diff --git a/README b/README new file mode 100644 index 0000000..7924ddc --- /dev/null +++ b/README @@ -0,0 +1,166 @@ +Linux Specific build notes +-------------------------- +Written by Ken Goldman +IBM Thomas J. Watson Research Center + + +Prior to the autotools support, most users began by untarring the +tarball or cloning the git repo, and then executing 'make' or 'make -f +' in the utils and utils12 directories. For autotools and the +existing makefiles to co-exist, the existing "makefile" was renamed to +"makefiletpmc". + +$ cd utils +$ make -f makefiletpmc +$ cd utils12 +$ make -f makefiletpmc + +This builds a TSS +- with TPM 2.0 and TPM 1.2 support, +- connecting to a TPM 2.0 SW TPM, +- with TSS state files in cwd, +- with tracing support, +- and with elliptic curve support. + +Refer to the "Advanced options", below, for additional compiler options. + + +Autotools +--------- + +On Linux (and probably other Unix systems), open source projects expect +the normal shell command 'autoreconf -i && ./configure && make && make install' +should configure and build the package. + +Example 1: To configure the TSS library to use the software TPM, build and +install the package in ${HOME}/local/bin and ${HOME}/local/lib directories +execute the following shell commands: + +$ autoreconf -i +$ ./configure --prefix=${HOME}/local --disable-hwtpm +$ make clean +$ make +$ make install + +An initial set of the most common TSS "./configure" options are defined +to enable/disable different features. + +--disable-tpm-2.0 - include only TPM 1.2 support +--disable-tpm-1.2 - include only TPM 2.0 support +--disable-hwtpm - don't use the hardware TPM, use a software one instead +--disable-rmtpm - when using a hardware TPM, don't use the resource manager +--enable-noprint - build a TSS library without tracing or prints +--enable-nofile - build a TSS library that does not use files to preserve state +--enable-nocrypto - build a TSS library that does not require a crypto library + (dependency on "--enable-nofile") +--enable-noecc - build a TSS library that does not require OpenSSL elliptic curve support +--enable-debug - build a TSS library used for debugging. + +Example 2: To configure the TSS library to use the hardware TPM, build and +install the package in the default /usr/local directories requires root +privileges. Executing the following shell commands will make and install the +package in the default directories. + +$ autoreconf -i +$ ./configure +$ make clean +$ make +$ sudo make install + +Other TSS features can be modified by specifying them directly as CFLAGS +"./configure" options. + +CFLAGS='' +options: +-O0 - change compiler optimization (default: 02) +-DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" - change hardware TPM (default: /dev/tpm0) +-DTPM_DATA_DIR_DEFAULT="\"\"" - specify directory for TSS state files +-DTPM_TRACE_LEVEL_DEFAULT="\""" - change level of tracing (default: 0) + 0 - no tracing + 1 - trace errors + 2 - trace errors and execution flow + +Example 3: To install the package in ${HOME}/local/bin and ${HOME}/local/lib +directories, compile for the gdb debugger, and connect by default to a socket +simulator TPM at command port 3333, execute the following shell commands: + +$ autoreconf -i +$ ./configure --prefix=${HOME}/local --enable-debug --disable-hwtpm \ +CFLAGS='-DTPM_INTERFACE_TYPE_DEFAULT="\"socsim\"" -DTPM_COMMAND_PORT_DEFAULT="\"3333\""' +$ make clean +$ make +$ make install + +The TPM utility binaries are stored in utils/.lib and utils12/.lib directories +of the source directory.[1] To debug using these binaries in the source tree, +use either the binary stored in .lib or the libtool command. + +$ libtool --mode=execute gdb <.lib/utility> + +[1] For an explanation, refer to the GNU documentation +https://www.gnu.org/software/libtool/manual/libtool.html#Debugging-executables. + + +Advanced options +---------------- + +For all options and details, see the documentation in ibmtss.doc or +ibmtss.html. + +Some of the more common options are below. + +1-3 can also be specified in an environment variable or at run time. + +4-8, which are used to reduce the size of the library, must be +specified at compile time. + +1) To default to a hardware TPM (rather than the SW TPM) + +Add to CCLFLAGS: + + -DTPM_INTERFACE_TYPE_DEFAULT="\"dev\"" + +2) To default to /dev/tpmrm0 (rather than /dev/tpm0) + +Add to CCLFLAGS: + + -DTPM_DEVICE_DEFAULT="\"/dev/tpm0\"" + +3) To default to a different directory for TSS state files (rather +than cwd) + +Add to CCLFLAGS: + + -DTPM_DATA_DIR_DEFAULT="\"directory\"" + +4) To remove TPM 1.2 support + +Delete from CCLFLAGS and CCAFLAGS + + -DTPM_TPM12 + +5) To remove the requirement for a filesystem (see documentation for +limitations) + +Add to CCFLAGS + + -DTPM_TSS_NOFILE + +6) To remove the requirement for crypto (see documentation for +limitations) + +Add to CCFLAGS + + -DTPM_TSS_NOCRYPTO + +7) To remove print tracing support + +Add to CCFLAGS + + -DTPM_TSS_NO_PRINT + +8) To remove elliptic curve dependencies + +Add to CCFLAGS + + -DTPM_TSS_NOECC diff --git a/README.en.md b/README.en.md deleted file mode 100644 index c19fea7..0000000 --- a/README.en.md +++ /dev/null @@ -1,36 +0,0 @@ -# tss2 - -#### Description -IBM's TCG Software Stack (TSS) for TPM 2.0 and related utilities - -#### Software Architecture -Software architecture description - -#### Installation - -1. xxxx -2. xxxx -3. xxxx - -#### Instructions - -1. xxxx -2. xxxx -3. xxxx - -#### Contribution - -1. Fork the repository -2. Create Feat_xxx branch -3. Commit your code -4. Create Pull Request - - -#### Gitee Feature - -1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md -2. Gitee blog [blog.gitee.com](https://blog.gitee.com) -3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) -4. The most valuable open source project [GVP](https://gitee.com/gvp) -5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) -6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README.md b/README.md index 2126436..c19fea7 100644 --- a/README.md +++ b/README.md @@ -1,37 +1,36 @@ # tss2 -#### 介绍 +#### Description IBM's TCG Software Stack (TSS) for TPM 2.0 and related utilities -#### 软件架构 -软件架构说明 +#### Software Architecture +Software architecture description - -#### 安装教程 +#### Installation 1. xxxx 2. xxxx 3. xxxx -#### 使用说明 +#### Instructions 1. xxxx 2. xxxx 3. xxxx -#### 参与贡献 +#### Contribution -1. Fork 本仓库 -2. 新建 Feat_xxx 分支 -3. 提交代码 -4. 新建 Pull Request +1. Fork the repository +2. Create Feat_xxx branch +3. Commit your code +4. Create Pull Request -#### 码云特技 +#### Gitee Feature -1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md -2. 码云官方博客 [blog.gitee.com](https://blog.gitee.com) -3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目 -4. [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目,是码云综合评定出的优秀开源项目 -5. 码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help) -6. 码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) +1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md +2. Gitee blog [blog.gitee.com](https://blog.gitee.com) +3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) +4. The most valuable open source project [GVP](https://gitee.com/gvp) +5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) +6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/flags-fixup.patch b/flags-fixup.patch new file mode 100644 index 0000000..5282466 --- /dev/null +++ b/flags-fixup.patch @@ -0,0 +1,22 @@ +diff -uprN tss.orig/utils/makefile-common tss/utils/makefile-common +--- tss.orig/utils/makefile-common 2019-04-24 19:48:55.000000000 +0200 ++++ tss/utils/makefile-common 2020-07-08 12:37:29.210793571 +0200 +@@ -45,7 +45,8 @@ CCFLAGS += \ + -Wall -W -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ + -Wformat=2 -Wold-style-definition -Wno-self-assign \ + -Werror=declaration-after-statement \ +- -ggdb -O0 -c ++ -ggdb -c -DTPM_INTERFACE_TYPE_DEFAULT="\"dev\"" \ ++ -DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" + + # to compile with optimizations on (warning will result) + # -O3 -c +@@ -56,6 +57,8 @@ CCFLAGS += \ + + #LNFLAGS += -ggdb + ++LNLLIBS += -lcrypto ++ + ALL += $(LIBTSS) \ + $(LIBTSSA) \ + $(LIBTSSUTILS) diff --git a/ibmtss1470.tar.gz b/ibmtss1470.tar.gz new file mode 100644 index 0000000..cfe5277 Binary files /dev/null and b/ibmtss1470.tar.gz differ diff --git a/tss2.spec b/tss2.spec new file mode 100644 index 0000000..e346c4d --- /dev/null +++ b/tss2.spec @@ -0,0 +1,173 @@ +# +# Spec file for IBM's TSS for the TPM 2.0 +# +%{!?__global_ldflags: %global __global_ldflags -Wl,-z,relro} + +%global incname ibmtss + +Name: tss2 +Version: 1470 +Release: 1%{?dist} +Summary: IBM's TCG Software Stack (TSS) for TPM 2.0 and related utilities + +License: BSD +URL: http://sourceforge.net/projects/ibmtpm20tss/ +Source0: https://sourceforge.net/projects/ibmtpm20tss/files/ibmtss%{version}.tar.gz +Patch1: flags-fixup.patch + +BuildRequires: gcc +BuildRequires: help2man +BuildRequires: openssl-devel +Requires: openssl + +%description +TSS2 is a user space Trusted Computing Group's Software Stack (TSS) for +TPM 2.0. It implements the functionality equivalent to the TCG TSS +working group's ESAPI, SAPI, and TCTI layers (and perhaps more) but with +a hopefully far simpler interface. + +It comes with about 80 "TPM tools" that can be used for rapid prototyping, +education and debugging. + +%package devel +Summary: Development libraries and headers for IBM's TSS 2.0 +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +Development libraries and headers for IBM's TSS 2.0. You will need this in +order to build TSS 2.0 applications. + +%prep +%autosetup -p1 -c %{name}-%{version} + +%build +# nonstandard variable names are used in place of CFLAGS and LDFLAGS +pushd utils +CCFLAGS="%{optflags}" \ +LNFLAGS="%{__global_ldflags}" \ +%{make_build} -f makefiletpmc +popd + +%install +# Prefix for namespacing +BIN_PREFIX=tss +mkdir -p %{buildroot}/%{_bindir} +mkdir -p %{buildroot}/%{_libdir} +mkdir -p %{buildroot}/%{_includedir}/%{incname}/ +mkdir -p %{buildroot}/%{_mandir}/man1 +pushd utils +# Pick out executables and copy with namespacing +for f in *; do + if [[ -x $f && -f $f && ! $f =~ .*\..* ]]; then + cp -p $f %{buildroot}/%{_bindir}/${BIN_PREFIX}$f + fi; +done +cp -p *.so.1.1 %{buildroot}/%{_libdir} +cp -p %{incname}/*.h %{buildroot}/%{_includedir}/%{incname}/ +cp -p ekutils.h cryptoutils.h %{buildroot}/%{_includedir}/%{incname}/ +cp -p man/man1/tss*.1 %{buildroot}/%{_mandir}/man1/ +popd + + +# Make symbolic links to the shared lib +pushd %{buildroot}/%{_libdir} +rm -f libibmtss.so.1 +ln -sf libibmtss.so.1.1 libibmtss.so.1 +rm -f libibmtss.so +ln -sf libibmtss.so.1 libibmtss.so +ln -sf libibmtssutils.so.1.1 libibmtssutils.so +popd + +%ldconfig_scriptlets + +%files +%license LICENSE +%{_bindir}/tss* +%{_libdir}/libibmtss.so.1 +%{_libdir}/libibmtss.so.1.* +%{_libdir}/libibmtssutils.so.1 +%{_libdir}/libibmtssutils.so.1.* +%attr(0644, root, root) %{_mandir}/man1/tss*.1* + +%files devel +%{_includedir}/%{incname} +%{_libdir}/libibmtss.so +%{_libdir}/libibmtssutils.so +%doc ibmtss.doc + +%changelog +* Tue Jul 14 2020 Roberto Sassu - 1470-1 +- Import in openEuler + +* Fri Feb 14 2020 Tom Stellard - 1331-5 +- Use make_build macro +- https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make + +* Fri Jan 31 2020 Fedora Release Engineering - 1331-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Jan 17 2020 Jeff Law - 1331-3 +- Ensure tssprintcmd has the compilation compilation flags, + PIC in particular + +* Sat Jul 27 2019 Fedora Release Engineering - 1331-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu May 30 2019 Jerry Snitselaar - 1331-1 +- Rebase to version 1331 + +* Tue May 28 2019 Jerry Snitselaar - 1234-4 +- Fix covscan issues +- Fix compile and linker flag issues + +* Sun Feb 03 2019 Fedora Release Engineering - 1234-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Sat Jul 14 2018 Fedora Release Engineering - 1234-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Mon Jun 18 2018 Jerry Snitselaar - 1234-1 +- Version bump. + +* Fri Feb 09 2018 Fedora Release Engineering - 1027-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Jan 19 2018 Merlin Mathesius - 1027-1 +- Version bump. Now supported for all architectures. +- Generate man pages since they are no longer included in source archive. + +* Thu Aug 03 2017 Fedora Release Engineering - 713-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 713-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 713-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Oct 05 2016 Hon Ching(Vicky) Lo - 713-7 +- Removed defattr from the devel subpackage + +* Mon Sep 26 2016 Hon Ching(Vicky) Lo - 713-6 +- Added s390x arch as another "ExcludeArch" + +* Mon Sep 26 2016 Hon Ching(Vicky) Lo - 713-5 +- Replaced ExclusiveArch with ExcludeArch + +* Mon Sep 19 2016 Hon Ching(Vicky) Lo - 713-4 +- Used ExclusiveArch instead of BuildArch tag +- Removed attr from symlink in devel subpackage +- Added manpages and modified the Source0 +- Added CCFLAGS and LNFLAGS to enforce hardening and optimization + +* Wed Aug 17 2016 Hon Ching(Vicky) Lo - 713-3 +- Modified supported arch to ppc64le + +* Sat Aug 13 2016 Hon Ching(Vicky) Lo - 713-2 +- Minor spec fixes + +* Tue Aug 09 2016 Hon Ching(Vicky) Lo - 713-1 +- Updated for initial submission + +* Fri Mar 20 2015 George Wilson +- Initial implementation