Performs a verified launch using Intel(R) TXT
Trusted Boot (tboot) is an open source, pre-kernel/VMM module that uses
Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured
and verified launch of an OS kernel/VMM.
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout SUSE:SLE-15-SP1:GA/tboot && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
tboot-1.9.8.tar.gz | 0000663292 648 KB | |
tboot-distributor.patch | 0000000962 962 Bytes | |
tboot-grub2-fix-menu-in-xen-host-server.patch | 0000004047 3.95 KB | |
tboot-grub2-fix-xen-submenu-name.patch | 0000000822 822 Bytes | |
tboot.changes | 0000019633 19.2 KB | |
tboot.spec | 0000003356 3.28 KB |
Latest Revision
Stefan Behlert (sbehlert)
committed
(revision 4)
- update to new upstream release 1.9.8 (FATE#324359) with changelog synced to Factory (bsc#1121860) old: SUSE:SLE-15-SP1:GA/tboot new: openSUSE.org:openSUSE:Factory/tboot rev 37 Index: tboot.changes =================================================================== --- tboot.changes (revision 3) +++ tboot.changes (revision 37) @@ -1,35 +1,53 @@ ------------------------------------------------------------------- -Thu Oct 25 08:12:06 UTC 2018 - matthias.gerstner@suse.com +Wed Oct 24 08:44:04 UTC 2018 - matthias.gerstner@suse.com - update to new upstream release 1.9.8 (FATE#324359): - - changes in 1.9.8: - Skip tboot launch error index read/write when ignore prev err option is true - s3-fix: fix a stack overflow caused by enlarged tb_hash_t union - S3 fix: revert the mis-changed type casting in changeset 522:8e881a07c059 - S3-fix: Adding option save_vtd=true to opt-in the vtd table restore - - changes in 1.9.7: - - Fix a lot of issues in tools reported by klocwork scan. - - Fix a lot of issues in tboot module reported by klocwork scan. - - Remove a redundant tboot option - - Fix indent in heap.c - - Fix 4 issues along with extpol=agile option - - Mitigations for tpm interposer attacks - - Add an option in tboot to force SINIT to use the legacy TPM2 log format. - - Add support for appending to a TPM2 TCG style event log. - - Ensure tboot log is available even when measured launch is skipped. - - Add centos7 instructions for Use in EFI boot mode. - - Fix memory leak and invalid reads and writes issues. - - Fix TPM 1.2 locality selection issue. - - Fix a null pointer dereference bug when Intel TXT is disabled. - - Optimize tboot docs installation. - - Fix security vulnerabilities rooted in tpm_if structure and g_tpm variable. - - The size field of the MB2 tag is the size of the tag header + the size - - Fix openssl-1.0.2 double frees - - Make policy element stm_elt use unique type name - - lcptools-v2 utilities fixes - - port to openssl-1.1.0 - - Reset debug PCR16 to zero. - - Fix a logical error in function bool evtlog_append(...). +- rebased patches to match new upstream version + +------------------------------------------------------------------- +Fri Sep 7 08:30:20 UTC 2018 - Jan Engelhardt <jengelh@inai.de> + +- Use noun phrase in summary. + +------------------------------------------------------------------- +Mon Sep 3 10:11:39 UTC 2018 - matthias.gerstner@suse.com + +- package new upstream tarball for 1.9.7. It seems the tarball was replaced + upstream without notice, because some version numbers have not been + incremented. +- tboot-grub2-fix-menu-in-xen-host-server.patch: rebased +- tboot-grub2-fix-xen-submenu-name.patch: rebased + +------------------------------------------------------------------- +Fri Aug 31 14:23:48 UTC 2018 - matthias.gerstner@suse.com + +- update to upstream version 1.9.7. This in mainly a bugfix release: + Fix a lot of issues in tools reported by klocwork scan. + Fix a lot of issues in tboot module reported by klocwork scan. + Remove a redundant tboot option + Fix indent in heap.c + Fix 4 issues along with extpol=agile option + Mitigations for tpm interposer attacks + Add an option in tboot to force SINIT to use the legacy TPM2 log format. + Add support for appending to a TPM2 TCG style event log. + Ensure tboot log is available even when measured launch is skipped. + Add centos7 instructions for Use in EFI boot mode. + Fix memory leak and invalid reads and writes issues. + Fix TPM 1.2 locality selection issue. + Fix a null pointer dereference bug when Intel TXT is disabled. + Optimize tboot docs installation. + Fix security vulnerabilities rooted in tpm_if structure and g_tpm variable. + The size field of the MB2 tag is the size of the tag header + the size + Fix openssl-1.0.2 double frees + Make policy element stm_elt use unique type name + lcptools-v2 utilities fixes + port to openssl-1.1.0 + Reset debug PCR16 to zero. + Fix a logical error in function bool evtlog_append(...). - removed tboot-CVE-2017-16837.patch: now contained in tarball - removed tboot-openssl-1-1-0.patch: now contained in tarball - removed tboot-signature-segfault.patch: now contained in tarball Index: tboot.spec =================================================================== --- tboot.spec (revision 3) +++ tboot.spec (revision 37) @@ -1,7 +1,7 @@ # # spec file for package tboot # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed
Comments 0