[PATCH] gnu: tpm2-tools: New variable

  • Done
  • quality assurance status badge
Details
2 participants
  • Felix Lechner
  • Nicolas Goaziou
Owner
unassigned
Submitted by
Felix Lechner
Severity
normal
F
F
Felix Lechner wrote on 22 May 2023 08:27
(address . guix-patches@gnu.org)(name . Felix Lechner)(address . felix.lechner@lease-up.com)
41233051ac8124b990c601fcfe7abdbf35b4e916.1684736552.git.felix.lechner@lease-up.com
* gnu/packages/hardware.scm (tpm-tools): New variable.
---
gnu/packages/hardware.scm | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)

Toggle diff (53 lines)
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm
index c23299d1db..f20657cdef 100644
--- a/gnu/packages/hardware.scm
+++ b/gnu/packages/hardware.scm
@@ -61,6 +61,7 @@ (define-module (gnu packages hardware)
#:use-module (gnu packages gnome)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages haskell-xyz)
#:use-module (gnu packages high-availability)
#:use-module (gnu packages libusb)
#:use-module (gnu packages linux)
@@ -1313,6 +1314,36 @@ (define-public tpm2-tss
and libtss2-tcti-mssim.")
(license license:bsd-2)))
+(define-public tpm2-tools
+ (package
+ (name "tpm2-tools")
+ (version "5.5")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/tpm2-software/tpm2-tools/"
+ "releases/download/" version "/"
+ "tpm2-tools-" version ".tar.gz"))
+ (sha256
+ (base32 "08y16q92dh7frsyw0zlm3q9gsfqyls0li248s2pgsysk633lknqz"))))
+ (build-system gnu-build-system)
+ (native-inputs (list autoconf
+ automake
+ curl
+ libtool
+ gnu-gettext
+ openssl
+ pandoc
+ pkg-config
+ tpm2-tss))
+ (home-page "https://github.com/tpm2-software/tpm2-tools")
+ (synopsis "Tools for the Trusted Platform Module (TPM 2.0)")
+ (description
+ "User tools for the Trusted Computing Group's (TCG) TPM2 Software Stack
+(TSS). These programs hepl with common tasks such as key management,
+attestation, encryption, and signing.")
+ (license license:bsd-3)))
+
(define-public libcpuid
;; We need to remove blobs from the source, first we have to isolate the blob
;; source in build system.

base-commit: 849286ba66c96534bddc04df1a47d5692cbc977e
--
2.40.1
F
F
Felix Lechner wrote on 22 May 2023 16:46
For boot-time signature checks (aka "secure boot")
(address . 63637@debbugs.gnu.org)
CAFHYt56Grj3181AywViDGPEj6PTmkxQFaLPwQXf9m1zCGJ28QA@mail.gmail.com
Hi,

I should have mentioned that the programs can help analyze the TPM 2.0
event log that shows the hashes of so-called Option ROMs. After the
Microblows keys are removed, such embedded firmwares (including,
possibly, on video cards) will only run after their hashes were
enrolled. Not doing so can soft-brick a device.

Kind regards
Felix
N
N
Nicolas Goaziou wrote on 1 Jul 2023 13:15
Re: [bug#63637] [PATCH] gnu: tpm2-tools: New variable
(name . Felix Lechner via Guix-patches via)(address . guix-patches@gnu.org)
873527khmp.fsf@nicolasgoaziou.fr
Hello,

Felix Lechner via Guix-patches via <guix-patches@gnu.org> writes:

Toggle quote (2 lines)
> * gnu/packages/hardware.scm (tpm-tools): New variable.

Applied, with the change below. Thank you.

Toggle quote (5 lines)
> + (description
> + "User tools for the Trusted Computing Group's (TCG) TPM2 Software Stack
> +(TSS). These programs hepl with common tasks such as key management,
> +attestation, encryption, and signing.")

Descriptions should consist of complete sentences:

"This package provides user tools for..."

Regards,
--
Nicolas Goaziou
?