Revisions of tboot
buildservice-autocommit
accepted
request 1063392
from
Matthias Gerstner (mgerstner)
(revision 113)
baserev update by copy to link target
Matthias Gerstner (mgerstner)
committed
(revision 112)
- required update due to openSSL 3.0 deprecation errors in current version - updated to v1.11.1 / 20230125: 20230125: v1.11.1 - Revert log memory range extension (caused memory overlaps and boot failures) 20221223: v1.11.0 - Fixed TPM handling to flush objects after integrity measurement (Intel PTT limitations) - Exteded low memory range for logs (HCC CPUs had issue with not enough memory) - "agile" removed from PCR Extend policy options (requested deprecation) - Added handling for flexible ACM Info Table format - lcptools: CPPFLAGS use by environment in build - lcptools: removed __DATE__ refs to make build reproducible - Only platform-matchin SINIT modules can be selected - txt-acminfo: Map TXT heap using mmap - Typo fix in man page 20220304: v1.10.5 - Fixed mlehash.c to bring back functionality and make it GCC12 compliant - Reverted change for replacing EFI memory to bring back Tboot in-memory logs 20220224: v1.10.4 - Fix hash printing for SHA384, SHA512 and SM3 - Touch ups for GCC12 - Set GDT to map CS and DS to 4GB before jumping to Linux - make efi_memmap_reserve handle gaps like e820_protect_region - Ensure that growth of Multiboot tags does not go beyond original area - Replace EFI memory map in Multiboot2 info - Fix endianness of pcr_info->pcr_selection.size_of_select - Don't ignore locality in PCR file - Fix composite hashing algorithm for PCONF elements to match lcptools-1 20211210: v1.10.3 - Add UNI-VGA license information - Remove poly1305 object files on clean
Marcus Meissner (msmeissn)
committed
(revision 111)
Marcus Meissner (msmeissn)
committed
(revision 110)
- dropped tboot-Add-support-for-EFI-memory-map-parse-modification.patch - dropped tboot-fix-memmap1-boot-issues.patch - dropped tboot-Add-more-mbi-validation.patch
Marcus Meissner (msmeissn)
committed
(revision 109)
- dropped tboot-Unmask-NMI-after-returning-from-SINIT.patch (upstream) - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream) - dropped tboot-Configure-IOMMU-before-executing-GETSEC-SENTER.patch (upstream) - dropped tboot-Do-not-try-to-read-EFI-mem-map-when-booted-with-mult.patch (upstream) - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream) - dropped tboot-support-sinit-padding.patch (upstream)
buildservice-autocommit
accepted
request 900884
from
Marcus Meissner (msmeissn)
(revision 108)
baserev update by copy to link target
Marcus Meissner (msmeissn)
accepted
request 900328
from
Marcus Meissner (msmeissn)
(revision 107)
- updated to v1.10.2 / 20210614 Fix ACM chipset/processor list validation Check for client/server match when selecting SINIT Fix issues when building with GCC11 Default to D/A mapping when TPM1.2 and CBnT platform - updated to 1.10.1 / 20210330 - Indicate to SINIT that CBnT is supported by TBOOT - lcptools: Fix issues from static code analysis
buildservice-autocommit
accepted
request 864334
from
Matthias Gerstner (mgerstner)
(revision 106)
baserev update by copy to link target
Matthias Gerstner (mgerstner)
committed
(revision 105)
- no longer needs TrouSerS dependency due to deprecation
Matthias Gerstner (mgerstner)
committed
(revision 104)
- release 1.10.0 ramifications: - README is now README.md - acminfo and parse_err now are called txt-acminfo and txt-parse_err - lcptools are deprecated (tpm 1.2, TrouSerS dependency) and are no longer packaged. - update to new upstream release 1.10.0:
Matthias Gerstner (mgerstner)
committed
(revision 103)
- tboot-grub2-fix-menu-in-xen-host-server.patch: refreshed to match new upstream version. - tboot-grub2-fix-xen-submenu-name.patch: refreshed to match new upstream version.
Matthias Gerstner (mgerstner)
committed
(revision 102)
- update to new upstream erlease 1.10.0: - Rename TXT related tools to have 'txt-' prefix - Clarify license issues - Fix issues reported by Coverity Scan - Ensure txt-acminfo does not print false information if msr is not loaded - Fix issue with multiboot(1) booting - infinite loop during boot - Fix issue with TPM1.2 - invalid default policy - Unmask NMI# after returning from SINIT - Update GRUB scripts to use multiboot2 only - Enable VGA logging for EFI platforms - Add warning when using SHA1 as hashing algorithm - Add Doxygen documentation - Replace VMAC with Poly1305 - Validate TPM NV index attributes - Move old lcptool to deprecated folder and exclude from build - TrouSerS is not longer required to build - lcptools-v2: meet requirements from MLE DG rev16 - lcptools-v2: Implement SM2 signing and SM2 signature verification - lcptools-v2: Set aux_hash_alg_mask to 0 when policy version != 0x300
buildservice-autocommit
accepted
request 848115
from
Matthias Gerstner (mgerstner)
(revision 101)
baserev update by copy to link target
Matthias Gerstner (mgerstner)
committed
(revision 100)
- add tboot-grub2-refuse-secure-boot.patch: don't generate tboot menu entries in grub when the system is running with UEFI Secure Boot (bsc#1175114). This prevents hard to understand error messages when trying to boot tboot in this context.
buildservice-autocommit
accepted
request 838277
from
Matthias Gerstner (mgerstner)
(revision 99)
baserev update by copy to link target
Matthias Gerstner (mgerstner)
committed
(revision 98)
Matthias Gerstner (mgerstner)
committed
(revision 97)
- update to new upstream release 1.9.12: - changes from 1.9.12: - Release localities in S3 flow for CRB interface - Config.mk, safestringlib/makefile : allow tool overrides - safestringlib: fix warnings with GCC 6.4.0 - Strip executable file before generating tboot.gz - Add support for EFI memory map parse/modification - Add SHA384 and SHA512 digest algorithms - lcptools-v2: add pconf2 policy element support - tb_polgen: Add SHA384 and SHA512 support - Disable GCC9 address-of-packed-member warning - Fix warnings after "Avoid unsafe functions" scan - Use SHA256 as default hashing algorithm - changes from 1.9.11: - tb_polgen: Add support for SHA256 - Configure IOMMU before executing GETSEC[SENTER] - SINIT ACM can have padding, handle that when checking size - disable-address-of-packed-member-warning.patch: now contained upstream - tboot-grub2-fix-xen-submenu-name.patch: refreshed
buildservice-autocommit
accepted
request 715443
from
Matthias Gerstner (mgerstner)
(revision 96)
baserev update by copy to link target
Matthias Gerstner (mgerstner)
accepted
request 715441
from
Martin Liška (marxin)
(revision 95)
- Disable LTO in more elegant way (boo#1141323).
buildservice-autocommit
accepted
request 714590
from
Matthias Gerstner (mgerstner)
(revision 94)
baserev update by copy to link target
Displaying revisions 1 - 20 of 113