Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 19:04:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,523 Commits 24 Branches 39 Tags 7 MiB
stable-0.9
Commit Graph

1523 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Berger
c9de5f0ab1 build: add threadpool.h 
Add the threadpool.h to the noinst headers, so it ends up in the tgz file.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-29 04:30:27 -05:00
Stefan Berger
c3c7e8f364 swtpm_bios: Introduce durations to wait for command completions 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-29 04:25:42 -05:00
Stefan Berger
abac744529 swtpm_bios: use select for waiting for response 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-28 20:35:29 -05:00
Stefan Berger
1c1efe2dab swtpm: move threadpool code out of cuse-tpm 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-28 16:13:53 -05:00
Stefan Berger
28a18c29b3 swtpm_setup: improve error handling 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-28 16:10:10 -05:00
Stefan Berger
b7a4c100fb samples: improve error handling 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-28 15:58:15 -05:00
Stefan Berger
bb420d7481 swtpm: move process owership to common file and enable in all implementations 
Move the code to change process ownership into its own function and enable
--runas|-r <owner> in all implementations.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-27 18:17:49 -05:00
Stefan Berger
e11a75527e tests: add timeout to socat 
Add a timeout to socat so that on slower machines the tests succeed.

Clean up an #include.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-21 03:26:46 -05:00
Stefan Berger
804e74728e swtpm: add CMD_SHUTDOWN to control channel 
Extend the control channel with CMD_SHUTDOWN to shut down the TPM.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-20 20:55:15 -05:00
Stefan Berger
0cfbcb3d82 Update TODO list 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-20 20:07:55 -05:00
Stefan Berger
78c5f924bf swtpm: add cuse TPM interface option to swtpm 
Now that the CUSE TPM part is BSD licensed, extend the swtpm
program with the cuse option.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-20 20:06:57 -05:00
Stefan Berger
ddf99d057a swtpm: clean up single letter options 
Remove single letter options that are not described in the help screen.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-20 13:17:08 -05:00
Stefan Berger
cf56d345bd tests: Deactivate the checking for the certificate size 
Deactivate the checking for the certificate size since different
GnuTLS versions may create certificates of different sizes by adding
additional fields or other data to the cert.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-13 21:58:38 -05:00
Stefan Berger
12837911ce swtpm: do not ignore write return value 
If the 'swtpm chardev' receives an error on write() or not all bytes
could be written, log an error and terminate.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-13 21:49:49 -05:00
Stefan Berger
96038cdfec tests: move modprobe cuse into common file 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-13 21:23:12 -05:00
Stefan Berger
86b6ffca75 swtpm: use endian.hi for endianess conversion 
Use the macros defined in endian.h for endianess conversion.

Fix the conversion of a 64bit variable.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 17:25:17 -05:00
Stefan Berger
2b4c6da540 swtpm: add missing dirent.h include 
On PowerKVM dirent.h needs to be included.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 17:24:43 -05:00
Stefan Berger
db33da6b78 build: fix build of rpm 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 17:24:23 -05:00
Stefan Berger
5f1ef9565d swtpm: Replace the CUSE TPM with the new implementation 
Replace the CUSE TPM with the new BSD implementation.
Update the license references and the license itself.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 15:01:57 -05:00
Stefan Berger
57d542a01c swtpm: transfer the rest of the code 
Transfer the rest of the CUSE TPM code into the new application.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 14:57:54 -05:00
Stefan Berger
82cf754a79 swtpm: Implement ptm_init_done function 
Implement the ptm_init_done function

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 14:57:54 -05:00
Stefan Berger
6a102bc764 swtpm: Implement command line option parsing and main function 
Implement the command line option parsing and the main() function.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 14:57:54 -05:00
Stefan Berger
6e0dc3ddd5 swtpm: Re-implement CUSE TPM under BSD license 
Eric Richter implemented a clean-room skeleton CUSE driver which
we will now convert to the CUSE TPM. The goal is to replace the
GPL CUSE TPM implementation with this 3-clause BSD implementation.
Among other things, this makes it easier to link with OpenSSL.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-07 14:57:54 -05:00
Stefan Berger
ffcb6535d3 swtpm_bios: Add option to give up physical presence 
Extend the swtpm_bios tool with an option to give up physical presence.

Have the TPM error codes reflected in the exit error of 128.

Add a test case for the tool.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-04 18:23:13 -05:00
Stefan Berger
a1030ba771 swtpm_ioctl: do not display help screen on -h 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-04 09:31:55 -05:00
Stefan Berger
57e53b78ea swtpm: Add option to only display version info 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-04 07:32:53 -05:00
Stefan Berger
a1fa5d77e2 swtpm: add version info to all programs 
Move src/swtpm/swtpm.h.in to include/swtpm.h.in to make it commonly
available. Adapt all other programs to use it and display version information
in the help screen.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-03 19:31:10 -05:00
Stefan Berger
a7bd0ebffc swtpm: poll for HUP as well 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-12-03 09:15:59 -05:00
Stefan Berger
8cb126e4c3 build: check for socat tool 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-30 15:35:32 -05:00
Stefan Berger
58774fd617 build: move chmod into AC_CONFIG_FILES 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-29 18:59:16 -05:00
Stefan Berger
8a68446e73 swtpm_setup: enable help screen for normal users 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-29 17:05:22 -05:00
Stefan Berger
a3c8e71a1d swtpm: fix some coverity errors 
Fix some errors raised by Coverity.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-29 01:48:13 -05:00
Stefan Berger
02017e62b0 test: fix file permission 
Signed-off-ny: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-28 10:47:38 -05:00
Stefan Berger
6852f6c89b swtpm: introduce control channel for chardev TPM 
Implement a control channel for the 'chardev' swtpm that implements
a minimal set of control messages for now.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-27 22:13:37 -05:00
Stefan Berger
7a00ba8b7c swtpm: Fix typo in error message 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-27 22:13:36 -05:00
Stefan Berger
1bebb6be04 swtpm: consoldiate code 
Consolidate common code.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-27 17:58:32 -05:00
Stefan Berger
c8ba316097 swtpm: fix TPM_DEBUG define 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-27 10:25:17 -05:00
Stefan Berger
12ef7d4e47 swtpm chardev: remove not supported command line option 
Remove a not supported command line option from the help screen of
'swtpm chardev'.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-27 10:24:00 -05:00
Stefan Berger
e47bd065ff swtpm: remove pidfile after process exits 
Remove the pidfile once swtpm process exits.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-15 13:55:06 -05:00
Stefan Berger
29cfd0a4fd swtpm: add support for listening on chardev 
Add support for 'swtpm chardev' that listens for TPM commands on a given
character device and sends responses through it.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-08 14:13:23 -05:00
Stefan Berger
27a3c23967 swtpm: make all possible variables static 
Some of the variables in swtpm.c were not static, fix this.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-08 13:46:17 -05:00
Stefan Berger
6e7df39f22 build: remove hardcoded tss user and group 
Adding forgotten file.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-03 10:13:46 -05:00
Stefan Berger
c4ac0a11e9 build: remove hardcoded tss user and group 
Remove the hardcodes tss user and group and to configure with
--with-tss-user=tss --with-tss-group=tss to set the tss user
and group to be used.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-11-02 20:47:37 -05:00
Stefan Berger
118cc15230 swtpm: Check for existing device 
Check for an existing device with the same name and print an error
if the device already exists.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-29 11:00:56 -04:00
Stefan Berger
6e710866f3 swtpm: report missing TPM state path 
Report missing TPM state path as soon as possible.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-29 10:48:30 -04:00
Stefan Berger
bc525ccdab swtpm: Add support for --tpmstate dir=<dir> command line parameter 
Add support for the --tpmstate dir=<dir> command line parameter.
It will be used instead of the TPM_PATH, unless it is not set.

Adapt two test cases for the new parameter.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-27 21:58:10 -04:00
Stefan Berger
efb0779cd6 rpm: do not remove policies when removing package during upgrade 
Do not remove the SELinux policies during the remove phase of
an old package when upgrading.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-27 21:39:00 -04:00
Stefan Berger
83ef6c972f build: bump revision up to 'dev2' 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-27 07:32:12 -04:00
Stefan Berger
08f1e70db6 build: Simplify the check for -fstack-protector-strong 
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-26 11:23:19 -04:00
Stefan Berger
b080afb533 Build: Also search for the gawk tool 
Extend configure.ac to also search for the gawk tool.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
 2015-10-26 10:56:54 -04:00