Merge pull request #120486 from TredwellGit/tboot
tboot: 1.9.8 -> 1.10.1
This commit is contained in:
commit
b2377b9515
@ -1,27 +1,23 @@
|
|||||||
{ lib, stdenv, fetchurl, trousers, openssl, zlib }:
|
{ lib, stdenv, fetchurl, openssl, perl, trousers, zlib }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "tboot";
|
pname = "tboot";
|
||||||
version = "1.9.8";
|
version = "1.10.1";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "mirror://sourceforge/tboot/${pname}-${version}.tar.gz";
|
url = "mirror://sourceforge/tboot/${pname}-${version}.tar.gz";
|
||||||
sha256 = "06f0ggl6vrb5ghklblvh2ixgmmjv31rkp1vfj9qm497iqwq9ac00";
|
sha256 = "18bnkwnlk16cc20nysqfcjx006idi7jmmhahk8vk09w458bhaajg";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [ ./tboot-add-well-known-secret-option-to-lcp_writepol.patch ];
|
buildInputs = [ openssl trousers zlib ];
|
||||||
|
|
||||||
buildInputs = [ trousers openssl zlib ];
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
hardeningDisable = [ "pic" "stackprotector" ];
|
preConfigure = ''
|
||||||
|
substituteInPlace tboot/Makefile --replace /usr/bin/perl ${perl}/bin/perl
|
||||||
|
|
||||||
NIX_CFLAGS_COMPILE = [ "-Wno-error=address-of-packed-member" ];
|
for a in lcptools-v2 tb_polgen utils; do
|
||||||
|
substituteInPlace "$a/Makefile" --replace /usr/sbin /sbin
|
||||||
configurePhase = ''
|
|
||||||
for a in lcptools utils tb_polgen; do
|
|
||||||
substituteInPlace $a/Makefile --replace /usr/sbin /sbin
|
|
||||||
done
|
done
|
||||||
substituteInPlace docs/Makefile --replace /usr/share /share
|
substituteInPlace docs/Makefile --replace /usr/share /share
|
||||||
'';
|
'';
|
||||||
@ -31,6 +27,7 @@ stdenv.mkDerivation rec {
|
|||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM";
|
description = "A pre-kernel/VMM module that uses Intel(R) TXT to perform a measured and verified launch of an OS kernel/VMM";
|
||||||
homepage = "https://sourceforge.net/projects/tboot/";
|
homepage = "https://sourceforge.net/projects/tboot/";
|
||||||
|
changelog = "https://sourceforge.net/p/tboot/code/ci/v${version}/tree/CHANGELOG";
|
||||||
license = licenses.bsd3;
|
license = licenses.bsd3;
|
||||||
maintainers = with maintainers; [ ak ];
|
maintainers = with maintainers; [ ak ];
|
||||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
diff -urp tboot-1.8.0.orig/lcptools/writepol.c tboot-1.8.0/lcptools/writepol.c
|
|
||||||
--- tboot-1.8.0.orig/lcptools/writepol.c 2014-01-30 10:34:57.000000000 +0100
|
|
||||||
+++ tboot-1.8.0/lcptools/writepol.c 2014-02-12 01:48:51.523581057 +0100
|
|
||||||
@@ -40,6 +40,7 @@
|
|
||||||
#include <getopt.h>
|
|
||||||
#include <trousers/tss.h>
|
|
||||||
#include <trousers/trousers.h>
|
|
||||||
+#include <tss/tss_defines.h>
|
|
||||||
|
|
||||||
#define PRINT printf
|
|
||||||
#include "../include/uuid.h"
|
|
||||||
@@ -51,14 +52,15 @@ static uint32_t index_value = 0;
|
|
||||||
static char *file_arg=NULL;
|
|
||||||
static uint32_t fLeng;
|
|
||||||
static unsigned char *policy_data = NULL;
|
|
||||||
-static char *password = NULL;
|
|
||||||
+static const char *password = NULL;
|
|
||||||
static uint32_t passwd_length = 0;
|
|
||||||
+static const char well_known_secret[] = TSS_WELL_KNOWN_SECRET;
|
|
||||||
static int help_input = 0;
|
|
||||||
static unsigned char empty_pol_data[] = {0};
|
|
||||||
|
|
||||||
-static const char *short_option = "ehi:f:p:";
|
|
||||||
+static const char *short_option = "ehi:f:p:Z";
|
|
||||||
static const char *usage_string = "lcp_writepol -i index_value "
|
|
||||||
- "[-f policy_file] [-e] [-p passwd] [-h]";
|
|
||||||
+ "[-f policy_file] [-e] [-p passwd|-Z] [-h]";
|
|
||||||
|
|
||||||
static const char *option_strings[] = {
|
|
||||||
"-i index value: uint32/string.\n"
|
|
||||||
@@ -67,6 +69,7 @@ static const char *option_strings[] = {
|
|
||||||
"\tINDEX_AUX:0x50000002 or \"aux\"\n",
|
|
||||||
"-f file_name: string. File name of the policy data is stored. \n",
|
|
||||||
"-p password: string. \n",
|
|
||||||
+ "-Z use well known secret as password. \n",
|
|
||||||
"-e write 0 length data to the index.\n"
|
|
||||||
"\tIt will be used for some special index.\n"
|
|
||||||
"\tFor example, the index with permission WRITEDEFINE.\n",
|
|
||||||
@@ -119,6 +122,11 @@ parse_cmdline(int argc, const char * arg
|
|
||||||
fLeng = 0;
|
|
||||||
break;
|
|
||||||
|
|
||||||
+ case 'Z':
|
|
||||||
+ password = well_known_secret;
|
|
||||||
+ passwd_length = sizeof(well_known_secret);
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
case 'h':
|
|
||||||
help_input = 1;
|
|
||||||
break;
|
|
Loading…
Reference in New Issue
Block a user