diff options
Diffstat (limited to 'external/meta-security/meta-tpm')
32 files changed, 578 insertions, 77 deletions
diff --git a/external/meta-security/meta-tpm/README b/external/meta-security/meta-tpm/README index bbc70bba..dd662b3d 100644 --- a/external/meta-security/meta-tpm/README +++ b/external/meta-security/meta-tpm/README @@ -2,3 +2,60 @@ meta-tpm layer ============== This layer contains base TPM recipes. + +Dependencies +============ + +This layer depends on: + + URI: git://git.openembedded.org/openembedded-core + branch: master + revision: HEAD + prio: default + + URI: git://git.openembedded.org/meta-openembedded/meta-oe + branch: master + revision: HEAD + prio: default + +Adding the meta-tpm layer to your build +======================================== + +In order to use this layer, you need to make the build system aware of +it. + +Assuming this layer exists at the top-level of your +yocto build tree, you can add it to the build system by adding the +location of the meta-tpm layer to bblayers.conf, along with any +other layers needed. e.g.: + + BBLAYERS ?= " \ + /path/to/oe-core/meta \ + /path/to/meta-openembedded/meta-oe \ + /path/to/layer/meta-tpm \ + + +Maintenance +----------- + +Send pull requests, patches, comments or questions to yocto@yoctoproject.org + +When sending single patches, please using something like: +'git send-email -1 --to yocto@yoctoproject.org --subject-prefix=meta-security][PATCH' + +These values can be set as defaults for this repository: + +$ git config sendemail.to yocto@yoctoproject.org +$ git config format.subjectPrefix meta-security][PATCH + +Now you can just do 'git send-email origin/master' to send all local patches. + +Maintainers: Armin Kuster <akuster808@gmail.com> + + +License +======= + +All metadata is MIT licensed unless otherwise stated. Source code included +in tree for individual recipes is under the LICENSE stated in each recipe +(.bb file) unless otherwise stated. diff --git a/external/meta-security/meta-tpm/conf/distro/include/maintainers.inc b/external/meta-security/meta-tpm/conf/distro/include/maintainers.inc new file mode 100644 index 00000000..74c1a181 --- /dev/null +++ b/external/meta-security/meta-tpm/conf/distro/include/maintainers.inc @@ -0,0 +1,39 @@ +# meta-tpm Maintainers File +# +# This file contains a list of recipe maintainers. +# +# Please submit any patches against recipes in meta to the +# Yocto mail list (yocto@yoctoproject.org) +# +# If you have problems with or questions about a particular recipe, feel +# free to contact the maintainer directly (cc:ing the appropriate mailing list +# puts it in the archive and helps other people who might have the same +# questions in the future), but please try to do the following first: +# +# - look in the Yocto Project Bugzilla +# (http://bugzilla.yoctoproject.org/) to see if a problem has +# already been reported +# +# The format is as a bitbake variable override for each recipe +# +# RECIPE_MAINTAINER_pn-<recipe name> = "Full Name <address@domain>" +# +# Please keep this list in alphabetical order. +RECIPE_MAINTAINER_pn-aircrack-ng = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-pcr-extend = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm-quote-tools = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-libtpm = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-trousers = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-swtpm = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-openssl-tpm-engine = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm-tools = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-abrmd = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-totp = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-tcti-uefi = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-tss-engine = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-pkcs11 = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-tss = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-cryptsetup-tpm-incubator = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-tpm2-tools = "Armin Kuster <akuster808@gmail.com>" +RECIPE_MAINTAINER_pn-ibmswtpm2 = "Armin Kuster <akuster808@gmail.com>" + diff --git a/external/meta-security/meta-tpm/conf/layer.conf b/external/meta-security/meta-tpm/conf/layer.conf index 1b5f7d58..c3372c70 100644 --- a/external/meta-security/meta-tpm/conf/layer.conf +++ b/external/meta-security/meta-tpm/conf/layer.conf @@ -8,8 +8,10 @@ BBFILE_COLLECTIONS += "tpm-layer" BBFILE_PATTERN_tpm-layer = "^${LAYERDIR}/" BBFILE_PRIORITY_tpm-layer = "10" -LAYERSERIES_COMPAT_tpm-layer = "thud" +LAYERSERIES_COMPAT_tpm-layer = "dunfell" LAYERDEPENDS_tpm-layer = " \ core \ + openembedded-layer \ " +BBLAYERS_LAYERINDEX_NAME_tpm-layer = "meta-tpm" diff --git a/external/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py b/external/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py new file mode 100644 index 00000000..c6f9d922 --- /dev/null +++ b/external/meta-security/meta-tpm/lib/oeqa/runtime/cases/tpm2.py @@ -0,0 +1,43 @@ +# Copyright (C) 2019 Armin Kuster <akuster808@gmail.com> +# +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.runtime.decorator.package import OEHasPackage + + +class Tpm2Test(OERuntimeTestCase): + def check_endlines(self, results, expected_endlines): + for line in results.splitlines(): + for el in expected_endlines: + if line == el: + expected_endlines.remove(el) + break + + if expected_endlines: + self.fail('Missing expected line endings:\n %s' % '\n '.join(expected_endlines)) + + @OEHasPackage(['tpm2-tss']) + @OEHasPackage(['tpm2-abrmd']) + @OEHasPackage(['tpm2-tools']) + @OEHasPackage(['ibmswtpm2']) + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_tpm2_sim(self): + cmds = [ + 'tpm_server &', + 'tpm2-abrmd --allow-root --tcti=mssim &' + ] + + for cmd in cmds: + status, output = self.target.run(cmd) + self.assertEqual(status, 0, msg='\n'.join([cmd, output])) + + @OETestDepends(['tpm2.Tpm2Test.test_tpm2_sim']) + def test_tpm2(self): + (status, output) = self.target.run('tpm2_pcrlist') + expected_endlines = [] + expected_endlines.append('sha1 :') + expected_endlines.append(' 0 : 0000000000000000000000000000000000000003') + expected_endlines.append(' 1 : 0000000000000000000000000000000000000000') + + self.check_endlines(output, expected_endlines) + diff --git a/external/meta-security/meta-tpm/recipes-core/images/security-tpm-image.bb b/external/meta-security/meta-tpm/recipes-core/images/security-tpm-image.bb index a337076d..dbdd309c 100644 --- a/external/meta-security/meta-tpm/recipes-core/images/security-tpm-image.bb +++ b/external/meta-security/meta-tpm/recipes-core/images/security-tpm-image.bb @@ -1,14 +1,13 @@ -DESCRIPTION = "A small image for building meta-security packages" +DESCRIPTION = "A small image for building a tpm image for testing" IMAGE_FEATURES += "ssh-server-openssh" IMAGE_INSTALL = "\ packagegroup-base \ packagegroup-core-boot \ - ${@bb.utils.contains('MACHINE_FEATURES', 'tpm', 'packagegroup-security-tpm', '', d)} \ - ${@bb.utils.contains('MACHINE_FEATURES', 'tpm2', 'packagegroup-security-tpm2', '', d)} \ + packagegroup-security-tpm \ os-release \ - ${CORE_IMAGE_EXTRA_INSTALL}" +" IMAGE_LINGUAS ?= " " diff --git a/external/meta-security/meta-tpm/recipes-core/images/security-tpm2-image.bb b/external/meta-security/meta-tpm/recipes-core/images/security-tpm2-image.bb new file mode 100644 index 00000000..7e047d12 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-core/images/security-tpm2-image.bb @@ -0,0 +1,18 @@ +DESCRIPTION = "A small image for building a tpm2 image for testing" + +IMAGE_FEATURES += "ssh-server-openssh" + +IMAGE_INSTALL = "\ + packagegroup-base \ + packagegroup-core-boot \ + packagegroup-security-tpm2 \ + os-release \ +" + +IMAGE_LINGUAS ?= " " + +LICENSE = "MIT" + +inherit core-image + +export IMAGE_BASENAME = "security-tpm2-image" diff --git a/external/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb b/external/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb index c4c8fb22..a553a63d 100644 --- a/external/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb +++ b/external/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb @@ -5,14 +5,20 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda inherit packagegroup -PACKAGES = "packagegroup-security-tpm2" +PACKAGES = "${PN}" +PREFERRED_PROVIDER_cryptsetup ?= "cryptsetup-tpm-incubator" SUMMARY_packagegroup-security-tpm2 = "Security TPM 2.0 support" RDEPENDS_packagegroup-security-tpm2 = " \ - tpm2.0-tools \ + tpm2-tools \ trousers \ + tpm2-tss \ libtss2 \ + libtss2-mu \ libtss2-tcti-device \ libtss2-tcti-mssim \ tpm2-abrmd \ + tpm2-pkcs11 \ + ibmswtpm2 \ + ${PREFERRED_PROVIDER_cryptsetup} \ " diff --git a/external/meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_4.%.bbappend b/external/meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend index cea8b1b2..cea8b1b2 100644 --- a/external/meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_4.%.bbappend +++ b/external/meta-security/meta-tpm/recipes-kernel/linux/linux-yocto_5.%.bbappend diff --git a/external/meta-security/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb b/external/meta-security/meta-tpm/recipes-tpm/libtpm/libtpm_0.7.0.bb index a930d7bc..4588c8d0 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/libtpm/libtpm_1.0.bb +++ b/external/meta-security/meta-tpm/recipes-tpm/libtpm/libtpm_0.7.0.bb @@ -2,15 +2,15 @@ SUMMARY = "LIBPM - Software TPM Library" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=e73f0786a936da3814896df06ad225a9" -SRCREV = "4111bd1bcf721e6e7b5f11ed9c2b93083677aa25" -SRC_URI = "git://github.com/stefanberger/libtpms.git" +SRCREV = "c26e8f7b08b19a69cea9e8f1f1e6639c7951fb01" +SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-${PV}" + +PE = "1" S = "${WORKDIR}/git" -inherit autotools-brokensep pkgconfig +inherit autotools-brokensep pkgconfig perlnative PACKAGECONFIG ?= "openssl" PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" -PV = "1.0+git${SRCPV}" - BBCLASSEXTEND = "native" diff --git a/external/meta-security/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb b/external/meta-security/meta-tpm/recipes-tpm/swtpm/swtpm_0.2.0.bb index 3fe1393a..35c77c80 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb +++ b/external/meta-security/meta-tpm/recipes-tpm/swtpm/swtpm_0.2.0.bb @@ -9,11 +9,12 @@ DEPENDS = "libtasn1 expect socat glib-2.0 net-tools-native libtpm libtpm-native" # then swtpm_setup needs them at runtime DEPENDS += "tpm-tools-native expect-native socat-native" -SRCREV = "94bb9f2d716d09bcc6cd2a2e033018f8592008e7" -SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=tpm2-preview.v2 \ +SRCREV = "39673a0139b0ee14a0109aba50a0635592c672c4" +SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=stable-${PV} \ file://fix_fcntl_h.patch \ file://ioctl_h.patch \ " +PE = "1" S = "${WORKDIR}/git" @@ -23,12 +24,14 @@ PARALLEL_MAKE = "" TSS_USER="tss" TSS_GROUP="tss" -PACKAGECONFIG ?= "openssl cuse" +PACKAGECONFIG ?= "openssl" PACKAGECONFIG += "${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux', '', d)}" +PACKAGECONFIG += "${@bb.utils.contains('BBFILE_COLLECTIONS', 'filesystems-layer', 'cuse', '', d)}" PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl, openssl" PACKAGECONFIG[gnutls] = "--with-gnutls, --without-gnutls, gnutls" PACKAGECONFIG[selinux] = "--with-selinux, --without-selinux, libselinux" PACKAGECONFIG[cuse] = "--with-cuse, --without-cuse, fuse" +PACKAGECONFIG[seccomp] = "--with-seccomp, --without-seccomp, libseccomp" EXTRA_OECONF += "--with-tss-user=${TSS_USER} --with-tss-group=${TSS_GROUP}" @@ -39,12 +42,11 @@ GROUPADD_PARAM_${PN} = "--system ${TSS_USER}" USERADD_PARAM_${PN} = "--system -g ${TSS_GROUP} --home-dir \ --no-create-home --shell /bin/false ${BPN}" +PACKAGE_BEFORE_PN = "${PN}-cuse" +FILES_${PN}-cuse = "${bindir}/swtpm_cuse" + +INSANE_SKIP_${PN} += "dev-so" + RDEPENDS_${PN} = "libtpm expect socat bash tpm-tools" BBCLASSEXTEND = "native nativesdk" - -python() { - if 'cuse' in d.getVar('PACKAGECONFIG') and \ - 'filesystems-layer' not in d.getVar('BBFILE_COLLECTIONS').split(): - raise bb.parse.SkipRecipe('Cuse enabled which requires meta-filesystems to be present.') -} diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb b/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb deleted file mode 100644 index 3f40eb70..00000000 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tools/tpm2.0-tools_3.1.2.bb +++ /dev/null @@ -1,15 +0,0 @@ -SUMMARY = "Tools for TPM2." -DESCRIPTION = "tpm2.0-tools" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=91b7c548d73ea16537799e8060cea819" -SECTION = "tpm" - -DEPENDS = "pkgconfig tpm2.0-tss openssl curl autoconf-archive" - -SRCREV = "5e2f1aafc58e60c5050f85147a14914561f28ad9" - -SRC_URI = "git://github.com/01org/tpm2.0-tools.git;name=tpm2.0-tools;destsuffix=tpm2.0-tools;branch=3.X" - -S = "${WORKDIR}/tpm2.0-tools" - -inherit autotools pkgconfig diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb b/external/meta-security/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb deleted file mode 100644 index 866791c2..00000000 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb +++ /dev/null @@ -1,22 +0,0 @@ -SUMMARY = "TPM 2.0 Simulator Extraction Script" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=1415f7be284540b81d9d28c67c1a6b8b" - -DEPENDS = "python" - -SRCREV = "e45324eba268723d39856111e7933c5c76238481" -SRC_URI = "git://github.com/stwagnr/tpm2simulator.git" - -S = "${WORKDIR}/git" -OECMAKE_SOURCEPATH = "${S}/cmake" - -inherit native lib_package cmake - -EXTRA_OECMAKE = " \ - -DCMAKE_BUILD_TYPE=Debug \ - -DSPEC_VERSION=138 \ -" - -do_configure_prepend () { - sed -i 's/^SET = False/SET = True/' ${S}/scripts/settings.py -} diff --git a/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb b/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb new file mode 100644 index 00000000..26171623 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb @@ -0,0 +1,47 @@ +SUMMARY = "An extension to cryptsetup/LUKS that enables use of the TPM 2.0 via tpm2-tss" +DESCRIPTION = "Cryptsetup is utility used to conveniently setup disk encryption based on DMCrypt kernel module." + +SECTION = "security/tpm" +LICENSE = "LGPL-2.1 | GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326 \ + file://COPYING.LGPL;md5=1960515788100ce5f9c98ea78a65dc52 \ + " + +DEPENDS = "autoconf-archive pkgconfig gettext libtss2-dev libdevmapper popt libgcrypt json-c" + +SRC_URI = "git://github.com/AndreasFuchsSIT/cryptsetup-tpm-incubator.git;branch=luks2tpm \ + file://configure_fix.patch " + +SRCREV = "15c283195f19f1d980e39ba45448683d5e383179" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig gettext + +PACKAGECONFIG ??= "openssl" +PACKAGECONFIG[openssl] = "--with-crypto_backend=openssl,,openssl" +PACKAGECONFIG[gcrypt] = "--with-crypto_backend=gcrypt,,libgcrypt" + +EXTRA_OECONF = "--enable-static" + +RRECOMMENDS_${PN} = "kernel-module-aes-generic \ + kernel-module-dm-crypt \ + kernel-module-md5 \ + kernel-module-cbc \ + kernel-module-sha256-generic \ + kernel-module-xts \ + " + +FILES_${PN} += "${libdir}/tmpfiles.d" +RDEPENDS_${PN} += "lvm2 libdevmapper" +RRECOMMENDS_${PN} += "lvm2-udevrules" + +RPROVIDES_${PN} = "cryptsetup" +RREPLACES_${PN} = "cryptsetup" +RCONFLICTS_${PN} ="cryptsetup" + +RPROVIDES_${PN}-dev = "cryptsetup-dev" +RREPLACES_${PN}-dev = "cryptsetup-dev" +RCONFLICTS_${PN}-dev ="cryptsetup-dev" + +BBCLASSEXTEND = "native nativesdk" diff --git a/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/files/configure_fix.patch b/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/files/configure_fix.patch new file mode 100644 index 00000000..8c7b6da4 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/files/configure_fix.patch @@ -0,0 +1,16 @@ +Upstream-Status: OE specific +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: git/configure.ac +=================================================================== +--- git.orig/configure.ac ++++ git/configure.ac +@@ -16,7 +16,7 @@ AC_CONFIG_HEADERS([config.h:config.h.in] + + # For old automake use this + #AM_INIT_AUTOMAKE(dist-xz subdir-objects) +-AM_INIT_AUTOMAKE([dist-xz 1.12 serial-tests subdir-objects]) ++AM_INIT_AUTOMAKE([dist-xz 1.12 serial-tests subdir-objects foreign]) + + if test "x$prefix" = "xNONE"; then + sysconfdir=/etc diff --git a/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch b/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch new file mode 100644 index 00000000..2919e2e5 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch @@ -0,0 +1,26 @@ +Allow recipe to overide optimization. + +fixes: + +397 | # warning _FORTIFY_SOURCE requires compiling with optimization (-O) +| | ^~~~~~~ +| cc1: all warnings being treated as errors + + +Upstream-Status: OE specific + +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: src/makefile +=================================================================== +--- src.orig/makefile ++++ src/makefile +@@ -43,7 +43,7 @@ CC = /usr/bin/gcc + CCFLAGS = -Wall \ + -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ + -Werror -Wsign-compare \ +- -c -ggdb -O0 \ ++ -c -ggdb -O \ + -DTPM_POSIX \ + -D_POSIX_ \ + -DTPM_NUVOTON diff --git a/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb b/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb new file mode 100644 index 00000000..80542269 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb @@ -0,0 +1,27 @@ +SUMMARY = "IBM's Software TPM 2.0" +LICENSE = "BSD" +SECTION = "securty/tpm" +LIC_FILES_CHKSUM = "file://../LICENSE;md5=1e023f61454ac828b4aa1bc4293f7d5f" + +DEPENDS = "openssl" + +SRC_URI = "https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm${PV}.tar.gz \ + file://remove_optimization.patch \ + " +SRC_URI[md5sum] = "13013612b3a13dc935fefe1a5684179c" +SRC_URI[sha256sum] = "fc3a17f8315c1f47670764f2384943afc0d3ba1e9a0422dacb08d455733bd1e9" +SRC_URI[sha1sum] = "a2a5335024a2edc1739f08b99e716fa355be627d" +SRC_URI[sha384sum] = "b1f278acabe2198aa79c0fe8aa0182733fe701336cbf54a88058be0b574cab768f59f9315882d0e689e634678d05b79f" +SRC_URI[sha512sum] = "ff0b9e5f0d0070eb572b23641f7a0e70a8bc65cbf4b59dca1778be3bb014124011221a492147d4c492584e87af23e2f842ca6307641b3919f67a3f27f09312c0" + +S = "${WORKDIR}/src" + +do_compile () { + make CC='${CC}' +} + +do_install () { + install -d ${D}/${bindir} + install -m 0755 tpm_server ${D}/${bindir} +} + diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/files/tpm2-abrmd-init.sh b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/files/tpm2-abrmd-init.sh index c8dfb7de..9bb7da97 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/files/tpm2-abrmd-init.sh +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/files/tpm2-abrmd-init.sh @@ -27,7 +27,7 @@ case "${1}" in start) echo -n "Starting $DESC: " - if [ ! -e /dev/tpm* ] + if [ ! -e /dev/tpm? ] then echo "device driver not loaded, skipping." exit 0 diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/files/tpm2-abrmd.default b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/files/tpm2-abrmd.default index 987978a6..b4b3c207 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/files/tpm2-abrmd.default +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/files/tpm2-abrmd.default @@ -1 +1 @@ -DAEMON_OPTS="--tcti=device --logger=syslog --max-connections=20 --max-transient-objects=20 --fail-on-loaded-trans" +DAEMON_OPTS="--tcti=device --logger=syslog --max-connections=20 --max-transients=20 --flush-all" diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb index 63473790..991364ad 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_2.3.0.bb @@ -9,16 +9,16 @@ SECTION = "security/tpm" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" -DEPENDS = "autoconf-archive dbus glib-2.0 tpm2.0-tss glib-2.0-native \ +DEPENDS = "autoconf-archive dbus glib-2.0 tpm2-tss glib-2.0-native \ libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim" - SRC_URI = "\ - git://github.com/01org/tpm2-abrmd.git \ + git://github.com/tpm2-software/tpm2-abrmd.git \ file://tpm2-abrmd-init.sh \ file://tpm2-abrmd.default \ " -SRCREV = "d0120ace58d97bc9520c0d558657eaca87ae73b1" + +SRCREV = "ac82192df1158cb58eac02777cf15c965b02cfbc" S = "${WORKDIR}/git" @@ -49,6 +49,6 @@ do_install_append() { FILES_${PN} += "${libdir}/systemd/system-preset \ ${datadir}/dbus-1" -RDEPENDS_${PN} += "tpm2.0-tss" +RDEPENDS_${PN} += "tpm2-tss" BBCLASSEXTEND = "native" diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/bootstrap_fixup.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/bootstrap_fixup.patch new file mode 100644 index 00000000..d38e2377 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/bootstrap_fixup.patch @@ -0,0 +1,12 @@ +Upstream-Status: OE specific +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: git/bootstrap +=================================================================== +--- git.orig/bootstrap ++++ git/bootstrap +@@ -27,4 +27,3 @@ echo "Generating file lists: ${VARS_FILE + ) > ${VARS_FILE} + + mkdir -p m4 +-${AUTORECONF} --install --sym $@ diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb new file mode 100644 index 00000000..351e03e5 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_0.9.9.bb @@ -0,0 +1,21 @@ +SUMMARY = "A PKCS#11 interface for TPM2 hardware" +DESCRIPTION = "PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token." +SECTION = "security/tpm" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=93645981214b60a02688745c14f93c95" + +DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools" + +SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git \ + file://bootstrap_fixup.patch \ + " + +SRCREV = "6de3f6f9c6e0a4983f3fb90e35feb34906f8aea7" + +S = "${WORKDIR}/git" + +inherit autotools-brokensep pkgconfig + +do_configure_prepend () { + ${S}/bootstrap +} diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/configure_oe_fixup.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/configure_oe_fixup.patch new file mode 100644 index 00000000..8a216cd4 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/configure_oe_fixup.patch @@ -0,0 +1,27 @@ +Upstream-Status: OE specific +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: git/configure.ac +=================================================================== +--- git.orig/configure.ac ++++ git/configure.ac +@@ -84,9 +84,6 @@ AC_ARG_WITH([efi-lds], + AS_HELP_STRING([--with-efi-lds=LDS_PATH],[Path to gnu-efi lds file.]), + [], + [with_efi_lds="/usr/lib/elf_${ARCH}_efi.lds"]) +-AC_CHECK_FILE(["${with_efi_lds}"], +- [], +- [AC_MSG_ERROR([Missing file: ${with_efi_lds}.])]) + EXTRA_LDFLAGS="-L /usr/lib -L /usr/lib64 -Wl,--script=${with_efi_lds}" + + # path to object file from gnu-efi +@@ -94,9 +91,6 @@ AC_ARG_WITH([efi-crt0], + AS_HELP_STRING([--with-efi-crt0=OBJ_PATH],[Path to gnu-efi crt0 object file.]), + [], + [with_efi_crt0="/usr/lib/crt0-efi-${ARCH}.o"]) +-AC_CHECK_FILE(["${with_efi_crt0}"], +- [], +- [AC_MSG_ERROR([Missing ${with_efi_crt0} file.])]) + EXTRA_LDLIBS="${with_efi_crt0}" + + # check for efi and gnuefi libraries diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/fix_header_file.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/fix_header_file.patch new file mode 100644 index 00000000..fc730e14 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/fix_header_file.patch @@ -0,0 +1,25 @@ +Error building for i386 target in cross env + +#include <efi/x86_64/efibind.h> + +ARCH is host arch, not target arch + +Upstream-Status: Submitted + +Signed-off-by: Armin Kuster <akuster808@gmail.com> +Index: git/src/uefi-types.h +=================================================================== +--- git.orig/src/uefi-types.h ++++ git/src/uefi-types.h +@@ -3,9 +3,9 @@ + #define UEFI_TYPES_H + + #ifndef EDK2_BUILD +-#if ARCH == x86_64 ++#if defined(__x86_64__) + #include <efi/x86_64/efibind.h> +-#elif ARCH == ia32 ++#elif defined(__i386__) + #include <efi/ia32/efibind.h> + #else + #error "Unsupported ARCH." diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/tpm2-get-caps-fixed.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/tpm2-get-caps-fixed.patch new file mode 100644 index 00000000..bc70913e --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/files/tpm2-get-caps-fixed.patch @@ -0,0 +1,23 @@ +Fix defined to match tpm2-tools 4.1.1 + +Upstream-Status: Submitted https://github.com/tpm2-software/tpm2-tcti-uefi/pull/81 +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +Index: git/example/tpm2-get-caps-fixed.c +=================================================================== +--- git.orig/example/tpm2-get-caps-fixed.c ++++ git/example/tpm2-get-caps-fixed.c +@@ -140,11 +140,11 @@ dump_tpm_properties_fixed (TPMS_TAGGED_P + Print (L"TPM2_PT_INPUT_BUFFER:\n" + " value: 0x%X\n", value); + break; +- case TPM2_PT_HR_TRANSIENT_MIN: ++ case TPM2_PT_TPM2_HR_TRANSIENT_MIN: + Print (L"TPM2_PT_TPM2_HR_TRANSIENT_MIN:\n" + " value: 0x%X\n", value); + break; +- case TPM2_PT_HR_PERSISTENT_MIN: ++ case TPM2_PT_TPM2_HR_PERSISTENT_MIN: + Print (L"TPM2_PT_TPM2_HR_PERSISTENT_MIN:\n" + " value: 0x%X\n", value); + break; diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi/0001-configure.ac-stop-inserting-host-directories-into-co.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi/0001-configure.ac-stop-inserting-host-directories-into-co.patch new file mode 100644 index 00000000..b3f22872 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi/0001-configure.ac-stop-inserting-host-directories-into-co.patch @@ -0,0 +1,38 @@ +From b74837184cfdefb45e48f3fdc974fc67691fc861 Mon Sep 17 00:00:00 2001 +From: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> +Date: Wed, 3 Jul 2019 19:16:35 +0300 +Subject: [PATCH] configure.ac: stop inserting host directories into compile + path + +Do not insert /usr/lib and /usr/lib64 into library search path. + +Upstream-Status: OE specific +Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: git/configure.ac +=================================================================== +--- git.orig/configure.ac ++++ git/configure.ac +@@ -70,10 +70,6 @@ EXTRA_CFLAGS+="-I${with_efi_includedir} + # compiler flags / search path + CFLAGS_TMP="$CFLAGS" + CFLAGS="$CFLAGS $EXTRA_CFLAGS" +-AC_CHECK_HEADERS([efi.h efilib.h], +- [], +- [AC_MSG_ERROR([Missing gnu-efi headers.])], +- [#include <efi.h>]) + CFLAGS="$CFLAGS_TMP" + + # path to linker script from gnu-efi +@@ -81,7 +77,7 @@ AC_ARG_WITH([efi-lds], + AS_HELP_STRING([--with-efi-lds=LDS_PATH],[Path to gnu-efi lds file.]), + [], + [with_efi_lds="/usr/lib/elf_${ARCH}_efi.lds"]) +-EXTRA_LDFLAGS="-L /usr/lib -L /usr/lib64 -Wl,--script=${with_efi_lds}" ++EXTRA_LDFLAGS="-Wl,--script=${with_efi_lds}" + + # path to object file from gnu-efi + AC_ARG_WITH([efi-crt0], diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi_0.9.9.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi_0.9.9.bb new file mode 100644 index 00000000..67b36b78 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tcti-uefi/tpm2-tcti-uefi_0.9.9.bb @@ -0,0 +1,45 @@ +SUMMARY = "TCTI module for use with TSS2 libraries in UEFI environment" +SECTION = "security/tpm" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" +DEPENDS = "libtss2-dev libtss2-mu-dev gnu-efi-native gnu-efi pkgconfig autoconf-archive-native" + +SRC_URI = "git://github.com/tpm2-software/tpm2-tcti-uefi.git \ + file://configure_oe_fixup.patch \ + file://0001-configure.ac-stop-inserting-host-directories-into-co.patch \ + file://tpm2-get-caps-fixed.patch \ + file://fix_header_file.patch \ + " +SRCREV = "0241b08f069f0fdb3612f5c1b938144dbe9be811" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig + +EFIDIR ?= "/EFI/BOOT" + +EFI_ARCH_x86 = "ia32" +EFI_ARCH_x86-64 = "x86_64" + +CFLAGS_append = " -I${STAGING_INCDIR}/efi -I${STAGING_INCDIR}/efi/${EFI_ARCH}" + +EXTRA_OECONF_append = " \ + --with-efi-includedir=${STAGING_INCDIR} \ + --with-efi-crt0=${STAGING_LIBDIR}/crt0-efi-${EFI_ARCH}.o \ + --with-efi-lds=${STAGING_LIBDIR}/elf_${EFI_ARCH}_efi.lds \ +" + +do_compile_append() { + oe_runmake example +} + +do_install_append() { + install -d "${D}${EFIDIR}" + install -m 0755 "${B}"/example/*.efi "${D}${EFIDIR}" +} + +COMPATIBLE_HOST = "(i.86|x86_64).*-linux" + +FILES_${PN} += "${EFIDIR}" + +RDEPENDS_${PN} = "gnu-efi libtss2-mu" diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb new file mode 100644 index 00000000..e90dcfe6 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tools/tpm2-tools_4.1.1.bb @@ -0,0 +1,17 @@ +SUMMARY = "Tools for TPM2." +DESCRIPTION = "tpm2-tools" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=0eb1216e46938bd723098d93a23c3bcc" +SECTION = "tpm" + +DEPENDS = "tpm2-abrmd tpm2-tss openssl curl autoconf-archive" + +SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" + +SRC_URI[md5sum] = "701ae9e8c8cbdd37d89c8ad774f55395" +SRC_URI[sha256sum] = "40b9263d8b949bd2bc03a3cd60fa242e27116727467f9bbdd0b5f2539a25a7b1" +SRC_URI[sha1sum] = "d097d321237983435f05c974533ad90e6f20acef" +SRC_URI[sha384sum] = "396547f400e4f5626d7741d77ec543f312d94e6697899f4c36260d15fab3f4f971ad2c0487e6eaa2d60256f3cf68f85f" +SRC_URI[sha512sum] = "25952cf947f0acd16b1a8dbd3ac8573bce85ff970a7e24c290c4f9cd29418e77a3e48ac82c932fbd250887a9303ab301ff92db594c2fffaba47b873382444d26" + +inherit autotools pkgconfig bash-completion diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb new file mode 100644 index 00000000..0dad6730 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-totp/tpm2-totp_0.2.0.bb @@ -0,0 +1,18 @@ +SUMMARY = "Attest the trustworthiness of a device against a human using time-based one-time passwords" + +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=ed23833e93c95173c8d8913745e4b4e1" + +SECTION = "security/tpm" + +DEPENDS = "autoconf-archive libtss2-dev qrencode" + +PE = "1" + +SRCREV = "994b4203e4769baefa6e7719915629bc8210e90a" +SRC_URI = "git://github.com/tpm2-software/tpm2-totp.git;branch=v0.2.x \ + " + +inherit autotools-brokensep pkgconfig + +S = "${WORKDIR}/git" diff --git a/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb new file mode 100644 index 00000000..3641b1b7 --- /dev/null +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss-engine/tpm2-tss-engine_1.0.1.bb @@ -0,0 +1,23 @@ +SUMMARY = "The tpm2-tss-engine project implements a cryptographic engine for OpenSSL." +DESCRIPTION = "The tpm2-tss-engine project implements a cryptographic engine for OpenSSL for Trusted Platform Module (TPM 2.0) using the tpm2-tss software stack that follows the Trusted Computing Groups (TCG) TPM Software Stack (TSS 2.0). It uses the Enhanced System API (ESAPI) interface of the TSS 2.0 for downwards communication. It supports RSA decryption and signatures as well as ECDSA signatures." + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=7b3ab643b9ce041de515d1ed092a36d4" + +SECTION = "security/tpm" + +DEPENDS = "autoconf-archive-native bash-completion libtss2 libgcrypt openssl" + +SRCREV = "fdc8f65dfc8bad8b5a3aed181fae338267308f70" +SRC_URI = "git://github.com/tpm2-software/tpm2-tss-engine.git" + +inherit autotools-brokensep pkgconfig systemd + +S = "${WORKDIR}/git" + +PACKAGES += "${PN}-engines ${PN}-engines-staticdev ${PN}-bash-completion" + +FILES_${PN}-dev = "${libdir}/engines-1.1/tpm2tss.so ${includedir}/*" +FILES_${PN}-engines = "${libdir}/engines-1.1/lib*.so*" +FILES_${PN}-engines-staticdev = "${libdir}/engines-1.1/libtpm2tss.a" +FILES_${PN}-bash-completion += "${datadir}/bash-completion/completions" diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/ax_pthread.m4 index d383ad5c..d383ad5c 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/ax_pthread.m4 +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/ax_pthread.m4 diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fix_musl_select_include.patch index ecaca6ea..ecaca6ea 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss/fix_musl_select_include.patch +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss/fix_musl_select_include.patch diff --git a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.0.1.bb b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.2.bb index 9d1ff72f..135efed8 100644 --- a/external/meta-security/meta-tpm/recipes-tpm/tpm2.0-tss/tpm2.0-tss_2.0.1.bb +++ b/external/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.3.2.bb @@ -1,24 +1,29 @@ SUMMARY = "Software stack for TPM2." -DESCRIPTION = "tpm2.0-tss like woah." +DESCRIPTION = "OSS implementation of the TCG TPM2 Software Stack (TSS2) " LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=0b1d631c4218b72f6b05cb58613606f4" +LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" SECTION = "tpm" -DEPENDS = "autoconf-archive-native libgcrypt" +DEPENDS = "autoconf-archive-native libgcrypt openssl" -SRCREV = "dc31e8dca9dbc77d16e419dc514ce8c526cd3351" +SRCREV = "a99e733ba66c359502689a9c42fd5e02ed1dd7d6" -SRC_URI = "git://github.com/tpm2-software/tpm2-tss.git;branch=2.0.x" +SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" +SRC_URI[md5sum] = "fb7e6d371959a65dc6d129af81739742" +SRC_URI[sha256sum] = "82929a0611f39246e09202702a61b54c980ab694626c1f5823520ddf75024fa6" +SRC_URI[sha1sum] = "c24ce8b20a8686ada775239389292f6d78020668" +SRC_URI[sha384sum] = "a0c023c024efb6c9906df1e143d692f44433de332b616dc0584c9b4cd4fb0ad544308f291892e91c5a52ef1a4b2abf7f" +SRC_URI[sha512sum] = "7b679b54f3478c3adee5b6c3135cbe491ffd9f4712991f465edbd6c7d2831e5f1537038ec36f288e9545c719d5d167b61116c924cf5d816220615d0b58a1d436" -inherit autotools-brokensep pkgconfig systemd +inherit autotools pkgconfig systemd extrausers -S = "${WORKDIR}/git" +PACKAGECONFIG ??= "" +PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, " + +EXTRA_OECONF += "--enable-static --with-udevrulesdir=${base_prefix}/lib/udev/rules.d/" +EXTRA_OECONF_remove = " --disable-static" -do_configure_prepend () { - ./bootstrap -} -INHERIT += "extrausers" EXTRA_USERS_PARAMS = "\ useradd -p '' tss; \ groupadd tss; \ @@ -71,4 +76,6 @@ FILES_libtss2-dev = " \ ${libdir}/libtss2*so" FILES_libtss2-staticdev = "${libdir}/libtss*a" -FILES_${PN} = "${libdir}/udev" +FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev" + +RDEPENDS_libtss2 = "libgcrypt" |