diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/tpm2-tss')
| -rw-r--r-- | nixpkgs/pkgs/development/libraries/tpm2-tss/default.nix | 96 | ||||
| -rw-r--r-- | nixpkgs/pkgs/development/libraries/tpm2-tss/no-dynamic-loader-path.patch | 225 |
2 files changed, 321 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/development/libraries/tpm2-tss/default.nix b/nixpkgs/pkgs/development/libraries/tpm2-tss/default.nix new file mode 100644 index 000000000000..ec17a2d515a0 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/tpm2-tss/default.nix @@ -0,0 +1,96 @@ +{ stdenv, lib, fetchFromGitHub +, autoreconfHook, autoconf-archive, pkg-config, doxygen, perl +, openssl, json_c, curl, libgcrypt +, cmocka, uthash, ibm-sw-tpm2, iproute2, procps, which +, shadow +}: +let + # Avoid a circular dependency on Linux systems (systemd depends on tpm2-tss, + # tpm2-tss tests depend on procps, procps depends on systemd by default). This + # needs to be conditional based on isLinux because procps for other systems + # might not support the withSystemd option. + procpsWithoutSystemd = procps.override { withSystemd = false; }; + procps_pkg = if stdenv.isLinux then procpsWithoutSystemd else procps; +in + +stdenv.mkDerivation rec { + pname = "tpm2-tss"; + version = "3.2.0"; + + src = fetchFromGitHub { + owner = "tpm2-software"; + repo = pname; + rev = version; + sha256 = "1jijxnvjcsgz5yw4i9fj7ycdnnz90r3l0zicpwinswrw47ac3yy5"; + }; + + outputs = [ "out" "man" "dev" ]; + + nativeBuildInputs = [ + autoreconfHook autoconf-archive pkg-config doxygen perl + shadow + ]; + + # cmocka is checked / used(?) in the configure script + # when unit and/or integration testing is enabled + buildInputs = [ openssl json_c curl libgcrypt uthash ] + # cmocka doesn't build with pkgsStatic, and we don't need it anyway + # when tests are not run + ++ lib.optionals (stdenv.buildPlatform == stdenv.hostPlatform) [ + cmocka + ]; + + nativeCheckInputs = [ + cmocka which openssl procps_pkg iproute2 ibm-sw-tpm2 + ]; + + strictDeps = true; + preAutoreconf = "./bootstrap"; + + enableParallelBuilding = true; + + patches = [ + # Do not rely on dynamic loader path + # TCTI loader relies on dlopen(), this patch prefixes all calls with the output directory + ./no-dynamic-loader-path.patch + ]; + + postPatch = '' + patchShebangs script + substituteInPlace src/tss2-tcti/tctildr-dl.c \ + --replace '@PREFIX@' $out/lib/ + substituteInPlace ./test/unit/tctildr-dl.c \ + --replace '@PREFIX@' $out/lib + substituteInPlace ./configure.ac \ + --replace 'm4_esyscmd_s([git describe --tags --always --dirty])' '${version}' + ''; + + configureFlags = lib.optionals (stdenv.buildPlatform == stdenv.hostPlatform) [ + "--enable-unit" + "--enable-integration" + ]; + + doCheck = true; + preCheck = '' + # Since we rewrote the load path in the dynamic loader for the TCTI + # The various tcti implementation should be placed in their target directory + # before we could run tests + installPhase + # install already done, dont need another one + dontInstall=1 + ''; + + postInstall = '' + # Do not install the upstream udev rules, they rely on specific + # users/groups which aren't guaranteed to exist on the system. + rm -R $out/lib/udev + ''; + + meta = with lib; { + description = "OSS implementation of the TCG TPM2 Software Stack (TSS2)"; + homepage = "https://github.com/tpm2-software/tpm2-tss"; + license = licenses.bsd2; + platforms = platforms.linux; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/development/libraries/tpm2-tss/no-dynamic-loader-path.patch b/nixpkgs/pkgs/development/libraries/tpm2-tss/no-dynamic-loader-path.patch new file mode 100644 index 000000000000..fc905885f506 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/tpm2-tss/no-dynamic-loader-path.patch @@ -0,0 +1,225 @@ +diff --git a/src/tss2-tcti/tctildr-dl.c b/src/tss2-tcti/tctildr-dl.c +index b364695c..d026de71 100644 +--- a/src/tss2-tcti/tctildr-dl.c ++++ b/src/tss2-tcti/tctildr-dl.c +@@ -116,6 +116,50 @@ handle_from_name(const char *file, + return TSS2_TCTI_RC_BAD_VALUE; + } + *handle = dlopen(file_xfrm, RTLD_NOW); ++ if (*handle != NULL) { ++ return TSS2_RC_SUCCESS; ++ } else { ++ LOG_DEBUG("Failed to load TCTI for name \"%s\": %s", file, dlerror()); ++ } ++ size = snprintf(file_xfrm, ++ sizeof (file_xfrm), ++ "@PREFIX@%s", ++ file); ++ if (size >= sizeof (file_xfrm)) { ++ LOG_ERROR("TCTI name truncated in transform."); ++ return TSS2_TCTI_RC_BAD_VALUE; ++ } ++ *handle = dlopen(file_xfrm, RTLD_NOW); ++ if (*handle != NULL) { ++ return TSS2_RC_SUCCESS; ++ } else { ++ LOG_DEBUG("Could not load TCTI file: \"%s\": %s", file, dlerror()); ++ } ++ /* 'name' alone didn't work, try libtss2-tcti-<name>.so.0 */ ++ size = snprintf(file_xfrm, ++ sizeof (file_xfrm), ++ "@PREFIX@" TCTI_NAME_TEMPLATE_0, ++ file); ++ if (size >= sizeof (file_xfrm)) { ++ LOG_ERROR("TCTI name truncated in transform."); ++ return TSS2_TCTI_RC_BAD_VALUE; ++ } ++ *handle = dlopen(file_xfrm, RTLD_NOW); ++ if (*handle != NULL) { ++ return TSS2_RC_SUCCESS; ++ } else { ++ LOG_DEBUG("Could not load TCTI file \"%s\": %s", file, dlerror()); ++ } ++ /* libtss2-tcti-<name>.so.0 didn't work, try libtss2-tcti-<name>.so */ ++ size = snprintf(file_xfrm, ++ sizeof (file_xfrm), ++ "@PREFIX@" TCTI_NAME_TEMPLATE, ++ file); ++ if (size >= sizeof (file_xfrm)) { ++ LOG_ERROR("TCTI name truncated in transform."); ++ return TSS2_TCTI_RC_BAD_VALUE; ++ } ++ *handle = dlopen(file_xfrm, RTLD_NOW); + if (*handle == NULL) { + LOG_DEBUG("Failed to load TCTI for name \"%s\": %s", file, dlerror()); + return TSS2_TCTI_RC_NOT_SUPPORTED; +diff --git a/test/unit/tctildr-dl.c b/test/unit/tctildr-dl.c +index 873a4531..c17b939e 100644 +--- a/test/unit/tctildr-dl.c ++++ b/test/unit/tctildr-dl.c +@@ -223,6 +223,18 @@ test_get_info_default_success (void **state) + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); + ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-default.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-tabrmd.so.0"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, HANDLE); +@@ -255,6 +267,18 @@ test_get_info_default_info_fail (void **state) + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); + ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-default.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-tabrmd.so.0"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, HANDLE); +@@ -407,6 +431,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-default.so.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-default.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-default.so.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + /* Skip over libtss2-tcti-tabrmd.so */ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-tabrmd.so.0"); +@@ -418,6 +451,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-tabrmd.so.0.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-tabrmd.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-tabrmd.so.0.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-tabrmd.so.0.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + /* Skip over libtss2-tcti-device.so, /dev/tpmrm0 */ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-device.so.0"); +@@ -429,6 +471,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-device.so.0.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-device.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-device.so.0.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-device.so.0.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + /* Skip over libtss2-tcti-device.so, /dev/tpm0 */ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-device.so.0"); +@@ -440,6 +491,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-device.so.0.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-device.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-device.so.0.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-device.so.0.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + /* Skip over libtss2-tcti-swtpm.so */ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-swtpm.so.0"); +@@ -451,6 +511,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-swtpm.so.0.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-swtpm.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-swtpm.so.0.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-swtpm.so.0.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + /* Skip over libtss2-tcti-mssim.so */ + expect_string(__wrap_dlopen, filename, "libtss2-tcti-mssim.so.0"); +@@ -462,6 +531,15 @@ test_tcti_fail_all (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-libtss2-tcti-mssim.so.0.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-mssim.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-mssim.so.0.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-libtss2-tcti-mssim.so.0.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + TSS2_RC r; + TSS2_TCTI_CONTEXT *tcti; +@@ -490,6 +568,15 @@ test_info_from_name_handle_fail (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-foo.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/foo"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-foo.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-foo.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + TSS2_RC rc = info_from_name ("foo", &info, &data); + assert_int_equal (rc, TSS2_TCTI_RC_NOT_SUPPORTED); +@@ -606,6 +693,15 @@ test_tctildr_get_info_from_name (void **state) + expect_string(__wrap_dlopen, filename, "libtss2-tcti-foo.so"); + expect_value(__wrap_dlopen, flags, RTLD_NOW); + will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/foo"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-foo.so.0"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); ++ expect_string(__wrap_dlopen, filename, "@PREFIX@/libtss2-tcti-foo.so"); ++ expect_value(__wrap_dlopen, flags, RTLD_NOW); ++ will_return(__wrap_dlopen, NULL); + + TSS2_RC rc = tctildr_get_info ("foo", &info, &data); + assert_int_equal (rc, TSS2_TCTI_RC_NOT_SUPPORTED); |