Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: tboot | Distribution: openSUSE Tumbleweed |
Version: 20210614_1.11.1 | Vendor: openSUSE |
Release: 1.9 | Build date: Fri Feb 2 21:52:13 2024 |
Group: Productivity/Security | Build host: i04-ch4b |
Size: 797055 | Source RPM: tboot-20210614_1.11.1-1.9.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://sourceforge.net/projects/tboot/ | |
Summary: Program for performing a verified launch using Intel TXT |
Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM.
BSD-3-Clause
* Mon Feb 06 2023 Matthias Gerstner <matthias.gerstner@suse.com> - required update due to openSSL 3.0 deprecation errors in current version - updated to v1.11.1 / 20230125: 20230125: v1.11.1 - Revert log memory range extension (caused memory overlaps and boot failures) 20221223: v1.11.0 - Fixed TPM handling to flush objects after integrity measurement (Intel PTT limitations) - Exteded low memory range for logs (HCC CPUs had issue with not enough memory) - "agile" removed from PCR Extend policy options (requested deprecation) - Added handling for flexible ACM Info Table format - lcptools: CPPFLAGS use by environment in build - lcptools: removed __DATE__ refs to make build reproducible - Only platform-matchin SINIT modules can be selected - txt-acminfo: Map TXT heap using mmap - Typo fix in man page 20220304: v1.10.5 - Fixed mlehash.c to bring back functionality and make it GCC12 compliant - Reverted change for replacing EFI memory to bring back Tboot in-memory logs 20220224: v1.10.4 - Fix hash printing for SHA384, SHA512 and SM3 - Touch ups for GCC12 - Set GDT to map CS and DS to 4GB before jumping to Linux - make efi_memmap_reserve handle gaps like e820_protect_region - Ensure that growth of Multiboot tags does not go beyond original area - Replace EFI memory map in Multiboot2 info - Fix endianness of pcr_info->pcr_selection.size_of_select - Don't ignore locality in PCR file - Fix composite hashing algorithm for PCONF elements to match lcptools-1 20211210: v1.10.3 - Add UNI-VGA license information - Remove poly1305 object files on clean - Support higher resolution monitors - Use SHA256 as default hashing algorithm in lcp2_mlehash and tb_polgen - Add OpenSSL 3.0.0 support in lcptools-v2 - Increase number of supported CPUs to 1024 to accomodate for larger units - tboot-grub2-fix-menu-in-xen-host-server.patch: refreshed to match new upstream version. - tboot-grub2-fix-xen-submenu-name.patch: refreshed to match new upstream version. * Fri Jun 11 2021 Marcus Meissner <meissner@suse.com> - updated to v1.10.2 / 20210614 Fix ACM chipset/processor list validation Check for client/server match when selecting SINIT Fix issues when building with GCC11 Default to D/A mapping when TPM1.2 and CBnT platform - updated to 1.10.1 / 20210330 - Indicate to SINIT that CBnT is supported by TBOOT - lcptools: Fix issues from static code analysis * Tue Jan 19 2021 Matthias Gerstner <matthias.gerstner@suse.com> - release 1.10.0 ramifications: - README is now README.md - acminfo and parse_err now are called txt-acminfo and txt-parse_err - lcptools are deprecated (tpm 1.2, TrouSerS dependency) and are no longer packaged. - no longer needs TrouSerS dependency due to deprecation * Tue Jan 19 2021 Matthias Gerstner <matthias.gerstner@suse.com> - tboot-grub2-fix-menu-in-xen-host-server.patch: refreshed to match new upstream version. - tboot-grub2-fix-xen-submenu-name.patch: refreshed to match new upstream version. * Tue Jan 19 2021 Matthias Gerstner <matthias.gerstner@suse.com> - update to new upstream release 1.10.0: - Rename TXT related tools to have 'txt-' prefix - Clarify license issues - Fix issues reported by Coverity Scan - Ensure txt-acminfo does not print false information if msr is not loaded - Fix issue with multiboot(1) booting - infinite loop during boot - Fix issue with TPM1.2 - invalid default policy - Unmask NMI# after returning from SINIT - Update GRUB scripts to use multiboot2 only - Enable VGA logging for EFI platforms - Add warning when using SHA1 as hashing algorithm - Add Doxygen documentation - Replace VMAC with Poly1305 - Validate TPM NV index attributes - Move old lcptool to deprecated folder and exclude from build - TrouSerS is not longer required to build - lcptools-v2: meet requirements from MLE DG rev16 - lcptools-v2: Implement SM2 signing and SM2 signature verification - lcptools-v2: Set aux_hash_alg_mask to 0 when policy version != 0x300 - dropped tboot-Unmask-NMI-after-returning-from-SINIT.patch (upstream) * Thu Nov 12 2020 Matthias Gerstner <matthias.gerstner@suse.com> - add tboot-grub2-refuse-secure-boot.patch: don't generate tboot menu entries in grub when the system is running with UEFI Secure Boot (bsc#1175114). This prevents hard to understand error messages when trying to boot tboot in this context. * Mon Sep 28 2020 matthias.gerstner@suse.com - update to new upstream release 1.9.12: - changes from 1.9.12: - Release localities in S3 flow for CRB interface - Config.mk, safestringlib/makefile : allow tool overrides - safestringlib: fix warnings with GCC 6.4.0 - Strip executable file before generating tboot.gz - Add support for EFI memory map parse/modification - Add SHA384 and SHA512 digest algorithms - lcptools-v2: add pconf2 policy element support - tb_polgen: Add SHA384 and SHA512 support - Disable GCC9 address-of-packed-member warning - Fix warnings after "Avoid unsafe functions" scan - Use SHA256 as default hashing algorithm - changes from 1.9.11: - tb_polgen: Add support for SHA256 - Configure IOMMU before executing GETSEC[SENTER] - SINIT ACM can have padding, handle that when checking size - disable-address-of-packed-member-warning.patch: now contained upstream - tboot-grub2-fix-xen-submenu-name.patch: refreshed - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream) - dropped tboot-Configure-IOMMU-before-executing-GETSEC-SENTER.patch (upstream) - dropped tboot-Do-not-try-to-read-EFI-mem-map-when-booted-with-mult.patch (upstream) - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream) - dropped tboot-support-sinit-padding.patch (upstream) - dropped tboot-Add-support-for-EFI-memory-map-parse-modification.patch - dropped tboot-fix-memmap1-boot-issues.patch - dropped tboot-Add-more-mbi-validation.patch * Fri Jul 12 2019 Martin Liška <mliska@suse.cz> - Disable LTO in more elegant way (boo#1141323). * Thu Jul 11 2019 mgerstner <matthias.gerstner@suse.com> - explicitly disable gcc9 link time optimization to fix the build and avoid trouble in low level tboot code. * Tue May 28 2019 mgerstner <matthias.gerstner@suse.com> - add disable-address-of-packed-member-warning.patch: taken over patch found in the Fedora package to disable a new gcc-9 warning that breaks the build.
/boot/tboot-syms /boot/tboot.gz /etc/grub.d /etc/grub.d/20_linux_tboot /etc/grub.d/20_linux_xen_tboot /usr/sbin/lcp2_crtpol /usr/sbin/lcp2_crtpolelt /usr/sbin/lcp2_crtpollist /usr/sbin/lcp2_mlehash /usr/sbin/tb_polgen /usr/sbin/txt-acminfo /usr/sbin/txt-parse_err /usr/sbin/txt-stat /usr/share/doc/packages/tboot /usr/share/doc/packages/tboot/COPYING /usr/share/doc/packages/tboot/Makefile /usr/share/doc/packages/tboot/README.md /usr/share/doc/packages/tboot/howto_use.md /usr/share/doc/packages/tboot/lcptools.txt /usr/share/doc/packages/tboot/man /usr/share/doc/packages/tboot/man/lcp2_crtpol.8 /usr/share/doc/packages/tboot/man/lcp2_crtpolelt.8 /usr/share/doc/packages/tboot/man/lcp2_crtpollist.8 /usr/share/doc/packages/tboot/man/lcp2_mlehash.8 /usr/share/doc/packages/tboot/man/tb_polgen.8 /usr/share/doc/packages/tboot/man/txt-acminfo.8 /usr/share/doc/packages/tboot/man/txt-parse_err.8 /usr/share/doc/packages/tboot/man/txt-stat.8 /usr/share/doc/packages/tboot/policy_v1.txt /usr/share/doc/packages/tboot/policy_v2.txt /usr/share/doc/packages/tboot/tboot_flow.md /usr/share/doc/packages/tboot/txt-info.txt /usr/share/doc/packages/tboot/vlp.txt /usr/share/man/man8/lcp2_crtpol.8.gz /usr/share/man/man8/lcp2_crtpolelt.8.gz /usr/share/man/man8/lcp2_crtpollist.8.gz /usr/share/man/man8/lcp2_mlehash.8.gz /usr/share/man/man8/tb_polgen.8.gz /usr/share/man/man8/txt-acminfo.8.gz /usr/share/man/man8/txt-parse_err.8.gz /usr/share/man/man8/txt-stat.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 21:38:35 2024