commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2020-09-29 19:02:10 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.4249 (New) Package is "tboot" Tue Sep 29 19:02:10 2020 rev:42 rq:838277 version:20200429_1.9.12 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2019-07-16 08:41:51.451025200 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new.4249/tboot.changes2020-09-29 19:02:29.309823422 +0200 @@ -1,0 +2,23 @@ +Mon Sep 28 12:14:22 UTC 2020 - matthias.gerst...@suse.com + +- update to new upstream release 1.9.12: +- changes from 1.9.12: +- Release localities in S3 flow for CRB interface +- Config.mk, safestringlib/makefile : allow tool overrides +- safestringlib: fix warnings with GCC 6.4.0 +- Strip executable file before generating tboot.gz +- Add support for EFI memory map parse/modification +- Add SHA384 and SHA512 digest algorithms +- lcptools-v2: add pconf2 policy element support +- tb_polgen: Add SHA384 and SHA512 support +- Disable GCC9 address-of-packed-member warning +- Fix warnings after "Avoid unsafe functions" scan +- Use SHA256 as default hashing algorithm +- changes from 1.9.11: +- tb_polgen: Add support for SHA256 +- Configure IOMMU before executing GETSEC[SENTER] +- SINIT ACM can have padding, handle that when checking size +- disable-address-of-packed-member-warning.patch: now contained upstream +- tboot-grub2-fix-xen-submenu-name.patch: refreshed + +--- Old: disable-address-of-packed-member-warning.patch tboot-1.9.10.tar.gz New: tboot-1.9.12.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.mOdJ7V/_old 2020-09-29 19:02:29.949824199 +0200 +++ /var/tmp/diff_new_pack.mOdJ7V/_new 2020-09-29 19:02:29.949824199 +0200 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,20 +17,17 @@ Name: tboot -%define ver 1.9.10 -Version:20190520_%{ver} +%define ver 1.9.12 +Version:20200429_%{ver} Release:0 Summary:Program for performing a verified launch using Intel TXT License:BSD-3-Clause Group: Productivity/Security -Url:http://sourceforge.net/projects/tboot/ +URL:http://sourceforge.net/projects/tboot/ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch7: tboot-distributor.patch -# This patch should be removed once upstream has a stock solution for the -# gcc-9 warning -Patch8: disable-address-of-packed-member-warning.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel @@ -57,7 +54,6 @@ %patch3 -p1 %patch4 -p1 %patch7 -p1 -%patch8 -p1 %build # Tumbleweed now uses -flto=3 by default which gives us trouble with the ++ tboot-1.9.10.tar.gz -> tboot-1.9.12.tar.gz ++ 3557 lines of diff (skipped) ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.mOdJ7V/_old 2020-09-29 19:02:30.169824466 +0200 +++ /var/tmp/diff_new_pack.mOdJ7V/_new 2020-09-29 19:02:30.169824466 +0200 @@ -4,13 +4,13 @@ References: bnc#865815 Patch-Mainline: no -Index: tboot-1.9.10/tboot/20_linux_xen_tboot +Index: tboot-1.9.12/tboot/20_linux_xen_tboot === tboot-1.9.10.orig/tboot/20_linux_xen_tboot -+++ tboot-1.9.10/tboot/20_linux_xen_tboot +--- tboot-1.9.12.orig/tboot/20_linux_xen_tboot tboot-1.9.12/tboot/20_linux_xen_tboot @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` - tboot_version="1.9.10" + tboot_version="1.9.12" list="${linux_list}" -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{" +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2019-07-16 08:41:50 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.1887 (New) Package is "tboot" Tue Jul 16 08:41:50 2019 rev:41 rq:715443 version:20190520_1.9.10 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2019-07-11 13:19:03.742754747 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new.1887/tboot.changes2019-07-16 08:41:51.451025200 +0200 @@ -1,0 +2,5 @@ +Fri Jul 12 16:24:27 UTC 2019 - Martin Liška + +- Disable LTO in more elegant way (boo#1141323). + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.yCPv2f/_old 2019-07-16 08:41:52.003024903 +0200 +++ /var/tmp/diff_new_pack.yCPv2f/_new 2019-07-16 08:41:52.007024901 +0200 @@ -62,8 +62,8 @@ %build # Tumbleweed now uses -flto=3 by default which gives us trouble with the # statically linked C and assembler code in tboot. Better to be conservative -# here since tboot is low level stuff -> disable LTO for us. -export CFLAGS="%{optflags} -fno-lto" +# here since tboot is low level stuff -> disable LTO for us (boo#1141323). +%define _lto_cflags %{nil} export TBOOT_CFLAGS="$CFLAGS" make debug=y %{?_smp_mflags}
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2019-07-11 13:18:55 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.4615 (New) Package is "tboot" Thu Jul 11 13:18:55 2019 rev:40 rq:714590 version:20190520_1.9.10 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2019-06-18 14:56:03.477414155 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new.4615/tboot.changes2019-07-11 13:19:03.742754747 +0200 @@ -1,0 +2,6 @@ +Thu Jul 11 08:06:42 UTC 2019 - mgerstner + +- explicitly disable gcc9 link time optimization to fix the build and avoid + trouble in low level tboot code. + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.JNoxW8/_old 2019-07-11 13:19:04.498754509 +0200 +++ /var/tmp/diff_new_pack.JNoxW8/_new 2019-07-11 13:19:04.502754508 +0200 @@ -60,7 +60,10 @@ %patch8 -p1 %build -export CFLAGS="%{optflags}" +# Tumbleweed now uses -flto=3 by default which gives us trouble with the +# statically linked C and assembler code in tboot. Better to be conservative +# here since tboot is low level stuff -> disable LTO for us. +export CFLAGS="%{optflags} -fno-lto" export TBOOT_CFLAGS="$CFLAGS" make debug=y %{?_smp_mflags}
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2019-06-18 14:56:00 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.4811 (New) Package is "tboot" Tue Jun 18 14:56:00 2019 rev:39 rq:705831 version:20190520_1.9.10 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2019-05-21 10:39:55.119105248 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new.4811/tboot.changes2019-06-18 14:56:03.477414155 +0200 @@ -1,0 +2,6 @@ +Tue May 28 08:19:14 UTC 2019 - mgerstner + +- add disable-address-of-packed-member-warning.patch: taken over patch found + in the Fedora package to disable a new gcc-9 warning that breaks the build. + +--- New: disable-address-of-packed-member-warning.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.9FeuGF/_old 2019-06-18 14:56:04.113413757 +0200 +++ /var/tmp/diff_new_pack.9FeuGF/_new 2019-06-18 14:56:04.117413755 +0200 @@ -28,6 +28,9 @@ Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch7: tboot-distributor.patch +# This patch should be removed once upstream has a stock solution for the +# gcc-9 warning +Patch8: disable-address-of-packed-member-warning.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel @@ -54,6 +57,7 @@ %patch3 -p1 %patch4 -p1 %patch7 -p1 +%patch8 -p1 %build export CFLAGS="%{optflags}" ++ disable-address-of-packed-member-warning.patch ++ >From 1cf1c3e6af1f43555de7ec89cd1e8bc3ea0aaefe Mon Sep 17 00:00:00 2001 From: Yunying Sun Date: Mon, 13 May 2019 17:26:13 +0800 Subject: [PATCH] disable address of packed member warning --- Config.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Config.mk b/Config.mk index 6a64d1a..27bce1b 100644 --- a/Config.mk +++ b/Config.mk @@ -43,7 +43,7 @@ CFLAGS_WARN = -Wall -Wformat-security -Werror -Wstrict-prototypes \ -Wextra -Winit-self -Wswitch-default -Wunused-parameter \ -Wwrite-strings \ $(call cc-option,$(CC),-Wlogical-op,) \ - -Wno-missing-field-initializers + -Wno-missing-field-initializers -Wno-address-of-packed-member AS = as LD = ld -- 2.21.0
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2019-05-21 10:39:20 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.5148 (New) Package is "tboot" Tue May 21 10:39:20 2019 rev:38 rq:704217 version:20190520_1.9.10 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2019-01-21 10:53:02.531823717 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new.5148/tboot.changes2019-05-21 10:39:55.119105248 +0200 @@ -1,0 +2,17 @@ +Mon May 20 11:21:46 UTC 2019 - mgerstner + +- update to new upstream release 1.9.10: +- changes from 1.9.10: +- lcp-gen2: update with latest version (wxWidgets wildcard bugfix) +- print latest tag in logs +- add support for 64bit framebuffer address +- changes from 1.9.9: +- tools: fix some dereference-NULL issues reported by klocwork +- tools: replace banned mem/str fns with corresponding ones in safestringlib +- Add safestringlib code to support replacement of banned mem/str fns +- lcptools: remove tools supporting platforms before 2008 +- tboot: update string/memory fn name to differentiate from c lib +- Fix a harmless overflow caused by wrong loop limits +- rebased patches to match new upstream version + +--- Old: tboot-1.9.8.tar.gz New: tboot-1.9.10.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.dVEaIQ/_old 2019-05-21 10:39:56.231104526 +0200 +++ /var/tmp/diff_new_pack.dVEaIQ/_new 2019-05-21 10:39:56.235104523 +0200 @@ -12,13 +12,13 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: tboot -%define ver 1.9.8 -Version:20170711_%{ver} +%define ver 1.9.10 +Version:20190520_%{ver} Release:0 Summary:Program for performing a verified launch using Intel TXT License:BSD-3-Clause @@ -32,6 +32,7 @@ ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel BuildRequires: trousers-devel +BuildRequires: zlib-devel %if 0%{?suse_version} > 1320 BuildRequires: update-bootloader-rpm-macros @@ -64,14 +65,8 @@ %files %defattr(-,root,root,-) -%doc README COPYING docs/* lcptools/lcptools2.txt lcptools/Linux_LCP_Tools_User_Manual.pdf +%doc README COPYING docs/* lcptools-v2/lcptools.txt lcptools/Linux_LCP_Tools_User_Manual.pdf %{_sbindir}/acminfo -%{_sbindir}/lcp_crtpconf -%{_sbindir}/lcp_crtpol -%{_sbindir}/lcp_crtpol2 -%{_sbindir}/lcp_crtpolelt -%{_sbindir}/lcp_crtpollist -%{_sbindir}/lcp_mlehash %{_sbindir}/lcp_readpol %{_sbindir}/lcp_writepol %{_sbindir}/parse_err ++ tboot-1.9.8.tar.gz -> tboot-1.9.10.tar.gz ++ 40130 lines of diff (skipped) ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.dVEaIQ/_old 2019-05-21 10:39:56.395104419 +0200 +++ /var/tmp/diff_new_pack.dVEaIQ/_new 2019-05-21 10:39:56.395104419 +0200 @@ -4,13 +4,13 @@ References: bnc#865815 Patch-Mainline: no -Index: tboot-1.9.8/tboot/20_linux_xen_tboot +Index: tboot-1.9.10/tboot/20_linux_xen_tboot === tboot-1.9.8.orig/tboot/20_linux_xen_tboot -+++ tboot-1.9.8/tboot/20_linux_xen_tboot +--- tboot-1.9.10.orig/tboot/20_linux_xen_tboot tboot-1.9.10/tboot/20_linux_xen_tboot @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` - tboot_version="1.9.8" + tboot_version="1.9.10" list="${linux_list}" -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{" +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2019-01-21 10:52:52 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new.28833 (New) Package is "tboot" Mon Jan 21 10:52:52 2019 rev:37 rq:665950 version:20170711_1.9.8 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-10-25 09:11:30.730319613 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new.28833/tboot.changes 2019-01-21 10:53:02.531823717 +0100 @@ -4 +4 @@ -- update to new upstream release 1.9.8: +- update to new upstream release 1.9.8 (FATE#324359): Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.1C0BCS/_old 2019-01-21 10:53:03.895822068 +0100 +++ /var/tmp/diff_new_pack.1C0BCS/_new 2019-01-21 10:53:03.895822068 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-10-25 09:11:30 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Thu Oct 25 09:11:30 2018 rev:36 rq:644201 version:20170711_1.9.8 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-09-15 15:41:21.192784743 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-10-25 09:11:30.730319613 +0200 @@ -1,0 +2,10 @@ +Wed Oct 24 08:44:04 UTC 2018 - matthias.gerst...@suse.com + +- update to new upstream release 1.9.8: +- Skip tboot launch error index read/write when ignore prev err option is true +- s3-fix: fix a stack overflow caused by enlarged tb_hash_t union +- S3 fix: revert the mis-changed type casting in changeset 522:8e881a07c059 +- S3-fix: Adding option save_vtd=true to opt-in the vtd table restore +- rebased patches to match new upstream version + +--- Old: tboot-1.9.7.tar.gz New: tboot-1.9.8.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.rKPaqF/_old 2018-10-25 09:11:31.150319362 +0200 +++ /var/tmp/diff_new_pack.rKPaqF/_new 2018-10-25 09:11:31.154319359 +0200 @@ -17,7 +17,7 @@ Name: tboot -%define ver 1.9.7 +%define ver 1.9.8 Version:20170711_%{ver} Release:0 Summary:Program for performing a verified launch using Intel TXT ++ tboot-1.9.7.tar.gz -> tboot-1.9.8.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/.hg_archival.txt new/tboot-1.9.8/.hg_archival.txt --- old/tboot-1.9.7/.hg_archival.txt2018-09-03 10:43:39.0 +0200 +++ new/tboot-1.9.8/.hg_archival.txt2018-10-18 06:55:47.0 +0200 @@ -1,4 +1,5 @@ repo: cedd93279188334eb41d248d5eb70a41a2bc70ca -node: fa126d410df0916f0bab32a882349eb401597d5f +node: bde570f28820ea6cfc4a12fecec9f51e867e28ca branch: default -tag: v1.9.7 +latesttag: v1.9.8 +latesttagdistance: 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/.hgtags new/tboot-1.9.8/.hgtags --- old/tboot-1.9.7/.hgtags 2018-09-03 10:43:39.0 +0200 +++ new/tboot-1.9.8/.hgtags 2018-10-18 06:55:47.0 +0200 @@ -17,3 +17,6 @@ 698548a9b9fe6201361d19099100f8eb59fad4f6 v1.9.5 61c17659bb8670e466c3bac8913459848f5f36d5 v1.9.6 11613463d703e203785b2e4dc9447d76530266c4 v1.9.7 +11613463d703e203785b2e4dc9447d76530266c4 v1.9.7 +fa126d410df0916f0bab32a882349eb401597d5f v1.9.7 +dbc7b1d289f848c3d88a9d4694d67fd409f48039 v1.9.8 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/CHANGELOG new/tboot-1.9.8/CHANGELOG --- old/tboot-1.9.7/CHANGELOG 2018-09-03 10:43:39.0 +0200 +++ new/tboot-1.9.8/CHANGELOG 2018-10-18 06:55:47.0 +0200 @@ -1,3 +1,8 @@ +20181011: v1.9.8 +Skip tboot launch error index read/write when ignore prev err option is true +s3-fix: fix a stack overflow caused by enlarged tb_hash_t union +S3 fix: revert the mis-changed type casting in changeset 522:8e881a07c059 +S3-fix: Adding option save_vtd=true to opt-in the vtd table restore 20180830: v1.9.7 Fix a lot of issues in tools reported by klocwork scan. Fix a lot of issues in tboot module reported by klocwork scan. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/README new/tboot-1.9.8/README --- old/tboot-1.9.7/README 2018-09-03 10:43:39.0 +0200 +++ new/tboot-1.9.8/README 2018-10-18 06:55:47.0 +0200 @@ -315,6 +315,16 @@ setting provides a way to force use of the legacy log format for TPM 2 systems: force_tpm2_legacy_log=false|true // defaults to false +o Opt-in the vtd dmar table save/restore process + With recent kernel (4.16.3 in fedora28), the acpi table seems changed by + kernel. So function restore_vtd_dmar_table() will not work as expected to + find the vtd dmar table and restore it in S3 resume, instead, the system will + run into a hang or a reset. + + To solve the S3 issue but still keep vtd dmar table save/restore process for + specific case, add below option: + save_vtd=false|true // defaults to false + PCR Usage: - o Legacy PCR mapping diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_tboot new/tboot-1.9.8/tboot/20_linux_tboot --- old/tboot-1.9.7/tboot/20_linux_tboot2018-09-03 10:43:39.0 +020
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-09-04 22:56:37 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Tue Sep 4 22:56:37 2018 rev:34 rq:632828 version:20170711_1.9.7 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-09-03 10:35:47.164775305 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-09-04 22:56:40.725105135 +0200 @@ -1,0 +2,9 @@ +Mon Sep 3 10:11:39 UTC 2018 - matthias.gerst...@suse.com + +- package new upstream tarball for 1.9.7. It seems the tarball was replaced + upstream without notice, because some version numbers have not been + incremented. +- tboot-grub2-fix-menu-in-xen-host-server.patch: rebased +- tboot-grub2-fix-xen-submenu-name.patch: rebased + +--- Other differences: -- ++ tboot-1.9.7.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/.hg_archival.txt new/tboot-1.9.7/.hg_archival.txt --- old/tboot-1.9.7/.hg_archival.txt2018-08-30 12:15:12.0 +0200 +++ new/tboot-1.9.7/.hg_archival.txt2018-09-03 10:43:39.0 +0200 @@ -1,4 +1,4 @@ repo: cedd93279188334eb41d248d5eb70a41a2bc70ca -node: 11613463d703e203785b2e4dc9447d76530266c4 +node: fa126d410df0916f0bab32a882349eb401597d5f branch: default tag: v1.9.7 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/.hgtags new/tboot-1.9.7/.hgtags --- old/tboot-1.9.7/.hgtags 2018-08-30 12:15:12.0 +0200 +++ new/tboot-1.9.7/.hgtags 2018-09-03 10:43:39.0 +0200 @@ -16,3 +16,4 @@ 9d8ee7ff40107fde7512b0a9196c568152ce1c72 v1.9.4 698548a9b9fe6201361d19099100f8eb59fad4f6 v1.9.5 61c17659bb8670e466c3bac8913459848f5f36d5 v1.9.6 +11613463d703e203785b2e4dc9447d76530266c4 v1.9.7 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_tboot new/tboot-1.9.7/tboot/20_linux_tboot --- old/tboot-1.9.7/tboot/20_linux_tboot2018-08-30 12:15:12.0 +0200 +++ new/tboot-1.9.7/tboot/20_linux_tboot2018-09-03 10:43:39.0 +0200 @@ -201,7 +201,7 @@ tboot_dirname=`dirname ${current_tboot}` rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` #tboot_version=`echo $tboot_basename | sed -e "s,.gz$,,g;s,^tboot-,,g"` -tboot_version="1.9.6" +tboot_version="1.9.7" echo "submenu \"tboot ${tboot_version}\" {" while [ "x$list" != "x" ] ; do linux=`version_find_latest $list` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.9.7/tboot/20_linux_xen_tboot new/tboot-1.9.7/tboot/20_linux_xen_tboot --- old/tboot-1.9.7/tboot/20_linux_xen_tboot2018-08-30 12:15:12.0 +0200 +++ new/tboot-1.9.7/tboot/20_linux_xen_tboot2018-09-03 10:43:39.0 +0200 @@ -216,7 +216,7 @@ tboot_basename=`basename ${current_tboot}` tboot_dirname=`dirname ${current_tboot}` rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` -tboot_version="1.9.6" +tboot_version="1.9.7" list="${linux_list}" echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{" while [ "x$list" != "x" ] ; do ++ tboot-grub2-fix-menu-in-xen-host-server.patch ++ --- /var/tmp/diff_new_pack.moqifS/_old 2018-09-04 22:56:41.189106719 +0200 +++ /var/tmp/diff_new_pack.moqifS/_new 2018-09-04 22:56:41.189106719 +0200 @@ -23,10 +23,10 @@ References: bnc#865815 Porting to tboot in order to fix duplicated xen entries -Index: tboot-1.9.6/tboot/20_linux_tboot +Index: tboot-1.9.7/tboot/20_linux_tboot === tboot-1.9.6.orig/tboot/20_linux_tboot -+++ tboot-1.9.6/tboot/20_linux_tboot +--- tboot-1.9.7.orig/tboot/20_linux_tboot tboot-1.9.7/tboot/20_linux_tboot @@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ " break fi @@ -77,10 +77,10 @@ if test -n "${initrd}" ; then echo "Found initrd image: ${dirname}/${initrd}" >&2 else -Index: tboot-1.9.6/tboot/20_linux_xen_tboot +Index: tboot-1.9.7/tboot/20_linux_xen_tboot === tboot-1.9.6.orig/tboot/20_linux_xen_tboot -+++ tboot-1.9.6/tboot/20_linux_xen_tboot +--- tboot-1.9.7.orig/tboot/20_linux_xen_tboot tboot-1.9.7/tboot/20_linux_xen_tboot @@ -52,6 +52,12 @@ fi export TEXTDOMAIN=grub export TEXTDOMAINDIR=${prefix}/share/lo
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-09-03 10:35:45 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Mon Sep 3 10:35:45 2018 rev:33 rq:632523 version:20170711_1.9.7 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-03-16 10:45:09.320570880 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-09-03 10:35:47.164775305 +0200 @@ -1,0 +2,31 @@ +Fri Aug 31 14:23:48 UTC 2018 - matthias.gerst...@suse.com + +- update to upstream version 1.9.7. This in mainly a bugfix release: +Fix a lot of issues in tools reported by klocwork scan. +Fix a lot of issues in tboot module reported by klocwork scan. +Remove a redundant tboot option +Fix indent in heap.c +Fix 4 issues along with extpol=agile option +Mitigations for tpm interposer attacks +Add an option in tboot to force SINIT to use the legacy TPM2 log format. +Add support for appending to a TPM2 TCG style event log. +Ensure tboot log is available even when measured launch is skipped. +Add centos7 instructions for Use in EFI boot mode. +Fix memory leak and invalid reads and writes issues. +Fix TPM 1.2 locality selection issue. +Fix a null pointer dereference bug when Intel TXT is disabled. +Optimize tboot docs installation. +Fix security vulnerabilities rooted in tpm_if structure and g_tpm variable. +The size field of the MB2 tag is the size of the tag header + the size +Fix openssl-1.0.2 double frees +Make policy element stm_elt use unique type name +lcptools-v2 utilities fixes +port to openssl-1.1.0 +Reset debug PCR16 to zero. +Fix a logical error in function bool evtlog_append(...). +- removed tboot-CVE-2017-16837.patch: now contained in tarball +- removed tboot-openssl-1-1-0.patch: now contained in tarball +- removed tboot-signature-segfault.patch: now contained in tarball +- removed tboot-ssl-broken.patch: now contained in tarball + +--- Old: tboot-1.9.6.tar.gz tboot-CVE-2017-16837.patch tboot-openssl-1-1-0.patch tboot-signature-segfault.patch tboot-ssl-broken.patch New: tboot-1.9.7.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.1AHo2A/_old 2018-09-03 10:35:47.684776649 +0200 +++ /var/tmp/diff_new_pack.1AHo2A/_new 2018-09-03 10:35:47.684776649 +0200 @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.9.6 -Version:20170711_1.9.6 +%define ver 1.9.7 +Version:20170711_%{ver} Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause @@ -27,15 +27,7 @@ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch -Patch5: tboot-openssl-1-1-0.patch -Patch6: tboot-CVE-2017-16837.patch Patch7: tboot-distributor.patch -# a stark history regarding SSL: ssl functions never really worked in tboot, -# even the signature-segfault upstream fix didn't fix the root causes. -# ssl-broken.patch is my own patch that I have published on the tboot-devel -# mailing list, but no response so far. -Patch8: tboot-signature-segfault.patch -Patch9: tboot-ssl-broken.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel @@ -60,11 +52,7 @@ %setup -q -n %name-%ver %patch3 -p1 %patch4 -p1 -%patch5 -p1 -%patch6 -p1 %patch7 -p1 -%patch8 -p1 -%patch9 -p1 %build export CFLAGS="%{optflags}" ++ tboot-1.9.6.tar.gz -> tboot-1.9.7.tar.gz ++ 3807 lines of diff (skipped)
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-03-16 10:43:50 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Fri Mar 16 10:43:50 2018 rev:32 rq:587462 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-02-22 15:03:03.836670196 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-03-16 10:45:09.320570880 +0100 @@ -1,0 +2,10 @@ +Thu Mar 15 09:49:03 UTC 2018 - matthias.gerst...@suse.com + +- tboot-signature-segfault.patch: Intermediate patch necessary for + tboot-ssl-broken.patch. Upstream tried to fix OpenSSL issues here, but + failed to do so. +- tboot-ssl-broken.patch: Fixed memory corruption when using OpenSSL + functionality like in lcp2_crtpollist (bnc#1083693). Fix has not yet been + commented on by upstream (posted on tboot-devel mailing list). + +--- New: tboot-signature-segfault.patch tboot-ssl-broken.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.uywoS8/_old 2018-03-16 10:45:10.376532857 +0100 +++ /var/tmp/diff_new_pack.uywoS8/_new 2018-03-16 10:45:10.380532713 +0100 @@ -30,7 +30,12 @@ Patch5: tboot-openssl-1-1-0.patch Patch6: tboot-CVE-2017-16837.patch Patch7: tboot-distributor.patch -# PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ +# a stark history regarding SSL: ssl functions never really worked in tboot, +# even the signature-segfault upstream fix didn't fix the root causes. +# ssl-broken.patch is my own patch that I have published on the tboot-devel +# mailing list, but no response so far. +Patch8: tboot-signature-segfault.patch +Patch9: tboot-ssl-broken.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel @@ -58,6 +63,8 @@ %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build export CFLAGS="%{optflags}" @@ -107,7 +114,7 @@ %postun %if 0%{?update_bootloader_check_type_reinit_post:1} # there is no clean solution for refresh during package removal at the moment. -# %posttrans is not executed during package removal. +# %%posttrans is not executed during package removal. %update_bootloader_check_type_reinit_post grub2 grub2-efi %update_bootloader_posttrans %else ++ tboot-signature-segfault.patch ++ changeset: 506:09fae64a7515 user:Ning Sun date:Sat Sep 02 01:40:15 2017 -0700 summary: Fix openssl-1.0.2 double frees Index: tboot-1.9.6/lcptools-v2/crtpollist.c === --- tboot-1.9.6.orig/lcptools-v2/crtpollist.c +++ tboot-1.9.6/lcptools-v2/crtpollist.c @@ -160,15 +160,14 @@ static lcp_signature_t2 *read_rsa_pubkey memset(sig, 0, sizeof(lcp_rsa_signature_t) + 2*keysize); sig->rsa_signature.pubkey_size = keysize; - -BIGNUM *modulus = BN_new(); - + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA stuct */ #if OPENSSL_VERSION_NUMBER >= 0x1010L +BIGNUM *modulus = BN_new(); RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); #else -modulus = pubkey->n; +BIGNUM *modulus = BN_dup(pubkey->n); #endif unsigned char key[keysize]; Index: tboot-1.9.6/lcptools-v2/lcputils.c === --- tboot-1.9.6.orig/lcptools-v2/lcputils.c +++ tboot-1.9.6/lcptools-v2/lcputils.c @@ -384,8 +384,8 @@ bool verify_signature(const uint8_t *dat #if OPENSSL_VERSION_NUMBER >= 0x1010L RSA_set0_key(rsa_pubkey, modulus, exponent, NULL); #else -rsa_pubkey->n = modulus; -rsa_pubkey->e = exponent; +rsa_pubkey->n = BN_dup(modulus); +rsa_pubkey->e = BN_dup(exponent); rsa_pubkey->d = rsa_pubkey->p = rsa_pubkey->q = NULL; #endif Index: tboot-1.9.6/lcptools/crtpollist.c === --- tboot-1.9.6.orig/lcptools/crtpollist.c +++ tboot-1.9.6/lcptools/crtpollist.c @@ -155,14 +155,14 @@ static lcp_signature_t *read_pubkey_file memset(sig, 0, sizeof(*sig) + 2*keysize); sig->pubkey_size = keysize; - -BIGNUM *modulus = BN_new(); + /* OpenSSL Version 1.1.0 and later don't allow direct access to RSA stuct */ #if OPENSSL_VERSION_NUMBER >= 0x1010L +BIGNUM *modulus = BN_new(); RSA_get0_key(pubkey, (const BIGNUM **)&modulus, NULL, NULL); #else - modulus = pubkey->n; +
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-02-22 15:03:00 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Thu Feb 22 15:03:00 2018 rev:31 rq:578926 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2018-02-20 17:55:42.417099729 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-02-22 15:03:03.836670196 +0100 @@ -1,0 +2,6 @@ +Wed Feb 21 12:26:10 UTC 2018 - matthias.gerst...@suse.com + +- Also cover cleanup of bootloader configuration after package removal. + (bnc#1078262) + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.yO4Otj/_old 2018-02-22 15:03:05.420613218 +0100 +++ /var/tmp/diff_new_pack.yO4Otj/_new 2018-02-22 15:03:05.420613218 +0100 @@ -104,6 +104,16 @@ /sbin/update-bootloader --reinit || true %endif +%postun +%if 0%{?update_bootloader_check_type_reinit_post:1} +# there is no clean solution for refresh during package removal at the moment. +# %posttrans is not executed during package removal. +%update_bootloader_check_type_reinit_post grub2 grub2-efi +%update_bootloader_posttrans +%else +/sbin/update-bootloader --reinit || true +%endif + %posttrans %{?update_bootloader_posttrans}
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2018-02-20 17:55:30 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Tue Feb 20 17:55:30 2018 rev:30 rq:578146 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-11-16 14:04:31.529990698 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2018-02-20 17:55:42.417099729 +0100 @@ -1,0 +2,8 @@ +Mon Feb 12 13:27:20 UTC 2018 - matthias.gerst...@suse.com + +- tboot-distributor.patch: don't add GNU/Linux to grub menu entries. SUSE's + grub2 itself doesn't do it as well. (bnc#1078262) +- perform update of bootloader configuration after installation via + %posttrans. (bnc#1078262) + +--- New: tboot-distributor.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.GBApMh/_old 2018-02-20 17:55:43.729052489 +0100 +++ /var/tmp/diff_new_pack.GBApMh/_new 2018-02-20 17:55:43.733052345 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,11 +29,22 @@ Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch5: tboot-openssl-1-1-0.patch Patch6: tboot-CVE-2017-16837.patch +Patch7: tboot-distributor.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ BuildRoot: %{_tmppath}/%{name}-%{version}-build +ExclusiveArch: %{ix86} x86_64 BuildRequires: openssl-devel BuildRequires: trousers-devel -ExclusiveArch: %{ix86} x86_64 + +%if 0%{?suse_version} > 1320 +BuildRequires: update-bootloader-rpm-macros +%endif + +%if 0%{?update_bootloader_requires:1} +%update_bootloader_requires +%else +Requires: perl-Bootloader +%endif %description Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel(R) @@ -46,6 +57,7 @@ %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 %build export CFLAGS="%{optflags}" @@ -85,4 +97,14 @@ %{_sysconfdir}/grub.d/20_linux_tboot %{_sysconfdir}/grub.d/20_linux_xen_tboot +%post +%if 0%{?update_bootloader_check_type_reinit_post:1} +%update_bootloader_check_type_reinit_post grub2 grub2-efi +%else +/sbin/update-bootloader --reinit || true +%endif + +%posttrans +%{?update_bootloader_posttrans} + %changelog ++ tboot-distributor.patch ++ Index: tboot-1.9.6/tboot/20_linux_tboot === --- tboot-1.9.6.orig/tboot/20_linux_tboot +++ tboot-1.9.6/tboot/20_linux_tboot @@ -72,7 +72,7 @@ CLASS="--class gnu-linux --class gnu --c if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then OS=GNU/Linux else - OS="${GRUB_DISTRIBUTOR} GNU/Linux" + OS="${GRUB_DISTRIBUTOR}" CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr '[A-Z]' '[a-z]' | cut -d' ' -f1) ${CLASS}" fi Index: tboot-1.9.6/tboot/20_linux_xen_tboot === --- tboot-1.9.6.orig/tboot/20_linux_xen_tboot +++ tboot-1.9.6/tboot/20_linux_xen_tboot @@ -63,7 +63,7 @@ CLASS="--class gnu-linux --class gnu --c if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then OS=GNU/Linux else - OS="${GRUB_DISTRIBUTOR} GNU/Linux" + OS="${GRUB_DISTRIBUTOR}" CLASS="--class $(echo ${GRUB_DISTRIBUTOR} | tr 'A-Z' 'a-z' | cut -d' ' -f1) ${CLASS}" fi
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-11-16 14:04:28 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Thu Nov 16 14:04:28 2017 rev:29 rq:542218 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-11-11 14:20:13.289846699 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-11-16 14:04:31.529990698 +0100 @@ -1,0 +2,8 @@ +Thu Nov 16 09:49:48 UTC 2017 - matthias.gerst...@suse.com + +- tboot-CVE-2017-16837.patch: fix a major security issue in tboot. tboot + failed to validate a number of immutable function pointers, which could + allow an attacker to bypass the chain of trust and execute arbitrary code + (bnc#1068390, CVE-2017-16837). + +--- New: tboot-CVE-2017-16837.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.HgRMut/_old 2017-11-16 14:04:32.277963588 +0100 +++ /var/tmp/diff_new_pack.HgRMut/_new 2017-11-16 14:04:32.281963443 +0100 @@ -28,6 +28,7 @@ Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch5: tboot-openssl-1-1-0.patch +Patch6: tboot-CVE-2017-16837.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel @@ -44,6 +45,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %build export CFLAGS="%{optflags}" ++ tboot-CVE-2017-16837.patch ++ 1059 lines (skipped)
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-11-11 14:19:52 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Sat Nov 11 14:19:52 2017 rev:28 rq:540236 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-07-21 22:48:03.468082005 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-11-11 14:20:13.289846699 +0100 @@ -1,0 +2,7 @@ +Thu Nov 9 14:08:59 UTC 2017 - matthias.gerst...@suse.com + +- tboot-openssl-1-1-0.patch: make package compatible with OpenSSL 1.1.0. + There's no upstream release containing this patch yet. The patch builds + against OpenSSL 1.0.x as well. This is for SLE-15 support (bnc#1067229). + +--- New: tboot-openssl-1-1-0.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.oHhwNa/_old 2017-11-11 14:20:15.837753319 +0100 +++ /var/tmp/diff_new_pack.oHhwNa/_new 2017-11-11 14:20:15.841753173 +0100 @@ -27,6 +27,7 @@ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch +Patch5: tboot-openssl-1-1-0.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel @@ -42,6 +43,7 @@ %setup -q -n %name-%ver %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build export CFLAGS="%{optflags}" ++ tboot-openssl-1-1-0.patch ++ changeset: 503:2bb331ec268d user:Ning Sun date:Mon Aug 28 02:10:28 2017 -0700 summary: port to openssl-1.1.0 diff -r e57efe410a90 -r 2bb331ec268d lcptools/hash.c --- a/lcptools/hash.c Mon Jul 24 05:34:17 2017 -0700 +++ b/lcptools/hash.c Mon Aug 28 02:10:28 2017 -0700 @@ -74,13 +74,18 @@ return false; if ( hash_alg == TB_HALG_SHA1_LG ) { -EVP_MD_CTX ctx; +EVP_MD_CTX *ctx = EVP_MD_CTX_create(); +if (ctx == NULL) { +fprintf(stderr, "%s(): EVP_MD_CTX_create() failed.\n", __func__); +return false; +} const EVP_MD *md; md = EVP_sha1(); -EVP_DigestInit(&ctx, md); -EVP_DigestUpdate(&ctx, buf, size); -EVP_DigestFinal(&ctx, hash->sha1, NULL); +EVP_DigestInit(ctx, md); +EVP_DigestUpdate(ctx, buf, size); +EVP_DigestFinal(ctx, hash->sha1, NULL); +EVP_MD_CTX_destroy(ctx); return true; } else
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-07-21 22:47:59 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Fri Jul 21 22:47:59 2017 rev:27 rq:511178 version:20170711_1.9.6 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-06-05 18:50:33.439397827 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-07-21 22:48:03.468082005 +0200 @@ -1,0 +2,24 @@ +Tue Jul 18 11:10:29 UTC 2017 - matthias.gerst...@suse.com + +update to new upstream version 1.9.6: + +- removed following patches, because they're now included upstream: + * reproducible.patch + * tboot-grub2-suse.patch + * tboot-gcc7.patch + +- Changes in this version: + * GCC7 fix, adds generic FALLTHROUGH notations to avoid warnings appearing on GCC7 +* Ensure Tboot never overwrites modules in the process of moving them. +* Add support to x2APIC, which uses 32 bit APIC ID. +* Fix S3 secrets sealing/unsealing failures +* Support OpenSSL 1.1.0+ for ECDSA signature verification. +* Support OpenSSL 1.1.0+ for RSA key manipulation. +* Adds additional checks to prevent the kernel image from being overwritten. +* Added TCG TPM event log support. +* Pass through the EFI memory map that's provided by grub2. +* Fix a null pointer dereference bug when Intel TXT is disabled in BIOS. +* Adjust KERNEL_CMDLINE_OFFSET from 0x9000 to 0x8D00. +* Bounds checking on the kernel_cmdline string. + +--- Old: reproducible.patch tboot-1.9.5.tar.gz tboot-gcc7.patch tboot-grub2-suse.patch New: tboot-1.9.6.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.zXXjal/_old 2017-07-21 22:48:04.975869313 +0200 +++ /var/tmp/diff_new_pack.zXXjal/_new 2017-07-21 22:48:04.979868749 +0200 @@ -17,20 +17,17 @@ Name: tboot -%define ver 1.9.5 -Version:20160518_1.9.4 +%define ver 1.9.6 +Version:20170711_1.9.6 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause Group: Productivity/Security Url:http://sourceforge.net/projects/tboot/ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz -Patch1: tboot-grub2-suse.patch Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ -Patch5: reproducible.patch -Patch6: tboot-gcc7.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -43,11 +40,8 @@ %prep %setup -q -n %name-%ver -%patch1 -p1 %patch3 -p1 %patch4 -p1 -%patch5 -p1 -%patch6 -p1 %build export CFLAGS="%{optflags}" ++ tboot-1.9.5.tar.gz -> tboot-1.9.6.tar.gz ++ 3130 lines of diff (skipped) ++ tboot-grub2-fix-menu-in-xen-host-server.patch ++ --- /var/tmp/diff_new_pack.zXXjal/_old 2017-07-21 22:48:05.203837155 +0200 +++ /var/tmp/diff_new_pack.zXXjal/_new 2017-07-21 22:48:05.203837155 +0200 @@ -23,10 +23,10 @@ References: bnc#865815 Porting to tboot in order to fix duplicated xen entries -Index: tboot-1.9.4/tboot/20_linux_tboot +Index: tboot-1.9.6/tboot/20_linux_tboot === tboot-1.9.4.orig/tboot/20_linux_tboot -+++ tboot-1.9.4/tboot/20_linux_tboot +--- tboot-1.9.6.orig/tboot/20_linux_tboot tboot-1.9.6/tboot/20_linux_tboot @@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ " break fi @@ -77,10 +77,10 @@ if test -n "${initrd}" ; then echo "Found initrd image: ${dirname}/${initrd}" >&2 else -Index: tboot-1.9.4/tboot/20_linux_xen_tboot +Index: tboot-1.9.6/tboot/20_linux_xen_tboot === tboot-1.9.4.orig/tboot/20_linux_xen_tboot -+++ tboot-1.9.4/tboot/20_linux_xen_tboot +--- tboot-1.9.6.orig/tboot/20_linux_xen_tboot tboot-1.9.6/tboot/20_linux_xen_tboot @@ -52,6 +52,12 @@ fi export TEXTDOMAIN=grub export TEXTDOMAINDIR=${prefix}/share/locale ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.zXXjal/_old 2017-07-21 22:48:05.211836027 +0200 +++ /var/tmp/diff_new_pack.zXXjal/_new 2017-07-21 22:48:05.211836027 +0200 @@ -4,13 +4,13 @@ References: bnc#865815 Patch-Mainline: no -Index: tboot-1.9.5/tboot/20_linux_xe
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-06-05 18:50:21 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Mon Jun 5 18:50:21 2017 rev:26 rq:500930 version:20160518_1.9.4 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-04-30 21:25:05.158648582 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-06-05 18:50:33.439397827 +0200 @@ -1,0 +2,5 @@ +Sun Jun 4 08:43:14 UTC 2017 - meiss...@suse.com + +- tboot-gcc7.patch: fix some gcc7 warnings that lead to errors. (bsc#1041264) + +--- @@ -85 +90 @@ - +- fixes a boot issue on Skylake (bsc#964408) New: tboot-gcc7.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.m5GEqd/_old 2017-06-05 18:50:34.123301426 +0200 +++ /var/tmp/diff_new_pack.m5GEqd/_new 2017-06-05 18:50:34.127300862 +0200 @@ -30,6 +30,7 @@ Patch4: tboot-grub2-fix-xen-submenu-name.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ Patch5: reproducible.patch +Patch6: tboot-gcc7.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -46,6 +47,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %build export CFLAGS="%{optflags}" ++ tboot-gcc7.patch ++ Index: tboot-1.9.5/tboot/common/tboot.c === --- tboot-1.9.5.orig/tboot/common/tboot.c +++ tboot-1.9.5/tboot/common/tboot.c @@ -501,11 +501,13 @@ static void shutdown_system(uint32_t shu /* write our S3 resume vector to ACPI resume addr */ set_s3_resume_vector(&_tboot_shared.acpi_sinfo, TBOOT_S3_WAKEUP_ADDR); /* fall through for rest of Sx handling */ + /* FALLTHROUGH */ case TB_SHUTDOWN_S4: case TB_SHUTDOWN_S5: machine_sleep(&_tboot_shared.acpi_sinfo); /* if machine_sleep() fails, fall through to reset */ + /* FALLTHROUGH */ case TB_SHUTDOWN_REBOOT: if ( txt_is_powercycle_required() ) { /* powercycle by writing 0x0a+0x0e to port 0xcf9 */ @@ -524,6 +526,7 @@ static void shutdown_system(uint32_t shu outb(0xcf9, 0x06); } + /* FALLTHROUGH */ case TB_SHUTDOWN_HALT: default: while ( true ) Index: tboot-1.9.5/tboot/common/vsprintf.c === --- tboot-1.9.5.orig/tboot/common/vsprintf.c +++ tboot-1.9.5/tboot/common/vsprintf.c @@ -404,6 +404,7 @@ handle_width: case 'p': mods.flag |= PREFIX;/* print prefix 0x for %p */ mods.flag_long = LONG; + /* FALLTHROUGH */ case 'x': mods.base = 16; buf_pos = write_number_to_buffer(buf, size, buf_pos, mods); Index: tboot-1.9.5/tboot/common/tpm.c === --- tboot-1.9.5.orig/tboot/common/tpm.c +++ tboot-1.9.5/tboot/common/tpm.c @@ -117,14 +117,14 @@ static bool tpm_send_cmd_ready_status_cr #endif if ( reg_ctrl_sts.tpmidle== 1) { - reg_ctrl_request._raw[0] = 0; + memset(®_ctrl_request,0,sizeof(reg_ctrl_request)); reg_ctrl_request.cmdReady = 1; write_tpm_reg(locality, TPM_CRB_CTRL_REQ, ®_ctrl_request); return true; } - reg_ctrl_request._raw[0] = 0; + memset(®_ctrl_request,0,sizeof(reg_ctrl_request)); reg_ctrl_request.goIdle = 1; write_tpm_reg(locality, TPM_CRB_CTRL_REQ, ®_ctrl_request); @@ -158,7 +158,7 @@ static bool tpm_send_cmd_ready_status_cr printk(TBOOT_INFO"2. reg_ctrl_sts.tpmsts: 0x%x\n", reg_ctrl_sts.tpmsts); #endif - reg_ctrl_request._raw[0] = 0; + memset(®_ctrl_request,0,sizeof(reg_ctrl_request)); reg_ctrl_request.cmdReady = 1; write_tpm_reg(locality, TPM_CRB_CTRL_REQ, ®_ctrl_request); @@ -724,7 +724,7 @@ bool tpm_relinquish_locality_crb(uint32_ if ( reg_loc_state.loc_assigned == 0 )return true; /* make inactive by writing a 1 */ -reg_loc_ctrl._raw[0] = 0; +memset(®_loc_ctrl,0,sizeof(reg_loc_ctrl)); reg_loc_ctrl.relinquish = 1; write_tpm_reg(locality, TPM_REG_LOC_CTRL, ®_loc_ctrl); @@ -778,7 +778,7 @@ bool tpm_request_locality_crb(uint32_t l tpm_reg_loc_state_t reg_loc_state; tpm_reg_loc_ctrl_treg_loc_ctrl; /* request access to the TPM from locality N */ -reg_loc_ct
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-04-30 21:24:31 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Sun Apr 30 21:24:31 2017 rev:25 rq:492191 version:20160518_1.9.4 Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-02-14 00:47:35.309120477 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-04-30 21:25:05.158648582 +0200 @@ -1,0 +2,5 @@ +Sun Apr 30 05:29:57 UTC 2017 - bwiedem...@suse.com + +- Add reproducible.patch to call gzip -n to make build fully reproducible + +--- New: reproducible.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.ATeDae/_old 2017-04-30 21:25:05.914542002 +0200 +++ /var/tmp/diff_new_pack.ATeDae/_new 2017-04-30 21:25:05.914542002 +0200 @@ -28,6 +28,8 @@ Patch1: tboot-grub2-suse.patch Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch +# PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ +Patch5: reproducible.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -43,6 +45,7 @@ %patch1 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build export CFLAGS="%{optflags}" ++ reproducible.patch ++ Index: tboot-1.9.5/tboot/Makefile === --- tboot-1.9.5.orig/tboot/Makefile +++ tboot-1.9.5/tboot/Makefile @@ -32,7 +32,7 @@ OBJS := $(obj-y) TARGET_LDS := $(CURDIR)/common/tboot.lds $(TARGET).gz : $(TARGET) - gzip -f -9 < $< > $@ + gzip -n -f -9 < $< > $@ $(TARGET) : $(OBJS) $(TARGET_LDS) $(LD) $(LDFLAGS) -T $(TARGET_LDS) -N $(OBJS) -o $(@D)/.$(@F).0
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-02-14 00:47:34 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-02-10 10:04:26.623023379 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-02-14 00:47:35.309120477 +0100 @@ -1,0 +2,6 @@ +Fri Feb 10 16:56:03 UTC 2017 - jeng...@inai.de + +- Trim filler words from description; use modern macros over + shell vars. + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.lk9Mkk/_old 2017-02-14 00:47:35.989024495 +0100 +++ /var/tmp/diff_new_pack.lk9Mkk/_new 2017-02-14 00:47:35.993023931 +0100 @@ -34,10 +34,9 @@ ExclusiveArch: %{ix86} x86_64 %description -Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses -Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured -and verified launch of an OS kernel/VMM. - +Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel(R) +Trusted Execution Technology (Intel(R) TXT) to perform a measured and +verified launch of an OS kernel/VMM. %prep %setup -q -n %name-%ver @@ -46,12 +45,12 @@ %patch4 -p1 %build -export CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="%{optflags}" export TBOOT_CFLAGS="$CFLAGS" make debug=y %{?_smp_mflags} %install -make debug=y install DISTDIR=$RPM_BUILD_ROOT MANPATH=$RPM_BUILD_ROOT/%{_mandir} +make debug=y install DISTDIR="%{buildroot}" MANPATH="%{buildroot}/%{_mandir}" %files %defattr(-,root,root,-)
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-02-10 10:03:40 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2016-07-01 09:59:00.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-02-10 10:04:26.623023379 +0100 @@ -1,0 +2,17 @@ +Wed Feb 8 13:11:50 UTC 2017 - meiss...@suse.com + +- Updated to 20161216: v1.9.5 (FATE#321510) + + Add 2nd generation of LCP creation tool source codes for TPM 2.0 platforms. + + Add user guide for 2nd generation LCP creation tool + + Provide workaround for Intel PTT(Platform Trust Technology) & Linux PTT driver. + + Add new fields in Linux kernel header struct to accommodate Linux kernel new capabilities. + + Fix a pointer dereference regression in the tboot native Linux loader which manifests itself as a system reset. + + Fix the issue of overwriting tboot when the loaded elf kernel is located below tboot. + + Add support to release TPM localities when tboot exits to linux kernel. + + Fix the evtlog dump function for tpm2 case. + + Initiaize kernel header comdline buffer before copying kernel cmdline arguments to the buffer to avoid random + + data at end of the original cmdline contents. + + Move tpm_detect() to an earlier stage so as to get tpm interface initialized before checking TXT platform capabilities. + + +--- Old: tboot-1.9.4.tar.gz New: tboot-1.9.5.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.Iu32nL/_old 2017-02-10 10:04:27.182944195 +0100 +++ /var/tmp/diff_new_pack.Iu32nL/_new 2017-02-10 10:04:27.186943629 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: tboot -%define ver 1.9.4 +%define ver 1.9.5 Version:20160518_1.9.4 Release:0 Summary:Performs a verified launch using Intel(R) TXT ++ tboot-1.9.4.tar.gz -> tboot-1.9.5.tar.gz ++ 13051 lines of diff (skipped) ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.Iu32nL/_old 2017-02-10 10:04:27.410911955 +0100 +++ /var/tmp/diff_new_pack.Iu32nL/_new 2017-02-10 10:04:27.410911955 +0100 @@ -4,13 +4,13 @@ References: bnc#865815 Patch-Mainline: no -Index: tboot-1.9.4/tboot/20_linux_xen_tboot +Index: tboot-1.9.5/tboot/20_linux_xen_tboot === tboot-1.9.4.orig/tboot/20_linux_xen_tboot -+++ tboot-1.9.4/tboot/20_linux_xen_tboot +--- tboot-1.9.5.orig/tboot/20_linux_xen_tboot tboot-1.9.5/tboot/20_linux_xen_tboot @@ -232,7 +232,7 @@ while [ "x${xen_list}" != "x" ] ; do rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` - tboot_version="1.9.4" + tboot_version="1.9.5" list="${linux_list}" -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{" +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2016-07-01 09:58:58 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2016-05-20 11:56:11.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2016-07-01 09:59:00.0 +0200 @@ -1,0 +2,11 @@ +Wed Jun 22 06:37:53 UTC 2016 - mch...@suse.com + +- Fix wrong pvops kernel config matching (bsc#981948) + * modified tboot-grub2-fix-menu-in-xen-host-server.patch + +--- +Wed Jun 1 09:29:32 UTC 2016 - meiss...@suse.com + +- tboot-grub2-suse.patch: fixed bad if/elif + +--- Other differences: -- ++ tboot-grub2-fix-menu-in-xen-host-server.patch ++ --- /var/tmp/diff_new_pack.sIJm2F/_old 2016-07-01 09:59:01.0 +0200 +++ /var/tmp/diff_new_pack.sIJm2F/_new 2016-07-01 09:59:01.0 +0200 @@ -67,7 +67,7 @@ + + if test "$xen_pv_domU" = "false" ; then + # prevent xen kernel without pv_opt support from booting -+ if (grep -qx "CONFIG_XEN=y" "${config}" 2> /dev/null && grep -qvx "CONFIG_PARAVIRT=y" "${config}" 2> /dev/null); then ++ if (grep -qx "CONFIG_XEN=y" "${config}" 2> /dev/null && ! grep -qx "CONFIG_PARAVIRT=y" "${config}" 2> /dev/null); then + echo "Skip xenlinux kernel $linux" >&2 + list=`echo $list | tr ' ' '\n' | grep -vx $linux | tr '\n' ' '` + continue ++ tboot-grub2-suse.patch ++ --- /var/tmp/diff_new_pack.sIJm2F/_old 2016-07-01 09:59:01.0 +0200 +++ /var/tmp/diff_new_pack.sIJm2F/_new 2016-07-01 09:59:01.0 +0200 @@ -19,7 +19,7 @@ sysconfdir=/etc if test -e /usr/share/grub/grub-mkconfig_lib; then . /usr/share/grub/grub-mkconfig_lib -+if test -e /usr/share/grub2/grub-mkconfig_lib; then ++elif test -e /usr/share/grub2/grub-mkconfig_lib; then + . /usr/share/grub2/grub-mkconfig_lib elif test -e ${libdir}/grub/grub-mkconfig_lib; then . ${libdir}/grub/grub-mkconfig_lib
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2016-05-20 11:56:09 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2015-05-16 07:14:41.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2016-05-20 11:56:11.0 +0200 @@ -1,0 +2,29 @@ +Thu May 19 10:35:27 UTC 2016 - meiss...@suse.com + +- Updated to 1.9.4/20160518 (FATE#320665) + Added TPM 2.0 CRB support + Increased BSP and AP stacks to avoid stack overflow + Added an ACPI_RSDP structure g_rsdp in tboot to avoid potential memory overwritten issue on TPM 2.0 UEFI platforms + Added support to both Intel TPM nv index set and TCG TPM nv index set + grub2: tboot doesn't skip first argument any more + grub2: sanitize whitespace in command lines + grub2: Allow addition of policy data in grub.cfg + grub2 support: allow the user to customize the command line + Mitigated S3 resume delay by adjusting LZ_MAX_OFFSET to 5000 in lz.c. + Added SGX TPM nv index support + Add 64 bit ELF object support + Gentoo Hardened, which uses the GRSecurity and PaX patch sets + Disable -fstack-check in CFLAG for compatibility with Gentoo Linux. + Enhanced tboot compatiblity running on non-Intel TXT platform with a fix of is_launched() + LCP documentation improvements +- tboot-grub2-suse.patch: refreshed +- tboot-grub2-fix-xen-submenu-name.patch: refreshed +- tboot-fix-stackoverflow.patch: upstream in 1.9.4 + +--- +Wed Apr 6 09:41:06 UTC 2016 - meiss...@suse.com + +- tboot-fix-stackoverflow.patch: fix a excessive stack usage pattern + that could lead to resets/crashes (bsc#967441) + +--- @@ -4 +33 @@ -- Updated to 1.8.3/20140728 +- Updated to 1.8.3/20140728 FATE#318542 Old: tboot-1.8.3.tar.gz New: tboot-1.9.4.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.227324/_old 2016-05-20 11:56:12.0 +0200 +++ /var/tmp/diff_new_pack.227324/_new 2016-05-20 11:56:12.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.8.3 -Version:20140728_1.8.3 +%define ver 1.9.4 +Version:20160518_1.9.4 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause ++ tboot-1.8.3.tar.gz -> tboot-1.9.4.tar.gz ++ 3954 lines of diff (skipped) ++ tboot-grub2-fix-menu-in-xen-host-server.patch ++ --- /var/tmp/diff_new_pack.227324/_old 2016-05-20 11:56:12.0 +0200 +++ /var/tmp/diff_new_pack.227324/_new 2016-05-20 11:56:12.0 +0200 @@ -23,11 +23,11 @@ References: bnc#865815 Porting to tboot in order to fix duplicated xen entries -Index: tboot-1.8.0/tboot/20_linux_tboot +Index: tboot-1.9.4/tboot/20_linux_tboot === tboot-1.8.0.orig/tboot/20_linux_tboot -+++ tboot-1.8.0/tboot/20_linux_tboot -@@ -166,6 +166,49 @@ while [ "x${tboot_list}" != "x" ] && [ " +--- tboot-1.9.4.orig/tboot/20_linux_tboot tboot-1.9.4/tboot/20_linux_tboot +@@ -225,6 +225,49 @@ while [ "x${tboot_list}" != "x" ] && [ " break fi done @@ -77,11 +77,11 @@ if test -n "${initrd}" ; then echo "Found initrd image: ${dirname}/${initrd}" >&2 else -Index: tboot-1.8.0/tboot/20_linux_xen_tboot +Index: tboot-1.9.4/tboot/20_linux_xen_tboot === tboot-1.8.0.orig/tboot/20_linux_xen_tboot -+++ tboot-1.8.0/tboot/20_linux_xen_tboot -@@ -30,6 +30,12 @@ fi +--- tboot-1.9.4.orig/tboot/20_linux_xen_tboot tboot-1.9.4/tboot/20_linux_xen_tboot +@@ -52,6 +52,12 @@ fi export TEXTDOMAIN=grub export TEXTDOMAINDIR=${prefix}/share/locale @@ -94,7 +94,7 @@ CLASS="--class gnu-linux --class gnu --class os --class xen" if [ "x${GRUB_DISTRIBUTOR}" = "x" ] ; then -@@ -147,9 +153,17 @@ linux_list=`for i in /boot/vmlinu[xz]-* +@@ -185,9 +191,17 @@ linux_list=`for i in /boot/vmlinu[xz]-* if [ "x${linux_list}" = "x" ] ; then exit 0 fi ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.227324/_old 2016-05-20
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2015-05-16 07:14:35 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2014-07-29 16:48:33.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2015-05-16 07:14:41.0 +0200 @@ -1,0 +2,19 @@ +Fri May 8 12:08:52 UTC 2015 - meiss...@suse.com + +- Updated to 1.8.3/20140728 + * Added verified launch control policy user guide + * Fixed a bug about var MTRR settings to follow the rule that each VAR MTRR base must be a multiple of that MTRR's size. + * Access tpm sts reg with 3-byte width in v1.2 case and 4-byte width in v2.0 case + * Bugfix: lcp2_mlehash get wrong hash if the cmdline string length > 7 + * Optimized tboot log processing flow to avoid log buffer overflow by adopting lz Compress/Uncompress algorithms + * Added SGX support for Skylake platform + * tpm2: use the primary object in NULL Hierarchy instead of Platform Hierarchy for seal/unseal usage + * Fixed a bug for lcp2_mlehash tool + * Fixed system hang issue caused by TXT disable, TPM disable or SINIT ACM not correctly provided in EFI booting mode + * Fixed bug for wrong assumption on the way how GRUB2 load modules + * Fixed MB2 tags mess issue caused by moving shorter module cmdline to head + * Fixed compile issue when debug=y + +- refreshed tboot-grub2-fix-xen-submenu-name.patch + +--- Old: tboot-1.8.2.tar.gz New: tboot-1.8.3.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.tU4aJh/_old 2015-05-16 07:14:42.0 +0200 +++ /var/tmp/diff_new_pack.tU4aJh/_new 2015-05-16 07:14:42.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.8.2 -Version:20140728_1.8.2 +%define ver 1.8.3 +Version:20140728_1.8.3 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause ++ tboot-1.8.2.tar.gz -> tboot-1.8.3.tar.gz ++ 1630 lines of diff (skipped) ++ tboot-grub2-fix-xen-submenu-name.patch ++ --- /var/tmp/diff_new_pack.tU4aJh/_old 2015-05-16 07:14:42.0 +0200 +++ /var/tmp/diff_new_pack.tU4aJh/_new 2015-05-16 07:14:42.0 +0200 @@ -4,13 +4,13 @@ References: bnc#865815 Patch-Mainline: no -Index: tboot-1.8.1/tboot/20_linux_xen_tboot +Index: tboot-1.8.3/tboot/20_linux_xen_tboot === tboot-1.8.1.orig/tboot/20_linux_xen_tboot -+++ tboot-1.8.1/tboot/20_linux_xen_tboot +--- tboot-1.8.3.orig/tboot/20_linux_xen_tboot tboot-1.8.3/tboot/20_linux_xen_tboot @@ -187,7 +187,7 @@ while [ "x${xen_list}" != "x" ] ; do rel_tboot_dirname=`make_system_path_relative_to_its_root $tboot_dirname` - tboot_version="1.8.1" + tboot_version="1.8.3" list="${linux_list}" -echo "submenu \"Xen ${xen_version}\" \"Tboot ${tboot_version}\"{" +echo "submenu \"Xen ${xen_version} with Tboot ${tboot_version}\"{"
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2014-07-29 16:48:24 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2014-05-21 16:31:20.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-07-29 16:48:33.0 +0200 @@ -1,0 +2,8 @@ +Mon Jul 28 12:14:12 UTC 2014 - meiss...@suse.com + +- updated to 1.8.2/20140728 + Security Fix: TBOOT Argument Measurement Vulnerability for GRUB2 + ELF Kernels + fix werror in 32 bit build environment +- tboot-fix.patch: removed, fixed differently upstream. + +--- Old: tboot-1.8.1.tar.gz tboot-fix.patch New: tboot-1.8.2.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.GTOtcy/_old 2014-07-29 16:48:33.0 +0200 +++ /var/tmp/diff_new_pack.GTOtcy/_new 2014-07-29 16:48:33.0 +0200 @@ -17,15 +17,14 @@ Name: tboot -%define ver 1.8.1 -Version:20130705_1.8.0 +%define ver 1.8.2 +Version:20140728_1.8.2 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause Group: Productivity/Security Url:http://sourceforge.net/projects/tboot/ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz -Patch0: tboot-fix.patch Patch1: tboot-grub2-suse.patch Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch @@ -42,7 +41,6 @@ %prep %setup -q -n %name-%ver -%patch0 -p1 %patch1 -p1 %patch3 -p1 %patch4 -p1 ++ tboot-1.8.1.tar.gz -> tboot-1.8.2.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.8.1/.hg_archival.txt new/tboot-1.8.2/.hg_archival.txt --- old/tboot-1.8.1/.hg_archival.txt2014-05-16 09:57:00.0 +0200 +++ new/tboot-1.8.2/.hg_archival.txt1970-01-01 01:00:00.0 +0100 @@ -1,5 +0,0 @@ -repo: cedd93279188334eb41d248d5eb70a41a2bc70ca -node: b4a3b8ddaf07d7a8fa0c159fbd22de7624d6818d -branch: default -latesttag: v1.8.1 -latesttagdistance: 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.8.1/CHANGELOG new/tboot-1.8.2/CHANGELOG --- old/tboot-1.8.1/CHANGELOG 2014-05-16 09:57:00.0 +0200 +++ new/tboot-1.8.2/CHANGELOG 2014-07-28 10:24:20.0 +0200 @@ -1,3 +1,6 @@ +20140728: v1.8.2 +Security Fix: TBOOT Argument Measurement Vulnerability for GRUB2 + ELF Kernels +fix werror in 32 bit build environment 20140516: v1.8.1 Fix build error "may be used uninitialized" Reset eventlog when S3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.8.1/tb_polgen/param.c new/tboot-1.8.2/tb_polgen/param.c --- old/tboot-1.8.1/tb_polgen/param.c 2014-05-16 09:57:00.0 +0200 +++ new/tboot-1.8.2/tb_polgen/param.c 2014-07-28 10:24:21.0 +0200 @@ -184,7 +184,8 @@ info_msg("\t pcr = %d\n", params->pcr); info_msg("\t hash_type = %d\n", params->hash_type); info_msg("\t pos = %d\n", params->pos); -info_msg("\t cmdline length = %lu\n", strlen(params->cmdline)); +info_msg("\t cmdline length = %lu\n", + (unsigned long int)strlen(params->cmdline)); info_msg("\t cmdline = %s\n", params->cmdline); info_msg("\t image_file = %s\n", params->image_file); info_msg("\t elt_file = %s\n", params->elt_file); @@ -411,7 +412,8 @@ if (strlen(optarg) > sizeof(params->cmdline) - 1) { error_msg("Command line length of %lu exceeds %d " "character maximum\n", - strlen(optarg), TBOOT_KERNEL_CMDLINE_SIZE-1); + (unsigned long int)strlen(optarg), + TBOOT_KERNEL_CMDLINE_SIZE-1); return false; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.8.1/tboot/Config.mk new/tboot-1.8.2/tboot/Config.mk --- old/tboot-1.8.1/tboot/Config.mk 2014-05-16 09:57:00.0 +0200 +++ new/tboot-1.8.2/tboot/Config.mk 2014-07-28 10:24:21.0 +0200 @@ -32,7 +32,7 @@ CFLAGS += $(call cc-option,$(CC),-fno-stack-protector-all,) # changeset variable for banner -CFLAGS += -DTBOOT_CHANGESET=\""$(shell ((hg parents --template "{isodate|isodate} {rev}:{node|short}"
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2014-05-21 16:31:19 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2014-05-02 14:03:34.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-05-21 16:31:20.0 +0200 @@ -1,0 +2,42 @@ +Mon May 19 11:11:10 UTC 2014 - meiss...@suse.com + +- updated to 1.8.1/20140516 + Fix build error "may be used uninitialized" + Reset eventlog when S3 + Update tboot version to 1.8.1 in grub title + Fix grub cfg file generation scripts for SLES12 + Fix seal failure issue + tpm2 lcptools + Restore local apic base for AP + Fix typo in hash_alg_to_string() + Change to create primary object only once + Add prepare_tpm call in S3 path to ensure locality 0 was released before senter + Fix possible dead loop in print_bios_data when bios_data version 4 + Fix possible null pointer dereference in loader.c + Fix possible null pointer dereference in tpm_12.c and tpm_20.c + Avoid buffer overrun when append tpm12 eventlog + Fix possible NULL pointer dereference + Fix one event log issue caused by wrong append and print operation + Fix error "unsupported hash alg" for agile extend policy + Fix warning "ACM info_table version mismatch" + Update the tpm family detection with a general way + Fix a lcp tools issue caused by redefining TB_HALG_SHA1 from 0 to 4 + Assign g_tpm a value for no tpm case to avoid NULL checks + Fix crash when TPM is missing + Fix infinite loop in determine_multiboot_type() + Fix typo in tpm20_init() and remove unused variable + Allow the to-be-measured nv to be protected by AUTHWRITE + Check cpu vendor id to avoid unexpected behavior in non-intel cpu + Change to detect TPM family only once + Fix some typos caused by copy-paste + +- removed tboot-cs381.patch: upstream + +--- +Fri May 16 06:10:17 UTC 2014 - mch...@suse.com + +- fix grub2 boot menu after installing lots of kernels (bnc#865815) +- add tboot-grub2-fix-menu-in-xen-host-server.patch +- add tboot-grub2-fix-xen-submenu-name.patch + +--- Old: tboot-1.8.0.tar.gz tboot-cs381.patch New: tboot-1.8.1.tar.gz tboot-grub2-fix-menu-in-xen-host-server.patch tboot-grub2-fix-xen-submenu-name.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.F0ZzxV/_old 2014-05-21 16:31:22.0 +0200 +++ /var/tmp/diff_new_pack.F0ZzxV/_new 2014-05-21 16:31:22.0 +0200 @@ -17,7 +17,7 @@ Name: tboot -%define ver 1.8.0 +%define ver 1.8.1 Version:20130705_1.8.0 Release:0 Summary:Performs a verified launch using Intel(R) TXT @@ -27,7 +27,8 @@ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch0: tboot-fix.patch Patch1: tboot-grub2-suse.patch -Patch2: tboot-cs381.patch +Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch +Patch4: tboot-grub2-fix-xen-submenu-name.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -43,7 +44,8 @@ %setup -q -n %name-%ver %patch0 -p1 %patch1 -p1 -%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" @@ -72,6 +74,10 @@ %{_sbindir}/tpmnv_lock %{_sbindir}/tpmnv_relindex %{_sbindir}/txt-stat +%{_sbindir}/lcp2_crtpol +%{_sbindir}/lcp2_crtpolelt +%{_sbindir}/lcp2_crtpollist +%{_sbindir}/lcp2_mlehash /boot/tboot.gz /boot/tboot-syms %{_mandir}/man8/* ++ tboot-1.8.0.tar.gz -> tboot-1.8.1.tar.gz ++ 7573 lines of diff (skipped) ++ tboot-grub2-fix-menu-in-xen-host-server.patch ++ From: Michael Chang Subject: [PATCH] fix menu in xen host server References: bnc#771689, bnc#757895 Patch-Mainline: no When system is configred as "Xen Virtual Machines Host Server", the grub2 menu is not well organized. We could see some issues on it. - Many duplicated xen entries generated by links to xen hypervisor - Non bootable kernel entries trying to boot xen kernel natively - The -dbg xen hypervisor takes precedence over release version This patch fixes above three issues. v2: References: bnc#877040 Create only hypervisor pointed by /boot/xen.gz symlink to not clutter the menu with multiple versions and also not include -dbg. Use custom.cfg if you need any other custom entries. v3: References: bnc#865815 Porting to tboot in order to fix duplicated xen entries Index: tboot-1.8.0/tboot/20_linux_tboot
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2014-05-02 14:03:33 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2014-02-20 06:23:39.0 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-05-02 14:03:34.0 +0200 @@ -1,0 +2,6 @@ +Wed Apr 30 08:42:27 UTC 2014 - meiss...@suse.com + +- tboot-cs381.patch: generate tboot entries correctly, from Intel. + bnc#875581 + +--- New: tboot-cs381.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.7oLMRb/_old 2014-05-02 14:03:35.0 +0200 +++ /var/tmp/diff_new_pack.7oLMRb/_new 2014-05-02 14:03:35.0 +0200 @@ -27,6 +27,7 @@ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch0: tboot-fix.patch Patch1: tboot-grub2-suse.patch +Patch2: tboot-cs381.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -42,6 +43,7 @@ %setup -q -n %name-%ver %patch0 -p1 %patch1 -p1 +%patch2 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" ++ tboot-cs381.patch ++ # HG changeset patch # User Gang Wei # Date 1398749209 -28800 # Tue Apr 29 13:26:49 2014 +0800 # Node ID 0883c5da94978917c81e654cabbf734e82a33b23 # Parent acfeeead17db852d23631a3dd0ec8a29836fce2d Fix grub cfg file generation scripts for SLES12 Signed-off-by: Gang Wei diff -r acfeeead17db -r 0883c5da9497 tboot/20_linux_tboot --- a/tboot/20_linux_tboot Tue Apr 22 14:00:56 2014 +0800 +++ b/tboot/20_linux_tboot Tue Apr 29 13:26:49 2014 +0800 @@ -44,11 +44,6 @@ case ${GRUB_DEVICE} in /dev/loop/*|/dev/loop[0-9]) GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"` -# We can't cope with devices loop-mounted from files here. -case ${GRUB_DEVICE} in - /dev/*) ;; - *) exit 0 ;; -esac ;; esac diff -r acfeeead17db -r 0883c5da9497 tboot/20_linux_xen_tboot --- a/tboot/20_linux_xen_tboot Tue Apr 22 14:00:56 2014 +0800 +++ b/tboot/20_linux_xen_tboot Tue Apr 29 13:26:49 2014 +0800 @@ -44,11 +44,6 @@ case ${GRUB_DEVICE} in /dev/loop/*|/dev/loop[0-9]) GRUB_DEVICE=`losetup ${GRUB_DEVICE} | sed -e "s/^[^(]*(\([^)]\+\)).*/\1/"` -# We can't cope with devices loop-mounted from files here. -case ${GRUB_DEVICE} in - /dev/*) ;; - *) exit 0 ;; -esac ;; esac -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2014-02-20 06:23:38 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2014-02-02 07:40:15.0 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-02-20 06:23:39.0 +0100 @@ -1,0 +2,6 @@ +Wed Feb 19 16:05:10 UTC 2014 - meiss...@suse.com + +- fixed path for /usr/share/grub2/grub-mkconfig_lib in our grub2 + snippets. (bnc#864633) + +--- New: tboot-grub2-suse.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.pgeQvY/_old 2014-02-20 06:23:40.0 +0100 +++ /var/tmp/diff_new_pack.pgeQvY/_new 2014-02-20 06:23:40.0 +0100 @@ -26,6 +26,7 @@ Url:http://sourceforge.net/projects/tboot/ Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz Patch0: tboot-fix.patch +Patch1: tboot-grub2-suse.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -40,6 +41,7 @@ %prep %setup -q -n %name-%ver %patch0 -p1 +%patch1 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" ++ tboot-grub2-suse.patch ++ Index: tboot-1.8.0/tboot/20_linux_tboot === --- tboot-1.8.0.orig/tboot/20_linux_tboot +++ tboot-1.8.0/tboot/20_linux_tboot @@ -21,8 +21,8 @@ prefix=/usr exec_prefix=${prefix} bindir=${exec_prefix}/bin libdir=${exec_prefix}/lib -if test -e /usr/share/grub/grub-mkconfig_lib; then - . /usr/share/grub/grub-mkconfig_lib +if test -e /usr/share/grub2/grub-mkconfig_lib; then + . /usr/share/grub2/grub-mkconfig_lib elif test -e ${libdir}/grub/grub-mkconfig_lib; then . ${libdir}/grub/grub-mkconfig_lib fi Index: tboot-1.8.0/tboot/20_linux_xen_tboot === --- tboot-1.8.0.orig/tboot/20_linux_xen_tboot +++ tboot-1.8.0/tboot/20_linux_xen_tboot @@ -21,8 +21,8 @@ prefix=/usr exec_prefix=${prefix} bindir=${exec_prefix}/bin libdir=${exec_prefix}/lib -if test -e /usr/share/grub/grub-mkconfig_lib; then - . /usr/share/grub/grub-mkconfig_lib +if test -e /usr/share/grub2/grub-mkconfig_lib; then + . /usr/share/grub2/grub-mkconfig_lib elif test -e ${libdir}/grub/grub-mkconfig_lib; then . ${libdir}/grub/grub-mkconfig_lib fi -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2014-02-02 07:40:14 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2013-08-12 10:17:09.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2014-02-02 07:40:15.0 +0100 @@ -1,0 +2,16 @@ +Thu Jan 30 21:59:46 UTC 2014 - meiss...@suse.com + +- updated to 1.8.0/20130705 + Update README for TPM2 support + tpm2 support + Adding sha256 algorithm implementation + Update README for TPM NV measuring + Update README for EFI support + Fix typo in tboot/Makefile + Increase the supported maximum number of cpus from 256 to 512 + Extend tboot policy supporting measuring TPM NV + EFI support via multiboot2 changes + Fix typo in common/hash.c + Fix verification for extended data elements in txt heap + +--- Old: tboot-1.7.4.tar.gz New: tboot-1.8.0.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.1tEPJN/_old 2014-02-02 07:40:15.0 +0100 +++ /var/tmp/diff_new_pack.1tEPJN/_new 2014-02-02 07:40:15.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.7.4 -Version:20130705_1.7.4 +%define ver 1.8.0 +Version:20130705_1.8.0 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause ++ tboot-1.7.4.tar.gz -> tboot-1.8.0.tar.gz ++ 14881 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2013-08-12 10:17:08 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2013-01-10 15:20:19.0 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2013-08-12 10:17:09.0 +0200 @@ -1,0 +2,8 @@ +Thu Aug 8 11:56:45 UTC 2013 - meiss...@suse.com + +- updated to 1.7.4/20130705 + Fix possible empty submenu block in generated grub.cfg + Add a call_racm=check option for easy RACM launch result check + Fix type check for revocation ACM. + +--- Old: tboot-1.7.3.tar.gz New: tboot-1.7.4.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.tNhbkH/_old 2013-08-12 10:17:10.0 +0200 +++ /var/tmp/diff_new_pack.tNhbkH/_new 2013-08-12 10:17:10.0 +0200 @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.7.3 -Version:20121228_1.7.3 +%define ver 1.7.4 +Version:20130705_1.7.4 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause ++ tboot-1.7.3.tar.gz -> tboot-1.7.4.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.7.3/.hg_archival.txt new/tboot-1.7.4/.hg_archival.txt --- old/tboot-1.7.3/.hg_archival.txt2012-12-28 07:30:13.0 +0100 +++ new/tboot-1.7.4/.hg_archival.txt2013-07-08 04:48:29.0 +0200 @@ -1,5 +1,5 @@ repo: cedd93279188334eb41d248d5eb70a41a2bc70ca -node: 5192fef95f6f443c1b017d6c9bcfb5823a0c447b +node: 22b9704961c34f22f9ee12f4a822263d3159669d branch: default -latesttag: v1.7.3 +latesttag: v1.7.4 latesttagdistance: 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.7.3/.hgtags new/tboot-1.7.4/.hgtags --- old/tboot-1.7.3/.hgtags 2012-12-28 07:30:13.0 +0100 +++ new/tboot-1.7.4/.hgtags 2013-07-08 04:48:29.0 +0200 @@ -4,3 +4,4 @@ bd086f9ac6abcc4403a4fd32ce2604882025bc2c v1.7.2 221ec0974a31576ce197aa9ce793925b1cca0cfc v1.7.3-rc1 feeb4cc736710d1b6abbb6561a31737f19d10021 v1.7.3 +794e9c2ef61a9a8911b9b58b2f3f3724bf3873be v1.7.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.7.3/CHANGELOG new/tboot-1.7.4/CHANGELOG --- old/tboot-1.7.3/CHANGELOG 2012-12-28 07:30:13.0 +0100 +++ new/tboot-1.7.4/CHANGELOG 2013-07-08 04:48:29.0 +0200 @@ -1,4 +1,9 @@ -20121228 v1.7.3 +20130705: v1.7.4 + Fix possible empty submenu block in generated grub.cfg + Add a call_racm=check option for easy RACM launch result check + Fix type check for revocation ACM. + +20121228: v1.7.3 Update README with updated code repository url. Fix grub2 scripts to be compatible with more distros. Update README for RACM launch support diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.7.3/README new/tboot-1.7.4/README --- old/tboot-1.7.3/README 2012-12-28 07:30:13.0 +0100 +++ new/tboot-1.7.4/README 2013-07-08 04:48:29.0 +0200 @@ -205,7 +205,7 @@ o Tboot provides support to launch Revocation ACM (RACM) to revoke old buggy SINIT version if following command line option is used (default vaule is false): - call_racm=true|false + call_racm=true|false|check RACM is also loaded into memory via bootload like grub or syslinux, and is launched with getsec[ENTERACCS] instruction. Below is a example GRUB entry @@ -217,9 +217,10 @@ module /racm.bin Tboot will always warm reset platform after RACM was launched & executed. - Whether RACM launch has succeeded or not could be checked via doing a normal - tboot launch right after the warm reset and looking into the TXT.ERRORCODE - value output by the normal tboot launch. + Whether RACM launch has succeeded or not could be checked via doing a tboot + launch with "call_racm=check" right after the warm reset. This tboot launch + will end with halt right after the RACM launch result was output, and the + system need manually reset. PCR Usage: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tboot-1.7.3/tboot/20_linux_tboot new/tboot-1.7.4/tboot/20_linux_tboot --- old/tboot-1.7.3/tboot/20_linux_tboot2012-12-28 07:30:13.0 +0100 +++ new/tboot-1.7.4/tboot/20_linux_tboot2013-07-08 04:48:29.0 +0200 @@ -127,7 +127,7 @@ done` pr
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2013-01-10 15:20:16 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2012-10-13 21:10:39.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2013-01-10 15:20:19.0 +0100 @@ -1,0 +2,18 @@ +Tue Jan 8 15:26:59 UTC 2013 - meiss...@suse.com + +- updated to 1.7.3/20121228 + Update README with updated code repository url. + Fix grub2 scripts to be compatible with more distros. + Update README for RACM launch support + Add a new option "call_racm=true|false" for revocation acm(RACM) launch + Fix potential buffer overrun & memory leak in crtpconf.c + Fix a potential buffer overrun in lcptools/lock.c + Print cmdline in multi-lines + Optional print TXT.ERRORCODE under level error or info + Fix side effects of tboot log level macros in tools + Update readme for the new detail log level + Classify all logs into different log levels + Add detail log level and the macros defined for log level + Fix acmod_error_t type to correctly align all bits in 4bytes + +--- Old: tboot-1.7.2.tar.gz New: tboot-1.7.3.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.ZS7XXV/_old 2013-01-10 15:20:20.0 +0100 +++ /var/tmp/diff_new_pack.ZS7XXV/_new 2013-01-10 15:20:20.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,8 +17,8 @@ Name: tboot -%define ver 1.7.2 -Version:20120929_1.7.2 +%define ver 1.7.3 +Version:20121228_1.7.3 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause ++ tboot-1.7.2.tar.gz -> tboot-1.7.3.tar.gz ++ 5990 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2012-10-13 21:05:26 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2012-06-01 07:24:35.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-10-13 21:10:39.0 +0200 @@ -1,0 +2,23 @@ +Wed Oct 10 15:31:57 UTC 2012 - meiss...@suse.com + +- updated to 1.7.2/20120929 + Add Makefile for docs to install man pages. + Add man pages for tools + Add grub-mkconfig helper scripts for tboot case in GRUB2 + Fix for deb build in ubuntu + Fix S3 issue brought by c/s 308 + Fix a S4 hang issue and a potential shutdown reset issue + Fix build with new zlib 1.2.7. + Initialize event log when S3 + Update README to change upstream repo url from bughost.org to sf.net. + +- updated to 1.7.1/20120427 + Fix cmdline size in tb_polgen + Add description for option min_ram in README. + new tboot cmdline option "min_ram=0xXX" + Update test-patches/tpm-test.patch to fit in latest code. +- zlib patch upstreamed. +- spec file adjustments +- tboot-fix.patch: fixed printf type mismatch + +--- Old: tboot-1.7.0.tar.gz zlib.patch New: tboot-1.7.2.tar.gz tboot-fix.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.Vj3W48/_old 2012-10-13 21:10:43.0 +0200 +++ /var/tmp/diff_new_pack.Vj3W48/_new 2012-10-13 21:10:43.0 +0200 @@ -17,15 +17,15 @@ Name: tboot -%define ver 1.7.0 -Version:20120115_1.7.0 +%define ver 1.7.2 +Version:20120929_1.7.2 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause Group: Productivity/Security Url:http://sourceforge.net/projects/tboot/ -Source0:%{name}-%{ver}.tar.gz -Patch0: zlib.patch +Source0: http://downloads.sourceforge.net/project/tboot/tboot/tboot-%{ver}.tar.gz +Patch0: tboot-fix.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -47,10 +47,7 @@ make debug=y %{?_smp_mflags} %install -make debug=y install DISTDIR=$RPM_BUILD_ROOT - -%clean -rm -rf $RPM_BUILD_ROOT +make debug=y install DISTDIR=$RPM_BUILD_ROOT MANPATH=$RPM_BUILD_ROOT/%{_mandir} %files %defattr(-,root,root,-) @@ -73,5 +70,9 @@ %{_sbindir}/txt-stat /boot/tboot.gz /boot/tboot-syms +%{_mandir}/man8/* +%dir %{_sysconfdir}/grub.d/ +%{_sysconfdir}/grub.d/20_linux_tboot +%{_sysconfdir}/grub.d/20_linux_xen_tboot %changelog ++ tboot-1.7.0.tar.gz -> tboot-1.7.2.tar.gz ++ 1745 lines of diff (skipped) ++ tboot-fix.patch ++ Index: tboot-1.7.2/tb_polgen/param.c === --- tboot-1.7.2.orig/tb_polgen/param.c +++ tboot-1.7.2/tb_polgen/param.c @@ -184,7 +184,7 @@ void print_params(param_data_t *params) info_msg("\t pcr = %d\n", params->pcr); info_msg("\t hash_type = %d\n", params->hash_type); info_msg("\t pos = %d\n", params->pos); -info_msg("\t cmdline length = %lu\n", strlen(params->cmdline)); +info_msg("\t cmdline length = %u\n", (unsigned int)strlen(params->cmdline)); info_msg("\t cmdline = %s\n", params->cmdline); info_msg("\t image_file = %s\n", params->image_file); info_msg("\t elt_file = %s\n", params->elt_file); @@ -409,9 +409,9 @@ bool parse_input_params(int argc, char * return false; } if (strlen(optarg) > sizeof(params->cmdline) - 1) { -error_msg("Command line length of %lu exceeds %d " +error_msg("Command line length of %u exceeds %d " "character maximum\n", - strlen(optarg), TBOOT_KERNEL_CMDLINE_SIZE-1); + (int)strlen(optarg), TBOOT_KERNEL_CMDLINE_SIZE-1); return false; } -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2012-06-01 07:24:33 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2012-05-03 11:00:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-06-01 07:24:35.0 +0200 @@ -1,0 +2,5 @@ +Thu May 31 13:20:57 CEST 2012 - meiss...@suse.de + +- adjust to changed zlib api + +--- New: zlib.patch Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.uMg8ZO/_old 2012-06-01 07:24:36.0 +0200 +++ /var/tmp/diff_new_pack.uMg8ZO/_new 2012-06-01 07:24:36.0 +0200 @@ -25,7 +25,7 @@ Group: Productivity/Security Url:http://sourceforge.net/projects/tboot/ Source0:%{name}-%{ver}.tar.gz -#Patch0: tboot-%{version}-Makefile_typo.diff +Patch0: zlib.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel @@ -39,6 +39,7 @@ %prep %setup -q -n %name-%ver +%patch0 -p1 %build export CFLAGS="$RPM_OPT_FLAGS" ++ zlib.patch ++ Index: tboot-1.7.0/lcptools/mlehash.c === --- tboot-1.7.0.orig/lcptools/mlehash.c +++ tboot-1.7.0/lcptools/mlehash.c @@ -233,8 +233,8 @@ static void print_dump(uint32_t s, uint3 */ static bool read_file(const char *filename, void **buffer, size_t *length) { -FILE *fcompressed = NULL; -FILE *fdecompressed = NULL; +gzFile fcompressed = NULL; +FILE *fdecompressed = NULL; struct stat filestat; char tmpbuffer[1024]; unsigned long i; Index: tboot-1.7.0/tb_polgen/commands.c === --- tboot-1.7.0.orig/tb_polgen/commands.c +++ tboot-1.7.0/tb_polgen/commands.c @@ -54,26 +54,31 @@ extern tb_policy_t *g_policy; static bool hash_file(const char *filename, bool unzip, tb_hash_t *hash) { FILE *f; +gzFile gf; static char buf[1024]; EVP_MD_CTX ctx; const EVP_MD *md; int read_cnt; -if ( unzip ) -f = gzopen(filename, "rb"); -else +if ( unzip ) { +gf = gzopen(filename, "rb"); +if ( gf == NULL ) { +error_msg("File %s does not exist\n", filename); +return false; +} +} else { f = fopen(filename, "rb"); - -if ( f == NULL ) { -error_msg("File %s does not exist\n", filename); -return false; +if ( f == NULL ) { +error_msg("File %s does not exist\n", filename); +return false; +} } md = EVP_sha1(); EVP_DigestInit(&ctx, md); do { if ( unzip ) -read_cnt = gzread(f, buf, sizeof(buf)); +read_cnt = gzread(gf, buf, sizeof(buf)); else read_cnt = fread(buf, 1, sizeof(buf), f); if ( read_cnt == 0 ) @@ -84,7 +89,7 @@ static bool hash_file(const char *filena EVP_DigestFinal(&ctx, hash->sha1, NULL); if ( unzip ) -gzclose(f); +gzclose(gf); else fclose(f); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2012-05-03 11:00:51 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2012-03-02 13:50:19.0 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-05-03 11:00:52.0 +0200 @@ -1,0 +2,5 @@ +Wed Apr 25 23:16:20 CEST 2012 - meiss...@suse.de + +- reenable exclusivearch to avoid building it on ppc and arm. + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.djob6p/_old 2012-05-03 11:00:53.0 +0200 +++ /var/tmp/diff_new_pack.djob6p/_new 2012-05-03 11:00:53.0 +0200 @@ -29,8 +29,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel BuildRequires: trousers-devel - -#ExclusiveArch: %{ix86} x86_64 +ExclusiveArch: %{ix86} x86_64 %description Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2012-03-02 13:50:18 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2012-01-19 10:35:22.0 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-03-02 13:50:19.0 +0100 @@ -1,0 +2,53 @@ +Tue Feb 28 14:03:52 UTC 2012 - meiss...@suse.com + +- updated to 1.7.0 +Print version number while changeset info unavailable +Document DA changes in README +Add event log for PCR extends in tboot +Follow details / authorities PCR mapping style in tboot +Support details / authorities PCR mapping +Support TPM event log +fix build issue for txt-stat in 64 bit environment. +update README for mwait AP wakeup mechanism +tboot: provide a new AP wakeup way for OS/VMM - mwait then memory write +Original txt-stat.c doesn't display TXT heap info by default. Add +command line options to display help info and optionally enable +displaying heap info. +Fix a shutdown issue on heavily throttled large server +Adjust mle_hdr.{mle|cmdline}_{start|end}_off according to CS285,286 +changes to give lcp_mlehash correct info to produce hash value. +Fix boot issue caused by including mle page table into tboot memory +Fix for possible overwritting to mle page table by GRUB2 +Add PAGE_UP() fn that rounds things up/donw to a page. +Update get_mbi_mem_end() with a accurate, safer calculating way +ACPI fix and sanity check +Add some sanity check before using mods_count in a count-down loop +TPM: add waiting on expect==0 before issue tpmGo +txt-stat: Don't show heap info by default. +Exchange definitions for TBOOT_BASE_ADDR & TBOOT_START +Add const qualifier for suibable parms of all possible fns. +fix possible mbi overwrite issue for Linux with grub2 +enhance print_mbi() to print more mbi info for debug purpose +Fix for GRUB2 loading elf image such as Xen. +Move apply_policy() call into txt_post_launch() +Don't zap s3_key in tboot shared page if sealing failed due to tpm +unowned +Update the explanation of signed lists to make it clearer. +tboot: add a fall back for reboot via keyboard reset vector +tboot: revise README to explain how to configure GRUB2 config file for +tboot +tboot: rewrite acpi reg access fns to refer to bit_width instead of +access_width +tboot: change reboot mechanism to use keyboard reset vector +tboot: handle mis-programmed TXT config regs and TXT heap gracefully +tboot: add warning when TPM timeout values are wrong +all PM1_CNT accesses should be 16bit. +Enlarge NR_CPUS from 64 to 256 +Add support for SBIOS policy element type (LCP_SBIOS_ELEMENT) to +lcp_crtpolelt +Fix processor id list matching between platform and acmod +Make lcp_crtpollist support empty lists (i.e. with no elements) +print a bit more error reasons in txt-stat +Fix segmentation fault in txt-stat on some systems + +--- Old: tboot-20110520.tar.bz2 New: tboot-1.7.0.tar.gz Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.o4DKtr/_old 2012-03-02 13:50:21.0 +0100 +++ /var/tmp/diff_new_pack.o4DKtr/_new 2012-03-02 13:50:21.0 +0100 @@ -15,14 +15,16 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: tboot -Version:20110520 +%define ver 1.7.0 +Version:20120115_1.7.0 Release:0 Summary:Performs a verified launch using Intel(R) TXT License:BSD-3-Clause Group: Productivity/Security Url:http://sourceforge.net/projects/tboot/ -Source0:%{name}-%{version}.tar.bz2 +Source0:%{name}-%{ver}.tar.gz #Patch0: tboot-%{version}-Makefile_typo.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel @@ -37,7 +39,7 @@ %prep -%setup -q +%setup -q -n %name-%ver %build export CFLAGS="$RPM_OPT_FLAGS" -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2012-01-19 10:35:21 Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) Package is "tboot", Maintainer is "meiss...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2011-09-23 12:47:28.0 +0200 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2012-01-19 10:35:22.0 +0100 @@ -1,0 +2,5 @@ +Thu Jan 12 11:31:12 UTC 2012 - co...@suse.com + +- change license to be in spdx.org format + +--- Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.gSAa6V/_old 2012-01-19 10:35:23.0 +0100 +++ /var/tmp/diff_new_pack.gSAa6V/_new 2012-01-19 10:35:23.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,19 +15,18 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - - Name: tboot Version:20110520 -Release:1 +Release:0 Summary:Performs a verified launch using Intel(R) TXT +License:BSD-3-Clause Group: Productivity/Security -License:BSD Url:http://sourceforge.net/projects/tboot/ Source0:%{name}-%{version}.tar.bz2 #Patch0: tboot-%{version}-Makefile_typo.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: openssl-devel trousers-devel +BuildRequires: openssl-devel +BuildRequires: trousers-devel #ExclusiveArch: %{ix86} x86_64 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at Mon May 30 10:44:28 CEST 2011. --- tboot/tboot.changes 2011-04-27 18:41:27.0 +0200 +++ /mounts/work_src_done/STABLE/tboot/tboot.changes2011-05-27 17:42:52.0 +0200 @@ -1,0 +2,11 @@ +Tue May 24 14:48:45 UTC 2011 - idon...@novell.com + +- Update to changeset 261 ++ gcc 4.6 fixes ++ Fix segmentation fault in txt-stat on some systems ++ Add support for TXT heap extended data elements and BiosData version 4 ++ Add support for AC Module chipset info table version 4 (ProcessorIDList) ++ Removed no_usb command line parameter and SMI disabling ++ Support MAXPHYADDR > 36b + +--- calling whatdependson for head-i586 Old: tboot-20101005.tar.gz New: tboot-20110520.tar.bz2 Other differences: -- ++ tboot.spec ++ --- /var/tmp/diff_new_pack.3VIgXF/_old 2011-05-30 10:44:11.0 +0200 +++ /var/tmp/diff_new_pack.3VIgXF/_new 2011-05-30 10:44:11.0 +0200 @@ -18,13 +18,13 @@ Name: tboot -Version:20101005 +Version:20110520 Release:1 Summary:Performs a verified launch using Intel(R) TXT Group: Productivity/Security License:BSD Url:http://sourceforge.net/projects/tboot/ -Source0:%{name}-%{version}.tar.gz +Source0:%{name}-%{version}.tar.bz2 #Patch0: tboot-%{version}-Makefile_typo.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel trousers-devel ++ tboot-20101005.tar.gz -> tboot-20110520.tar.bz2 ++ 5278 lines of diff (skipped) Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at Fri Apr 29 09:26:44 CEST 2011. New Changes file: --- /dev/null 2010-08-26 16:28:41.0 +0200 +++ /mounts/work_src_done/STABLE/tboot/tboot.changes2011-04-27 18:41:27.0 +0200 @@ -0,0 +1,4 @@ +--- +Wed Apr 27 18:38:23 CEST 2011 - meiss...@suse.de + +- initial import of current intel trusted boot loader calling whatdependson for head-i586 New: tboot-20101005.tar.gz tboot.changes tboot.spec Other differences: -- ++ tboot.spec ++ # # spec file for package tboot # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: tboot Version:20101005 Release:1 Summary:Performs a verified launch using Intel(R) TXT Group: Productivity/Security License:BSD Url:http://sourceforge.net/projects/tboot/ Source0:%{name}-%{version}.tar.gz #Patch0: tboot-%{version}-Makefile_typo.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel trousers-devel #ExclusiveArch: %{ix86} x86_64 %description Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. %prep %setup -q %build export CFLAGS="$RPM_OPT_FLAGS" export TBOOT_CFLAGS="$CFLAGS" make debug=y %{?_smp_mflags} %install make debug=y install DISTDIR=$RPM_BUILD_ROOT %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) %doc README COPYING docs/* lcptools/lcptools2.txt lcptools/Linux_LCP_Tools_User_Manual.pdf %{_sbindir}/acminfo %{_sbindir}/lcp_crtpconf %{_sbindir}/lcp_crtpol %{_sbindir}/lcp_crtpol2 %{_sbindir}/lcp_crtpolelt %{_sbindir}/lcp_crtpollist %{_sbindir}/lcp_mlehash %{_sbindir}/lcp_readpol %{_sbindir}/lcp_writepol %{_sbindir}/parse_err %{_sbindir}/tb_polgen %{_sbindir}/tpmnv_defindex %{_sbindir}/tpmnv_getcap %{_sbindir}/tpmnv_lock %{_sbindir}/tpmnv_relindex %{_sbindir}/txt-stat /boot/tboot.gz /boot/tboot-syms %changelog Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org