[yocto] [meta-security][PATCH 1/2] trousers: add package
Armin Kuster
akuster808 at gmail.com
Fri Apr 15 18:43:21 PDT 2016
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
.../trousers/files/07-read_data-not-inline.patch | 65 ++++++++++++
recipes-tpm/trousers/files/tcsd.service | 10 ++
recipes-tpm/trousers/files/trousers-udev.rules | 2 +
recipes-tpm/trousers/files/trousers.init.sh | 65 ++++++++++++
recipes-tpm/trousers/trousers_0.3.13.bb | 112 +++++++++++++++++++++
5 files changed, 254 insertions(+)
create mode 100644 recipes-tpm/trousers/files/07-read_data-not-inline.patch
create mode 100644 recipes-tpm/trousers/files/tcsd.service
create mode 100644 recipes-tpm/trousers/files/trousers-udev.rules
create mode 100644 recipes-tpm/trousers/files/trousers.init.sh
create mode 100644 recipes-tpm/trousers/trousers_0.3.13.bb
diff --git a/recipes-tpm/trousers/files/07-read_data-not-inline.patch b/recipes-tpm/trousers/files/07-read_data-not-inline.patch
new file mode 100644
index 0000000..76ba98a
--- /dev/null
+++ b/recipes-tpm/trousers/files/07-read_data-not-inline.patch
@@ -0,0 +1,65 @@
+Title: Remove inline keyword for read_data and write_data
+Date: 2015-06-28
+Origin: https://chromium.googlesource.com/chromiumos%2Fthird_party%2Ftrousers/+/c9c7cd50640c2d8882a04f59f1bcb383a88b19e9
+Bug-Debian: http://bugs.debian.org/778149
+Index: trousers/src/include/tcsps.h
+===================================================================
+--- trousers.orig/src/include/tcsps.h
++++ trousers/src/include/tcsps.h
+@@ -23,13 +23,6 @@ int get_file();
+ int put_file(int);
+ void close_file(int);
+ void ps_destroy();
+-#ifdef SOLARIS
+-TSS_RESULT read_data(int, void *, UINT32);
+-TSS_RESULT write_data(int, void *, UINT32);
+-#else
+-inline TSS_RESULT read_data(int, void *, UINT32);
+-inline TSS_RESULT write_data(int, void *, UINT32);
+-#endif
+ int write_key_init(int, UINT32, UINT32, UINT32);
+ TSS_RESULT cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32);
+ TSS_RESULT UnloadBlob_KEY_PS(UINT16 *, BYTE *, TSS_KEY *);
+Index: trousers/src/include/tspps.h
+===================================================================
+--- trousers.orig/src/include/tspps.h
++++ trousers/src/include/tspps.h
+@@ -18,8 +18,8 @@
+
+ TSS_RESULT get_file(int *);
+ int put_file(int);
+-inline TSS_RESULT read_data(int, void *, UINT32);
+-inline TSS_RESULT write_data(int, void *, UINT32);
++TSS_RESULT read_data(int, void *, UINT32);
++TSS_RESULT write_data(int, void *, UINT32);
+ UINT32 psfile_get_num_keys(int);
+ TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
+ TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *);
+Index: trousers/src/tcs/ps/ps_utils.c
+===================================================================
+--- trousers.orig/src/tcs/ps/ps_utils.c
++++ trousers/src/tcs/ps/ps_utils.c
+@@ -42,11 +42,7 @@
+ struct key_disk_cache *key_disk_cache_head = NULL;
+
+
+-#ifdef SOLARIS
+ TSS_RESULT
+-#else
+-inline TSS_RESULT
+-#endif
+ read_data(int fd, void *data, UINT32 size)
+ {
+ int rc;
+@@ -64,11 +60,7 @@ read_data(int fd, void *data, UINT32 siz
+ }
+
+
+-#ifdef SOLARIS
+ TSS_RESULT
+-#else
+-inline TSS_RESULT
+-#endif
+ write_data(int fd, void *data, UINT32 size)
+ {
+ int rc;
diff --git a/recipes-tpm/trousers/files/tcsd.service b/recipes-tpm/trousers/files/tcsd.service
new file mode 100644
index 0000000..787d4e9
--- /dev/null
+++ b/recipes-tpm/trousers/files/tcsd.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=TCG Core Services Daemon
+After=syslog.target
+
+[Service]
+Type=forking
+ExecStart=@SBINDIR@/tcsd
+
+[Install]
+WantedBy=multi-user.target
diff --git a/recipes-tpm/trousers/files/trousers-udev.rules b/recipes-tpm/trousers/files/trousers-udev.rules
new file mode 100644
index 0000000..256babd
--- /dev/null
+++ b/recipes-tpm/trousers/files/trousers-udev.rules
@@ -0,0 +1,2 @@
+# trousers daemon expects tpm device to be owned by tss user & group
+KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss"
diff --git a/recipes-tpm/trousers/files/trousers.init.sh b/recipes-tpm/trousers/files/trousers.init.sh
new file mode 100644
index 0000000..0ecf7cc
--- /dev/null
+++ b/recipes-tpm/trousers/files/trousers.init.sh
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides: tcsd trousers
+# Required-Start: $local_fs $remote_fs $network
+# Required-Stop: $local_fs $remote_fs $network
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: starts tcsd
+# Description: tcsd belongs to the TrouSerS TCG Software Stack
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/tcsd
+NAME=tcsd
+DESC="Trusted Computing daemon"
+USER="tss"
+
+test -x "${DAEMON}" || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+case "${1}" in
+ start)
+ echo "Starting $DESC: "
+
+ if [ ! -e /dev/tpm* ]
+ then
+ echo "device driver not loaded, skipping."
+ exit 0
+ fi
+
+ start-stop-daemon --start --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} -- ${DAEMON_OPTS}
+ RETVAL="$?"
+ echo "$NAME."
+ [ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid
+ exit $RETVAL
+ ;;
+
+ stop)
+ echo "Stopping $DESC: "
+
+ start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/${NAME}.pid --user ${USER} --exec ${DAEMON}
+ RETVAL="$?"
+ echo "$NAME."
+ rm -f /var/run/${NAME}.pid
+ exit $RETVAL
+ ;;
+
+ restart|force-reload)
+ "${0}" stop
+ sleep 1
+ "${0}" start
+ exit $?
+ ;;
+ *)
+ echo "Usage: ${NAME} {start|stop|restart|force-reload|status}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
diff --git a/recipes-tpm/trousers/trousers_0.3.13.bb b/recipes-tpm/trousers/trousers_0.3.13.bb
new file mode 100644
index 0000000..7001788
--- /dev/null
+++ b/recipes-tpm/trousers/trousers_0.3.13.bb
@@ -0,0 +1,112 @@
+SUMMARY = "TrouSerS - An open-source TCG Software Stack implementation."
+LICENSE = "BSD"
+HOMEPAGE = "http://sourceforge.net/projects/trousers/"
+LIC_FILES_CHKSUM = "file://README;startline=3;endline=4;md5=2af28fbed0832e4d83a9e6dd68bb4413"
+SECTION = "security/tpm"
+
+DEPENDS = "openssl"
+
+SRC_URI = "http://sourceforge.net/projects/trousers/files/${BPN}/${PV}/${BPN}-${PV}.tar.gz \
+ file://07-read_data-not-inline.patch \
+ file://trousers.init.sh \
+ file://trousers-udev.rules \
+ file://tcsd.service \
+ "
+
+SRC_URI[md5sum] = "ad508f97b406f6e48cd90e85d78e7ca8"
+SRC_URI[sha256sum] = "bb908e4a3c88a17b247a4fc8e0fff3419d8a13170fe7bdfbe0e2c5c082a276d3"
+
+inherit autotools pkgconfig useradd update-rc.d
+inherit ${@base_contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
+
+PACKAGECONFIG ?= "gmp "
+PACKAGECONFIG[gmp] = "--with-gmp, --with-gmp=no, gmp"
+PACKAGECONFIG[gtk] = "--with-gui=gtk, --with-gui=none, gtk+"
+
+do_install () {
+ oe_runmake DESTDIR=${D} install
+}
+
+do_install_append() {
+ install -d ${D}${sysconfdir}/init.d
+ install -m 0755 ${WORKDIR}/trousers.init.sh ${D}${sysconfdir}/init.d/trousers
+ install -d ${D}${sysconfdir}/udev/rules.d
+ install -m 0644 ${WORKDIR}/trousers-udev.rules ${D}${sysconfdir}/udev/rules.d/45-trousers.rules
+
+ if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/tcsd.service ${D}${systemd_unitdir}/system/
+ sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/tcsd.service
+ fi
+ chown -R root:root ${D}${sysconfdir}/tcsd.conf
+}
+
+CONFFILES_${PN} += "${sysconfig}/tcsd.conf"
+
+PROVIDES = "${PACKAGES}"
+PACKAGES = " \
+ libtspi \
+ libtspi-dbg \
+ libtspi-dev \
+ libtspi-doc \
+ libtspi-staticdev \
+ trousers \
+ trousers-dbg \
+ trousers-doc \
+ "
+
+FILES_libtspi = " \
+ ${libdir}/*.so.1.2.0 \
+ "
+FILES_libtspi-dbg = " \
+ ${libdir}/.debug \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/tspi \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/trspi \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/include/*.h \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/include/tss \
+ "
+FILES_libtspi-dev = " \
+ ${includedir} \
+ ${libdir}/*.so \
+ ${libdir}/*.so.1 \
+ "
+FILES_libtspi-doc = " \
+ ${mandir}/man3 \
+ "
+FILES_libtspi-staticdev = " \
+ ${libdir}/*.la \
+ ${libdir}/*.a \
+ "
+FILES_${PN} = " \
+ ${sbindir}/tcsd \
+ ${sysconfdir} \
+ ${localstatedir} \
+ "
+
+FILES_${PN}-dev += "${libdir}/trousers"
+
+FILES_${PN}-dbg = " \
+ ${sbindir}/.debug \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/tcs \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/tcsd \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/tddl \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/trousers \
+ ${prefix}/src/debug/${PN}/${PV}-${PR}/${PN}-${PV}/src/include/trousers \
+ "
+FILES_${PN}-doc = " \
+ ${mandir}/man5 \
+ ${mandir}/man8 \
+ "
+
+INITSCRIPT_NAME = "trousers"
+INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ."
+
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM_${PN} = "tss"
+USERADD_PARAM_${PN} = "-M -d /var/lib/tpm -s /bin/false -g tss tss"
+
+SYSTEMD_PACKAGES = "${PN}"
+SYSTEMD_SERVICE_${PN} = "tcsd.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+BBCLASSEXTEND = "native"
--
2.3.5
More information about the yocto
mailing list