diff options
Diffstat (limited to 'app-crypt/tpm2-tools')
-rw-r--r-- | app-crypt/tpm2-tools/Manifest | 4 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.1.1-no-efivar-automagic.patch | 34 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.2-testparms-fix-condition-for-negative-test.patch | 33 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch | 15 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.6-bashism.patch | 47 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch | 123 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog.sh-Fix-accidental-deletions.patch | 68 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/tpm2-tools-5.5.ebuild (renamed from app-crypt/tpm2-tools/tpm2-tools-5.2-r1.ebuild) | 32 | ||||
-rw-r--r-- | app-crypt/tpm2-tools/tpm2-tools-5.6-r1.ebuild | 81 |
9 files changed, 353 insertions, 84 deletions
diff --git a/app-crypt/tpm2-tools/Manifest b/app-crypt/tpm2-tools/Manifest index e7303ed6665d..f9a3d2cb3763 100644 --- a/app-crypt/tpm2-tools/Manifest +++ b/app-crypt/tpm2-tools/Manifest @@ -1 +1,3 @@ -DIST tpm2-tools-5.2.tar.gz 1072078 BLAKE2B 27d035e0f44029db57477a1fd10e1cee9b470ad54411297985cb7f33ba7bbb7a94ac392815e32287d69abf928dce0c361703542b812ae88b208ddca645bb3be2 SHA512 9fb5dc298717a8a57c89d286e3590370a096c81b14d2d8d4eb5fca140d66148a8e24727ee04fb02057bbfcc3ede50e93ba0ef22396888c9df48bf6f42a5d6e6b +DIST tpm2-tools-5.5.tar.gz 1241390 BLAKE2B 2225f9e0835988351f84ed06f914616e25fd65bacaa93b51d0bb04185314efb9a6f60eb3539b250f54b2c2ba590f1b76594df3e625e45c8d37e38d13371bea26 SHA512 24f72a3e9840d531d900e96771a863baae1c71a76fcad0fda8020dff06acd8e3b65b86401ace21f034766403caf9ae97ce710ff6013bb7ed25657a6ecf325470 +DIST tpm2-tools-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch.xz 47916 BLAKE2B 1bbc84f58ad46507417c89be1b4ce2450fb33cf3abe8f080c23890d96be85379f135ef1dbf4b580e1a386fa6d5ebc4fbaab351b5238bbf1011bb97b0f49a847b SHA512 3db0daa39a8dc756d7cb25e3673149dc3eeafd7410f2c6537464431b501e3704a886d9b7a9acd71440d6d419649dd471fd6f9247d593c89a30b05774a8d1b3de +DIST tpm2-tools-5.6.tar.gz 1266731 BLAKE2B fe88722c26d62128cd6dfbdd8ef2568656a75fe27b1443fed28387d0db1f50b7d0651819d34dfa98acde785b4cfb4e7c11420b110bb5333ed2bb6b67cdd4fc70 SHA512 14216f29ed3ecca5fbe356ed3744c8b6b25a62ff11b2aed596d11101328c8bfd29a02f6ca5a218f9a4477a5e9648c50f0ae96e71de0b4ff5ea1f98ebeeb73cd7 diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.1.1-no-efivar-automagic.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.1.1-no-efivar-automagic.patch deleted file mode 100644 index 25f3ef43fe3d..000000000000 --- a/app-crypt/tpm2-tools/files/tpm2-tools-5.1.1-no-efivar-automagic.patch +++ /dev/null @@ -1,34 +0,0 @@ -https://bugs.gentoo.org/812047 - -From 0cea7f0f78f1a9e8dca789eb5f2ece052e026bed Mon Sep 17 00:00:00 2001 -From: Christopher Byrne <salah.coronya@gmail.com> -Date: Tue, 7 Sep 2021 20:22:27 -0500 -Subject: [PATCH] configure.ac: Fix automagic depency on libefivar - -Signed-off-by: Christopher Byrne <salah.coronya@gmail.com> ---- - configure.ac | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index f1c17116..bdb4abda 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -62,8 +62,12 @@ PKG_CHECK_MODULES([CRYPTO], [libcrypto >= 1.1.0]) - PKG_CHECK_MODULES([CURL], [libcurl]) - - # pretty print of devicepath if efivar library is present --PKG_CHECK_MODULES([EFIVAR], [efivar],,[true]) --AC_CHECK_HEADERS([efivar/efivar.h]) -+AC_ARG_WITH([efivar], AS_HELP_STRING([--without-efivar], [Build without efivar library (default: test)])) -+ -+AS_IF([test "x$with_efivar" != "xno"], [ -+ PKG_CHECK_MODULES([EFIVAR], [efivar]) -+ AC_CHECK_HEADERS([efivar/efivar.h]) -+]) - - # backwards compat with older pkg-config - # - pull in AC_DEFUN from pkg.m4 --- -2.32.0 - diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.2-testparms-fix-condition-for-negative-test.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.2-testparms-fix-condition-for-negative-test.patch deleted file mode 100644 index e1094647bdfd..000000000000 --- a/app-crypt/tpm2-tools/files/tpm2-tools-5.2-testparms-fix-condition-for-negative-test.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 3d80fad66694ad14a58dd89204a25e9248c4ab0c Mon Sep 17 00:00:00 2001 -From: Jonas Witschel <git@diabonas.de> -Date: Wed, 29 Sep 2021 17:08:07 +0200 -Subject: [PATCH] testparms: fix condition for negative test - -Commit e858dec76686bb4c42e74e0984b433231e530f93 ("testparms: ensure curve not -supported before negative test") is supposed to ensure that the negative test -is run only if ecc521 is *not* supported, but instead it runs the negative test -if ecc521 is *available*. This worked anyway for libtpms < 0.9.0 because camellia -was not supported, but since libtpms 0.9.0 added support for this algorithm, the -test suite fails now with swtpm. - -Signed-off-by: Jonas Witschel <git@diabonas.de> ---- - test/integration/tests/testparms.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/test/integration/tests/testparms.sh b/test/integration/tests/testparms.sh -index 8c3548e5..a587a60a 100644 ---- a/test/integration/tests/testparms.sh -+++ b/test/integration/tests/testparms.sh -@@ -63,7 +63,7 @@ else - fi - - # Attempt to specify a suite that is not supported (error from TPM) --if tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then -+if ! tpm2 getcap ecc-curves | grep -q TPM2_ECC_NIST_P521; then - if tpm2 testparms "ecc521:ecdsa:camellia" &>/dev/null; then - echo "tpm2 testparms succeeded while it shouldn't or TPM failed" - exit 1 --- -2.32.0 - diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch new file mode 100644 index 000000000000..7b6fc8821940 --- /dev/null +++ b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch @@ -0,0 +1,15 @@ +diff --git a/Makefile.am b/Makefile.am +index 627983ca..d32f109c 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -659,10 +659,3 @@ else + endif + + check: prepare-check +- +-if !HAVE_PANDOC +-# If pandoc is not enabled, we want to complain that you need pandoc for make dist, +-# so hook the target and complain. +- @(>&2 echo "You do not have pandoc, a requirement for the distribution of manpages") +- @exit 1 +-endif diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.6-bashism.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-bashism.patch new file mode 100644 index 000000000000..01ce4301d4e3 --- /dev/null +++ b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-bashism.patch @@ -0,0 +1,47 @@ +https://github.com/tpm2-software/tpm2-tools/pull/3339 + +From 9f244c3f74747b7f79c8c6813657b2f2f8a1c844 Mon Sep 17 00:00:00 2001 +From: Sam James <sam@gentoo.org> +Date: Sun, 21 Jan 2024 08:08:28 +0000 +Subject: [PATCH] configure.ac: fix bashisms + +configure scripts need to be runnable with a POSIX-compliant /bin/sh. + +On many (but not all!) systems, /bin/sh is provided by Bash, so errors +like this aren't spotted. Notably Debian defaults to /bin/sh provided +by dash which doesn't tolerate such bashisms as '=='. + +This retains compatibility with bash. + +Fixes configure warnings/errors like: +``` +checking for libcurl... yes +./configure: 15201: test: xauto: unexpected operator +./configure: 15286: test: xauto: unexpected operator +checking for efivar/efivar.h... yes +``` + +This fixes a build error later on too: +``` +/usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: lib/libcommon.a(libcommon_a-tpm2_eventlog_yaml.o): in function `yaml_devicepath': +tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x2f): undefined reference to `efidp_format_device_path' +/usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x61): undefined reference to `efidp_format_device_path' +``` + +Bug: https://bugs.gentoo.org/922592 +Signed-off-by: Sam James <sam@gentoo.org> +--- a/configure.ac ++++ b/configure.ac +@@ -94,9 +94,9 @@ AC_ARG_WITH([efivar], + ) + + # use the true program to avoid failing hard +-AS_IF([test "x$with_efivar" == "xauto"], ++AS_IF([test "x$with_efivar" = "xauto"], + [PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h], , [true])], [true])], +- [test "x$with_efivar" == "xyes"], ++ [test "x$with_efivar" = "xyes"], + [PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h])])], + ) + + diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch new file mode 100644 index 000000000000..f24cf50aff5c --- /dev/null +++ b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch @@ -0,0 +1,123 @@ +From 9cd74df24dbeee81b408e12ac10a98a088008d07 Mon Sep 17 00:00:00 2001 +From: Juergen Repp <juergen_repp@web.de> +Date: Mon, 20 Nov 2023 13:55:36 +0100 +Subject: [PATCH] test eventlog: fix check eventlog.sh if efivar.h exists + +If efivar.h exist a pretty print function for the DevicePath +is executed. Therefore two yaml test files are needed for +the bin test file uefiservices. +Fixes #3302. + +Signed-off-by: Juergen Repp <juergen_repp@web.de> +--- + Makefile.am | 13 ++++++ + configure.ac | 3 ++ + .../event-uefiservices.bin.yaml.pretty | 45 +++++++++++++++++++ + ...n.yaml => event-uefiservices.bin.yaml.raw} | 0 + 4 files changed, 61 insertions(+) + create mode 100644 test/integration/fixtures/event-uefiservices.bin.yaml.pretty + rename test/integration/fixtures/{event-uefiservices.bin.yaml => event-uefiservices.bin.yaml.raw} (100%) + +diff --git a/Makefile.am b/Makefile.am +index 413345cd..ef76dca8 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -352,6 +352,7 @@ TEST_EXTENSIONS = .sh + + check-hook: + rm -rf .lock_file ++ rm -f $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml + + EXTRA_DIST_IGNORE = \ + .gitignore \ +@@ -647,6 +648,18 @@ dist-hook: + for f in $(EXTRA_DIST_IGNORE); do \ + rm -rf `find $(distdir) -name $$f`; \ + done; ++ ++prepare-check: ++if HAVE_EFIVAR_H ++ cp $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml.pretty \ ++ $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml ++else ++ cp $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml.raw \ ++ $(abs_top_srcdir)/test/integration/fixtures/event-uefiservices.bin.yaml ++endif ++ ++check: prepare-check ++ + if !HAVE_PANDOC + # If pandoc is not enabled, we want to complain that you need pandoc for make dist, + # so hook the target and complain. +diff --git a/configure.ac b/configure.ac +index 362ae0aa..54224048 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -97,6 +97,9 @@ AS_IF([test "x$with_efivar" == "xauto"], + [PKG_CHECK_MODULES([EFIVAR], [efivar], [AC_CHECK_HEADERS([efivar/efivar.h])])], + ) + ++AC_CHECK_HEADERS([efivar/efivar.h],[efivar_h=yes ], [efivar = no ]) ++AM_CONDITIONAL([HAVE_EFIVAR_H], [test "$efivar_h" = yes]) ++ + # backwards compat with older pkg-config + # - pull in AC_DEFUN from pkg.m4 + m4_ifndef([PKG_CHECK_VAR], [ +diff --git a/test/integration/fixtures/event-uefiservices.bin.yaml.pretty b/test/integration/fixtures/event-uefiservices.bin.yaml.pretty +new file mode 100644 +index 00000000..f0819f70 +--- /dev/null ++++ b/test/integration/fixtures/event-uefiservices.bin.yaml.pretty +@@ -0,0 +1,45 @@ ++--- ++version: 1 ++events: ++- EventNum: 0 ++ PCRIndex: 0 ++ EventType: EV_NO_ACTION ++ Digest: "0000000000000000000000000000000000000000" ++ EventSize: 37 ++ SpecID: ++ - Signature: Spec ID Event03 ++ platformClass: 0 ++ specVersionMinor: 0 ++ specVersionMajor: 2 ++ specErrata: 0 ++ uintnSize: 2 ++ numberOfAlgorithms: 2 ++ Algorithms: ++ - Algorithm[0]: ++ algorithmId: sha1 ++ digestSize: 20 ++ - Algorithm[1]: ++ algorithmId: sha256 ++ digestSize: 32 ++ vendorInfoSize: 0 ++- EventNum: 1 ++ PCRIndex: 2 ++ EventType: EV_EFI_BOOT_SERVICES_DRIVER ++ DigestCount: 2 ++ Digests: ++ - AlgorithmId: sha1 ++ Digest: "855685b4dbd4b67d50e0594571055054cfe2b1e9" ++ - AlgorithmId: sha256 ++ Digest: "dd8576b4ff346c19c56c3e4f97ce55c5afa646f9c669be0a7cdd05057a0ecdf3" ++ EventSize: 84 ++ Event: ++ ImageLocationInMemory: 0x7dcf6018 ++ ImageLengthInMemory: 171464 ++ ImageLinkTimeAddress: 0x0 ++ LengthOfDevicePath: 52 ++ DevicePath1: 'PciRoot(0x0)/Pci(0x2,0x0)/Pci(0x0,0x0)/Offset(0x12600,0x3c3ff)' ++pcrs: ++ sha1: ++ 2 : 0x5b5f4d5c31664f01670a98a5796a36473671befc ++ sha256: ++ 2 : 0x35fcf9d737c52c971f7c74058d36937dbd7824177fa0f1de3eba3934fcb83b9d +diff --git a/test/integration/fixtures/event-uefiservices.bin.yaml b/test/integration/fixtures/event-uefiservices.bin.yaml.raw +similarity index 100% +rename from test/integration/fixtures/event-uefiservices.bin.yaml +rename to test/integration/fixtures/event-uefiservices.bin.yaml.raw +-- +2.41.0 + diff --git a/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog.sh-Fix-accidental-deletions.patch b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog.sh-Fix-accidental-deletions.patch new file mode 100644 index 000000000000..7274ee40827a --- /dev/null +++ b/app-crypt/tpm2-tools/files/tpm2-tools-5.6-test-eventlog.sh-Fix-accidental-deletions.patch @@ -0,0 +1,68 @@ +From 4dec5295361d753c3466bc9e8b0ae3a3cc58dff5 Mon Sep 17 00:00:00 2001 +From: Juergen Repp <juergen_repp@web.de> +Date: Thu, 4 Apr 2024 09:42:51 +0200 +Subject: [PATCH] test eventlog.sh Fix accidental deletions. + +* Accidental deletions made in commit 196e3d439407e81040ced054a8ed302489348a9d + are undone. +* python3 is used as default instead of python. + +Signed-off-by: Juergen Repp <juergen_repp@web.de> +--- + test/integration/tests/eventlog.sh | 33 ++++++++++++++++++++++++++++-- + 1 file changed, 31 insertions(+), 2 deletions(-) + +diff --git a/test/integration/tests/eventlog.sh b/test/integration/tests/eventlog.sh +index 9d5290f0..e7c13706 100755 +--- a/test/integration/tests/eventlog.sh ++++ b/test/integration/tests/eventlog.sh +@@ -3,7 +3,7 @@ + set -E + shopt -s expand_aliases + +-alias python=${PYTHON-python} ++alias python=${PYTHON-python3} + + yaml_validate() { + cmd=$1 +@@ -88,7 +88,36 @@ expect_pass() { + expect_fail + expect_fail foo + expect_fail foo bar +-expect_fail ${srcdir}/test/integration/fix ++expect_fail ${srcdir}/test/integration/fixtures/event-bad.bin ++ ++expect_pass ${srcdir}/test/integration/fixtures/specid-vendordata.bin ++expect_pass ${srcdir}/test/integration/fixtures/event.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-uefivar.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-uefiaction.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-uefiservices.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-uefi-sha1-log.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-bootorder.bin ++expect_pass ${srcdir}/test/integration/fixtures/event-postcode.bin ++ ++# Make sure that --eventlog-version=2 works on complete TPM2 logs ++expect_pass ${srcdir}/test/integration/fixtures/event-arch-linux.bin --eventlog-version=2 ++expect_pass ${srcdir}/test/integration/fixtures/event-gce-ubuntu-2104-log.bin --eventlog-version=2 ++expect_pass ${srcdir}/test/integration/fixtures/event-sd-boot-fedora37.bin --eventlog-version=2 ++expect_pass ${srcdir}/test/integration/fixtures/event-moklisttrusted.bin --eventlog-version=2 ++ ++# Pick an event with leading whitespace and validate we have ++# preserved it correctly after parsing the YAML ++event=$(yaml_validate "print(y['events'][80]['Event']['String'])" < ${srcdir}/test/integration/fixtures/event-moklisttrusted.bin.yaml | tr -d '\0') ++expect=$(echo -e "grub_cmd: menuentry UEFI Firmware Settings --id uefi-firmware {\n\t\tfwsetup\n\t}") ++if test "$event" != "$expect" ++then ++ echo "Got $event" ++ echo "Want $expect" ++ exit 1 ++fi ++ ++# Compare strings generated by tpm2_eventlog with binary data of the corresponding ++# events. + hex_file="${srcdir}/test/integration/fixtures/event-moklisttrusted-hex.yaml" + tool_file="${srcdir}/test/integration/fixtures/event-moklisttrusted.bin.yaml" + +-- +2.43.2 + diff --git a/app-crypt/tpm2-tools/tpm2-tools-5.2-r1.ebuild b/app-crypt/tpm2-tools/tpm2-tools-5.5.ebuild index 22e76e0b6bd7..866f1e799d24 100644 --- a/app-crypt/tpm2-tools/tpm2-tools-5.2-r1.ebuild +++ b/app-crypt/tpm2-tools/tpm2-tools-5.5.ebuild @@ -1,10 +1,10 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 -PYTHON_COMPAT=( python3_{8..10} ) -inherit autotools bash-completion-r1 python-any-r1 +PYTHON_COMPAT=( python3_{10..12} ) +inherit bash-completion-r1 flag-o-matic python-any-r1 DESCRIPTION="Tools for the TPM 2.0 TSS" HOMEPAGE="https://github.com/tpm2-software/tpm2-tools" @@ -28,7 +28,7 @@ DEPEND="${RDEPEND} dev-util/cmocka )" BDEPEND="virtual/pkgconfig - sys-devel/autoconf-archive + dev-build/autoconf-archive test? ( app-editors/vim-core dev-tcltk/expect @@ -36,21 +36,17 @@ BDEPEND="virtual/pkgconfig ) ${PYTHON_DEPS}" -PATCHES=( - "${FILESDIR}/${PN}-5.1.1-no-efivar-automagic.patch" - "${FILESDIR}/${PN}-5.2-testparms-fix-condition-for-negative-test.patch" -) +python_check_deps() { + python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]" +} -src_prepare() { - default - sed -i \ - "s/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/" \ - "configure.ac" || die - "./scripts/utils/man_to_bashcompletion.sh" || die - eautoreconf +pkg_setup() { + use test && python-any-r1_pkg_setup } src_configure() { + # tests fail with LTO enabbled. See bug 865275 and 865277 + filter-lto econf \ $(use_enable fapi) \ $(use_enable test unit) \ @@ -62,5 +58,9 @@ src_install() { default mv "${ED}"/$(get_bashcompdir)/tpm2{_completion.bash,} || die local utils=( "${ED}"/usr/bin/tpm2_* ) - bashcomp_alias tpm2 "${utils[@]##*/}" + utils=("${utils[@]##*/}") + # these utiltites don't have bash completions + local nobashcomp=( tpm2_encodeobject tpm2_getpolicydigest tpm2_sessionconfig ) + mapfile -d $'\0' -t utils < <(printf '%s\0' "${utils[@]}" | grep -Ezvw "${nobashcomp[@]/#/-e}") + bashcomp_alias tpm2 "${utils[@]}" } diff --git a/app-crypt/tpm2-tools/tpm2-tools-5.6-r1.ebuild b/app-crypt/tpm2-tools/tpm2-tools-5.6-r1.ebuild new file mode 100644 index 000000000000..ab59eed9520d --- /dev/null +++ b/app-crypt/tpm2-tools/tpm2-tools-5.6-r1.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) +inherit autotools bash-completion-r1 flag-o-matic python-any-r1 + +DESCRIPTION="Tools for the TPM 2.0 TSS" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tools" +SRC_URI="https://github.com/tpm2-software/tpm2-tools/releases/download/${PV}/${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/tpm2-tools-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch.xz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +IUSE="+fapi test" + +RESTRICT="!test? ( test )" + +RDEPEND=">=app-crypt/tpm2-tss-3.0.1:=[fapi?] + dev-libs/openssl:= + net-misc/curl + sys-libs/efivar:=" +DEPEND="${RDEPEND} + test? ( + app-crypt/swtpm + app-crypt/tpm2-abrmd + dev-util/cmocka + )" +BDEPEND="virtual/pkgconfig + dev-build/autoconf-archive + test? ( + app-editors/vim-core + dev-tcltk/expect + $(python_gen_any_dep 'dev-python/pyyaml[${PYTHON_USEDEP}]') + ) + ${PYTHON_DEPS}" + +PATCHES=( + "${FILESDIR}/${PN}-5.6-test-eventlog-fix-check-eventlog.sh-if-efivar.h-exis.patch" + "${WORKDIR}/${PN}-5.6-tpm2_eventlog-Create-raw-and-pretty-print-format-for.patch" + "${FILESDIR}/${PN}-5.6-Makefile-am-Dont-require-pandoc-for-tests.patch" + "${FILESDIR}/${PN}-5.6-bashism.patch" + "${FILESDIR}/${PN}-5.6-test-eventlog.sh-Fix-accidental-deletions.patch" +) + +python_check_deps() { + python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]" +} + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # tests fail with LTO enabbled. See bug 865275 and 865277 + filter-lto + econf \ + $(use_enable fapi) \ + $(use_enable test unit) \ + --with-bashcompdir=$(get_bashcompdir) \ + --enable-hardening +} + +src_install() { + default + mv "${ED}"/$(get_bashcompdir)/tpm2{_completion.bash,} || die + local utils=( "${ED}"/usr/bin/tpm2_* ) + utils=("${utils[@]##*/}") + # these utiltites don't have bash completions + local nobashcomp=( tpm2_encodeobject tpm2_getpolicydigest\ + tpm2_sessionconfig tpm2_tr_encode) + mapfile -d $'\0' -t utils < <(printf '%s\0' "${utils[@]}" | grep -Ezvw "${nobashcomp[@]/#/-e}") + bashcomp_alias tpm2 "${utils[@]}" +} |