subtree updates: raspberrypi security arm
meta-raspberrypi: e43af1e3a6..e15b876155:
Florian Frank (1):
linux-firmware-rpidistro: Fix wireless on model 3B and Zero W
Khem Raj (1):
linux-raspberrypi_5.15.bb: Upgrade to 5.15.92
Martin Jansa (1):
gstreamer1.0-plugins-good: rename bbappend, drop version
meta-arm: dc10b73cc5..eb9c47a4e1:
Gowtham Suresh Kumar (6):
arm/edk2-basetools: Add edk2 base tool native recipe
arm-bsp/uefi_capsule: Add UEFI capsule generation class
arm-bsp/corstone1000-image: Generate UEFI capsule for corstone1000 platform
arm/edk2-basetools: Convert edk2 basetools recipes to native only
arm-bsp/uefi_capsule: Use json file to pass capsule config
arm/uefi_capsule: Move UEFI capsule to IMGDEPLOYDIR
Jon Mason (5):
arm/boot-wrapper-aarch64: update to a newer SHA
arm/gn: update to a more recent SHA
arm/opencsd: update to v1.4.0
arm/trusted-firmware-a: update version and relocate fiptool
arm/sbsa-acs: update to v6.1.0
Mohamed Omar Asaker (5):
arm-bsp/trusted-services: corstone1000:Align psa crypto client with TF-Mv1.7
arm-bsp/trusted-services:corstone1000: disable obsolete algorithms for crypto
arm-bsp/trusted-services: corstone1000: Disable SHA512/384
arm-bsp/trusted-firmware-m:corstone1000: Increase number of assets
arm-bsp/trusted-firmware-m:corstone1000: Set SPM backend to IPC
Peter Hoyes (11):
arm,arm-bsp/classes: Move wic_nopt to meta-arm
arm-bsp/classes: Use :append to add to IMAGE_TYPES in wic_nopt
CI: Factor out CACHE_DIR to improve mirror configurability
CI: Collect testimage logs on failure
arm/trusted-firmware-m: Synchronize with 1.7.0 release
arm/classes: Factor out image signing arguments in tfm_image_sign
arm/trusted-firmware-m: Create common inc file for src definitions
arm/trusted-firmware-m: Create inc file for common config
arm/trusted-firmware-m-scripts: Create inc file for common config
arm/classes: Add sstate support to tfm_sign_images
CI: Add BUILD_ENABLE_REGEX option to conditionally enable builds
Ross Burton (8):
arm-bsp/external-system: fix the gen_module race, again
arm-bsp/linux-yocto: add 5.19 kernel recipe for N1SDP
arm/linux-yocto: remove obsolete 5.19 bbappend
arm/trusted-firmware-m: Do not use release branches
arm/boot-wrapper-aarch64: tell upgrade checker to look for new SHAs
CI/machine-summary: add missing recipes
arm-toolchain/gcc-arm: add missing Signed-off-by tag
arm/optee-os: add missing patch header
meta-security: 3529cfb43e..c06b9a18a6:
Maciej Borzęcki (1):
dm-verity-img.bbclass: add squashfs images
Petr Gotthard (4):
tpm2-tss: upgrade 3.2.0 -> 4.0.1
tpm2-tools: upgrade 5.3 -> 5.5
tpm2-pkcs11: upgrade 1.8.0 -> 1.9.0
tpm2-abrmd: upgrade 2.4.1 -> 3.0.0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0e1629b2f70ad1e5f7b97f5ae6d768bde101cc6f
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb
new file mode 100644
index 0000000..ea2433c
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-abrmd/tpm2-abrmd_3.0.0.bb
@@ -0,0 +1,54 @@
+SUMMARY = "TPM2 Access Broker & Resource Manager"
+DESCRIPTION = "This is a system daemon implementing the TPM2 access \
+broker (TAB) & Resource Manager (RM) spec from the TCG. The daemon (tpm2-abrmd) \
+is implemented using Glib and the GObject system. In this documentation and \
+in the code we use `tpm2-abrmd` and `tabrmd` interchangeably. \
+"
+SECTION = "security/tpm"
+
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da"
+
+DEPENDS = "autoconf-archive dbus glib-2.0 tpm2-tss glib-2.0-native \
+ libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim"
+
+SRC_URI = "\
+ https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz \
+ file://tpm2-abrmd-init.sh \
+ file://tpm2-abrmd.default \
+"
+
+SRC_URI[sha256sum] = "d59aff34164aa705b05155b86607f6b66918a433104f754a3fcf76216dd9f465"
+
+UPSTREAM_CHECK_URI = "https://github.com/tpm2-software/${BPN}/releases"
+
+inherit autotools pkgconfig systemd update-rc.d useradd
+
+SYSTEMD_PACKAGES += "${PN}"
+SYSTEMD_SERVICE:${PN} = "tpm2-abrmd.service"
+SYSTEMD_AUTO_ENABLE:${PN} = "disable"
+
+INITSCRIPT_NAME = "${PN}"
+INITSCRIPT_PARAMS = "start 99 2 3 4 5 . stop 19 0 1 6 ."
+
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM:${PN} = "tss"
+USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss"
+
+PACKAGECONFIG ?="${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}"
+PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}, --with-systemdsystemunitdir=no"
+
+do_install:append() {
+ install -d "${D}${sysconfdir}/init.d"
+ install -m 0755 "${WORKDIR}/tpm2-abrmd-init.sh" "${D}${sysconfdir}/init.d/tpm2-abrmd"
+
+ install -d "${D}${sysconfdir}/default"
+ install -m 0644 "${WORKDIR}/tpm2-abrmd.default" "${D}${sysconfdir}/default/tpm2-abrmd"
+}
+
+FILES:${PN} += "${libdir}/systemd/system-preset \
+ ${datadir}/dbus-1"
+
+RDEPENDS:${PN} += "tpm2-tss"
+
+BBCLASSEXTEND = "native"