diff --git a/README.md b/README.md index 2126436..7924ddc 100644 --- a/README.md +++ b/README.md @@ -1,37 +1,166 @@ -# tss2 - -#### 介绍 -IBM's TCG Software Stack (TSS) for TPM 2.0 and related utilities - -#### 软件架构 -软件架构说明 +Linux Specific build notes +-------------------------- +Written by Ken Goldman +IBM Thomas J. Watson Research Center -#### 安装教程 +Prior to the autotools support, most users began by untarring the +tarball or cloning the git repo, and then executing 'make' or 'make -f +' in the utils and utils12 directories. For autotools and the +existing makefiles to co-exist, the existing "makefile" was renamed to +"makefiletpmc". -1. xxxx -2. xxxx -3. xxxx +$ cd utils +$ make -f makefiletpmc +$ cd utils12 +$ make -f makefiletpmc -#### 使用说明 +This builds a TSS +- with TPM 2.0 and TPM 1.2 support, +- connecting to a TPM 2.0 SW TPM, +- with TSS state files in cwd, +- with tracing support, +- and with elliptic curve support. -1. xxxx -2. xxxx -3. xxxx - -#### 参与贡献 - -1. Fork 本仓库 -2. 新建 Feat_xxx 分支 -3. 提交代码 -4. 新建 Pull Request +Refer to the "Advanced options", below, for additional compiler options. -#### 码云特技 +Autotools +--------- -1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md -2. 码云官方博客 [blog.gitee.com](https://blog.gitee.com) -3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目 -4. [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目,是码云综合评定出的优秀开源项目 -5. 码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help) -6. 码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) +On Linux (and probably other Unix systems), open source projects expect +the normal shell command 'autoreconf -i && ./configure && make && make install' +should configure and build the package. + +Example 1: To configure the TSS library to use the software TPM, build and +install the package in ${HOME}/local/bin and ${HOME}/local/lib directories +execute the following shell commands: + +$ autoreconf -i +$ ./configure --prefix=${HOME}/local --disable-hwtpm +$ make clean +$ make +$ make install + +An initial set of the most common TSS "./configure" options are defined +to enable/disable different features. + +--disable-tpm-2.0 - include only TPM 1.2 support +--disable-tpm-1.2 - include only TPM 2.0 support +--disable-hwtpm - don't use the hardware TPM, use a software one instead +--disable-rmtpm - when using a hardware TPM, don't use the resource manager +--enable-noprint - build a TSS library without tracing or prints +--enable-nofile - build a TSS library that does not use files to preserve state +--enable-nocrypto - build a TSS library that does not require a crypto library + (dependency on "--enable-nofile") +--enable-noecc - build a TSS library that does not require OpenSSL elliptic curve support +--enable-debug - build a TSS library used for debugging. + +Example 2: To configure the TSS library to use the hardware TPM, build and +install the package in the default /usr/local directories requires root +privileges. Executing the following shell commands will make and install the +package in the default directories. + +$ autoreconf -i +$ ./configure +$ make clean +$ make +$ sudo make install + +Other TSS features can be modified by specifying them directly as CFLAGS +"./configure" options. + +CFLAGS='' +options: +-O0 - change compiler optimization (default: 02) +-DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" - change hardware TPM (default: /dev/tpm0) +-DTPM_DATA_DIR_DEFAULT="\"\"" - specify directory for TSS state files +-DTPM_TRACE_LEVEL_DEFAULT="\""" - change level of tracing (default: 0) + 0 - no tracing + 1 - trace errors + 2 - trace errors and execution flow + +Example 3: To install the package in ${HOME}/local/bin and ${HOME}/local/lib +directories, compile for the gdb debugger, and connect by default to a socket +simulator TPM at command port 3333, execute the following shell commands: + +$ autoreconf -i +$ ./configure --prefix=${HOME}/local --enable-debug --disable-hwtpm \ +CFLAGS='-DTPM_INTERFACE_TYPE_DEFAULT="\"socsim\"" -DTPM_COMMAND_PORT_DEFAULT="\"3333\""' +$ make clean +$ make +$ make install + +The TPM utility binaries are stored in utils/.lib and utils12/.lib directories +of the source directory.[1] To debug using these binaries in the source tree, +use either the binary stored in .lib or the libtool command. + +$ libtool --mode=execute gdb <.lib/utility> + +[1] For an explanation, refer to the GNU documentation +https://www.gnu.org/software/libtool/manual/libtool.html#Debugging-executables. + + +Advanced options +---------------- + +For all options and details, see the documentation in ibmtss.doc or +ibmtss.html. + +Some of the more common options are below. + +1-3 can also be specified in an environment variable or at run time. + +4-8, which are used to reduce the size of the library, must be +specified at compile time. + +1) To default to a hardware TPM (rather than the SW TPM) + +Add to CCLFLAGS: + + -DTPM_INTERFACE_TYPE_DEFAULT="\"dev\"" + +2) To default to /dev/tpmrm0 (rather than /dev/tpm0) + +Add to CCLFLAGS: + + -DTPM_DEVICE_DEFAULT="\"/dev/tpm0\"" + +3) To default to a different directory for TSS state files (rather +than cwd) + +Add to CCLFLAGS: + + -DTPM_DATA_DIR_DEFAULT="\"directory\"" + +4) To remove TPM 1.2 support + +Delete from CCLFLAGS and CCAFLAGS + + -DTPM_TPM12 + +5) To remove the requirement for a filesystem (see documentation for +limitations) + +Add to CCFLAGS + + -DTPM_TSS_NOFILE + +6) To remove the requirement for crypto (see documentation for +limitations) + +Add to CCFLAGS + + -DTPM_TSS_NOCRYPTO + +7) To remove print tracing support + +Add to CCFLAGS + + -DTPM_TSS_NO_PRINT + +8) To remove elliptic curve dependencies + +Add to CCFLAGS + + -DTPM_TSS_NOECC diff --git a/flags-fixup.patch b/flags-fixup.patch index a92a541..5282466 100644 --- a/flags-fixup.patch +++ b/flags-fixup.patch @@ -1,33 +1,22 @@ -diff -ur tss2-1234/utils/makefile-common tss2-1234-new/utils/makefile-common ---- tss2-1234/utils/makefile-common 2018-05-29 12:00:46.000000000 -0700 -+++ tss2-1234-new/utils/makefile-common 2018-10-02 15:10:20.783078580 -0700 -@@ -44,7 +44,7 @@ - CCFLAGS += \ +diff -uprN tss.orig/utils/makefile-common tss/utils/makefile-common +--- tss.orig/utils/makefile-common 2019-04-24 19:48:55.000000000 +0200 ++++ tss/utils/makefile-common 2020-07-08 12:37:29.210793571 +0200 +@@ -45,7 +45,8 @@ CCFLAGS += \ -Wall -W -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ -Wformat=2 -Wold-style-definition -Wno-self-assign \ + -Werror=declaration-after-statement \ - -ggdb -O0 -c -+ -ggdb -c ++ -ggdb -c -DTPM_INTERFACE_TYPE_DEFAULT="\"dev\"" \ ++ -DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" # to compile with optimizations on (warning will result) # -O3 -c -diff -ur tss2-1234/utils/makefile.fedora tss2-1234-new/utils/makefile.fedora ---- tss2-1234/utils/makefile.fedora 2018-05-15 10:07:20.000000000 -0700 -+++ tss2-1234-new/utils/makefile.fedora 2018-10-02 15:11:33.909083615 -0700 -@@ -71,7 +71,7 @@ +@@ -56,6 +57,8 @@ CCFLAGS += \ - # compile - common flags for TSS library and applications + #LNFLAGS += -ggdb --CCFLAGS += -DTPM_POSIX -+CCFLAGS += -DTPM_POSIX -DTPM_INTERFACE_TYPE_DEFAULT="\"dev\"" -DTPM_DEVICE_DEFAULT="\"/dev/tpmrm0\"" - - # example of pointing to a locally built openssl 1.1 - # CCFLAGS += -I/home/kgold/openssl-1.1.0c/include -@@ -119,7 +119,7 @@ - LNLFLAGS += -shared -Wl,-z,now - - # This is an alternative to using the bfd linker on Ubuntu --# LNLLIBS += -lcrypto +LNLLIBS += -lcrypto - - # link - for applications, TSS path, TSS and OpenSSl libraries - ++ + ALL += $(LIBTSS) \ + $(LIBTSSA) \ + $(LIBTSSUTILS) diff --git a/hash_generate.patch b/hash_generate.patch deleted file mode 100644 index f6a5387..0000000 --- a/hash_generate.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -ur tss2-1234/utils/policymaker.c tss2-1234-new/utils/policymaker.c ---- tss2-1234/utils/policymaker.c 2018-10-18 12:16:59.742439220 -0700 -+++ tss2-1234-new/utils/policymaker.c 2018-10-18 12:34:34.991755536 -0700 -@@ -208,10 +208,10 @@ - } - /* hash extend */ - if ((rc == 0) && (prc != NULL)) { -- TSS_Hash_Generate(&digest, -- startSizeInBytes, (uint8_t *)&digest.digest, /* extend */ -- lineLength /2, lineBinary, -- 0, NULL); -+ rc = TSS_Hash_Generate(&digest, -+ startSizeInBytes, (uint8_t *)&digest.digest, /* extend */ -+ lineLength /2, lineBinary, -+ 0, NULL); - } - if ((rc == 0) && (prc != NULL)) { - if (verbose) TSS_PrintAll("intermediate policy digest", diff --git a/ibmtss1331.tar.gz b/ibmtss1331.tar.gz deleted file mode 100644 index a7772b4..0000000 Binary files a/ibmtss1331.tar.gz and /dev/null differ diff --git a/ibmtss1470.tar.gz b/ibmtss1470.tar.gz new file mode 100644 index 0000000..cfe5277 Binary files /dev/null and b/ibmtss1470.tar.gz differ diff --git a/picfix.patch b/picfix.patch deleted file mode 100644 index 82f13be..0000000 --- a/picfix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nrup a/utils/makefile.fedora b/utils/makefile.fedora ---- a/utils/makefile.fedora 2019-12-19 16:26:06.695476012 -0700 -+++ b/utils/makefile.fedora 2019-12-19 16:25:58.153501665 -0700 -@@ -181,6 +181,8 @@ tsscryptoh.o: $(TSS_HEADERS) tsscryptoh - $(CC) $(CCFLAGS) $(CCLFLAGS) tsscryptoh.c - tsscrypto.o: $(TSS_HEADERS) tsscrypto.c - $(CC) $(CCFLAGS) $(CCLFLAGS) tsscrypto.c -+tssprintcmd.o: $(TSS_HEADERS) tssprintcmd.c -+ $(CC) $(CCFLAGS) $(CCLFLAGS) tssprintcmd.c - tssutils.o: $(TSS_HEADERS) tssutils.c - $(CC) $(CCFLAGS) $(CCLFLAGS) tssutils.c - tssfile.o: $(TSS_HEADERS) tssfile.c diff --git a/tss2.spec b/tss2.spec index 5dbfda3..5b9fc08 100644 --- a/tss2.spec +++ b/tss2.spec @@ -6,16 +6,14 @@ %global incname ibmtss Name: tss2 -Version: 1.5.0 -Release: 1%{?dist} +Version: 1470 +Release: 7%{?dist} Summary: IBM's TCG Software Stack (TSS) for TPM 2.0 and related utilities License: BSD URL: http://sourceforge.net/projects/ibmtpm20tss/ Source0: https://sourceforge.net/projects/ibmtpm20tss/files/ibmtss%{version}.tar.gz Patch1: flags-fixup.patch -Patch2: hash_generate.patch -Patch3: picfix.patch BuildRequires: gcc BuildRequires: help2man @@ -47,7 +45,7 @@ order to build TSS 2.0 applications. pushd utils CCFLAGS="%{optflags}" \ LNFLAGS="%{__global_ldflags}" \ -%{make_build} -f makefile.fedora +%{make_build} -f makefiletpmc popd %install @@ -66,6 +64,7 @@ for f in *; do done cp -p *.so.1.1 %{buildroot}/%{_libdir} cp -p %{incname}/*.h %{buildroot}/%{_includedir}/%{incname}/ +cp -p ekutils.h cryptoutils.h %{buildroot}/%{_includedir}/%{incname}/ cp -p man/man1/tss*.1 %{buildroot}/%{_mandir}/man1/ popd @@ -76,6 +75,7 @@ rm -f libibmtss.so.1 ln -sf libibmtss.so.1.1 libibmtss.so.1 rm -f libibmtss.so ln -sf libibmtss.so.1 libibmtss.so +ln -sf libibmtssutils.so.1.1 libibmtssutils.so popd %ldconfig_scriptlets @@ -85,11 +85,14 @@ popd %{_bindir}/tss* %{_libdir}/libibmtss.so.1 %{_libdir}/libibmtss.so.1.* +%{_libdir}/libibmtssutils.so.1 +%{_libdir}/libibmtssutils.so.1.* %attr(0644, root, root) %{_mandir}/man1/tss*.1* %files devel %{_includedir}/%{incname} %{_libdir}/libibmtss.so +%{_libdir}/libibmtssutils.so %doc ibmtss.doc %changelog