old:

  disable-address-of-packed-member-warning.patch
  tboot-1.9.10.tar.gz

New:

  tboot-1.9.12.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.mOdJ7V/_old  2020-09-29 19:02:29.949824199 +0200
+++ /var/tmp/diff_new_pack.mOdJ7V/_new  2020-09-29 19:02:29.949824199 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,20 +17,17 @@
 
 
 Name:   tboot
-%define ver 1.9.10
-Version:20190520_%{ver}
+%define ver 1.9.12
+Version:20200429_%{ver}
 Release:0
 Summary:Program for performing a verified launch using Intel TXT
 License:BSD-3-Clause
 Group:  Productivity/Security
-Url:http://sourceforge.net/projects/tboot/
+URL:http://sourceforge.net/projects/tboot/
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 Patch7: tboot-distributor.patch
-# This patch should be removed once upstream has a stock solution for the
-# gcc-9 warning
-Patch8: disable-address-of-packed-member-warning.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
@@ -57,7 +54,6 @@
 %patch3 -p1
 %patch4 -p1
 %patch7 -p1
-%patch8 -p1
 
 %build
 # Tumbleweed now uses -flto=3 by default which gives us trouble with the

++ tboot-1.9.10.tar.gz -> tboot-1.9.12.tar.gz ++
 3557 lines of diff (skipped)

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.mOdJ7V/_old  2020-09-29 19:02:30.169824466 +0200
+++ /var/tmp/diff_new_pack.mOdJ7V/_new  2020-09-29 19:02:30.169824466 +0200
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.9.10/tboot/20_linux_xen_tboot
+Index: tboot-1.9.12/tboot/20_linux_xen_tboot
 ===
 tboot-1.9.10.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.9.10/tboot/20_linux_xen_tboot
+--- tboot-1.9.12.orig/tboot/20_linux_xen_tboot
 tboot-1.9.12/tboot/20_linux_xen_tboot
 @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do
  rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
- tboot_version="1.9.10"
+ tboot_version="1.9.12"
  list="${linux_list}"
 -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"




commit tboot for openSUSE:Factory

2019-07-16 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2019-07-16 08:41:50

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.1887 (New)


Package is "tboot"

Tue Jul 16 08:41:50 2019 rev:41 rq:715443 version:20190520_1.9.10

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2019-07-11 
13:19:03.742754747 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new.1887/tboot.changes2019-07-16 
08:41:51.451025200 +0200
@@ -1,0 +2,5 @@
+Fri Jul 12 16:24:27 UTC 2019 - Martin Liška 
+
+- Disable LTO in more elegant way (boo#1141323).
+
+---



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.yCPv2f/_old  2019-07-16 08:41:52.003024903 +0200
+++ /var/tmp/diff_new_pack.yCPv2f/_new  2019-07-16 08:41:52.007024901 +0200
@@ -62,8 +62,8 @@
 %build
 # Tumbleweed now uses -flto=3 by default which gives us trouble with the
 # statically linked C and assembler code in tboot. Better to be conservative
-# here since tboot is low level stuff -> disable LTO for us.
-export CFLAGS="%{optflags} -fno-lto"
+# here since tboot is low level stuff -> disable LTO for us (boo#1141323).
+%define _lto_cflags %{nil}
 export TBOOT_CFLAGS="$CFLAGS"
 make debug=y %{?_smp_mflags}
 




commit tboot for openSUSE:Factory

2019-07-11 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2019-07-11 13:18:55

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.4615 (New)


Package is "tboot"

Thu Jul 11 13:18:55 2019 rev:40 rq:714590 version:20190520_1.9.10

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2019-06-18 
14:56:03.477414155 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new.4615/tboot.changes2019-07-11 
13:19:03.742754747 +0200
@@ -1,0 +2,6 @@
+Thu Jul 11 08:06:42 UTC 2019 - mgerstner 
+
+- explicitly disable gcc9 link time optimization to fix the build and avoid
+  trouble in low level tboot code.
+
+---



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.JNoxW8/_old  2019-07-11 13:19:04.498754509 +0200
+++ /var/tmp/diff_new_pack.JNoxW8/_new  2019-07-11 13:19:04.502754508 +0200
@@ -60,7 +60,10 @@
 %patch8 -p1
 
 %build
-export CFLAGS="%{optflags}"
+# Tumbleweed now uses -flto=3 by default which gives us trouble with the
+# statically linked C and assembler code in tboot. Better to be conservative
+# here since tboot is low level stuff -> disable LTO for us.
+export CFLAGS="%{optflags} -fno-lto"
 export TBOOT_CFLAGS="$CFLAGS"
 make debug=y %{?_smp_mflags}
 




commit tboot for openSUSE:Factory

2019-06-18 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2019-06-18 14:56:00

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.4811 (New)


Package is "tboot"

Tue Jun 18 14:56:00 2019 rev:39 rq:705831 version:20190520_1.9.10

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2019-05-21 
10:39:55.119105248 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new.4811/tboot.changes2019-06-18 
14:56:03.477414155 +0200
@@ -1,0 +2,6 @@
+Tue May 28 08:19:14 UTC 2019 - mgerstner 
+
+- add disable-address-of-packed-member-warning.patch: taken over patch found
+  in the Fedora package to disable a new gcc-9 warning that breaks the build.
+
+---

New:

  disable-address-of-packed-member-warning.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.9FeuGF/_old  2019-06-18 14:56:04.113413757 +0200
+++ /var/tmp/diff_new_pack.9FeuGF/_new  2019-06-18 14:56:04.117413755 +0200
@@ -28,6 +28,9 @@
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 Patch7: tboot-distributor.patch
+# This patch should be removed once upstream has a stock solution for the
+# gcc-9 warning
+Patch8: disable-address-of-packed-member-warning.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
@@ -54,6 +57,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch7 -p1
+%patch8 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ disable-address-of-packed-member-warning.patch ++
>From 1cf1c3e6af1f43555de7ec89cd1e8bc3ea0aaefe Mon Sep 17 00:00:00 2001
From: Yunying Sun 
Date: Mon, 13 May 2019 17:26:13 +0800
Subject: [PATCH] disable address of packed member warning

---
 Config.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Config.mk b/Config.mk
index 6a64d1a..27bce1b 100644
--- a/Config.mk
+++ b/Config.mk
@@ -43,7 +43,7 @@ CFLAGS_WARN   = -Wall -Wformat-security -Werror 
-Wstrict-prototypes \
-Wextra -Winit-self -Wswitch-default -Wunused-parameter \
-Wwrite-strings \
$(call cc-option,$(CC),-Wlogical-op,) \
-   -Wno-missing-field-initializers
+   -Wno-missing-field-initializers 
-Wno-address-of-packed-member
 
 AS = as
 LD = ld
-- 
2.21.0




commit tboot for openSUSE:Factory

2019-05-21 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2019-05-21 10:39:20

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.5148 (New)


Package is "tboot"

Tue May 21 10:39:20 2019 rev:38 rq:704217 version:20190520_1.9.10

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2019-01-21 
10:53:02.531823717 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new.5148/tboot.changes2019-05-21 
10:39:55.119105248 +0200
@@ -1,0 +2,17 @@
+Mon May 20 11:21:46 UTC 2019 - mgerstner 
+
+- update to new upstream release 1.9.10:
+- changes from 1.9.10:
+- lcp-gen2: update with latest version (wxWidgets wildcard bugfix)
+- print latest tag in logs
+- add support for 64bit framebuffer address
+- changes from 1.9.9:
+- tools: fix some dereference-NULL issues reported by klocwork
+- tools: replace banned mem/str fns with corresponding ones in 
safestringlib
+- Add safestringlib code to support replacement of banned mem/str fns
+- lcptools: remove tools supporting platforms before 2008
+- tboot: update string/memory fn name to differentiate from c lib
+- Fix a harmless overflow caused by wrong loop limits
+- rebased patches to match new upstream version
+
+---

Old:

  tboot-1.9.8.tar.gz

New:

  tboot-1.9.10.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.dVEaIQ/_old  2019-05-21 10:39:56.231104526 +0200
+++ /var/tmp/diff_new_pack.dVEaIQ/_new  2019-05-21 10:39:56.235104523 +0200
@@ -12,13 +12,13 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 Name:   tboot
-%define ver 1.9.8
-Version:20170711_%{ver}
+%define ver 1.9.10
+Version:20190520_%{ver}
 Release:0
 Summary:Program for performing a verified launch using Intel TXT
 License:BSD-3-Clause
@@ -32,6 +32,7 @@
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
+BuildRequires:  zlib-devel
 
 %if 0%{?suse_version} > 1320
 BuildRequires:  update-bootloader-rpm-macros
@@ -64,14 +65,8 @@
 
 %files
 %defattr(-,root,root,-)
-%doc README COPYING docs/* lcptools/lcptools2.txt 
lcptools/Linux_LCP_Tools_User_Manual.pdf
+%doc README COPYING docs/* lcptools-v2/lcptools.txt 
lcptools/Linux_LCP_Tools_User_Manual.pdf
 %{_sbindir}/acminfo
-%{_sbindir}/lcp_crtpconf
-%{_sbindir}/lcp_crtpol
-%{_sbindir}/lcp_crtpol2
-%{_sbindir}/lcp_crtpolelt
-%{_sbindir}/lcp_crtpollist
-%{_sbindir}/lcp_mlehash
 %{_sbindir}/lcp_readpol
 %{_sbindir}/lcp_writepol
 %{_sbindir}/parse_err

++ tboot-1.9.8.tar.gz -> tboot-1.9.10.tar.gz ++
 40130 lines of diff (skipped)

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.dVEaIQ/_old  2019-05-21 10:39:56.395104419 +0200
+++ /var/tmp/diff_new_pack.dVEaIQ/_new  2019-05-21 10:39:56.395104419 +0200
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.9.8/tboot/20_linux_xen_tboot
+Index: tboot-1.9.10/tboot/20_linux_xen_tboot
 ===
 tboot-1.9.8.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.9.8/tboot/20_linux_xen_tboot
+--- tboot-1.9.10.orig/tboot/20_linux_xen_tboot
 tboot-1.9.10/tboot/20_linux_xen_tboot
 @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do
  rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
- tboot_version="1.9.8"
+ tboot_version="1.9.10"
  list="${linux_list}"
 -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"




commit tboot for openSUSE:Factory

2019-01-21 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2019-01-21 10:52:52

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new.28833 (New)


Package is "tboot"

Mon Jan 21 10:52:52 2019 rev:37 rq:665950 version:20170711_1.9.8

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2018-10-25 
09:11:30.730319613 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new.28833/tboot.changes   2019-01-21 
10:53:02.531823717 +0100
@@ -4 +4 @@
-- update to new upstream release 1.9.8:
+- update to new upstream release 1.9.8 (FATE#324359):



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.1C0BCS/_old  2019-01-21 10:53:03.895822068 +0100
+++ /var/tmp/diff_new_pack.1C0BCS/_new  2019-01-21 10:53:03.895822068 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed




commit tboot for openSUSE:Factory

2018-10-25 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2018-10-25 09:11:30

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Thu Oct 25 09:11:30 2018 rev:36 rq:644201 version:20170711_1.9.8

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2018-09-15 
15:41:21.192784743 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-10-25 
09:11:30.730319613 +0200
@@ -1,0 +2,10 @@
+Wed Oct 24 08:44:04 UTC 2018 - matthias.gerst...@suse.com
+
+- update to new upstream release 1.9.8:
+- Skip tboot launch error index read/write when ignore prev err option 
is true
+- s3-fix: fix a stack overflow caused by enlarged tb_hash_t union
+- S3 fix: revert the mis-changed type casting in changeset 
522:8e881a07c059
+- S3-fix: Adding option save_vtd=true to opt-in the vtd table restore
+- rebased patches to match new upstream version
+
+---

Old:

  tboot-1.9.7.tar.gz

New:

  tboot-1.9.8.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.rKPaqF/_old  2018-10-25 09:11:31.150319362 +0200
+++ /var/tmp/diff_new_pack.rKPaqF/_new  2018-10-25 09:11:31.154319359 +0200
@@ -17,7 +17,7 @@
 
 
 Name:   tboot
-%define ver 1.9.7
+%define ver 1.9.8
 Version:20170711_%{ver}
 Release:0
 Summary:Program for performing a verified launch using Intel TXT

++ tboot-1.9.7.tar.gz -> tboot-1.9.8.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/.hg_archival.txt 
new/tboot-1.9.8/.hg_archival.txt
--- old/tboot-1.9.7/.hg_archival.txt2018-09-03 10:43:39.0 +0200
+++ new/tboot-1.9.8/.hg_archival.txt2018-10-18 06:55:47.0 +0200
@@ -1,4 +1,5 @@
 repo: cedd93279188334eb41d248d5eb70a41a2bc70ca
-node: fa126d410df0916f0bab32a882349eb401597d5f
+node: bde570f28820ea6cfc4a12fecec9f51e867e28ca
 branch: default
-tag: v1.9.7
+latesttag: v1.9.8
+latesttagdistance: 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/.hgtags new/tboot-1.9.8/.hgtags
--- old/tboot-1.9.7/.hgtags 2018-09-03 10:43:39.0 +0200
+++ new/tboot-1.9.8/.hgtags 2018-10-18 06:55:47.0 +0200
@@ -17,3 +17,6 @@
 698548a9b9fe6201361d19099100f8eb59fad4f6 v1.9.5
 61c17659bb8670e466c3bac8913459848f5f36d5 v1.9.6
 11613463d703e203785b2e4dc9447d76530266c4 v1.9.7
+11613463d703e203785b2e4dc9447d76530266c4 v1.9.7
+fa126d410df0916f0bab32a882349eb401597d5f v1.9.7
+dbc7b1d289f848c3d88a9d4694d67fd409f48039 v1.9.8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/CHANGELOG new/tboot-1.9.8/CHANGELOG
--- old/tboot-1.9.7/CHANGELOG   2018-09-03 10:43:39.0 +0200
+++ new/tboot-1.9.8/CHANGELOG   2018-10-18 06:55:47.0 +0200
@@ -1,3 +1,8 @@
+20181011: v1.9.8
+Skip tboot launch error index read/write when ignore prev err option 
is true
+s3-fix: fix a stack overflow caused by enlarged tb_hash_t union
+S3 fix: revert the mis-changed type casting in changeset 
522:8e881a07c059
+S3-fix: Adding option save_vtd=true to opt-in the vtd table restore
 20180830: v1.9.7
 Fix a lot of issues in tools reported by klocwork scan.
 Fix a lot of issues in tboot module reported by klocwork scan.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/README new/tboot-1.9.8/README
--- old/tboot-1.9.7/README  2018-09-03 10:43:39.0 +0200
+++ new/tboot-1.9.8/README  2018-10-18 06:55:47.0 +0200
@@ -315,6 +315,16 @@
setting provides a way to force use of the legacy log format for TPM 2 
systems:
force_tpm2_legacy_log=false|true  // defaults to false
 
+o  Opt-in the vtd dmar table save/restore process
+   With recent kernel (4.16.3 in fedora28), the acpi table seems changed by
+   kernel. So function restore_vtd_dmar_table() will not work as expected to
+   find the vtd dmar table and restore it in S3 resume, instead, the system 
will
+   run into a hang or a reset.
+
+   To solve the S3 issue but still keep vtd dmar table save/restore process for
+   specific case, add below option:
+   save_vtd=false|true  // defaults to false
+ 
 PCR Usage:
 -
 o  Legacy PCR mapping
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_tboot 
new/tboot-1.9.8/tboot/20_linux_tboot
--- old/tboot-1.9.7/tboot/20_linux_tboot2018-09-03 10:43:39.0 

commit tboot for openSUSE:Factory

2018-09-04 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2018-09-04 22:56:37

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Tue Sep  4 22:56:37 2018 rev:34 rq:632828 version:20170711_1.9.7

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2018-09-03 
10:35:47.164775305 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-09-04 
22:56:40.725105135 +0200
@@ -1,0 +2,9 @@
+Mon Sep  3 10:11:39 UTC 2018 - matthias.gerst...@suse.com
+
+- package new upstream tarball for 1.9.7. It seems the tarball was replaced
+  upstream without notice, because some version numbers have not been
+  incremented.
+- tboot-grub2-fix-menu-in-xen-host-server.patch: rebased
+- tboot-grub2-fix-xen-submenu-name.patch: rebased
+
+---



Other differences:
--
++ tboot-1.9.7.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/.hg_archival.txt 
new/tboot-1.9.7/.hg_archival.txt
--- old/tboot-1.9.7/.hg_archival.txt2018-08-30 12:15:12.0 +0200
+++ new/tboot-1.9.7/.hg_archival.txt2018-09-03 10:43:39.0 +0200
@@ -1,4 +1,4 @@
 repo: cedd93279188334eb41d248d5eb70a41a2bc70ca
-node: 11613463d703e203785b2e4dc9447d76530266c4
+node: fa126d410df0916f0bab32a882349eb401597d5f
 branch: default
 tag: v1.9.7
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/.hgtags new/tboot-1.9.7/.hgtags
--- old/tboot-1.9.7/.hgtags 2018-08-30 12:15:12.0 +0200
+++ new/tboot-1.9.7/.hgtags 2018-09-03 10:43:39.0 +0200
@@ -16,3 +16,4 @@
 9d8ee7ff40107fde7512b0a9196c568152ce1c72 v1.9.4
 698548a9b9fe6201361d19099100f8eb59fad4f6 v1.9.5
 61c17659bb8670e466c3bac8913459848f5f36d5 v1.9.6
+11613463d703e203785b2e4dc9447d76530266c4 v1.9.7
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_tboot 
new/tboot-1.9.7/tboot/20_linux_tboot
--- old/tboot-1.9.7/tboot/20_linux_tboot2018-08-30 12:15:12.0 
+0200
+++ new/tboot-1.9.7/tboot/20_linux_tboot2018-09-03 10:43:39.0 
+0200
@@ -201,7 +201,7 @@
 tboot_dirname=`dirname ${current_tboot}`
 rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname`
 #tboot_version=`echo $tboot_basename | sed -e "s,.gz$,,g;s,^tboot-,,g"`
-tboot_version="1.9.6"
+tboot_version="1.9.7"
 echo "submenu \"tboot ${tboot_version}\" {"
 while [ "x$list" != "x" ] ; do
linux=`version_find_latest $list`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_xen_tboot 
new/tboot-1.9.7/tboot/20_linux_xen_tboot
--- old/tboot-1.9.7/tboot/20_linux_xen_tboot2018-08-30 12:15:12.0 
+0200
+++ new/tboot-1.9.7/tboot/20_linux_xen_tboot2018-09-03 10:43:39.0 
+0200
@@ -216,7 +216,7 @@
 tboot_basename=`basename ${current_tboot}`
 tboot_dirname=`dirname ${current_tboot}`
 rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
-tboot_version="1.9.6"
+tboot_version="1.9.7"
 list="${linux_list}"
 echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 while [ "x$list" != "x" ] ; do

++ tboot-grub2-fix-menu-in-xen-host-server.patch ++
--- /var/tmp/diff_new_pack.moqifS/_old  2018-09-04 22:56:41.189106719 +0200
+++ /var/tmp/diff_new_pack.moqifS/_new  2018-09-04 22:56:41.189106719 +0200
@@ -23,10 +23,10 @@
 References: bnc#865815
 Porting to tboot in order to fix duplicated xen entries
 
-Index: tboot-1.9.6/tboot/20_linux_tboot
+Index: tboot-1.9.7/tboot/20_linux_tboot
 ===
 tboot-1.9.6.orig/tboot/20_linux_tboot
-+++ tboot-1.9.6/tboot/20_linux_tboot
+--- tboot-1.9.7.orig/tboot/20_linux_tboot
 tboot-1.9.7/tboot/20_linux_tboot
 @@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ "
break
fi
@@ -77,10 +77,10 @@
if test -n "${initrd}" ; then
echo "Found initrd image: ${dirname}/${initrd}" >&2
else
-Index: tboot-1.9.6/tboot/20_linux_xen_tboot
+Index: tboot-1.9.7/tboot/20_linux_xen_tboot
 ===
 tboot-1.9.6.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.9.6/tboot/20_linux_xen_tboot
+--- tboot-1.9.7.orig/tboot/20_linux_xen_tboot
 tboot-1.9.7/tboot/20_linux_xen_tboot
 @@ -52,6 +52,12 @@ fi
  export TEXTDOMAIN=grub
  export 

commit tboot for openSUSE:Factory

2018-09-03 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2018-09-03 10:35:45

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Mon Sep  3 10:35:45 2018 rev:33 rq:632523 version:20170711_1.9.7

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2018-03-16 
10:45:09.320570880 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-09-03 
10:35:47.164775305 +0200
@@ -1,0 +2,31 @@
+Fri Aug 31 14:23:48 UTC 2018 - matthias.gerst...@suse.com
+
+- update to upstream version 1.9.7. This in mainly a bugfix release:
+Fix a lot of issues in tools reported by klocwork scan.
+Fix a lot of issues in tboot module reported by klocwork scan.
+Remove a redundant tboot option
+Fix indent in heap.c
+Fix 4 issues along with extpol=agile option
+Mitigations for tpm interposer attacks
+Add an option in tboot to force SINIT to use the legacy TPM2 log 
format.
+Add support for appending to a TPM2 TCG style event log.
+Ensure tboot log is available even when measured launch is skipped.
+Add centos7 instructions for Use in EFI boot mode.
+Fix memory leak and invalid reads and writes issues.
+Fix TPM 1.2 locality selection issue.
+Fix a null pointer dereference bug when Intel TXT is disabled.
+Optimize tboot docs installation.
+Fix security vulnerabilities rooted in tpm_if structure and g_tpm 
variable.
+The size field of the MB2 tag is the size of the tag header + the size
+Fix openssl-1.0.2 double frees
+Make policy element stm_elt use unique type name
+lcptools-v2 utilities fixes
+port to openssl-1.1.0
+Reset debug PCR16 to zero.
+Fix a logical error in function bool evtlog_append(...).
+- removed tboot-CVE-2017-16837.patch: now contained in tarball
+- removed tboot-openssl-1-1-0.patch: now contained in tarball
+- removed tboot-signature-segfault.patch: now contained in tarball
+- removed tboot-ssl-broken.patch: now contained in tarball
+
+---

Old:

  tboot-1.9.6.tar.gz
  tboot-CVE-2017-16837.patch
  tboot-openssl-1-1-0.patch
  tboot-signature-segfault.patch
  tboot-ssl-broken.patch

New:

  tboot-1.9.7.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.1AHo2A/_old  2018-09-03 10:35:47.684776649 +0200
+++ /var/tmp/diff_new_pack.1AHo2A/_new  2018-09-03 10:35:47.684776649 +0200
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.9.6
-Version:20170711_1.9.6
+%define ver 1.9.7
+Version:20170711_%{ver}
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause
@@ -27,15 +27,7 @@
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
-Patch5: tboot-openssl-1-1-0.patch
-Patch6: tboot-CVE-2017-16837.patch
 Patch7: tboot-distributor.patch
-# a stark history regarding SSL: ssl functions never really worked in tboot,
-# even the signature-segfault upstream fix didn't fix the root causes.
-# ssl-broken.patch is my own patch that I have published on the tboot-devel
-# mailing list, but no response so far.
-Patch8: tboot-signature-segfault.patch
-Patch9: tboot-ssl-broken.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
@@ -60,11 +52,7 @@
 %setup -q -n %name-%ver
 %patch3 -p1
 %patch4 -p1
-%patch5 -p1
-%patch6 -p1
 %patch7 -p1
-%patch8 -p1
-%patch9 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ tboot-1.9.6.tar.gz -> tboot-1.9.7.tar.gz ++
 3807 lines of diff (skipped)




commit tboot for openSUSE:Factory

2018-03-16 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2018-03-16 10:43:50

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Fri Mar 16 10:43:50 2018 rev:32 rq:587462 version:20170711_1.9.6

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2018-02-22 
15:03:03.836670196 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-03-16 
10:45:09.320570880 +0100
@@ -1,0 +2,10 @@
+Thu Mar 15 09:49:03 UTC 2018 - matthias.gerst...@suse.com
+
+- tboot-signature-segfault.patch: Intermediate patch necessary for
+  tboot-ssl-broken.patch. Upstream tried to fix OpenSSL issues here, but
+  failed to do so.
+- tboot-ssl-broken.patch: Fixed memory corruption when using OpenSSL
+  functionality like in lcp2_crtpollist (bnc#1083693). Fix has not yet been
+  commented on by upstream (posted on tboot-devel mailing list).
+
+---

New:

  tboot-signature-segfault.patch
  tboot-ssl-broken.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.uywoS8/_old  2018-03-16 10:45:10.376532857 +0100
+++ /var/tmp/diff_new_pack.uywoS8/_new  2018-03-16 10:45:10.380532713 +0100
@@ -30,7 +30,12 @@
 Patch5: tboot-openssl-1-1-0.patch
 Patch6: tboot-CVE-2017-16837.patch
 Patch7: tboot-distributor.patch
-# PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
+# a stark history regarding SSL: ssl functions never really worked in tboot,
+# even the signature-segfault upstream fix didn't fix the root causes.
+# ssl-broken.patch is my own patch that I have published on the tboot-devel
+# mailing list, but no response so far.
+Patch8: tboot-signature-segfault.patch
+Patch9: tboot-ssl-broken.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
@@ -58,6 +63,8 @@
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
+%patch9 -p1
 
 %build
 export CFLAGS="%{optflags}"
@@ -107,7 +114,7 @@
 %postun
 %if 0%{?update_bootloader_check_type_reinit_post:1} 
 # there is no clean solution for refresh during package removal at the moment.
-# %posttrans is not executed during package removal.
+# %%posttrans is not executed during package removal.
 %update_bootloader_check_type_reinit_post grub2 grub2-efi
 %update_bootloader_posttrans
 %else

++ tboot-signature-segfault.patch ++
changeset:   506:09fae64a7515
user:Ning Sun 
date:Sat Sep 02 01:40:15 2017 -0700
summary: Fix openssl-1.0.2 double frees

Index: tboot-1.9.6/lcptools-v2/crtpollist.c
===
--- tboot-1.9.6.orig/lcptools-v2/crtpollist.c
+++ tboot-1.9.6/lcptools-v2/crtpollist.c
@@ -160,15 +160,14 @@ static lcp_signature_t2 *read_rsa_pubkey
 
 memset(sig, 0, sizeof(lcp_rsa_signature_t) + 2*keysize);
 sig->rsa_signature.pubkey_size = keysize;
-   
-BIGNUM *modulus = BN_new();
-
+
 /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA 
stuct */
 #if OPENSSL_VERSION_NUMBER >= 0x1010L
+BIGNUM *modulus = BN_new();
 RSA_get0_key(pubkey, (const BIGNUM **), NULL, NULL); 
 #else
-modulus = pubkey->n;
+BIGNUM *modulus = BN_dup(pubkey->n);
 #endif
 
 unsigned char key[keysize];
Index: tboot-1.9.6/lcptools-v2/lcputils.c
===
--- tboot-1.9.6.orig/lcptools-v2/lcputils.c
+++ tboot-1.9.6/lcptools-v2/lcputils.c
@@ -384,8 +384,8 @@ bool verify_signature(const uint8_t *dat
 #if OPENSSL_VERSION_NUMBER >= 0x1010L
 RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); 
 #else
-rsa_pubkey->n = modulus;
-rsa_pubkey->e = exponent;
+rsa_pubkey->n = BN_dup(modulus);
+rsa_pubkey->e = BN_dup(exponent);
 rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL;
 #endif
 
Index: tboot-1.9.6/lcptools/crtpollist.c
===
--- tboot-1.9.6.orig/lcptools/crtpollist.c
+++ tboot-1.9.6/lcptools/crtpollist.c
@@ -155,14 +155,14 @@ static lcp_signature_t *read_pubkey_file
 
 memset(sig, 0, sizeof(*sig) + 2*keysize);
 sig->pubkey_size = keysize;
-   
-BIGNUM *modulus = BN_new();
+
 /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA 
stuct */ 
 #if OPENSSL_VERSION_NUMBER >= 0x1010L
+BIGNUM *modulus = BN_new();
 RSA_get0_key(pubkey, (const BIGNUM **), NULL, NULL); 
 #else
-   modulus = pubkey->n;
+ 

commit tboot for openSUSE:Factory

2018-02-20 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2018-02-20 17:55:30

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Tue Feb 20 17:55:30 2018 rev:30 rq:578146 version:20170711_1.9.6

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-11-16 
14:04:31.529990698 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-02-20 
17:55:42.417099729 +0100
@@ -1,0 +2,8 @@
+Mon Feb 12 13:27:20 UTC 2018 - matthias.gerst...@suse.com
+
+- tboot-distributor.patch: don't add GNU/Linux to grub menu entries. SUSE's
+  grub2 itself doesn't do it as well. (bnc#1078262)
+- perform update of bootloader configuration after installation via
+  %posttrans. (bnc#1078262)
+
+---

New:

  tboot-distributor.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.GBApMh/_old  2018-02-20 17:55:43.729052489 +0100
+++ /var/tmp/diff_new_pack.GBApMh/_new  2018-02-20 17:55:43.733052345 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,11 +29,22 @@
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 Patch5: tboot-openssl-1-1-0.patch
 Patch6: tboot-CVE-2017-16837.patch
+Patch7: tboot-distributor.patch
 # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
+ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
-ExclusiveArch:  %{ix86} x86_64
+
+%if 0%{?suse_version} > 1320
+BuildRequires:  update-bootloader-rpm-macros
+%endif
+
+%if 0%{?update_bootloader_requires:1}
+%update_bootloader_requires
+%else
+Requires:   perl-Bootloader
+%endif
 
 %description
 Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel(R)
@@ -46,6 +57,7 @@
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 %build
 export CFLAGS="%{optflags}"
@@ -85,4 +97,14 @@
 %{_sysconfdir}/grub.d/20_linux_tboot
 %{_sysconfdir}/grub.d/20_linux_xen_tboot
 
+%post
+%if 0%{?update_bootloader_check_type_reinit_post:1} 
+%update_bootloader_check_type_reinit_post grub2 grub2-efi
+%else
+/sbin/update-bootloader --reinit || true
+%endif
+
+%posttrans
+%{?update_bootloader_posttrans}
+
 %changelog

++ tboot-distributor.patch ++
Index: tboot-1.9.6/tboot/20_linux_tboot
===
--- tboot-1.9.6.orig/tboot/20_linux_tboot
+++ tboot-1.9.6/tboot/20_linux_tboot
@@ -72,7 +72,7 @@ CLASS="--class gnu-linux --class gnu --c
 if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
   OS=GNU/Linux
 else
-  OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+  OS="${GRUB_DISTRIBUTOR}"
   CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr '[A-Z]' '[a-z]' | cut -d' ' 
-f1) ${CLASS}"
 fi
 
Index: tboot-1.9.6/tboot/20_linux_xen_tboot
===
--- tboot-1.9.6.orig/tboot/20_linux_xen_tboot
+++ tboot-1.9.6/tboot/20_linux_xen_tboot
@@ -63,7 +63,7 @@ CLASS="--class gnu-linux --class gnu --c
 if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
   OS=GNU/Linux
 else
-  OS="${GRUB_DISTRIBUTOR} GNU/Linux"
+  OS="${GRUB_DISTRIBUTOR}"
   CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1) 
${CLASS}"
 fi
 



commit tboot for openSUSE:Factory

2017-11-16 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-11-16 14:04:28

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Thu Nov 16 14:04:28 2017 rev:29 rq:542218 version:20170711_1.9.6

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-11-11 
14:20:13.289846699 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-11-16 
14:04:31.529990698 +0100
@@ -1,0 +2,8 @@
+Thu Nov 16 09:49:48 UTC 2017 - matthias.gerst...@suse.com
+
+- tboot-CVE-2017-16837.patch: fix a major security issue in tboot. tboot
+  failed to validate a number of immutable function pointers, which could
+  allow an attacker to bypass the chain of trust and execute arbitrary code
+  (bnc#1068390, CVE-2017-16837).
+
+---

New:

  tboot-CVE-2017-16837.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.HgRMut/_old  2017-11-16 14:04:32.277963588 +0100
+++ /var/tmp/diff_new_pack.HgRMut/_new  2017-11-16 14:04:32.281963443 +0100
@@ -28,6 +28,7 @@
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 Patch5: tboot-openssl-1-1-0.patch
+Patch6: tboot-CVE-2017-16837.patch
 # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
@@ -44,6 +45,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ tboot-CVE-2017-16837.patch ++
 1059 lines (skipped)




commit tboot for openSUSE:Factory

2017-11-11 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-11-11 14:19:52

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Sat Nov 11 14:19:52 2017 rev:28 rq:540236 version:20170711_1.9.6

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-07-21 
22:48:03.468082005 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-11-11 
14:20:13.289846699 +0100
@@ -1,0 +2,7 @@
+Thu Nov  9 14:08:59 UTC 2017 - matthias.gerst...@suse.com
+
+- tboot-openssl-1-1-0.patch: make package compatible with OpenSSL 1.1.0.
+  There's no upstream release containing this patch yet. The patch builds
+  against OpenSSL 1.0.x as well. This is for SLE-15 support (bnc#1067229).
+
+---

New:

  tboot-openssl-1-1-0.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.oHhwNa/_old  2017-11-11 14:20:15.837753319 +0100
+++ /var/tmp/diff_new_pack.oHhwNa/_new  2017-11-11 14:20:15.841753173 +0100
@@ -27,6 +27,7 @@
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
+Patch5: tboot-openssl-1-1-0.patch
 # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
@@ -42,6 +43,7 @@
 %setup -q -n %name-%ver
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ tboot-openssl-1-1-0.patch ++
changeset:   503:2bb331ec268d
user:Ning Sun 
date:Mon Aug 28 02:10:28 2017 -0700
summary: port to openssl-1.1.0

diff -r e57efe410a90 -r 2bb331ec268d lcptools/hash.c
--- a/lcptools/hash.c   Mon Jul 24 05:34:17 2017 -0700
+++ b/lcptools/hash.c   Mon Aug 28 02:10:28 2017 -0700
@@ -74,13 +74,18 @@
 return false;
 
 if ( hash_alg == TB_HALG_SHA1_LG ) {
-EVP_MD_CTX ctx;
+EVP_MD_CTX *ctx = EVP_MD_CTX_create();
+if (ctx == NULL) {
+fprintf(stderr, "%s(): EVP_MD_CTX_create() failed.\n", __func__);
+return false;
+}
 const EVP_MD *md;
 
 md = EVP_sha1();
-EVP_DigestInit(, md);
-EVP_DigestUpdate(, buf, size);
-EVP_DigestFinal(, hash->sha1, NULL);
+EVP_DigestInit(ctx, md);
+EVP_DigestUpdate(ctx, buf, size);
+EVP_DigestFinal(ctx, hash->sha1, NULL);
+EVP_MD_CTX_destroy(ctx);
 return true;
 }
 else




commit tboot for openSUSE:Factory

2017-07-21 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-07-21 22:47:59

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Fri Jul 21 22:47:59 2017 rev:27 rq:511178 version:20170711_1.9.6

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-06-05 
18:50:33.439397827 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-07-21 
22:48:03.468082005 +0200
@@ -1,0 +2,24 @@
+Tue Jul 18 11:10:29 UTC 2017 - matthias.gerst...@suse.com
+
+update to new upstream version 1.9.6:
+
+- removed following patches, because they're now included upstream:
+   * reproducible.patch
+   * tboot-grub2-suse.patch
+   * tboot-gcc7.patch
+
+- Changes in this version:
+   * GCC7 fix, adds generic FALLTHROUGH notations to avoid warnings 
appearing on GCC7
+* Ensure Tboot never overwrites modules in the process of moving them.
+* Add support to x2APIC, which uses 32 bit APIC ID.
+* Fix S3 secrets sealing/unsealing failures
+* Support OpenSSL 1.1.0+ for ECDSA signature verification.
+* Support OpenSSL 1.1.0+ for RSA key manipulation.
+* Adds additional checks to prevent the kernel image from being 
overwritten.
+* Added TCG TPM event log support.
+* Pass through the EFI memory map that's provided by grub2.
+* Fix a null pointer dereference bug when Intel TXT is disabled in 
BIOS.
+* Adjust KERNEL_CMDLINE_OFFSET from 0x9000 to 0x8D00.
+* Bounds checking on the kernel_cmdline string.
+
+---

Old:

  reproducible.patch
  tboot-1.9.5.tar.gz
  tboot-gcc7.patch
  tboot-grub2-suse.patch

New:

  tboot-1.9.6.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.zXXjal/_old  2017-07-21 22:48:04.975869313 +0200
+++ /var/tmp/diff_new_pack.zXXjal/_new  2017-07-21 22:48:04.979868749 +0200
@@ -17,20 +17,17 @@
 
 
 Name:   tboot
-%define ver 1.9.5
-Version:20160518_1.9.4
+%define ver 1.9.6
+Version:20170711_1.9.6
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause
 Group:  Productivity/Security
 Url:http://sourceforge.net/projects/tboot/
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
-Patch1: tboot-grub2-suse.patch
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
-Patch5: reproducible.patch
-Patch6: tboot-gcc7.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -43,11 +40,8 @@
 
 %prep
 %setup -q -n %name-%ver
-%patch1 -p1
 %patch3 -p1
 %patch4 -p1
-%patch5 -p1
-%patch6 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ tboot-1.9.5.tar.gz -> tboot-1.9.6.tar.gz ++
 3130 lines of diff (skipped)

++ tboot-grub2-fix-menu-in-xen-host-server.patch ++
--- /var/tmp/diff_new_pack.zXXjal/_old  2017-07-21 22:48:05.203837155 +0200
+++ /var/tmp/diff_new_pack.zXXjal/_new  2017-07-21 22:48:05.203837155 +0200
@@ -23,10 +23,10 @@
 References: bnc#865815
 Porting to tboot in order to fix duplicated xen entries
 
-Index: tboot-1.9.4/tboot/20_linux_tboot
+Index: tboot-1.9.6/tboot/20_linux_tboot
 ===
 tboot-1.9.4.orig/tboot/20_linux_tboot
-+++ tboot-1.9.4/tboot/20_linux_tboot
+--- tboot-1.9.6.orig/tboot/20_linux_tboot
 tboot-1.9.6/tboot/20_linux_tboot
 @@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ "
break
fi
@@ -77,10 +77,10 @@
if test -n "${initrd}" ; then
echo "Found initrd image: ${dirname}/${initrd}" >&2
else
-Index: tboot-1.9.4/tboot/20_linux_xen_tboot
+Index: tboot-1.9.6/tboot/20_linux_xen_tboot
 ===
 tboot-1.9.4.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.9.4/tboot/20_linux_xen_tboot
+--- tboot-1.9.6.orig/tboot/20_linux_xen_tboot
 tboot-1.9.6/tboot/20_linux_xen_tboot
 @@ -52,6 +52,12 @@ fi
  export TEXTDOMAIN=grub
  export TEXTDOMAINDIR=${prefix}/share/locale

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.zXXjal/_old  2017-07-21 22:48:05.211836027 +0200
+++ /var/tmp/diff_new_pack.zXXjal/_new  2017-07-21 22:48:05.211836027 +0200
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: 

commit tboot for openSUSE:Factory

2017-06-05 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-06-05 18:50:21

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Mon Jun  5 18:50:21 2017 rev:26 rq:500930 version:20160518_1.9.4

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-04-30 
21:25:05.158648582 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-06-05 
18:50:33.439397827 +0200
@@ -1,0 +2,5 @@
+Sun Jun  4 08:43:14 UTC 2017 - meiss...@suse.com
+
+- tboot-gcc7.patch: fix some gcc7 warnings that lead to errors. (bsc#1041264)
+
+---
@@ -85 +90 @@
-
+- fixes a boot issue on Skylake (bsc#964408)

New:

  tboot-gcc7.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.m5GEqd/_old  2017-06-05 18:50:34.123301426 +0200
+++ /var/tmp/diff_new_pack.m5GEqd/_new  2017-06-05 18:50:34.127300862 +0200
@@ -30,6 +30,7 @@
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
 # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
 Patch5: reproducible.patch
+Patch6: tboot-gcc7.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -46,6 +47,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ tboot-gcc7.patch ++
Index: tboot-1.9.5/tboot/common/tboot.c
===
--- tboot-1.9.5.orig/tboot/common/tboot.c
+++ tboot-1.9.5/tboot/common/tboot.c
@@ -501,11 +501,13 @@ static void shutdown_system(uint32_t shu
 /* write our S3 resume vector to ACPI resume addr */
 set_s3_resume_vector(&_tboot_shared.acpi_sinfo,  
TBOOT_S3_WAKEUP_ADDR);
 /* fall through for rest of Sx handling */
+   /* FALLTHROUGH */
 case TB_SHUTDOWN_S4:
 case TB_SHUTDOWN_S5:
 machine_sleep(&_tboot_shared.acpi_sinfo);
 /* if machine_sleep() fails, fall through to reset */
 
+   /* FALLTHROUGH */
 case TB_SHUTDOWN_REBOOT:
 if ( txt_is_powercycle_required() ) {
 /* powercycle by writing 0x0a+0x0e to port 0xcf9 */
@@ -524,6 +526,7 @@ static void shutdown_system(uint32_t shu
 outb(0xcf9, 0x06);
 }
 
+   /* FALLTHROUGH */
 case TB_SHUTDOWN_HALT:
 default:
 while ( true )
Index: tboot-1.9.5/tboot/common/vsprintf.c
===
--- tboot-1.9.5.orig/tboot/common/vsprintf.c
+++ tboot-1.9.5/tboot/common/vsprintf.c
@@ -404,6 +404,7 @@ handle_width:
 case 'p':
 mods.flag |= PREFIX;/* print prefix 0x for %p */
 mods.flag_long = LONG;
+   /* FALLTHROUGH */
 case 'x':
 mods.base = 16;
 buf_pos = write_number_to_buffer(buf, size, buf_pos, mods);
Index: tboot-1.9.5/tboot/common/tpm.c
===
--- tboot-1.9.5.orig/tboot/common/tpm.c
+++ tboot-1.9.5/tboot/common/tpm.c
@@ -117,14 +117,14 @@ static bool tpm_send_cmd_ready_status_cr
 #endif
 
if ( reg_ctrl_sts.tpmidle== 1) {
-   reg_ctrl_request._raw[0] = 0;
+  memset(_ctrl_request,0,sizeof(reg_ctrl_request));
reg_ctrl_request.cmdReady = 1;
write_tpm_reg(locality, TPM_CRB_CTRL_REQ, _ctrl_request);
 
return true;
}
 
-  reg_ctrl_request._raw[0] = 0;
+  memset(_ctrl_request,0,sizeof(reg_ctrl_request));
   reg_ctrl_request.goIdle = 1;
   write_tpm_reg(locality, TPM_CRB_CTRL_REQ, _ctrl_request);
  
@@ -158,7 +158,7 @@ static bool tpm_send_cmd_ready_status_cr
printk(TBOOT_INFO"2. reg_ctrl_sts.tpmsts: 0x%x\n", 
reg_ctrl_sts.tpmsts);
 #endif
 
-   reg_ctrl_request._raw[0] = 0;
+  memset(_ctrl_request,0,sizeof(reg_ctrl_request));
reg_ctrl_request.cmdReady = 1;
write_tpm_reg(locality, TPM_CRB_CTRL_REQ, _ctrl_request);
 
@@ -724,7 +724,7 @@ bool tpm_relinquish_locality_crb(uint32_
 if ( reg_loc_state.loc_assigned == 0 )return true;
 
 /* make inactive by writing a 1 */
-reg_loc_ctrl._raw[0] = 0;
+memset(_loc_ctrl,0,sizeof(reg_loc_ctrl));
 reg_loc_ctrl.relinquish = 1;
 write_tpm_reg(locality, TPM_REG_LOC_CTRL, _loc_ctrl);
 
@@ -778,7 +778,7 @@ bool tpm_request_locality_crb(uint32_t l
 tpm_reg_loc_state_t  reg_loc_state;
 tpm_reg_loc_ctrl_treg_loc_ctrl;
 /* request access to the TPM from locality N */
-

commit tboot for openSUSE:Factory

2017-04-30 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-04-30 21:24:31

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Sun Apr 30 21:24:31 2017 rev:25 rq:492191 version:20160518_1.9.4

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-02-14 
00:47:35.309120477 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-04-30 
21:25:05.158648582 +0200
@@ -1,0 +2,5 @@
+Sun Apr 30 05:29:57 UTC 2017 - bwiedem...@suse.com
+
+- Add reproducible.patch to call gzip -n to make build fully reproducible
+
+---

New:

  reproducible.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.ATeDae/_old  2017-04-30 21:25:05.914542002 +0200
+++ /var/tmp/diff_new_pack.ATeDae/_new  2017-04-30 21:25:05.914542002 +0200
@@ -28,6 +28,8 @@
 Patch1: tboot-grub2-suse.patch
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
+# PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/
+Patch5: reproducible.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -43,6 +45,7 @@
 %patch1 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 %build
 export CFLAGS="%{optflags}"

++ reproducible.patch ++
Index: tboot-1.9.5/tboot/Makefile
===
--- tboot-1.9.5.orig/tboot/Makefile
+++ tboot-1.9.5/tboot/Makefile
@@ -32,7 +32,7 @@ OBJS := $(obj-y)
 TARGET_LDS := $(CURDIR)/common/tboot.lds
 
 $(TARGET).gz : $(TARGET)
-   gzip -f -9 < $< > $@
+   gzip -n -f -9 < $< > $@
 
 $(TARGET) : $(OBJS) $(TARGET_LDS)
$(LD) $(LDFLAGS) -T $(TARGET_LDS) -N $(OBJS) -o $(@D)/.$(@F).0



commit tboot for openSUSE:Factory

2017-02-13 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-02-14 00:47:34

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2017-02-10 
10:04:26.623023379 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-02-14 
00:47:35.309120477 +0100
@@ -1,0 +2,6 @@
+Fri Feb 10 16:56:03 UTC 2017 - jeng...@inai.de
+
+- Trim filler words from description; use modern macros over
+  shell vars.
+
+---



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.lk9Mkk/_old  2017-02-14 00:47:35.989024495 +0100
+++ /var/tmp/diff_new_pack.lk9Mkk/_new  2017-02-14 00:47:35.993023931 +0100
@@ -34,10 +34,9 @@
 ExclusiveArch:  %{ix86} x86_64
 
 %description
-Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses
-Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured
-and verified launch of an OS kernel/VMM.
-
+Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel(R)
+Trusted Execution Technology (Intel(R) TXT) to perform a measured and
+verified launch of an OS kernel/VMM.
 
 %prep
 %setup -q -n %name-%ver
@@ -46,12 +45,12 @@
 %patch4 -p1
 
 %build
-export CFLAGS="$RPM_OPT_FLAGS"
+export CFLAGS="%{optflags}"
 export TBOOT_CFLAGS="$CFLAGS"
 make debug=y %{?_smp_mflags}
 
 %install
-make debug=y install DISTDIR=$RPM_BUILD_ROOT MANPATH=$RPM_BUILD_ROOT/%{_mandir}
+make debug=y install DISTDIR="%{buildroot}" MANPATH="%{buildroot}/%{_mandir}"
 
 %files
 %defattr(-,root,root,-)




commit tboot for openSUSE:Factory

2017-02-10 Thread root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2017-02-10 10:03:40

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2016-07-01 
09:59:00.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-02-10 
10:04:26.623023379 +0100
@@ -1,0 +2,17 @@
+Wed Feb  8 13:11:50 UTC 2017 - meiss...@suse.com
+
+- Updated to 20161216: v1.9.5 (FATE#321510)
+  + Add 2nd generation of LCP creation tool source codes for TPM 2.0 platforms.
+  + Add user guide for 2nd generation LCP creation tool
+  + Provide workaround for Intel PTT(Platform Trust Technology) & Linux PTT 
driver.
+  + Add new fields in Linux kernel header struct to accommodate Linux kernel 
new capabilities.
+  + Fix a pointer dereference regression in the tboot native Linux loader 
which manifests itself as a system reset.
+  + Fix the issue of overwriting tboot when the loaded elf kernel is located 
below tboot.
+  + Add support to release TPM localities when tboot exits to linux kernel.
+  + Fix the evtlog dump function for tpm2 case.
+  + Initiaize kernel header comdline buffer before copying kernel cmdline 
arguments to the buffer to avoid random 
+  + data at end of the original cmdline contents.
+  + Move tpm_detect() to an earlier stage so as to get tpm interface 
initialized before checking TXT platform capabilities.
+
+
+---

Old:

  tboot-1.9.4.tar.gz

New:

  tboot-1.9.5.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.Iu32nL/_old  2017-02-10 10:04:27.182944195 +0100
+++ /var/tmp/diff_new_pack.Iu32nL/_new  2017-02-10 10:04:27.186943629 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:   tboot
-%define ver 1.9.4
+%define ver 1.9.5
 Version:20160518_1.9.4
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT

++ tboot-1.9.4.tar.gz -> tboot-1.9.5.tar.gz ++
 13051 lines of diff (skipped)

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.Iu32nL/_old  2017-02-10 10:04:27.410911955 +0100
+++ /var/tmp/diff_new_pack.Iu32nL/_new  2017-02-10 10:04:27.410911955 +0100
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.9.4/tboot/20_linux_xen_tboot
+Index: tboot-1.9.5/tboot/20_linux_xen_tboot
 ===
 tboot-1.9.4.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.9.4/tboot/20_linux_xen_tboot
+--- tboot-1.9.5.orig/tboot/20_linux_xen_tboot
 tboot-1.9.5/tboot/20_linux_xen_tboot
 @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do
  rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
- tboot_version="1.9.4"
+ tboot_version="1.9.5"
  list="${linux_list}"
 -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{"
 +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"




commit tboot for openSUSE:Factory

2016-07-01 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2016-07-01 09:58:58

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2016-05-20 
11:56:11.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2016-07-01 
09:59:00.0 +0200
@@ -1,0 +2,11 @@
+Wed Jun 22 06:37:53 UTC 2016 - mch...@suse.com
+
+- Fix wrong pvops kernel config matching (bsc#981948) 
+  * modified tboot-grub2-fix-menu-in-xen-host-server.patch
+
+---
+Wed Jun  1 09:29:32 UTC 2016 - meiss...@suse.com
+
+- tboot-grub2-suse.patch: fixed bad if/elif
+
+---



Other differences:
--
++ tboot-grub2-fix-menu-in-xen-host-server.patch ++
--- /var/tmp/diff_new_pack.sIJm2F/_old  2016-07-01 09:59:01.0 +0200
+++ /var/tmp/diff_new_pack.sIJm2F/_new  2016-07-01 09:59:01.0 +0200
@@ -67,7 +67,7 @@
 +
 +  if test "$xen_pv_domU" = "false" ; then
 +  # prevent xen kernel without pv_opt support from booting
-+  if (grep -qx "CONFIG_XEN=y" "${config}" 2> /dev/null && grep -qvx 
"CONFIG_PARAVIRT=y" "${config}" 2> /dev/null); then
++  if (grep -qx "CONFIG_XEN=y" "${config}" 2> /dev/null && ! grep -qx 
"CONFIG_PARAVIRT=y" "${config}" 2> /dev/null); then
 +  echo "Skip xenlinux kernel $linux" >&2
 +  list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '`
 +  continue

++ tboot-grub2-suse.patch ++
--- /var/tmp/diff_new_pack.sIJm2F/_old  2016-07-01 09:59:01.0 +0200
+++ /var/tmp/diff_new_pack.sIJm2F/_new  2016-07-01 09:59:01.0 +0200
@@ -19,7 +19,7 @@
  sysconfdir=/etc
  if test -e /usr/share/grub/grub-mkconfig_lib; then
. /usr/share/grub/grub-mkconfig_lib
-+if test -e /usr/share/grub2/grub-mkconfig_lib; then
++elif test -e /usr/share/grub2/grub-mkconfig_lib; then
 +  . /usr/share/grub2/grub-mkconfig_lib
  elif test -e ${libdir}/grub/grub-mkconfig_lib; then
. ${libdir}/grub/grub-mkconfig_lib




commit tboot for openSUSE:Factory

2016-05-20 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2016-05-20 11:56:09

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is "tboot"

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2015-05-16 
07:14:41.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2016-05-20 
11:56:11.0 +0200
@@ -1,0 +2,29 @@
+Thu May 19 10:35:27 UTC 2016 - meiss...@suse.com
+
+- Updated to 1.9.4/20160518 (FATE#320665)
+  Added TPM 2.0 CRB support
+  Increased BSP and AP stacks to avoid stack overflow 
+  Added an ACPI_RSDP structure g_rsdp in tboot to avoid potential memory 
overwritten issue on TPM 2.0 UEFI platforms
+  Added support to both Intel TPM nv index set and TCG TPM nv index set
+  grub2: tboot doesn't skip first argument any more
+  grub2: sanitize whitespace in command lines
+  grub2: Allow addition of policy data in grub.cfg
+  grub2 support: allow the user to customize the command line
+  Mitigated S3 resume delay by adjusting LZ_MAX_OFFSET to 5000 in lz.c.
+  Added SGX TPM  nv index support
+  Add 64 bit ELF object support
+  Gentoo Hardened, which uses the GRSecurity and PaX patch sets
+  Disable -fstack-check in CFLAG for compatibility with Gentoo Linux.
+  Enhanced tboot compatiblity running on non-Intel TXT platform with a fix of 
is_launched()
+  LCP documentation improvements
+- tboot-grub2-suse.patch: refreshed
+- tboot-grub2-fix-xen-submenu-name.patch: refreshed
+- tboot-fix-stackoverflow.patch: upstream in 1.9.4
+
+---
+Wed Apr  6 09:41:06 UTC 2016 - meiss...@suse.com
+
+- tboot-fix-stackoverflow.patch: fix a excessive stack usage pattern
+  that could lead to resets/crashes (bsc#967441)
+
+---
@@ -4 +33 @@
-- Updated to 1.8.3/20140728
+- Updated to 1.8.3/20140728 FATE#318542

Old:

  tboot-1.8.3.tar.gz

New:

  tboot-1.9.4.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.227324/_old  2016-05-20 11:56:12.0 +0200
+++ /var/tmp/diff_new_pack.227324/_new  2016-05-20 11:56:12.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.8.3
-Version:20140728_1.8.3
+%define ver 1.9.4
+Version:20160518_1.9.4
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause

++ tboot-1.8.3.tar.gz -> tboot-1.9.4.tar.gz ++
 3954 lines of diff (skipped)

++ tboot-grub2-fix-menu-in-xen-host-server.patch ++
--- /var/tmp/diff_new_pack.227324/_old  2016-05-20 11:56:12.0 +0200
+++ /var/tmp/diff_new_pack.227324/_new  2016-05-20 11:56:12.0 +0200
@@ -23,11 +23,11 @@
 References: bnc#865815
 Porting to tboot in order to fix duplicated xen entries
 
-Index: tboot-1.8.0/tboot/20_linux_tboot
+Index: tboot-1.9.4/tboot/20_linux_tboot
 ===
 tboot-1.8.0.orig/tboot/20_linux_tboot
-+++ tboot-1.8.0/tboot/20_linux_tboot
-@@ -166,6 +166,49 @@ while [ "x${tboot_list}" != "x" ] && [ "
+--- tboot-1.9.4.orig/tboot/20_linux_tboot
 tboot-1.9.4/tboot/20_linux_tboot
+@@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ "
break
fi
done
@@ -77,11 +77,11 @@
if test -n "${initrd}" ; then
echo "Found initrd image: ${dirname}/${initrd}" >&2
else
-Index: tboot-1.8.0/tboot/20_linux_xen_tboot
+Index: tboot-1.9.4/tboot/20_linux_xen_tboot
 ===
 tboot-1.8.0.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.8.0/tboot/20_linux_xen_tboot
-@@ -30,6 +30,12 @@ fi
+--- tboot-1.9.4.orig/tboot/20_linux_xen_tboot
 tboot-1.9.4/tboot/20_linux_xen_tboot
+@@ -52,6 +52,12 @@ fi
  export TEXTDOMAIN=grub
  export TEXTDOMAINDIR=${prefix}/share/locale
  
@@ -94,7 +94,7 @@
  CLASS="--class gnu-linux --class gnu --class os --class xen"
  
  if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then
-@@ -147,9 +153,17 @@ linux_list=`for i in /boot/vmlinu[xz]-*
+@@ -185,9 +191,17 @@ linux_list=`for i in /boot/vmlinu[xz]-*
  if [ "x${linux_list}" = "x" ] ; then
  exit 0
  fi

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.227324/_old  

commit tboot for openSUSE:Factory

2015-05-15 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2015-05-16 07:14:35

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2014-07-29 
16:48:33.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2015-05-16 
07:14:41.0 +0200
@@ -1,0 +2,19 @@
+Fri May  8 12:08:52 UTC 2015 - meiss...@suse.com
+
+- Updated to 1.8.3/20140728
+  * Added verified launch control policy user guide
+  * Fixed a bug about var MTRR settings to follow the rule that each VAR MTRR 
base must be a multiple of that MTRR's size.
+  * Access tpm sts reg with 3-byte width in v1.2 case and 4-byte width in v2.0 
case
+  * Bugfix: lcp2_mlehash get wrong hash if the cmdline string length  7
+  * Optimized tboot log processing flow to avoid log buffer overflow by 
adopting lz Compress/Uncompress algorithms
+  * Added SGX support for Skylake platform
+  * tpm2: use the primary object in NULL Hierarchy instead of Platform 
Hierarchy for seal/unseal usage
+  * Fixed a bug for lcp2_mlehash tool
+  * Fixed system hang issue caused by TXT disable, TPM disable or SINIT ACM 
not correctly provided in EFI booting mode
+  * Fixed bug for wrong assumption on the way how GRUB2 load modules
+  * Fixed MB2 tags mess issue caused by moving shorter module cmdline to head
+  * Fixed compile issue when debug=y
+
+- refreshed tboot-grub2-fix-xen-submenu-name.patch
+
+---

Old:

  tboot-1.8.2.tar.gz

New:

  tboot-1.8.3.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.tU4aJh/_old  2015-05-16 07:14:42.0 +0200
+++ /var/tmp/diff_new_pack.tU4aJh/_new  2015-05-16 07:14:42.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.8.2
-Version:20140728_1.8.2
+%define ver 1.8.3
+Version:20140728_1.8.3
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause

++ tboot-1.8.2.tar.gz - tboot-1.8.3.tar.gz ++
 1630 lines of diff (skipped)

++ tboot-grub2-fix-xen-submenu-name.patch ++
--- /var/tmp/diff_new_pack.tU4aJh/_old  2015-05-16 07:14:42.0 +0200
+++ /var/tmp/diff_new_pack.tU4aJh/_new  2015-05-16 07:14:42.0 +0200
@@ -4,13 +4,13 @@
 References: bnc#865815
 Patch-Mainline: no
 
-Index: tboot-1.8.1/tboot/20_linux_xen_tboot
+Index: tboot-1.8.3/tboot/20_linux_xen_tboot
 ===
 tboot-1.8.1.orig/tboot/20_linux_xen_tboot
-+++ tboot-1.8.1/tboot/20_linux_xen_tboot
+--- tboot-1.8.3.orig/tboot/20_linux_xen_tboot
 tboot-1.8.3/tboot/20_linux_xen_tboot
 @@ -187,7 +187,7 @@ while [ x${xen_list} != x ] ; do
  rel_tboot_dirname=`make_system_path_relative_to_its_root 
$tboot_dirname`
- tboot_version=1.8.1
+ tboot_version=1.8.3
  list=${linux_list}
 -echo submenu \Xen ${xen_version}\ \Tboot ${tboot_version}\{
 +echo submenu \Xen ${xen_version} with Tboot ${tboot_version}\{




commit tboot for openSUSE:Factory

2014-07-29 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2014-07-29 16:48:24

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2014-05-21 
16:31:20.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-07-29 
16:48:33.0 +0200
@@ -1,0 +2,8 @@
+Mon Jul 28 12:14:12 UTC 2014 - meiss...@suse.com
+
+- updated to 1.8.2/20140728
+  Security Fix: TBOOT Argument Measurement Vulnerability for GRUB2 + ELF 
Kernels
+  fix werror in 32 bit build environment
+- tboot-fix.patch: removed, fixed differently upstream.
+
+---

Old:

  tboot-1.8.1.tar.gz
  tboot-fix.patch

New:

  tboot-1.8.2.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.GTOtcy/_old  2014-07-29 16:48:33.0 +0200
+++ /var/tmp/diff_new_pack.GTOtcy/_new  2014-07-29 16:48:33.0 +0200
@@ -17,15 +17,14 @@
 
 
 Name:   tboot
-%define ver 1.8.1
-Version:20130705_1.8.0
+%define ver 1.8.2
+Version:20140728_1.8.2
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause
 Group:  Productivity/Security
 Url:http://sourceforge.net/projects/tboot/
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
-Patch0: tboot-fix.patch
 Patch1: tboot-grub2-suse.patch
 Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
 Patch4: tboot-grub2-fix-xen-submenu-name.patch
@@ -42,7 +41,6 @@
 
 %prep
 %setup -q -n %name-%ver
-%patch0 -p1
 %patch1 -p1
 %patch3 -p1
 %patch4 -p1

++ tboot-1.8.1.tar.gz - tboot-1.8.2.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.8.1/.hg_archival.txt 
new/tboot-1.8.2/.hg_archival.txt
--- old/tboot-1.8.1/.hg_archival.txt2014-05-16 09:57:00.0 +0200
+++ new/tboot-1.8.2/.hg_archival.txt1970-01-01 01:00:00.0 +0100
@@ -1,5 +0,0 @@
-repo: cedd93279188334eb41d248d5eb70a41a2bc70ca
-node: b4a3b8ddaf07d7a8fa0c159fbd22de7624d6818d
-branch: default
-latesttag: v1.8.1
-latesttagdistance: 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.8.1/CHANGELOG new/tboot-1.8.2/CHANGELOG
--- old/tboot-1.8.1/CHANGELOG   2014-05-16 09:57:00.0 +0200
+++ new/tboot-1.8.2/CHANGELOG   2014-07-28 10:24:20.0 +0200
@@ -1,3 +1,6 @@
+20140728: v1.8.2
+Security Fix: TBOOT Argument Measurement Vulnerability for GRUB2 + ELF 
Kernels
+fix werror in 32 bit build environment
 20140516: v1.8.1
Fix build error may be used uninitialized
Reset eventlog when S3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.8.1/tb_polgen/param.c 
new/tboot-1.8.2/tb_polgen/param.c
--- old/tboot-1.8.1/tb_polgen/param.c   2014-05-16 09:57:00.0 +0200
+++ new/tboot-1.8.2/tb_polgen/param.c   2014-07-28 10:24:21.0 +0200
@@ -184,7 +184,8 @@
 info_msg(\t pcr = %d\n, params-pcr);
 info_msg(\t hash_type = %d\n, params-hash_type);
 info_msg(\t pos = %d\n, params-pos);
-info_msg(\t cmdline length = %lu\n, strlen(params-cmdline));
+info_msg(\t cmdline length = %lu\n,
+ (unsigned long int)strlen(params-cmdline));
 info_msg(\t cmdline = %s\n, params-cmdline);
 info_msg(\t image_file = %s\n, params-image_file);
 info_msg(\t elt_file = %s\n, params-elt_file);
@@ -411,7 +412,8 @@
 if (strlen(optarg)  sizeof(params-cmdline) - 1) {
 error_msg(Command line length of %lu exceeds %d 
   character maximum\n, 
-  strlen(optarg), TBOOT_KERNEL_CMDLINE_SIZE-1);
+  (unsigned long int)strlen(optarg),
+  TBOOT_KERNEL_CMDLINE_SIZE-1);
 return false;
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.8.1/tboot/Config.mk 
new/tboot-1.8.2/tboot/Config.mk
--- old/tboot-1.8.1/tboot/Config.mk 2014-05-16 09:57:00.0 +0200
+++ new/tboot-1.8.2/tboot/Config.mk 2014-07-28 10:24:21.0 +0200
@@ -32,7 +32,7 @@
 CFLAGS += $(call cc-option,$(CC),-fno-stack-protector-all,)
 
 # changeset variable for banner
-CFLAGS += -DTBOOT_CHANGESET=\$(shell ((hg parents --template 
{isodate|isodate} {rev}:{node|short} /dev/null  hg parents --template 

commit tboot for openSUSE:Factory

2014-05-21 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2014-05-21 16:31:19

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2014-05-02 
14:03:34.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-05-21 
16:31:20.0 +0200
@@ -1,0 +2,42 @@
+Mon May 19 11:11:10 UTC 2014 - meiss...@suse.com
+
+- updated to 1.8.1/20140516
+  Fix build error may be used uninitialized
+  Reset eventlog when S3
+  Update tboot version to 1.8.1 in grub title
+  Fix grub cfg file generation scripts for SLES12
+  Fix seal failure issue
+  tpm2 lcptools
+  Restore local apic base for AP
+  Fix typo in hash_alg_to_string()
+  Change to create primary object only once
+  Add prepare_tpm call in S3 path to ensure locality 0 was released before 
senter
+  Fix possible dead loop in print_bios_data when bios_data version 4
+  Fix possible null pointer dereference in loader.c
+  Fix possible null pointer dereference in tpm_12.c and tpm_20.c
+  Avoid buffer overrun when append tpm12 eventlog
+  Fix possible NULL pointer dereference
+  Fix one event log issue caused by wrong append and print operation
+  Fix error unsupported hash alg for agile extend policy
+  Fix warning ACM info_table version mismatch
+  Update the tpm family detection with a general way
+  Fix a lcp tools issue caused by redefining TB_HALG_SHA1 from 0 to 4
+  Assign g_tpm a value for no tpm case to avoid NULL checks
+  Fix crash when TPM is missing
+  Fix infinite loop in determine_multiboot_type()
+  Fix typo in tpm20_init() and remove unused variable
+  Allow the to-be-measured nv to be protected by AUTHWRITE
+  Check cpu vendor id to avoid unexpected behavior in non-intel cpu
+  Change to detect TPM family only once
+  Fix some typos caused by copy-paste
+
+- removed tboot-cs381.patch: upstream
+
+---
+Fri May 16 06:10:17 UTC 2014 - mch...@suse.com
+
+- fix grub2 boot menu after installing lots of kernels (bnc#865815)
+- add tboot-grub2-fix-menu-in-xen-host-server.patch
+- add tboot-grub2-fix-xen-submenu-name.patch
+
+---

Old:

  tboot-1.8.0.tar.gz
  tboot-cs381.patch

New:

  tboot-1.8.1.tar.gz
  tboot-grub2-fix-menu-in-xen-host-server.patch
  tboot-grub2-fix-xen-submenu-name.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.F0ZzxV/_old  2014-05-21 16:31:22.0 +0200
+++ /var/tmp/diff_new_pack.F0ZzxV/_new  2014-05-21 16:31:22.0 +0200
@@ -17,7 +17,7 @@
 
 
 Name:   tboot
-%define ver 1.8.0
+%define ver 1.8.1
 Version:20130705_1.8.0
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
@@ -27,7 +27,8 @@
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch0: tboot-fix.patch
 Patch1: tboot-grub2-suse.patch
-Patch2: tboot-cs381.patch
+Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch
+Patch4: tboot-grub2-fix-xen-submenu-name.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -43,7 +44,8 @@
 %setup -q -n %name-%ver
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
+%patch3 -p1
+%patch4 -p1
 
 %build
 export CFLAGS=$RPM_OPT_FLAGS
@@ -72,6 +74,10 @@
 %{_sbindir}/tpmnv_lock
 %{_sbindir}/tpmnv_relindex
 %{_sbindir}/txt-stat
+%{_sbindir}/lcp2_crtpol
+%{_sbindir}/lcp2_crtpolelt
+%{_sbindir}/lcp2_crtpollist
+%{_sbindir}/lcp2_mlehash
 /boot/tboot.gz
 /boot/tboot-syms
 %{_mandir}/man8/*

++ tboot-1.8.0.tar.gz - tboot-1.8.1.tar.gz ++
 7573 lines of diff (skipped)

++ tboot-grub2-fix-menu-in-xen-host-server.patch ++
From: Michael Chang mch...@suse.com
Subject: [PATCH] fix menu in xen host server

References: bnc#771689, bnc#757895
Patch-Mainline: no

When system is configred as Xen Virtual Machines Host Server, the
grub2 menu is not well organized. We could see some issues on it.

 - Many duplicated xen entries generated by links to xen hypervisor
 - Non bootable kernel entries trying to boot xen kernel natively
 - The -dbg xen hypervisor takes precedence over release version

This patch fixes above three issues.

v2:
References: bnc#877040
Create only hypervisor pointed by /boot/xen.gz symlink to not clutter
the menu with multiple versions and also not include -dbg. Use custom.cfg
if you need any other custom entries.

v3:
References: bnc#865815
Porting to tboot in order to fix duplicated xen entries

Index: 

commit tboot for openSUSE:Factory

2014-05-02 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2014-05-02 14:03:33

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2014-02-20 
06:23:39.0 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-05-02 
14:03:34.0 +0200
@@ -1,0 +2,6 @@
+Wed Apr 30 08:42:27 UTC 2014 - meiss...@suse.com
+
+- tboot-cs381.patch: generate tboot entries correctly, from Intel.
+  bnc#875581
+
+---

New:

  tboot-cs381.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.7oLMRb/_old  2014-05-02 14:03:35.0 +0200
+++ /var/tmp/diff_new_pack.7oLMRb/_new  2014-05-02 14:03:35.0 +0200
@@ -27,6 +27,7 @@
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch0: tboot-fix.patch
 Patch1: tboot-grub2-suse.patch
+Patch2: tboot-cs381.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -42,6 +43,7 @@
 %setup -q -n %name-%ver
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 export CFLAGS=$RPM_OPT_FLAGS

++ tboot-cs381.patch ++
# HG changeset patch
# User Gang Wei gang@intel.com
# Date 1398749209 -28800
#  Tue Apr 29 13:26:49 2014 +0800
# Node ID 0883c5da94978917c81e654cabbf734e82a33b23
# Parent  acfeeead17db852d23631a3dd0ec8a29836fce2d
Fix grub cfg file generation scripts for SLES12

Signed-off-by: Gang Wei gang@intel.com

diff -r acfeeead17db -r 0883c5da9497 tboot/20_linux_tboot
--- a/tboot/20_linux_tboot  Tue Apr 22 14:00:56 2014 +0800
+++ b/tboot/20_linux_tboot  Tue Apr 29 13:26:49 2014 +0800
@@ -44,11 +44,6 @@
 case ${GRUB_DEVICE} in
   /dev/loop/*|/dev/loop[0-9])
 GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e s/^[^(]*(\([^)]\+\)).*/\1/`
-# We can't cope with devices loop-mounted from files here.
-case ${GRUB_DEVICE} in
-  /dev/*) ;;
-  *) exit 0 ;;
-esac
   ;;
 esac
 
diff -r acfeeead17db -r 0883c5da9497 tboot/20_linux_xen_tboot
--- a/tboot/20_linux_xen_tboot  Tue Apr 22 14:00:56 2014 +0800
+++ b/tboot/20_linux_xen_tboot  Tue Apr 29 13:26:49 2014 +0800
@@ -44,11 +44,6 @@
 case ${GRUB_DEVICE} in
   /dev/loop/*|/dev/loop[0-9])
 GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e s/^[^(]*(\([^)]\+\)).*/\1/`
-# We can't cope with devices loop-mounted from files here.
-case ${GRUB_DEVICE} in
-  /dev/*) ;;
-  *) exit 0 ;;
-esac
   ;;
 esac
 
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2014-02-19 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2014-02-20 06:23:38

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2014-02-02 
07:40:15.0 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-02-20 
06:23:39.0 +0100
@@ -1,0 +2,6 @@
+Wed Feb 19 16:05:10 UTC 2014 - meiss...@suse.com
+
+- fixed path for /usr/share/grub2/grub-mkconfig_lib in our grub2
+  snippets. (bnc#864633)
+
+---

New:

  tboot-grub2-suse.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.pgeQvY/_old  2014-02-20 06:23:40.0 +0100
+++ /var/tmp/diff_new_pack.pgeQvY/_new  2014-02-20 06:23:40.0 +0100
@@ -26,6 +26,7 @@
 Url:http://sourceforge.net/projects/tboot/
 Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
 Patch0: tboot-fix.patch
+Patch1: tboot-grub2-suse.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -40,6 +41,7 @@
 %prep
 %setup -q -n %name-%ver
 %patch0 -p1
+%patch1 -p1
 
 %build
 export CFLAGS=$RPM_OPT_FLAGS

++ tboot-grub2-suse.patch ++
Index: tboot-1.8.0/tboot/20_linux_tboot
===
--- tboot-1.8.0.orig/tboot/20_linux_tboot
+++ tboot-1.8.0/tboot/20_linux_tboot
@@ -21,8 +21,8 @@ prefix=/usr
 exec_prefix=${prefix}
 bindir=${exec_prefix}/bin
 libdir=${exec_prefix}/lib
-if test -e /usr/share/grub/grub-mkconfig_lib; then
-  . /usr/share/grub/grub-mkconfig_lib
+if test -e /usr/share/grub2/grub-mkconfig_lib; then
+  . /usr/share/grub2/grub-mkconfig_lib
 elif test -e ${libdir}/grub/grub-mkconfig_lib; then
   . ${libdir}/grub/grub-mkconfig_lib
 fi
Index: tboot-1.8.0/tboot/20_linux_xen_tboot
===
--- tboot-1.8.0.orig/tboot/20_linux_xen_tboot
+++ tboot-1.8.0/tboot/20_linux_xen_tboot
@@ -21,8 +21,8 @@ prefix=/usr
 exec_prefix=${prefix}
 bindir=${exec_prefix}/bin
 libdir=${exec_prefix}/lib
-if test -e /usr/share/grub/grub-mkconfig_lib; then
-  . /usr/share/grub/grub-mkconfig_lib
+if test -e /usr/share/grub2/grub-mkconfig_lib; then
+  . /usr/share/grub2/grub-mkconfig_lib
 elif test -e ${libdir}/grub/grub-mkconfig_lib; then
   . ${libdir}/grub/grub-mkconfig_lib
 fi
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2014-02-01 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2014-02-02 07:40:14

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2013-08-12 
10:17:09.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-02-02 
07:40:15.0 +0100
@@ -1,0 +2,16 @@
+Thu Jan 30 21:59:46 UTC 2014 - meiss...@suse.com
+
+- updated to 1.8.0/20130705
+  Update README for TPM2 support
+  tpm2 support
+  Adding sha256 algorithm implementation
+  Update README for TPM NV measuring
+  Update README for EFI support
+  Fix typo in tboot/Makefile
+  Increase the supported maximum number of cpus from 256 to 512
+  Extend tboot policy supporting measuring TPM NV
+  EFI support via multiboot2 changes
+  Fix typo in common/hash.c
+  Fix verification for extended data elements in txt heap
+
+---

Old:

  tboot-1.7.4.tar.gz

New:

  tboot-1.8.0.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.1tEPJN/_old  2014-02-02 07:40:15.0 +0100
+++ /var/tmp/diff_new_pack.1tEPJN/_new  2014-02-02 07:40:15.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.7.4
-Version:20130705_1.7.4
+%define ver 1.8.0
+Version:20130705_1.8.0
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause

++ tboot-1.7.4.tar.gz - tboot-1.8.0.tar.gz ++
 14881 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2013-08-12 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2013-08-12 10:17:08

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2013-01-10 
15:20:19.0 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2013-08-12 
10:17:09.0 +0200
@@ -1,0 +2,8 @@
+Thu Aug  8 11:56:45 UTC 2013 - meiss...@suse.com
+
+- updated to 1.7.4/20130705
+  Fix possible empty submenu block in generated grub.cfg
+  Add a call_racm=check option for easy RACM launch result check
+  Fix type check for revocation ACM.
+
+---

Old:

  tboot-1.7.3.tar.gz

New:

  tboot-1.7.4.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.tNhbkH/_old  2013-08-12 10:17:10.0 +0200
+++ /var/tmp/diff_new_pack.tNhbkH/_new  2013-08-12 10:17:10.0 +0200
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.7.3
-Version:20121228_1.7.3
+%define ver 1.7.4
+Version:20130705_1.7.4
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause

++ tboot-1.7.3.tar.gz - tboot-1.7.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.7.3/.hg_archival.txt 
new/tboot-1.7.4/.hg_archival.txt
--- old/tboot-1.7.3/.hg_archival.txt2012-12-28 07:30:13.0 +0100
+++ new/tboot-1.7.4/.hg_archival.txt2013-07-08 04:48:29.0 +0200
@@ -1,5 +1,5 @@
 repo: cedd93279188334eb41d248d5eb70a41a2bc70ca
-node: 5192fef95f6f443c1b017d6c9bcfb5823a0c447b
+node: 22b9704961c34f22f9ee12f4a822263d3159669d
 branch: default
-latesttag: v1.7.3
+latesttag: v1.7.4
 latesttagdistance: 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.7.3/.hgtags new/tboot-1.7.4/.hgtags
--- old/tboot-1.7.3/.hgtags 2012-12-28 07:30:13.0 +0100
+++ new/tboot-1.7.4/.hgtags 2013-07-08 04:48:29.0 +0200
@@ -4,3 +4,4 @@
 bd086f9ac6abcc4403a4fd32ce2604882025bc2c v1.7.2
 221ec0974a31576ce197aa9ce793925b1cca0cfc v1.7.3-rc1
 feeb4cc736710d1b6abbb6561a31737f19d10021 v1.7.3
+794e9c2ef61a9a8911b9b58b2f3f3724bf3873be v1.7.4
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.7.3/CHANGELOG new/tboot-1.7.4/CHANGELOG
--- old/tboot-1.7.3/CHANGELOG   2012-12-28 07:30:13.0 +0100
+++ new/tboot-1.7.4/CHANGELOG   2013-07-08 04:48:29.0 +0200
@@ -1,4 +1,9 @@
-20121228  v1.7.3
+20130705: v1.7.4
+   Fix possible empty submenu block in generated grub.cfg
+   Add a call_racm=check option for easy RACM launch result check
+   Fix type check for revocation ACM.
+
+20121228: v1.7.3
Update README with updated code repository url.
Fix grub2 scripts to be compatible with more distros.
Update README for RACM launch support
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.7.3/README new/tboot-1.7.4/README
--- old/tboot-1.7.3/README  2012-12-28 07:30:13.0 +0100
+++ new/tboot-1.7.4/README  2013-07-08 04:48:29.0 +0200
@@ -205,7 +205,7 @@
 o  Tboot provides support to launch Revocation ACM (RACM) to revoke old buggy
SINIT version if following command line option is used (default vaule is
false):
-   call_racm=true|false
+   call_racm=true|false|check
 
RACM is also loaded into memory via bootload like grub or syslinux, and is
launched with getsec[ENTERACCS] instruction. Below is a example GRUB entry
@@ -217,9 +217,10 @@
module /racm.bin
 
Tboot will always warm reset platform after RACM was launched  executed.
-   Whether RACM launch has succeeded or not could be checked via doing a normal
-   tboot launch right after the warm reset and looking into the TXT.ERRORCODE
-   value output by the normal tboot launch.
+   Whether RACM launch has succeeded or not could be checked via doing a tboot
+   launch with call_racm=check right after the warm reset. This tboot launch
+   will end with halt right after the RACM launch result was output, and the
+   system need manually reset.
 
 
 PCR Usage:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/tboot-1.7.3/tboot/20_linux_tboot 
new/tboot-1.7.4/tboot/20_linux_tboot
--- old/tboot-1.7.3/tboot/20_linux_tboot2012-12-28 07:30:13.0 
+0100
+++ new/tboot-1.7.4/tboot/20_linux_tboot2013-07-08 04:48:29.0 
+0200
@@ -127,7 +127,7 @@
   done`
 

commit tboot for openSUSE:Factory

2013-01-10 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2013-01-10 15:20:16

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2012-10-13 
21:10:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2013-01-10 
15:20:19.0 +0100
@@ -1,0 +2,18 @@
+Tue Jan  8 15:26:59 UTC 2013 - meiss...@suse.com
+
+- updated to 1.7.3/20121228
+  Update README with updated code repository url.
+  Fix grub2 scripts to be compatible with more distros.
+  Update README for RACM launch support
+  Add a new option call_racm=true|false for revocation acm(RACM) launch
+  Fix potential buffer overrun  memory leak in crtpconf.c
+  Fix a potential buffer overrun in lcptools/lock.c
+  Print cmdline in multi-lines
+  Optional print TXT.ERRORCODE under level error or info
+  Fix side effects of tboot log level macros in tools
+  Update readme for the new detail log level
+  Classify all logs into different log levels
+  Add detail log level and the macros defined for log level
+  Fix acmod_error_t type to correctly align all bits in 4bytes
+
+---

Old:

  tboot-1.7.2.tar.gz

New:

  tboot-1.7.3.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.ZS7XXV/_old  2013-01-10 15:20:20.0 +0100
+++ /var/tmp/diff_new_pack.ZS7XXV/_new  2013-01-10 15:20:20.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,8 +17,8 @@
 
 
 Name:   tboot
-%define ver 1.7.2
-Version:20120929_1.7.2
+%define ver 1.7.3
+Version:20121228_1.7.3
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause

++ tboot-1.7.2.tar.gz - tboot-1.7.3.tar.gz ++
 5990 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2012-10-13 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2012-10-13 21:05:26

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2012-06-01 
07:24:35.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-10-13 
21:10:39.0 +0200
@@ -1,0 +2,23 @@
+Wed Oct 10 15:31:57 UTC 2012 - meiss...@suse.com
+
+- updated to 1.7.2/20120929
+  Add Makefile for docs to install man pages.
+  Add man pages for tools
+  Add grub-mkconfig helper scripts for tboot case in GRUB2
+  Fix for deb build in ubuntu
+  Fix S3 issue brought by c/s 308
+  Fix a S4 hang issue and a potential shutdown reset issue
+  Fix build with new zlib 1.2.7.
+  Initialize event log when S3
+  Update README to change upstream repo url from bughost.org to sf.net.
+
+- updated to 1.7.1/20120427
+  Fix cmdline size in tb_polgen
+  Add description for option min_ram in README.
+  new tboot cmdline option min_ram=0xXX
+  Update test-patches/tpm-test.patch to fit in latest code.
+- zlib patch upstreamed.
+- spec file adjustments
+- tboot-fix.patch: fixed printf type mismatch
+
+---

Old:

  tboot-1.7.0.tar.gz
  zlib.patch

New:

  tboot-1.7.2.tar.gz
  tboot-fix.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.Vj3W48/_old  2012-10-13 21:10:43.0 +0200
+++ /var/tmp/diff_new_pack.Vj3W48/_new  2012-10-13 21:10:43.0 +0200
@@ -17,15 +17,15 @@
 
 
 Name:   tboot
-%define ver 1.7.0
-Version:20120115_1.7.0
+%define ver 1.7.2
+Version:20120929_1.7.2
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause
 Group:  Productivity/Security
 Url:http://sourceforge.net/projects/tboot/
-Source0:%{name}-%{ver}.tar.gz
-Patch0: zlib.patch
+Source0:
http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz
+Patch0: tboot-fix.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -47,10 +47,7 @@
 make debug=y %{?_smp_mflags}
 
 %install
-make debug=y install DISTDIR=$RPM_BUILD_ROOT
-
-%clean
-rm -rf $RPM_BUILD_ROOT
+make debug=y install DISTDIR=$RPM_BUILD_ROOT MANPATH=$RPM_BUILD_ROOT/%{_mandir}
 
 %files
 %defattr(-,root,root,-)
@@ -73,5 +70,9 @@
 %{_sbindir}/txt-stat
 /boot/tboot.gz
 /boot/tboot-syms
+%{_mandir}/man8/*
+%dir %{_sysconfdir}/grub.d/
+%{_sysconfdir}/grub.d/20_linux_tboot
+%{_sysconfdir}/grub.d/20_linux_xen_tboot
 
 %changelog

++ tboot-1.7.0.tar.gz - tboot-1.7.2.tar.gz ++
 1745 lines of diff (skipped)

++ tboot-fix.patch ++
Index: tboot-1.7.2/tb_polgen/param.c
===
--- tboot-1.7.2.orig/tb_polgen/param.c
+++ tboot-1.7.2/tb_polgen/param.c
@@ -184,7 +184,7 @@ void print_params(param_data_t *params)
 info_msg(\t pcr = %d\n, params-pcr);
 info_msg(\t hash_type = %d\n, params-hash_type);
 info_msg(\t pos = %d\n, params-pos);
-info_msg(\t cmdline length = %lu\n, strlen(params-cmdline));
+info_msg(\t cmdline length = %u\n, (unsigned 
int)strlen(params-cmdline));
 info_msg(\t cmdline = %s\n, params-cmdline);
 info_msg(\t image_file = %s\n, params-image_file);
 info_msg(\t elt_file = %s\n, params-elt_file);
@@ -409,9 +409,9 @@ bool parse_input_params(int argc, char *
 return false;
 }
 if (strlen(optarg)  sizeof(params-cmdline) - 1) {
-error_msg(Command line length of %lu exceeds %d 
+error_msg(Command line length of %u exceeds %d 
   character maximum\n, 
-  strlen(optarg), TBOOT_KERNEL_CMDLINE_SIZE-1);
+  (int)strlen(optarg), 
TBOOT_KERNEL_CMDLINE_SIZE-1);
 return false;
 }
 
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2012-05-31 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2012-06-01 07:24:33

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2012-05-03 
11:00:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-06-01 
07:24:35.0 +0200
@@ -1,0 +2,5 @@
+Thu May 31 13:20:57 CEST 2012 - meiss...@suse.de
+
+- adjust to changed zlib api
+
+---

New:

  zlib.patch



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.uMg8ZO/_old  2012-06-01 07:24:36.0 +0200
+++ /var/tmp/diff_new_pack.uMg8ZO/_new  2012-06-01 07:24:36.0 +0200
@@ -25,7 +25,7 @@
 Group:  Productivity/Security
 Url:http://sourceforge.net/projects/tboot/
 Source0:%{name}-%{ver}.tar.gz
-#Patch0: tboot-%{version}-Makefile_typo.diff
+Patch0: zlib.patch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
@@ -39,6 +39,7 @@
 
 %prep
 %setup -q -n %name-%ver
+%patch0 -p1
 
 %build
 export CFLAGS=$RPM_OPT_FLAGS

++ zlib.patch ++
Index: tboot-1.7.0/lcptools/mlehash.c
===
--- tboot-1.7.0.orig/lcptools/mlehash.c
+++ tboot-1.7.0/lcptools/mlehash.c
@@ -233,8 +233,8 @@ static void print_dump(uint32_t s, uint3
  */
 static bool read_file(const char *filename, void **buffer, size_t *length)
 {
-FILE *fcompressed = NULL;
-FILE *fdecompressed = NULL;
+gzFile fcompressed = NULL;
+FILE   *fdecompressed = NULL;
 struct stat filestat;
 char tmpbuffer[1024];
 unsigned long i;
Index: tboot-1.7.0/tb_polgen/commands.c
===
--- tboot-1.7.0.orig/tb_polgen/commands.c
+++ tboot-1.7.0/tb_polgen/commands.c
@@ -54,26 +54,31 @@ extern tb_policy_t *g_policy;
 static bool hash_file(const char *filename, bool unzip, tb_hash_t *hash)
 {
 FILE *f;
+gzFile gf;
 static char buf[1024];
 EVP_MD_CTX ctx;
 const EVP_MD *md;
 int read_cnt;
 
-if ( unzip )
-f = gzopen(filename, rb);
-else
+if ( unzip ) {
+gf = gzopen(filename, rb);
+if ( gf == NULL ) {
+error_msg(File %s does not exist\n, filename);
+return false;
+}
+} else {
 f = fopen(filename, rb);
-
-if ( f == NULL ) {
-error_msg(File %s does not exist\n, filename);
-return false;
+if ( f == NULL ) {
+error_msg(File %s does not exist\n, filename);
+return false;
+}
 }
 
 md = EVP_sha1();
 EVP_DigestInit(ctx, md);
 do {
 if ( unzip )
-read_cnt = gzread(f, buf, sizeof(buf));
+read_cnt = gzread(gf, buf, sizeof(buf));
 else
 read_cnt = fread(buf, 1, sizeof(buf), f);
 if ( read_cnt == 0 )
@@ -84,7 +89,7 @@ static bool hash_file(const char *filena
 EVP_DigestFinal(ctx, hash-sha1, NULL);
 
 if ( unzip )
-gzclose(f);
+gzclose(gf);
 else
 fclose(f);
 
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2012-05-03 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2012-05-03 11:00:51

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2012-03-02 
13:50:19.0 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-05-03 
11:00:52.0 +0200
@@ -1,0 +2,5 @@
+Wed Apr 25 23:16:20 CEST 2012 - meiss...@suse.de
+
+- reenable exclusivearch to avoid building it on ppc and arm.
+
+---



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.djob6p/_old  2012-05-03 11:00:53.0 +0200
+++ /var/tmp/diff_new_pack.djob6p/_new  2012-05-03 11:00:53.0 +0200
@@ -29,8 +29,7 @@
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
 BuildRequires:  trousers-devel
-
-#ExclusiveArch: %{ix86} x86_64
+ExclusiveArch:  %{ix86} x86_64
 
 %description
 Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2012-03-02 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2012-03-02 13:50:18

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2012-01-19 
10:35:22.0 +0100
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-03-02 
13:50:19.0 +0100
@@ -1,0 +2,53 @@
+Tue Feb 28 14:03:52 UTC 2012 - meiss...@suse.com
+
+- updated to 1.7.0
+Print version number while changeset info unavailable
+Document DA changes in README
+Add event log for PCR extends in tboot
+Follow details / authorities PCR mapping style in tboot
+Support details / authorities PCR mapping
+Support TPM event log
+fix build issue for txt-stat in 64 bit environment.
+update README for mwait AP wakeup mechanism
+tboot: provide a new AP wakeup way for OS/VMM - mwait then memory write
+Original txt-stat.c doesn't display TXT heap info by default. Add
+command line options to display help info and optionally enable
+displaying heap info.
+Fix a shutdown issue on heavily throttled large server
+Adjust mle_hdr.{mle|cmdline}_{start|end}_off according to CS285,286
+changes to give lcp_mlehash correct info to produce hash value.
+Fix boot issue caused by including mle page table into tboot memory
+Fix for possible overwritting to mle page table by GRUB2
+Add PAGE_UP() fn that rounds things up/donw to a page.
+Update get_mbi_mem_end() with a accurate, safer calculating way
+ACPI fix and sanity check
+Add some sanity check before using mods_count in a count-down loop
+TPM: add waiting on expect==0 before issue tpmGo
+txt-stat: Don't show heap info by default.
+Exchange definitions for TBOOT_BASE_ADDR  TBOOT_START
+Add const qualifier for suibable parms of all possible fns.
+fix possible mbi overwrite issue for Linux with grub2
+enhance print_mbi() to print more mbi info for debug purpose
+Fix for GRUB2 loading elf image such as Xen.
+Move apply_policy() call into txt_post_launch()
+Don't zap s3_key in tboot shared page if sealing failed due to tpm
+unowned
+Update the explanation of signed lists to make it clearer.
+tboot: add a fall back for reboot via keyboard reset vector
+tboot: revise README to explain how to configure GRUB2 config file for
+tboot
+tboot: rewrite acpi reg access fns to refer to bit_width instead of
+access_width
+tboot: change reboot mechanism to use keyboard reset vector
+tboot: handle mis-programmed TXT config regs and TXT heap gracefully
+tboot: add warning when TPM timeout values are wrong
+all PM1_CNT accesses should be 16bit.
+Enlarge NR_CPUS from 64 to 256
+Add support for SBIOS policy element type (LCP_SBIOS_ELEMENT) to
+lcp_crtpolelt
+Fix processor id list matching between platform and acmod
+Make lcp_crtpollist support empty lists (i.e. with no elements)
+print a bit more error reasons in txt-stat
+Fix segmentation fault in txt-stat on some systems
+
+---

Old:

  tboot-20110520.tar.bz2

New:

  tboot-1.7.0.tar.gz



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.o4DKtr/_old  2012-03-02 13:50:21.0 +0100
+++ /var/tmp/diff_new_pack.o4DKtr/_new  2012-03-02 13:50:21.0 +0100
@@ -15,14 +15,16 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
+
 Name:   tboot
-Version:20110520
+%define ver 1.7.0
+Version:20120115_1.7.0
 Release:0
 Summary:Performs a verified launch using Intel(R) TXT
 License:BSD-3-Clause
 Group:  Productivity/Security
 Url:http://sourceforge.net/projects/tboot/
-Source0:%{name}-%{version}.tar.bz2
+Source0:%{name}-%{ver}.tar.gz
 #Patch0: tboot-%{version}-Makefile_typo.diff
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel
@@ -37,7 +39,7 @@
 
 
 %prep
-%setup -q
+%setup -q -n %name-%ver
 
 %build
 export CFLAGS=$RPM_OPT_FLAGS

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2012-01-19 Thread h_root
Hello community,

here is the log from the commit of package tboot for openSUSE:Factory checked 
in at 2012-01-19 10:35:21

Comparing /work/SRC/openSUSE:Factory/tboot (Old)
 and  /work/SRC/openSUSE:Factory/.tboot.new (New)


Package is tboot, Maintainer is meiss...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/tboot/tboot.changes  2011-09-23 
12:47:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-01-19 
10:35:22.0 +0100
@@ -1,0 +2,5 @@
+Thu Jan 12 11:31:12 UTC 2012 - co...@suse.com
+
+- change license to be in spdx.org format
+
+---



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.gSAa6V/_old  2012-01-19 10:35:23.0 +0100
+++ /var/tmp/diff_new_pack.gSAa6V/_new  2012-01-19 10:35:23.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package tboot
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -15,19 +15,18 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-
-
 Name:   tboot
 Version:20110520
-Release:1
+Release:0
 Summary:Performs a verified launch using Intel(R) TXT
+License:BSD-3-Clause
 Group:  Productivity/Security
-License:BSD
 Url:http://sourceforge.net/projects/tboot/
 Source0:%{name}-%{version}.tar.bz2
 #Patch0: tboot-%{version}-Makefile_typo.diff
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
-BuildRequires:  openssl-devel trousers-devel
+BuildRequires:  openssl-devel
+BuildRequires:  trousers-devel
 
 #ExclusiveArch: %{ix86} x86_64
 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2011-05-30 Thread h_root

Hello community,

here is the log from the commit of package tboot for openSUSE:Factory
checked in at Mon May 30 10:44:28 CEST 2011.




--- tboot/tboot.changes 2011-04-27 18:41:27.0 +0200
+++ /mounts/work_src_done/STABLE/tboot/tboot.changes2011-05-27 
17:42:52.0 +0200
@@ -1,0 +2,11 @@
+Tue May 24 14:48:45 UTC 2011 - idon...@novell.com
+
+- Update to changeset 261 
++ gcc 4.6 fixes
++ Fix segmentation fault in txt-stat on some systems
++ Add support for TXT heap extended data elements and BiosData version 4
++ Add support for AC Module chipset info table version 4 (ProcessorIDList)
++ Removed no_usb command line parameter and SMI disabling
++ Support MAXPHYADDR  36b
+
+---

calling whatdependson for head-i586


Old:

  tboot-20101005.tar.gz

New:

  tboot-20110520.tar.bz2



Other differences:
--
++ tboot.spec ++
--- /var/tmp/diff_new_pack.3VIgXF/_old  2011-05-30 10:44:11.0 +0200
+++ /var/tmp/diff_new_pack.3VIgXF/_new  2011-05-30 10:44:11.0 +0200
@@ -18,13 +18,13 @@
 
 
 Name:   tboot
-Version:20101005
+Version:20110520
 Release:1
 Summary:Performs a verified launch using Intel(R) TXT
 Group:  Productivity/Security
 License:BSD
 Url:http://sourceforge.net/projects/tboot/
-Source0:%{name}-%{version}.tar.gz
+Source0:%{name}-%{version}.tar.bz2
 #Patch0: tboot-%{version}-Makefile_typo.diff
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  openssl-devel trousers-devel

++ tboot-20101005.tar.gz - tboot-20110520.tar.bz2 ++
 5278 lines of diff (skipped)






Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit tboot for openSUSE:Factory

2011-04-29 Thread h_root

Hello community,

here is the log from the commit of package tboot for openSUSE:Factory
checked in at Fri Apr 29 09:26:44 CEST 2011.




New Changes file:

--- /dev/null   2010-08-26 16:28:41.0 +0200
+++ /mounts/work_src_done/STABLE/tboot/tboot.changes2011-04-27 
18:41:27.0 +0200
@@ -0,0 +1,4 @@
+---
+Wed Apr 27 18:38:23 CEST 2011 - meiss...@suse.de
+
+- initial import of current intel trusted boot loader

calling whatdependson for head-i586


New:

  tboot-20101005.tar.gz
  tboot.changes
  tboot.spec



Other differences:
--
++ tboot.spec ++
#
# spec file for package tboot
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An Open Source License is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#



Name:   tboot
Version:20101005
Release:1
Summary:Performs a verified launch using Intel(R) TXT
Group:  Productivity/Security
License:BSD
Url:http://sourceforge.net/projects/tboot/
Source0:%{name}-%{version}.tar.gz
#Patch0: tboot-%{version}-Makefile_typo.diff
BuildRoot:  %{_tmppath}/%{name}-%{version}-build
BuildRequires:  openssl-devel trousers-devel

#ExclusiveArch: %{ix86} x86_64

%description
Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses
Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured
and verified launch of an OS kernel/VMM.


%prep
%setup -q

%build
export CFLAGS=$RPM_OPT_FLAGS
export TBOOT_CFLAGS=$CFLAGS
make debug=y %{?_smp_mflags}

%install
make debug=y install DISTDIR=$RPM_BUILD_ROOT

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root,-)
%doc README COPYING docs/* lcptools/lcptools2.txt 
lcptools/Linux_LCP_Tools_User_Manual.pdf
%{_sbindir}/acminfo
%{_sbindir}/lcp_crtpconf
%{_sbindir}/lcp_crtpol
%{_sbindir}/lcp_crtpol2
%{_sbindir}/lcp_crtpolelt
%{_sbindir}/lcp_crtpollist
%{_sbindir}/lcp_mlehash
%{_sbindir}/lcp_readpol
%{_sbindir}/lcp_writepol
%{_sbindir}/parse_err
%{_sbindir}/tb_polgen
%{_sbindir}/tpmnv_defindex
%{_sbindir}/tpmnv_getcap
%{_sbindir}/tpmnv_lock
%{_sbindir}/tpmnv_relindex
%{_sbindir}/txt-stat
/boot/tboot.gz
/boot/tboot-syms

%changelog





Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org