gentoo resync : 15.09.2018

4 files changed, 267 insertions, 0 deletions

diff --git a/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-build.patch b/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-build.patch
new file mode 100644
index 000000000000..ada748f7129a
--- /dev/null
+++ b/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-build.patch
@@ -0,0 +1,100 @@
+From ca99fe81c8aee204c1a8b7f3ca264130e54d9418 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 1 Sep 2018 21:32:07 +0300
+Subject: [PATCH] tpm: tpm_deprecated.c fix compare
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+tpm/tpm_deprecated.c:437:7: error: ‘__builtin_memcmp_eq’ reading 20 bytes from a region of size 8 [-Werror=stringop-overflow=]
+   if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
+       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+cc1: all warnings being treated as errors
+
+Bug: https://bugs.gentoo.org/show_bug.cgi?id=664198
+---
+ tpm/tpm_deprecated.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tpm/tpm_deprecated.c b/tpm/tpm_deprecated.c
+index c362b56..4c49f54 100644
+--- a/tpm/tpm_deprecated.c
++++ b/tpm/tpm_deprecated.c
+@@ -434,7 +434,7 @@ TPM_RESULT TPM_ChangeAuthAsymFinish(TPM_KEY_HANDLE parentHandle,
+   tpm_hmac_final(&hmac_ctx, b1.digest);
+   /* 6. The TPM SHALL compare b1 with newAuthLink. The TPM SHALL
+         indicate a failure if the values do not match. */
+-  if (memcmp(&b1, &newAuthLink, sizeof(TPM_HMAC))) {
++  if (memcmp(&b1, newAuthLink, sizeof(TPM_HMAC))) {
+     debug("TPM_ChangeAuthAsymFinish(): newAuthLink value does not match.");
+     return TPM_FAIL;
+   }
+From 035af1df2b18afd695150c6f9e426133b775c0a1 Mon Sep 17 00:00:00 2001
+From: Florian Larysch <fl@n621.de>
+Date: Tue, 24 Oct 2017 19:33:00 +0200
+Subject: [PATCH] tpm_command_handler: fix switch fallthrough
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Compiling with a recent GCC fails as follows:
+
+  tpm-emulator/tpm/tpm_cmd_handler.c: In function ‘tpm_setup_rsp_auth’:
+  tpm-emulator/tpm/tpm_cmd_handler.c:3332:7: error: this statement may fall through [-Werror=implicit-fallthrough=]
+         tpm_hmac_final(&hmac, rsp->auth2->auth);
+         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  tpm-emulator/tpm/tpm_cmd_handler.c:3333:5: note: here
+       case TPM_TAG_RSP_AUTH1_COMMAND:
+
+Looking at the code, this does indeed seem unintentional. Add a break
+state in the appropriate place.
+---
+ tpm/tpm_cmd_handler.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c
+index 288d1ce..5aea4e7 100644
+--- a/tpm/tpm_cmd_handler.c
++++ b/tpm/tpm_cmd_handler.c
+@@ -3330,6 +3330,7 @@ static void tpm_setup_rsp_auth(TPM_COMMAND_CODE ordinal, TPM_RESPONSE *rsp)
+                   sizeof(rsp->auth2->nonceOdd.nonce));
+       tpm_hmac_update(&hmac, (BYTE*)&rsp->auth2->continueAuthSession, 1);
+       tpm_hmac_final(&hmac, rsp->auth2->auth);
++      break;
+     case TPM_TAG_RSP_AUTH1_COMMAND:
+       tpm_hmac_init(&hmac, rsp->auth1->secret, sizeof(rsp->auth1->secret));
+       tpm_hmac_update(&hmac, rsp->auth1->digest, sizeof(rsp->auth1->digest));
+-- 
+2.16.4
+
+From 0f4579e913aeb3a893631a3caee420a0e9803683 Mon Sep 17 00:00:00 2001
+From: Peter Huewe <peterhuewe@gmx.de>
+Date: Mon, 26 Jun 2017 00:25:43 +0200
+Subject: [PATCH] Workaround wrong fallthrough case by returning TPM_FAIL
+
+The spec says that the number of verified PCRs should be returned - which it currently does not and breaks compilation with gcc7
+See #26
+Since this code is probably unused anyway, we now simply return TPM_FAIL until someone comes up with a solution.
+
+Spec:
+https://www.trustedcomputinggroup.org/wp-content/uploads/Revision_7.02-_29April2010-tcg-mobile-trusted-module-1.0.pdf
+---
+ mtm/mtm_capability.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/mtm/mtm_capability.c b/mtm/mtm_capability.c
+index a09b116..4046de5 100644
+--- a/mtm/mtm_capability.c
++++ b/mtm/mtm_capability.c
+@@ -87,6 +87,8 @@ static TPM_RESULT cap_mtm_permanent_data(UINT32 subCapSize, BYTE *subCap,
+         tpm_free(*resp);
+         return TPM_FAIL;
+       }
++      error("[TPM_CAP_MTM_PERMANENT_DATA] SubCap 2 not Implemented");
++      return TPM_FAIL; // TODO not implemented.
+ 
+     case 3:
+       return return_UINT32(respSize, resp,
+-- 
+2.16.4
+
diff --git a/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-cmake.patch b/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-cmake.patch
new file mode 100644
index 000000000000..7fd775139b2d
--- /dev/null
+++ b/app-crypt/tpm-emulator/files/tpm-emulator-0.7.4-cmake.patch
@@ -0,0 +1,120 @@
+
+Pull request:
+https://github.com/PeterHuewe/tpm-emulator/pull/37
+
+
+From 694b7c24ac09e0ec1e54ab71eb9c82a8d4f41d33 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Tue, 11 Sep 2018 14:08:49 +0300
+Subject: [PATCH 1/3] build: use GNUInstallDirs to allow override install
+ directories
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ CMakeLists.txt           | 1 +
+ tddl/CMakeLists.txt      | 6 +++---
+ tpmd/unix/CMakeLists.txt | 2 +-
+ 3 files changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index f362298..d047ce3 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -6,6 +6,7 @@
+ project(TPM_Emulator C)
+ 
+ cmake_minimum_required(VERSION 2.4)
++include(GNUInstallDirs)
+ set(CMAKE_ALLOW_LOOSE_LOOP_CONSTRUCTS true)
+ if(COMMAND cmake_policy)
+ cmake_policy(SET CMP0003 NEW)
+diff --git a/tddl/CMakeLists.txt b/tddl/CMakeLists.txt
+index 0be3281..6cc63b3 100644
+--- a/tddl/CMakeLists.txt
++++ b/tddl/CMakeLists.txt
+@@ -15,9 +15,9 @@ elseif(WIN32)
+   set_target_properties(tddl PROPERTIES PREFIX "")
+ endif()
+ 
+-install(TARGETS tddl DESTINATION lib)
+-install(TARGETS tddl_static DESTINATION lib)
+-install(FILES "tddl.h" DESTINATION include)
++install(TARGETS tddl DESTINATION ${CMAKE_INSTALL_LIBDIR})
++install(TARGETS tddl_static DESTINATION ${CMAKE_INSTALL_LIBDIR})
++install(FILES "tddl.h" DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
+ 
+ include_directories(${CMAKE_CURRENT_SOURCE_DIR})
+ add_executable(test_tddl test_tddl.c)
+diff --git a/tpmd/unix/CMakeLists.txt b/tpmd/unix/CMakeLists.txt
+index 40c436b..c5c394a 100644
+--- a/tpmd/unix/CMakeLists.txt
++++ b/tpmd/unix/CMakeLists.txt
+@@ -13,5 +13,5 @@ target_link_libraries(tpmd mtm tpm tpm_crypto)
+ else()
+ target_link_libraries(tpmd tpm tpm_crypto)
+ endif()
+-install(TARGETS tpmd RUNTIME DESTINATION bin)
++install(TARGETS tpmd RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR})
+ 
+-- 
+2.16.4
+
+From 89bf733368dda265040cf44ff8be69a15ab66712 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Tue, 11 Sep 2018 16:36:12 +0300
+Subject: [PATCH 2/3] build: do not build mtm unless enabled
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ CMakeLists.txt | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index d047ce3..b8b68a3 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -67,7 +67,9 @@ include_directories(${CMAKE_BINARY_DIR})
+ 
+ # add internal libraries
+ add_subdirectory(tpm)
+-add_subdirectory(mtm)
++if(MTM_EMULATOR)
++    add_subdirectory(mtm)
++endif()
+ add_subdirectory(crypto)
+ 
+ # add TDDL
+-- 
+2.16.4
+
+From 24bbf683de0b0b24f0ec81d093c03e1f6a9570f2 Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Tue, 11 Sep 2018 14:20:19 +0300
+Subject: [PATCH 3/3] build: support BUILD_DEV to disable device build
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ CMakeLists.txt | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index b8b68a3..9ae6562 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -76,7 +76,12 @@ add_subdirectory(crypto)
+ add_subdirectory(tddl)
+ 
+ # add kernel modules
+-add_subdirectory(tpmd_dev)
++if(NOT DEFINED BUILD_DEV)
++    set(BUILD_DEV ON)
++endif()
++if(BUILD_DEV)
++    add_subdirectory(tpmd_dev)
++endif()
+ 
+ # add executables
+ add_subdirectory(tpmd)
+-- 
+2.16.4
+
diff --git a/app-crypt/tpm-emulator/files/tpm-emulator.confd-r2 b/app-crypt/tpm-emulator/files/tpm-emulator.confd-r2
new file mode 100644
index 000000000000..985fa4e774ca
--- /dev/null
+++ b/app-crypt/tpm-emulator/files/tpm-emulator.confd-r2
@@ -0,0 +1 @@
+STARTUP_MODE="save"
diff --git a/app-crypt/tpm-emulator/files/tpm-emulator.initd-r2 b/app-crypt/tpm-emulator/files/tpm-emulator.initd-r2
new file mode 100644
index 000000000000..abfbef900d00
--- /dev/null
+++ b/app-crypt/tpm-emulator/files/tpm-emulator.initd-r2
@@ -0,0 +1,46 @@
+#!/sbin/openrc-run
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License, v2 or later
+
+STARTUP_MODE="${STARTUP_MODE:-save}";
+
+extra_started_commands="clear save deactivated"
+description="TPM emulator"
+command="/usr/bin/tpmd"
+my_command_args="-f"
+command_background=1
+command_user="tss:tss"
+pidfile="/var/run/${RC_SVCNAME}.pid"
+
+depend() {
+	use logger
+	after coldplug
+}
+
+start_pre() {
+	checkpath -d -m 0775 -o tss /var/run/tpm
+	service_set_value STARTUP_MODE "${STARTUP_MODE}"
+}
+
+start() {
+	command_args="${my_command_args} $(service_get_value STARTUP_MODE)"
+	default_start
+}
+
+_doit() {
+	service_set_value STARTUP_MODE "$1"
+	stop
+	start
+}
+
+clear() {
+	_doit clear
+}
+
+save() {
+	_doit save
+}
+
+deactivated() {
+	_doit deactivated
+}