[PATCH] gnu: Add tpm2-tss.

  • Done
  • quality assurance status badge
Details
3 participants
  • Léo Le Bouter
  • Nicolas Goaziou
  • Tobias Geerinckx-Rice
Owner
unassigned
Submitted by
Léo Le Bouter
Severity
normal
L
L
Léo Le Bouter wrote on 27 Jan 2021 19:42
(address . guix-patches@gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127184227.29258-1-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 68 +++++++++++++++++++++++++++++++++++++++
1 file changed, 68 insertions(+)

Toggle diff (78 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 3da6759472..778453a395 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -498,3 +498,71 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/" name
+ "/releases/download/" version "/" name "-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("pkg-config" ,pkg-config)
+ ("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the Trusted Computing Group's (TCG)
+TPM2 Software Stack (TSS). This stack consists of the following layers from
+top to bottom:
+
+@enumerate
+@item Feature API (FAPI) as described in the TCG Feature API (FAPI)
+Specification along with TCG TSS 2.0 JSON Data Types and Policy Language
+Specification This API is designed to be very high-level API, intended to make
+programming with the TPM as simple as possible. The API functions are exposed
+through a single library: libtss2-fapi.
+@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced
+System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2
+commands documented in Part 3 of the TPM2 specification. Additionally there
+are asynchronous versions of each command. In addition to SAPI, the ESAPI
+performs tracking of meta data for TPM object and automatic calculation of
+session based authorization and encryption values. Both the synchronous and
+asynchronous API are exposed through a single library: libtss2-esys.
+@item System API (SAPI) as described in the TCG TSS 2.0 System Level API
+(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands
+documented in Part 3 of the TPM2 specification. Additionally there are
+asynchronous versions of each command. These asynchronous variants may be
+useful for integration into event-driven programming environments. Both the
+synchronous and asynchronous API are exposed through a single library:
+libtss2-sys.
+@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0
+Marshaling/Unmarshaling API Specification This API provides a set of
+marshaling and unmarshaling functions for all data types define by the TPM
+library specification. The Marshaling/Unmarshaling API is exposed through a
+library called libtss2-mu.
+@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS
+2.0 TPM Command Transmission Interface (TCTI) API Specification. This API
+provides a standard interface to transmit / receive TPM command / response
+buffers. It is expected that any number of libraries implementing the TCTI API
+will be implemented as a way to abstract various platform specific IPC
+mechanisms. Currently this repository provides several TCTI implementations:
+libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and
+libtss2-tcti-mssim. The former should be used for direct access to the TPM
+through the Linux kernel driver. The latter implements the protocol exposed by
+the Microsoft software TPM2 simulator.
+@item The TCG TSS 2.0 Overview and Common Structures Specification forms the
+basis for all implementations in this project. NOTE: We deviate from this
+specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to
+ensure compatibility with TPM2 implementations that have enabled a larger than
+typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is
+expected to be included in a future revision of the specification.
+@end enumerate")
+ (home-page "https://tpm2-software.github.io/")
+ (license license:bsd-2)))
--
2.30.0
N
N
Nicolas Goaziou wrote on 27 Jan 2021 21:44
(name . guix-patches--- via)(address . guix-patches@gnu.org)
87y2geqfdm.fsf@nicolasgoaziou.fr
Hello,

guix-patches--- via <guix-patches@gnu.org> writes:

Toggle quote (2 lines)
> * gnu/packages/hardware.scm (tpm2-tss): New variable.

Thank you. Some comments follow.

Toggle quote (6 lines)
> + (inputs
> + `(("pkg-config" ,pkg-config)
> + ("openssl" ,openssl)
> + ("json-c" ,json-c)
> + ("curl" ,curl)))

pkg-config should be a native-input.

Don't you need libgcrypt as an input, too?

Toggle quote (49 lines)
> + (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")

> + (description "This package provides the Trusted Computing Group's (TCG)
> +TPM2 Software Stack (TSS). This stack consists of the following layers from
> +top to bottom:
> +
> +@enumerate
> +@item Feature API (FAPI) as described in the TCG Feature API (FAPI)
> +Specification along with TCG TSS 2.0 JSON Data Types and Policy Language
> +Specification This API is designed to be very high-level API, intended to make
> +programming with the TPM as simple as possible. The API functions are exposed
> +through a single library: libtss2-fapi.
> +@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced
> +System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2
> +commands documented in Part 3 of the TPM2 specification. Additionally there
> +are asynchronous versions of each command. In addition to SAPI, the ESAPI
> +performs tracking of meta data for TPM object and automatic calculation of
> +session based authorization and encryption values. Both the synchronous and
> +asynchronous API are exposed through a single library: libtss2-esys.
> +@item System API (SAPI) as described in the TCG TSS 2.0 System Level API
> +(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands
> +documented in Part 3 of the TPM2 specification. Additionally there are
> +asynchronous versions of each command. These asynchronous variants may be
> +useful for integration into event-driven programming environments. Both the
> +synchronous and asynchronous API are exposed through a single library:
> +libtss2-sys.
> +@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0
> +Marshaling/Unmarshaling API Specification This API provides a set of
> +marshaling and unmarshaling functions for all data types define by the TPM
> +library specification. The Marshaling/Unmarshaling API is exposed through a
> +library called libtss2-mu.
> +@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS
> +2.0 TPM Command Transmission Interface (TCTI) API Specification. This API
> +provides a standard interface to transmit / receive TPM command / response
> +buffers. It is expected that any number of libraries implementing the TCTI API
> +will be implemented as a way to abstract various platform specific IPC
> +mechanisms. Currently this repository provides several TCTI implementations:
> +libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and
> +libtss2-tcti-mssim. The former should be used for direct access to the TPM
> +through the Linux kernel driver. The latter implements the protocol exposed by
> +the Microsoft software TPM2 simulator.
> +@item The TCG TSS 2.0 Overview and Common Structures Specification forms the
> +basis for all implementations in this project. NOTE: We deviate from this
> +specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to
> +ensure compatibility with TPM2 implementations that have enabled a larger than
> +typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is
> +expected to be included in a future revision of the specification.
> +@end enumerate")

This description is waaaaay too long. Could you trim it down a bit?
IIRC, the manual suggests description of about 5 lines. Of course, this
is not a hard rule.

Also you need to add two spaces after sentences.

Toggle quote (2 lines)
Could you move it above synopsis?

Regards,
--
Nicolas Goaziou
L
L
Léo Le Bouter wrote on 27 Jan 2021 22:14
[PATCH v2 0/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127211418.21758-1-lle-bout@zaclys.net
Hello!

Sorry, I made a mistake forgetting to `$ git add` before amending my commit
thus not sending some of the changes you just requested which I had
already done. Here now with shortened description, home-page above
synopsis, pkg-config in native-inputs and required modules imported
appropriately.

Thank you.

Léo Le Bouter (1):
gnu: Add tpm2-tss.

gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

--
2.30.0
L
L
Léo Le Bouter wrote on 27 Jan 2021 22:14
[PATCH v2 1/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127211418.21758-2-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (54 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 59f36a8135..6479db66cd 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -28,6 +28,7 @@
#:use-module (gnu packages check)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages gettext)
@@ -42,6 +43,8 @@
#:use-module (gnu packages polkit)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages web)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@@ -543,3 +546,30 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/" name
+ "/releases/download/" version "/" name "-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (home-page "https://tpm2-software.github.io/")
+ (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the Trusted Computing Group's (TCG)
+TPM2 Software Stack (TSS). The stack contains libtss2-fapi, libtss2-esys,
+libtss2-sys, libtss2-mu, libtss2-tcti-device, libtss2-tcti-tbs (for Windows),
+libtss2-tcti-swtpm and libtss2-tcti-mssim.")
+ (license license:bsd-2)))
--
2.30.0
L
L
Leo Le Bouter wrote on 27 Jan 2021 22:19
Re: [bug#46139] [PATCH] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)
56beddec19886a04a3d7af73a0fcbf7735b52f0a.camel@zaclys.net
On Wed, 2021-01-27 at 21:44 +0100, Nicolas Goaziou wrote:
Toggle quote (2 lines)
> Don't you need libgcrypt as an input, too?

Apparently no, see: <
Toggle quote (1 lines)
>. Everything compiles fine as-is.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmAR2O4ACgkQRaix6GvN
EKbmjBAAkWt+5L08PUR8qC2vE9qlPOxR3wIlaAEJXkO3AYtbbAzIkwRI7nlQ76tx
ekbnbAdgYXH81IkiYgSVkhY3FpmakmOLxlZABlokhnuwf46G310OBxCwlCH/sXrR
UUylwAhGWwIHqPjaBq3tP4thn5alkUNPldM1dHa3kUVUD7QY4ghxNeOPZ4IgUf/3
a+Ezv/XAxloOLKgvyIrGf8JL6ImamdyVm894J31qZ0WJ8fdWFB9UPpc4XQ5pdoZx
eeQoLXR1WXDDkMq/YyLUD9ogcaY43jLAgr0GhTzcB87lQ1rJXG5DIJ/HqlDQmvy2
UdXHP5XQRvtf930aYmSCFwfLnylsihKZeyxf7Hxdv+MeAVxs85xGjP9sld7brDTh
e1K6+3097UHXmtzu6JQc/LHKhhKEAle6b0o4f9DHIMglkLVt24zj1jWXMvwZUc3S
uY+v2szJ+Xzipmv3P0RKNLTDGMxUhCQzuUNjl6EJLQHWs+itGWO+jNEl0xUspq3F
AJYDhYQhuvjY9GY41smo93tD01vXSkeJ3Yzx0V1fi7JBEf3y/tETIpsa7zx1WjnC
tL8WqFgfkQo38QNfcQoGW/jGsFlShz3sBBekVBfl2Grr5mdYP/eKOUemXCgZ8bH+
jqvmjaoaZC9WhHOfoT542LNEZd0CICy48iMpTIDP+3p33x5G5IE=
=Agvb
-----END PGP SIGNATURE-----


T
T
Tobias Geerinckx-Rice wrote on 27 Jan 2021 23:26
(address . 46139@debbugs.gnu.org)
87czxqyq2k.fsf@nckx
Leo,

Thanks!

Toggle quote (2 lines)
> (uri (string-append ... name ...))

Nitpick: there is no point in parameterising NAME here. Unlike
VERSION, it's more likely to cause future work than to save any.
Just hard-code it.

Toggle quote (2 lines)
> (inputs ...)

Did you forget `(use-modules (gnu packages tls))'?

Toggle quote (3 lines)
> (synopsis "OSS implementation of the TCG TPM2 Software Stack
> (TSS2)")

s/OSS i/I/

Likewise, Windows support is irrelevant, so we don't mention it.
Don't know enough about the ‘Microsoft software TPM2 simulator’ to
know if it is.

Toggle quote (2 lines)
> IIRC, the manual suggests description of about 5 lines.

At minimum, IMO :-) Between 5 and 10, depending on how much there
is to say about the package.

Reducing each @item to ~1 sentence would strike a good balance.
Be sure to keep any keywords that could help people ‘guix search’
for this package. Drop the boring spec minutia.

Toggle quote (2 lines)
> Trusted Computing Group's (TCG)

You can mark these up as @acronym{TCG, Trusted Computing Group}.

When finished, don't forget to run ‘guix lint tpm2-tss’.

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYBHogw0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15NHsBAP6OC67mK9MIAjP2ERpSg5HGG5C/vJE/nlVF3MJT
0fDzAQDWw26JHIgBGlnUu0k/eQ0SWPbocsH1U5HxlfsZIC9vDw==
=z3Ig
-----END PGP SIGNATURE-----

L
L
Léo Le Bouter wrote on 28 Jan 2021 14:26
[PATCH v3 0/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210128132628.24609-1-lle-bout@zaclys.net
Thanks for the review.
Final patch, if any additional nitpicks, please co-author my patch.
I run `guix lint` before submitting any patch to GNU Guix upstream now,
I used to forget few times before. It would help me if things like
putting home-page above synopsis were checked by the linter, I'm not at
ease with Scheme so if anyone knows how to add that, please do. Thanks.

Léo Le Bouter (1):
gnu: Add tpm2-tss.

gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

--
2.30.0
L
L
Léo Le Bouter wrote on 28 Jan 2021 14:26
[PATCH v3 1/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210128132628.24609-2-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (54 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 59f36a8135..bef0947827 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -28,6 +28,7 @@
#:use-module (gnu packages check)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages gettext)
@@ -42,6 +43,8 @@
#:use-module (gnu packages polkit)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages web)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@@ -543,3 +546,30 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/tpm2-tss"
+ "/releases/download/" version "/tpm2-tss-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (home-page "https://tpm2-software.github.io/")
+ (synopsis "OSS Implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the
+@acronym{TCG, Trusted Computing Group} @acronym{TSS2, TPM2 Software Stack}.
+The stack contains libtss2-fapi, libtss2-esys, libtss2-sys, libtss2-mu,
+libtss2-tcti-device, libtss2-tcti-swtpm and libtss2-tcti-mssim.")
+ (license license:bsd-2)))
--
2.30.0
N
N
Nicolas Goaziou wrote on 28 Jan 2021 18:47
Re: [bug#46139] [PATCH v3 0/1] gnu: Add tpm2-tss.
(name . guix-patches--- via)(address . guix-patches@gnu.org)
87sg6lhs1y.fsf@nicolasgoaziou.fr
Hello,

guix-patches--- via <guix-patches@gnu.org> writes:

Toggle quote (2 lines)
> Final patch, if any additional nitpicks, please co-author my patch.

Hmm... I re-ordered alphabetically the inputs and applied your patch.

Toggle quote (4 lines)
> I run `guix lint` before submitting any patch to GNU Guix upstream now,
> I used to forget few times before. It would help me if things like
> putting home-page above synopsis were checked by the linter

Putting home-page after synopsis is not a show stopper and wouldn't
prevent a patch from being applied. There is no written convention about
it. It's more of an habit.

Thank you!

Regards,
--
Nicolas Goaziou
?