Overview Repositories Revisions Requests Users Attributes Meta

Revisions of tpm2.0-abrmd

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 966798 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 22) 
- dbus-access.patch: restrict D-Bus access to tpm2-abrmd to members of the tss
  group (bsc#1197532). This prevents arbitrary users from meddling with TPM
  state and thus potential denial-of-service vectors.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 934685 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 20) 
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort (forwarded request 933795 from jsegitz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 908096 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 19) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 843600 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 17) 
- update to version 2.3.3:
  - changes in version 2.3.1:
    - Fixed handle resource leak exhausting TPM resources.
  - changes in version 2.3.2:
    - Added cirrus CI specific config files to enable FreeBSD builds.
    - Changed test scripts to be more portable.
    - Changed include header paths specific to FreeBSD.
  - changes in version 2.3.1:
    - Provide meaningful exit codes on initialization failures.
    - Prevent systemd from starting the daemon before udev changes ownership
      of the TPM device node.
    - Prevent systemd from starting the daemon if there is no TPM device node.
    - Prevent systemd from restarting the daemon if it fails.
    - Add SELinux policy to allow daemon to resolve names.
    - Add SELinux policy boolean (disabled by default) to allow daemon to
      connect to all unreserved ports.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 755854 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 16) 
! please handle this together with sr#755853 for tpm2-0-tss !

- update to version 2.3.0:
  - changes in version 2.3.0:
    - Add '--enable-debug' flag to configure script to simplify debug builds.
      This relies on the AX_CHECK_ENABLE_DEBUG autoconf archive macro.
    - Replaced custom dynamic TCTI loading code with libtss2-tctildr from
      upstream tpm2-tss repo. (requires tpm2-0-tss version 2.3.0)
    - Explicitly set '-O2' optimization when using FORTIFY_SOURCE as required.
  - changes in version 2.2.0:
    - New configuration option `--disable-defaultflags/ added. This is
      for use for packaging for targets that do not support the default
      compilation / linking flags.
    - Use private dependencies properly in pkg-config metadata for TCTI.
    - Refactor daemon main module to enable better handling of error
      conditions and enable more thorough unit testing.
    - Updated dependencies to ensure compatibility with pkg-config fixes
      in tpm2-tss.
    - Fixed bug causing TCTI to block when used by libtss2-sys built with
      partial reads enabled.
    - Removed unnecessary libs / flags for pthreads in the TCTI pkg-config.
    - Output from configure script now accurately describes the state of the
      flags that govern the integration tests.
- drop fix_dlopen.patch: no longer necessary since abrmd not uses the tctildr
  shared library. This one hopefully now does the right thing.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 726060 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 15) 
- update to version 2.1.1:
  - changes in version 2.1.1:
    - Unit tests accessing dbus have been fixed to use mock functions. Unit
    tests no longer depend on dbus.
    - Race condition between client connections and dbus proxy object
    creation by registering bus name after instantiation of the proxy object.
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 698147 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 14) 
- bsc#1130588: Require shadow instead of old pwdutils
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 682103 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 13) 
- update to version 2.1.0:
  - changes in version 2.1.0:
    - `-Wstrict-overflow=5` now used in default CFLAGS.
    - Handling of `TPM2_RC_CONTEXT_GAP` on behalf of users.
    - Convert `TPM2_PT_CONTEXT_GAP_MAX` response from lower layer to
      `UINT32_MAX`
    - travis-ci now uses 'xenial' builder
    - Significant refactoring of TCTI handling code.
    - `--install` added to ACLOCAL_AMFLAGS to install aclocal required macros
      instead of using the default symlinks
    - Launch `dbus-run-session` in the automake test environment to
      automagically set up a dbus session bus instance when one isn't present.
    - Bug caused by unloading of `libtss2-tcti-tabrmd.so` on dlclose. GLib
    does not support reloading a second time.
    - Bug causing `-fstack-protector-all` to be used on systems with core
      libraries (i.e. libc) that do not support it. This caused failures at
      link-time.
    - Unnecessary symbols from libtest utility library no longer included in
      TCTI library.
  - changes  in version 2.0.3:
    - Update build to account for upstream change to glib '.pc' files
      described in: https://gitlab.gnome.org/GNOME/glib/issues/1521
- added _service file for syncing with upstream tags
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 665953 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 12) 
Incorporate FATE# in changes file for SLE-15-SP1 (bsc#1121860)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 644573 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 11) 
- add a Requires towards tpm2-0-tss, because that main package holds the udev
  rules and logic for setting up the tss user. Without this the daemon can't
  start up correctly.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 643993 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 10) 
- fix broken build due to newer glib dependency that reports a full path for
  gdbus-codegen, breaking the configure check.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 638481 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 9) 
- update to version 2.0.2:
  - --enable-integration option to configure script now works as documented.
  - Format specifier with wrong size in util module.
  - Initialize TCTI context to 0 before setting values. This will cause all
    members that aren't explicitly initialized by be 0.
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 636379 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 8) 
- add recommends to the tcti-device and tcti-abrmd. Otherwise they're not
  installed right away, rendering the abrmd quite unusable.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 628591 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 7) 
- Update to version 2.0.1:
  * SessionList: Fix Connection object reference leak.
  * source/sink: Organize ControlMessage processing.
  * CommandSource: Replace 'connection-removed' signal with ControlMessage.
  * SessionList: Remove all locking.
  * ConnectionManager: Remove 'connection-removed' signal.
  * ci: Build 'check' target when CC is gcc.
  * build: Fix bad URLs in configure script.
  * CHANGELOG.md: Add version number and date for 2.0.1 release.
  * Replace references to drand48_r family of functions for portability
  * Fix for type-punned pointer reported in newer compilers that enforce strict aliasing
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 620450 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 6) 
please handle together with sr#620445, sr#620444

- Trying to fix build on older distros that fail because of a missing or
  broken autoconf valgrind detection macro. Removing  autoreconf to hopefully
  fix this.

- add fix_dlopen.patch: fixes an issue with dlopen()'ing the tcti-device
  library from tpm2-0-tss. See
  https://github.com/tpm2-software/tpm2-abrmd/issues/486.

- update to major version 2.0.0:
  - support_dbus_activation.diff: removed, is not contained upstream
  - the tpm2 stack introduces an incompatible ABI to the previous version with
    this update. There is no compatibility layer, libraries have new names
etc.
  - upstream changelog:
    ## 2.0.0 - 2018-06-22
    ### Added
    - Integration test script and build support to execute integration tests
    against a physical TPM2 device on the build platform.
    - Implementation of dynamic TCTI initialization mechanism.
    - configure option `--enable-integration` to enable integration tests.
    The simulator executable must be on PATH.
    - Support for version 2.0 of tpm2-tss libraries.
    ### Changed
    - 'max-transient-objects' command line option renamted to 'max-transients'.
    - Added -Wextra for more strict checks at compile time.
    - Install location of headers to $(includedir)/tss2.
    ### Fixed
    - Added missing checks for NULL parameters identified by the check-build.
    - Bug in session continuation logic.
    - Off by one error in HandleMap.
Displaying revisions 1 - 20 of 25
openSUSE Build Service is sponsored by
Places