[PATCH] gnu: Add tpm2-tss.

  • Done
  • quality assurance status badge
Details
3 participants
  • Léo Le Bouter
  • Nicolas Goaziou
  • Tobias Geerinckx-Rice
Owner
unassigned
Submitted by
Léo Le Bouter
Severity
normal
L
L
Léo Le Bouter wrote on 27 Jan 2021 19:42
(address . guix-patches@gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127184227.29258-1-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 68 +++++++++++++++++++++++++++++++++++++++
1 file changed, 68 insertions(+)

Toggle diff (78 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 3da6759472..778453a395 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -498,3 +498,71 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/" name
+ "/releases/download/" version "/" name "-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("pkg-config" ,pkg-config)
+ ("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the Trusted Computing Group's (TCG)
+TPM2 Software Stack (TSS). This stack consists of the following layers from
+top to bottom:
+
+@enumerate
+@item Feature API (FAPI) as described in the TCG Feature API (FAPI)
+Specification along with TCG TSS 2.0 JSON Data Types and Policy Language
+Specification This API is designed to be very high-level API, intended to make
+programming with the TPM as simple as possible. The API functions are exposed
+through a single library: libtss2-fapi.
+@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced
+System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2
+commands documented in Part 3 of the TPM2 specification. Additionally there
+are asynchronous versions of each command. In addition to SAPI, the ESAPI
+performs tracking of meta data for TPM object and automatic calculation of
+session based authorization and encryption values. Both the synchronous and
+asynchronous API are exposed through a single library: libtss2-esys.
+@item System API (SAPI) as described in the TCG TSS 2.0 System Level API
+(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands
+documented in Part 3 of the TPM2 specification. Additionally there are
+asynchronous versions of each command. These asynchronous variants may be
+useful for integration into event-driven programming environments. Both the
+synchronous and asynchronous API are exposed through a single library:
+libtss2-sys.
+@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0
+Marshaling/Unmarshaling API Specification This API provides a set of
+marshaling and unmarshaling functions for all data types define by the TPM
+library specification. The Marshaling/Unmarshaling API is exposed through a
+library called libtss2-mu.
+@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS
+2.0 TPM Command Transmission Interface (TCTI) API Specification. This API
+provides a standard interface to transmit / receive TPM command / response
+buffers. It is expected that any number of libraries implementing the TCTI API
+will be implemented as a way to abstract various platform specific IPC
+mechanisms. Currently this repository provides several TCTI implementations:
+libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and
+libtss2-tcti-mssim. The former should be used for direct access to the TPM
+through the Linux kernel driver. The latter implements the protocol exposed by
+the Microsoft software TPM2 simulator.
+@item The TCG TSS 2.0 Overview and Common Structures Specification forms the
+basis for all implementations in this project. NOTE: We deviate from this
+specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to
+ensure compatibility with TPM2 implementations that have enabled a larger than
+typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is
+expected to be included in a future revision of the specification.
+@end enumerate")
+ (home-page "https://tpm2-software.github.io/")
+ (license license:bsd-2)))
--
2.30.0
N
N
Nicolas Goaziou wrote on 27 Jan 2021 21:44
(name . guix-patches--- via)(address . guix-patches@gnu.org)
87y2geqfdm.fsf@nicolasgoaziou.fr
Hello,

guix-patches--- via <guix-patches@gnu.org> writes:

Toggle quote (2 lines)
> * gnu/packages/hardware.scm (tpm2-tss): New variable.

Thank you. Some comments follow.

Toggle quote (6 lines)
> + (inputs
> + `(("pkg-config" ,pkg-config)
> + ("openssl" ,openssl)
> + ("json-c" ,json-c)
> + ("curl" ,curl)))

pkg-config should be a native-input.

Don't you need libgcrypt as an input, too?

Toggle quote (49 lines)
> + (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")

> + (description "This package provides the Trusted Computing Group's (TCG)
> +TPM2 Software Stack (TSS). This stack consists of the following layers from
> +top to bottom:
> +
> +@enumerate
> +@item Feature API (FAPI) as described in the TCG Feature API (FAPI)
> +Specification along with TCG TSS 2.0 JSON Data Types and Policy Language
> +Specification This API is designed to be very high-level API, intended to make
> +programming with the TPM as simple as possible. The API functions are exposed
> +through a single library: libtss2-fapi.
> +@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced
> +System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2
> +commands documented in Part 3 of the TPM2 specification. Additionally there
> +are asynchronous versions of each command. In addition to SAPI, the ESAPI
> +performs tracking of meta data for TPM object and automatic calculation of
> +session based authorization and encryption values. Both the synchronous and
> +asynchronous API are exposed through a single library: libtss2-esys.
> +@item System API (SAPI) as described in the TCG TSS 2.0 System Level API
> +(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands
> +documented in Part 3 of the TPM2 specification. Additionally there are
> +asynchronous versions of each command. These asynchronous variants may be
> +useful for integration into event-driven programming environments. Both the
> +synchronous and asynchronous API are exposed through a single library:
> +libtss2-sys.
> +@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0
> +Marshaling/Unmarshaling API Specification This API provides a set of
> +marshaling and unmarshaling functions for all data types define by the TPM
> +library specification. The Marshaling/Unmarshaling API is exposed through a
> +library called libtss2-mu.
> +@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS
> +2.0 TPM Command Transmission Interface (TCTI) API Specification. This API
> +provides a standard interface to transmit / receive TPM command / response
> +buffers. It is expected that any number of libraries implementing the TCTI API
> +will be implemented as a way to abstract various platform specific IPC
> +mechanisms. Currently this repository provides several TCTI implementations:
> +libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and
> +libtss2-tcti-mssim. The former should be used for direct access to the TPM
> +through the Linux kernel driver. The latter implements the protocol exposed by
> +the Microsoft software TPM2 simulator.
> +@item The TCG TSS 2.0 Overview and Common Structures Specification forms the
> +basis for all implementations in this project. NOTE: We deviate from this
> +specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to
> +ensure compatibility with TPM2 implementations that have enabled a larger than
> +typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is
> +expected to be included in a future revision of the specification.
> +@end enumerate")

This description is waaaaay too long. Could you trim it down a bit?
IIRC, the manual suggests description of about 5 lines. Of course, this
is not a hard rule.

Also you need to add two spaces after sentences.

Toggle quote (2 lines)
Could you move it above synopsis?

Regards,
--
Nicolas Goaziou
L
L
Léo Le Bouter wrote on 27 Jan 2021 22:14
[PATCH v2 0/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127211418.21758-1-lle-bout@zaclys.net
Hello!

Sorry, I made a mistake forgetting to `$ git add` before amending my commit
thus not sending some of the changes you just requested which I had
already done. Here now with shortened description, home-page above
synopsis, pkg-config in native-inputs and required modules imported
appropriately.

Thank you.

Léo Le Bouter (1):
gnu: Add tpm2-tss.

gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

--
2.30.0
L
L
Léo Le Bouter wrote on 27 Jan 2021 22:14
[PATCH v2 1/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210127211418.21758-2-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (54 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 59f36a8135..6479db66cd 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -28,6 +28,7 @@
#:use-module (gnu packages check)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages gettext)
@@ -42,6 +43,8 @@
#:use-module (gnu packages polkit)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages web)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@@ -543,3 +546,30 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/" name
+ "/releases/download/" version "/" name "-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (home-page "https://tpm2-software.github.io/")
+ (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the Trusted Computing Group's (TCG)
+TPM2 Software Stack (TSS). The stack contains libtss2-fapi, libtss2-esys,
+libtss2-sys, libtss2-mu, libtss2-tcti-device, libtss2-tcti-tbs (for Windows),
+libtss2-tcti-swtpm and libtss2-tcti-mssim.")
+ (license license:bsd-2)))
--
2.30.0
L
L
Leo Le Bouter wrote on 27 Jan 2021 22:19
Re: [bug#46139] [PATCH] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)
56beddec19886a04a3d7af73a0fcbf7735b52f0a.camel@zaclys.net
On Wed, 2021-01-27 at 21:44 +0100, Nicolas Goaziou wrote:
Toggle quote (2 lines)
> Don't you need libgcrypt as an input, too?

Apparently no, see: <
Toggle quote (1 lines)
>. Everything compiles fine as-is.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmAR2O4ACgkQRaix6GvN
EKbmjBAAkWt+5L08PUR8qC2vE9qlPOxR3wIlaAEJXkO3AYtbbAzIkwRI7nlQ76tx
ekbnbAdgYXH81IkiYgSVkhY3FpmakmOLxlZABlokhnuwf46G310OBxCwlCH/sXrR
UUylwAhGWwIHqPjaBq3tP4thn5alkUNPldM1dHa3kUVUD7QY4ghxNeOPZ4IgUf/3
a+Ezv/XAxloOLKgvyIrGf8JL6ImamdyVm894J31qZ0WJ8fdWFB9UPpc4XQ5pdoZx
eeQoLXR1WXDDkMq/YyLUD9ogcaY43jLAgr0GhTzcB87lQ1rJXG5DIJ/HqlDQmvy2
UdXHP5XQRvtf930aYmSCFwfLnylsihKZeyxf7Hxdv+MeAVxs85xGjP9sld7brDTh
e1K6+3097UHXmtzu6JQc/LHKhhKEAle6b0o4f9DHIMglkLVt24zj1jWXMvwZUc3S
uY+v2szJ+Xzipmv3P0RKNLTDGMxUhCQzuUNjl6EJLQHWs+itGWO+jNEl0xUspq3F
AJYDhYQhuvjY9GY41smo93tD01vXSkeJ3Yzx0V1fi7JBEf3y/tETIpsa7zx1WjnC
tL8WqFgfkQo38QNfcQoGW/jGsFlShz3sBBekVBfl2Grr5mdYP/eKOUemXCgZ8bH+
jqvmjaoaZC9WhHOfoT542LNEZd0CICy48iMpTIDP+3p33x5G5IE=
=Agvb
-----END PGP SIGNATURE-----


T
T
Tobias Geerinckx-Rice wrote on 27 Jan 2021 23:26
(address . 46139@debbugs.gnu.org)
87czxqyq2k.fsf@nckx
Leo,

Thanks!

Toggle quote (2 lines)
> (uri (string-append ... name ...))

Nitpick: there is no point in parameterising NAME here. Unlike
VERSION, it's more likely to cause future work than to save any.
Just hard-code it.

Toggle quote (2 lines)
> (inputs ...)

Did you forget `(use-modules (gnu packages tls))'?

Toggle quote (3 lines)
> (synopsis "OSS implementation of the TCG TPM2 Software Stack
> (TSS2)")

s/OSS i/I/

Likewise, Windows support is irrelevant, so we don't mention it.
Don't know enough about the ‘Microsoft software TPM2 simulator’ to
know if it is.

Toggle quote (2 lines)
> IIRC, the manual suggests description of about 5 lines.

At minimum, IMO :-) Between 5 and 10, depending on how much there
is to say about the package.

Reducing each @item to ~1 sentence would strike a good balance.
Be sure to keep any keywords that could help people ‘guix search’
for this package. Drop the boring spec minutia.

Toggle quote (2 lines)
> Trusted Computing Group's (TCG)

You can mark these up as @acronym{TCG, Trusted Computing Group}.

When finished, don't forget to run ‘guix lint tpm2-tss’.

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYBHogw0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15NHsBAP6OC67mK9MIAjP2ERpSg5HGG5C/vJE/nlVF3MJT
0fDzAQDWw26JHIgBGlnUu0k/eQ0SWPbocsH1U5HxlfsZIC9vDw==
=z3Ig
-----END PGP SIGNATURE-----

L
L
Léo Le Bouter wrote on 28 Jan 2021 14:26
[PATCH v3 0/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210128132628.24609-1-lle-bout@zaclys.net
Thanks for the review.
Final patch, if any additional nitpicks, please co-author my patch.
I run `guix lint` before submitting any patch to GNU Guix upstream now,
I used to forget few times before. It would help me if things like
putting home-page above synopsis were checked by the linter, I'm not at
ease with Scheme so if anyone knows how to add that, please do. Thanks.

Léo Le Bouter (1):
gnu: Add tpm2-tss.

gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

--
2.30.0
L
L
Léo Le Bouter wrote on 28 Jan 2021 14:26
[PATCH v3 1/1] gnu: Add tpm2-tss.
(address . 46139@debbugs.gnu.org)(name . Léo Le Bouter)(address . lle-bout@zaclys.net)
20210128132628.24609-2-lle-bout@zaclys.net
* gnu/packages/hardware.scm (tpm2-tss): New variable.
---
gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)

Toggle diff (54 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index 59f36a8135..bef0947827 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -28,6 +28,7 @@
#:use-module (gnu packages check)
#:use-module (gnu packages cpp)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages documentation)
#:use-module (gnu packages gcc)
#:use-module (gnu packages gettext)
@@ -42,6 +43,8 @@
#:use-module (gnu packages polkit)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages web)
#:use-module (gnu packages xdisorg)
#:use-module (gnu packages xml)
#:use-module (gnu packages xorg)
@@ -543,3 +546,30 @@ screens. It displays various patterns and allows you to estimate the quality
of your CRT/LCD monitor.")
(home-page "https://github.com/TobiX/screentest")
(license license:gpl2)))
+
+(define-public tpm2-tss
+ (package
+ (name "tpm2-tss")
+ (version "3.0.3")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/tpm2-tss"
+ "/releases/download/" version "/tpm2-tss-" version
+ ".tar.gz"))
+ (sha256
+ (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("openssl" ,openssl)
+ ("json-c" ,json-c)
+ ("curl" ,curl)))
+ (home-page "https://tpm2-software.github.io/")
+ (synopsis "OSS Implementation of the TCG TPM2 Software Stack (TSS2)")
+ (description "This package provides the
+@acronym{TCG, Trusted Computing Group} @acronym{TSS2, TPM2 Software Stack}.
+The stack contains libtss2-fapi, libtss2-esys, libtss2-sys, libtss2-mu,
+libtss2-tcti-device, libtss2-tcti-swtpm and libtss2-tcti-mssim.")
+ (license license:bsd-2)))
--
2.30.0
N
N
Nicolas Goaziou wrote on 28 Jan 2021 18:47
Re: [bug#46139] [PATCH v3 0/1] gnu: Add tpm2-tss.
(name . guix-patches--- via)(address . guix-patches@gnu.org)
87sg6lhs1y.fsf@nicolasgoaziou.fr
Hello,

guix-patches--- via <guix-patches@gnu.org> writes:

Toggle quote (2 lines)
> Final patch, if any additional nitpicks, please co-author my patch.

Hmm... I re-ordered alphabetically the inputs and applied your patch.

Toggle quote (4 lines)
> I run `guix lint` before submitting any patch to GNU Guix upstream now,
> I used to forget few times before. It would help me if things like
> putting home-page above synopsis were checked by the linter

Putting home-page after synopsis is not a show stopper and wouldn't
prevent a patch from being applied. There is no written convention about
it. It's more of an habit.

Thank you!

Regards,
--
Nicolas Goaziou
?
Your comment

This issue is archived.

To comment on this conversation send an email to 46139@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 46139
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch