adding swtpm

hadfl · hadfl · commit f080baa91ae7 · 2024-12-07T12:42:41.000Z
diff --git a/build/meta/extra-build-tools.p5m b/build/meta/extra-build-tools.p5m
@@ -51,6 +51,7 @@ depend fmri=ooce/library/libogg type=require
 depend fmri=ooce/library/libpng type=require
 depend fmri=ooce/library/libsodium type=require
 depend fmri=ooce/library/libtasn1 type=require
+depend fmri=ooce/library/libtpms type=require
 depend fmri=ooce/library/liburcu type=require
 depend fmri=ooce/library/libuv type=require
 depend fmri=ooce/library/libvncserver type=require
diff --git a/build/swtpm/build.sh b/build/swtpm/build.sh
@@ -0,0 +1,100 @@
+#!/usr/bin/bash
+#
+# {{{ CDDL HEADER
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source. A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+# }}}
+
+# Copyright 2024 OmniOS Community Edition (OmniOSce) Association.
+
+. ../../lib/build.sh
+
+PROG=swtpm
+VER=0.10.0
+PKG=ooce/security/swtpm
+SUMMARY="SWTPM - Software TPM Emulator"
+DESC="TPM emulators with different front-end interfaces to libtpms"
+
+JSONGLIBVER=1.9.2
+
+OPREFIX=$PREFIX
+PREFIX+="/$PROG"
+
+set_arch 64
+set_clangver
+set_standard XPG6
+
+XFORM_ARGS="
+    -DPREFIX=${PREFIX#/}
+    -DOPREFIX=${OPREFIX#/}
+    -DPROG=$PROG
+    -DPKGROOT=$PROG
+"
+
+init
+prep_build
+
+#########################################################################
+# Download and build static versions of dependencies
+
+pre_configure() {
+    typeset arch=$1
+
+    ! cross_arch $arch && return
+
+    CONFIGURE_CMD+=" --cross-file $SRCDIR/files/aarch64-gcc.txt"
+}
+
+save_buildenv
+
+CONFIGURE_OPTS="-Ddefault_library=static"
+CONFIGURE_OPTS[aarch64]="
+    --prefix=$PREFIX
+    --libdir=$PREFIX/${LIBDIRS[aarch64]}
+"
+
+build_dependency -meson json-glib json-glib-$JSONGLIBVER \
+    $PROG/json-glib json-glib $JSONGLIBVER
+
+restore_buildenv
+
+#########################################################################
+
+note -n "-- Building $PROG"
+
+CONFIGURE_OPTS="
+    --localstatedir=/var$PREFIX
+    --disable-static
+    --with-tss-user=root
+    --with-tss-group=root
+"
+
+pre_configure() {
+    typeset arch=$1
+
+    subsume_arch $arch PKG_CONFIG_PATH
+    addpath PKG_CONFIG_PATH $DEPROOT$PREFIX/${LIBDIRS[$arch]}/pkgconfig
+
+    CPPFLAGS+=" -DHAVE_SYS_IOCCOM_H -I$DEPROOT$PREFIX/include/json-glib-1.0"
+    LDFLAGS[$arch]+=" -L$DEPROOT$PREFIX/${LIBDIRS[$arch]} -lsocket"
+    LDFLAGS[$arch]+=" -Wl,-R$OPREFIX/${LIBDIRS[$arch]}"
+    LDFLAGS[$arch]+=" -Wl,-R$PREFIX/${LIBDIRS[$arch]}/$PROG"
+
+    run_autoreconf -fi
+}
+
+download_source $PROG v$VER
+patch_source
+build
+make_package
+clean_up
+
+# Vim hints
+# vim:ts=4:sw=4:et:fdm=marker
diff --git a/build/swtpm/files/aarch64-gcc.txt b/build/swtpm/files/aarch64-gcc.txt
@@ -0,0 +1,12 @@
+[binaries]
+c = '/opt/cross/aarch64/bin/aarch64-unknown-solaris2.11-gcc'
+cpp = '/opt/cross/aarch64/bin/aarch64-unknown-solaris2.11-g++'
+ar = '/opt/cross/aarch64/bin/aarch64-unknown-solaris2.11-ar'
+pkgconfig = 'pkg-config'
+
+[host_machine]
+system = 'sunos'
+cpu_family = 'aarch64'
+cpu = 'aarch64'
+endian = 'little'
+
diff --git a/build/swtpm/files/ctf.ignore b/build/swtpm/files/ctf.ignore
@@ -0,0 +1 @@
+seccomp_profile.c
diff --git a/build/swtpm/local.mog b/build/swtpm/local.mog
@@ -0,0 +1,17 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source. A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+
+# Copyright 2024 OmniOS Community Edition (OmniOSce) Association.
+
+license LICENSE license=modified-BSD
+
+<include binlink.mog>
+<include manlink.mog>
+
diff --git a/build/swtpm/patches-json-glib/label-statement.patch b/build/swtpm/patches-json-glib/label-statement.patch
@@ -0,0 +1,22 @@
+fixing: error: a label can only be part of a statement and a declaration is not a statement
+
+diff -wpruN --no-dereference '--exclude=*.orig' a~/json-glib/json-scanner.c a/json-glib/json-scanner.c
+--- a~/json-glib/json-scanner.c	1970-01-01 00:00:00
++++ a/json-glib/json-scanner.c	1970-01-01 00:00:00
+@@ -779,6 +779,7 @@ json_scanner_get_token_ll (JsonScanner
+   GString *gstring = NULL;
+   JsonTokenValue value;
+   guchar ch;
++  guint fchar;
+   
+   config = &scanner->config;
+   (*value_p).v_int64 = 0;
+@@ -889,7 +890,7 @@ json_scanner_get_token_ll (JsonScanner
+ 			  break;
+ 
+                         case 'u':
+-                          guint fchar = json_scanner_peek_next_char (scanner);
++                          fchar = json_scanner_peek_next_char (scanner);
+                           if (is_hex_digit (fchar))
+                             {
+                               gunichar ucs;
diff --git a/build/swtpm/patches-json-glib/series b/build/swtpm/patches-json-glib/series
@@ -0,0 +1 @@
+label-statement.patch
diff --git a/build/swtpm/patches/illumos.patch b/build/swtpm/patches/illumos.patch
@@ -0,0 +1,66 @@
+diff -wpruN --no-dereference '--exclude=*.orig' a~/include/sys_dependencies.h a/include/sys_dependencies.h
+--- a~/include/sys_dependencies.h	1970-01-01 00:00:00
++++ a/include/sys_dependencies.h	1970-01-01 00:00:00
+@@ -39,7 +39,7 @@
+ #define SWTPM_SYS_DEPENDENCIES_H
+ 
+ #if !defined __OpenBSD__ && !defined __FreeBSD__ && !defined __NetBSD__ \
+- && !defined __APPLE__ && !defined __DragonFly__
++ && !defined __APPLE__ && !defined __DragonFly__ && !defined __illumos__
+  #define _GNU_SOURCE
+  #include <features.h>
+ #endif
+diff -wpruN --no-dereference '--exclude=*.orig' a~/src/swtpm/check_algos.c a/src/swtpm/check_algos.c
+--- a~/src/swtpm/check_algos.c	1970-01-01 00:00:00
++++ a/src/swtpm/check_algos.c	1970-01-01 00:00:00
+@@ -42,6 +42,10 @@
+ #include <stdio.h>
+ #include <string.h>
+ 
++#ifdef __illumos__
++# include <strings.h>
++#endif
++
+ #include "check_algos.h"
+ #include "utils.h"
+ #include "swtpm_utils.h"
+diff -wpruN --no-dereference '--exclude=*.orig' a~/src/swtpm/common.c a/src/swtpm/common.c
+--- a~/src/swtpm/common.c	1970-01-01 00:00:00
++++ a/src/swtpm/common.c	1970-01-01 00:00:00
+@@ -56,6 +56,10 @@
+ # include <seccomp.h>
+ #endif
+ 
++#ifdef __illumos__
++# include <strings.h>
++#endif
++
+ #include <libtpms/tpm_error.h>
+ 
+ #include "common.h"
+diff -wpruN --no-dereference '--exclude=*.orig' a~/src/swtpm_ioctl/tpm_ioctl.c a/src/swtpm_ioctl/tpm_ioctl.c
+--- a~/src/swtpm_ioctl/tpm_ioctl.c	1970-01-01 00:00:00
++++ a/src/swtpm_ioctl/tpm_ioctl.c	1970-01-01 00:00:00
+@@ -90,6 +90,11 @@
+ # define _IOC_NRMASK 255
+ #endif
+ 
++/* for illumos */
++#ifndef MIN
++# define MIN(a, b) ((a) < (b) ? (a) : (b))
++#endif
++
+ /* poll timeout that takes into account a busy swtpm creating a key */
+ #define DEFAULT_POLL_TIMEOUT 10000 /* ms */
+ 
+diff -wpruN --no-dereference '--exclude=*.orig' a~/tests/sed-inplace a/tests/sed-inplace
+--- a~/tests/sed-inplace	1970-01-01 00:00:00
++++ a/tests/sed-inplace	1970-01-01 00:00:00
+@@ -1,6 +1,6 @@
+ #!/usr/bin/env bash
+ 
+-if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-) ]]; then
++if [[ "$(uname -s)" =~ (Linux|CYGWIN_NT-|SunOS) ]]; then
+ 	sed -i "$1" "$2"
+ else
+ 	sed -i '' "$1" "$2"
diff --git a/build/swtpm/patches/series b/build/swtpm/patches/series
@@ -0,0 +1,2 @@
+illumos.patch
+utsname.patch
diff --git a/build/swtpm/patches/utsname.patch b/build/swtpm/patches/utsname.patch
@@ -0,0 +1,29 @@
+fixing:
+
+swtpm_setup_utils.c:96:20: error: declaration shadows a variable in the global scope [-Werror,-Wshadow]
+   96 |     struct utsname utsname;
+      |                    ^
+/usr/include/sys/utsname.h:61:23: note: previous declaration is here
+   61 | extern struct utsname utsname;
+      |                       ^
+
+diff -wpruN --no-dereference '--exclude=*.orig' a~/src/swtpm_setup/swtpm_setup_utils.c a/src/swtpm_setup/swtpm_setup_utils.c
+--- a~/src/swtpm_setup/swtpm_setup_utils.c	1970-01-01 00:00:00
++++ a/src/swtpm_setup/swtpm_setup_utils.c	1970-01-01 00:00:00
+@@ -23,6 +23,8 @@
+ #include "swtpm_utils.h"
+ #include "swtpm_setup_utils.h"
+ 
++struct utsname utsname;
++
+ /* Get a configuration value given its name */
+ gchar *get_config_value(gchar *const *config_file_lines, const gchar *configname)
+ {
+@@ -93,7 +95,6 @@ int create_config_files(gboolean overwri
+     gboolean delete_files = FALSE;
+     g_auto(GStrv) configfiles = NULL;
+     g_auto(GStrv) filedata = NULL;
+-    struct utsname utsname;
+     int ret = 1;
+     size_t i;
+ 
diff --git a/build/virtualbox/build.sh b/build/virtualbox/build.sh
@@ -199,8 +199,8 @@ make_install() {
     bindir=out/solaris.amd64/$BUILD_TYPE
 
     # Fix the runtime path for these components to include the ooce lib
-    # in order that libpng can be found.
-    for f in VBoxSVC components/VBoxC.so; do
+    # in order that libpng and libtpms can be found.
+    for f in VBoxSVC VBoxDD.so components/VBoxC.so; do
         logcmd elfedit -e "dyn:value -s RUNPATH $rpath" $DESTDIR$PREFIX/amd64/$f
         logcmd elfedit -e "dyn:value -s RPATH $rpath" $DESTDIR$PREFIX/amd64/$f
     done
diff --git a/doc/baseline b/doc/baseline
@@ -248,6 +248,7 @@ extra.omnios ooce/security/gnupg
 extra.omnios ooce/security/minisign
 extra.omnios ooce/security/oath-toolkit
 extra.omnios ooce/security/pam_radius
+extra.omnios ooce/security/swtpm
 extra.omnios ooce/server/apache-24
 extra.omnios ooce/server/apache-24/modules/fcgid
 extra.omnios ooce/server/apache-24/modules/subversion
diff --git a/doc/baseline.aarch64 b/doc/baseline.aarch64
@@ -86,6 +86,7 @@ extra.omnios ooce/security/gnupg
 extra.omnios ooce/security/minisign
 extra.omnios ooce/security/oath-toolkit
 extra.omnios ooce/security/pam_radius
+extra.omnios ooce/security/swtpm
 extra.omnios ooce/system/htop
 extra.omnios ooce/system/mbuffer
 extra.omnios ooce/system/top
diff --git a/doc/packages.md b/doc/packages.md
@@ -204,6 +204,7 @@
 | ooce/security/minisign	| 0.11		| https://github.com/jedisct1/minisign/releases | [omniosorg](https://github.com/omniosorg)
 | ooce/security/oath-toolkit	| 2.6.12	| https://download.savannah.nongnu.org/releases/oath-toolkit/ | [omniosorg](https://github.com/omniosorg)
 | ooce/security/pam_radius	| 3.0.0		| https://github.com/FreeRADIUS/pam_radius/tags | [omniosorg](https://github.com/omniosorg)
+| ooce/security/swtpm		| 0.10.0	| https://github.com/stefanberger/swtpm/releases | [omniosorg](https://github.com/omniosorg)
 | ooce/server/apache-24		| 2.4.62	| https://downloads.apache.org/httpd/ | [omniosorg](https://github.com/omniosorg)
 | ooce/server/apache-24/modules/fcgid | 2.3.9	| https://downloads.apache.org/httpd/mod_fcgid/ | [omniosorg](https://github.com/omniosorg)
 | ooce/server/apache-24/modules/wsgi | 5.0.0    | https://github.com/GrahamDumpleton/mod_wsgi/tags/ | [cgrzemba](https://github.com/cgrzemba)
diff --git a/doc/pkglist.aarch64 b/doc/pkglist.aarch64
@@ -116,6 +116,7 @@ ooce/library/pango
 ooce/network/znc
 ooce/library/libvncserver
 ooce/network/smtp/postfix
+ooce/security/swtpm
 ###############################################################################
 .SYSROOT
 ooce/multimedia/minidlna
