Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tboot-20210614_1.11.1-1.6 RPM for i586

From OpenSuSE Ports Tumbleweed for i586

Name: tboot Distribution: openSUSE Tumbleweed
Version: 20210614_1.11.1 Vendor: openSUSE
Release: 1.6 Build date: Mon Oct 9 09:16:54 2023
Group: Productivity/Security Build host: i03-ch1b
Size: 797000 Source RPM: tboot-20210614_1.11.1-1.6.src.rpm
Summary: Program for performing a verified launch using Intel TXT
Trusted Boot (tboot) is a pre-kernel/VMM module that uses Intel
Trusted Execution Technology (Intel(R) TXT) to perform a measured and
verified launch of an OS kernel/VMM.






* Mon Feb 06 2023 Matthias Gerstner <>
  - required update due to openSSL 3.0 deprecation errors in current version
  - updated to v1.11.1 / 20230125:
      20230125: v1.11.1
    - Revert log memory range extension (caused memory overlaps and boot failures)
      20221223: v1.11.0
    - Fixed TPM handling to flush objects after integrity measurement (Intel PTT limitations)
    - Exteded low memory range for logs (HCC CPUs had issue with not enough memory)
    - "agile" removed from PCR Extend policy options (requested deprecation)
    - Added handling for flexible ACM Info Table format
    - lcptools: CPPFLAGS use by environment in build
    - lcptools: removed __DATE__ refs to make build reproducible
    - Only platform-matchin SINIT modules can be selected
    - txt-acminfo: Map TXT heap using mmap
    - Typo fix in man page
      20220304: v1.10.5
    - Fixed mlehash.c to bring back functionality and make it GCC12 compliant
    - Reverted change for replacing EFI memory to bring back Tboot in-memory logs
      20220224: v1.10.4
    - Fix hash printing for SHA384, SHA512 and SM3
    - Touch ups for GCC12
    - Set GDT to map CS and DS to 4GB before jumping to Linux
    - make efi_memmap_reserve handle gaps like e820_protect_region
    - Ensure that growth of Multiboot tags does not go beyond original area
    - Replace EFI memory map in Multiboot2 info
    - Fix endianness of pcr_info->pcr_selection.size_of_select
    - Don't ignore locality in PCR file
    - Fix composite hashing algorithm for PCONF elements to match lcptools-1
      20211210: v1.10.3
    - Add UNI-VGA license information
    - Remove poly1305 object files on clean
    - Support higher resolution monitors
    - Use SHA256 as default hashing algorithm in lcp2_mlehash and tb_polgen
    - Add OpenSSL 3.0.0 support in lcptools-v2
    - Increase number of supported CPUs to 1024 to accomodate for larger units
  - tboot-grub2-fix-menu-in-xen-host-server.patch: refreshed to match new
    upstream version.
  - tboot-grub2-fix-xen-submenu-name.patch: refreshed to match new upstream
* Fri Jun 11 2021 Marcus Meissner <>
  - updated to v1.10.2 / 20210614
      Fix ACM chipset/processor list validation
      Check for client/server match when selecting SINIT
      Fix issues when building with GCC11
      Default to D/A mapping when TPM1.2 and CBnT platform
  - updated to 1.10.1 / 20210330
    - Indicate to SINIT that CBnT is supported by TBOOT
    - lcptools: Fix issues from static code analysis
* Tue Jan 19 2021 Matthias Gerstner <>
  - release 1.10.0 ramifications:
    - README is now
    - acminfo and parse_err now are called txt-acminfo and txt-parse_err
    - lcptools are deprecated (tpm 1.2, TrouSerS dependency) and are no longer
    - no longer needs TrouSerS dependency due to deprecation
* Tue Jan 19 2021 Matthias Gerstner <>
  - tboot-grub2-fix-menu-in-xen-host-server.patch: refreshed to match new
    upstream version.
  - tboot-grub2-fix-xen-submenu-name.patch: refreshed to match new upstream
* Tue Jan 19 2021 Matthias Gerstner <>
  - update to new upstream release 1.10.0:
    - Rename TXT related tools to have 'txt-' prefix
    - Clarify license issues
    - Fix issues reported by Coverity Scan
    - Ensure txt-acminfo does not print false information if msr is not loaded
    - Fix issue with multiboot(1) booting - infinite loop during boot
    - Fix issue with TPM1.2 - invalid default policy
    - Unmask NMI# after returning from SINIT
    - Update GRUB scripts to use multiboot2 only
    - Enable VGA logging for EFI platforms
    - Add warning when using SHA1 as hashing algorithm
    - Add Doxygen documentation
    - Replace VMAC with Poly1305
    - Validate TPM NV index attributes
    - Move old lcptool to deprecated folder and exclude from build
    - TrouSerS is not longer required to build
    - lcptools-v2: meet requirements from MLE DG rev16
    - lcptools-v2: Implement SM2 signing and SM2 signature verification
    - lcptools-v2: Set aux_hash_alg_mask to 0 when policy version != 0x300
  - dropped tboot-Unmask-NMI-after-returning-from-SINIT.patch (upstream)
* Thu Nov 12 2020 Matthias Gerstner <>
  - add tboot-grub2-refuse-secure-boot.patch: don't generate tboot menu entries
    in grub when the system is running with UEFI Secure Boot (bsc#1175114). This
    prevents hard to understand error messages when trying to boot tboot in this
* Mon Sep 28 2020
  - update to new upstream release 1.9.12:
    - changes from 1.9.12:
    - Release localities in S3 flow for CRB interface
    -, safestringlib/makefile : allow tool overrides
    - safestringlib: fix warnings with GCC 6.4.0
    - Strip executable file before generating tboot.gz
    - Add support for EFI memory map parse/modification
    - Add SHA384 and SHA512 digest algorithms
    - lcptools-v2: add pconf2 policy element support
    - tb_polgen: Add SHA384 and SHA512 support
    - Disable GCC9 address-of-packed-member warning
    - Fix warnings after "Avoid unsafe functions" scan
    - Use SHA256 as default hashing algorithm
    - changes from 1.9.11:
    - tb_polgen: Add support for SHA256
    - Configure IOMMU before executing GETSEC[SENTER]
    - SINIT ACM can have padding, handle that when checking size
    - disable-address-of-packed-member-warning.patch: now contained upstream
    - tboot-grub2-fix-xen-submenu-name.patch: refreshed
  - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream)
  - dropped tboot-Configure-IOMMU-before-executing-GETSEC-SENTER.patch (upstream)
  - dropped tboot-Do-not-try-to-read-EFI-mem-map-when-booted-with-mult.patch (upstream)
  - dropped tboot-Release-localities-in-S3-flow-for-CRB-interface.patch (upstream)
  - dropped tboot-support-sinit-padding.patch (upstream)
  - dropped tboot-Add-support-for-EFI-memory-map-parse-modification.patch
  - dropped tboot-fix-memmap1-boot-issues.patch
  - dropped tboot-Add-more-mbi-validation.patch
* Fri Jul 12 2019 Martin Liška <>
  - Disable LTO in more elegant way (boo#1141323).
* Thu Jul 11 2019 mgerstner <>
  - explicitly disable gcc9 link time optimization to fix the build and avoid
    trouble in low level tboot code.
* Tue May 28 2019 mgerstner <>
  - add disable-address-of-packed-member-warning.patch: taken over patch found
    in the Fedora package to disable a new gcc-9 warning that breaks the build.



Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 26 23:39:43 2024