modules-tpm2-tools: bump from 5.2->5.6 (removes need to hack around PACKAGE_VERSION string which configure.ac points to ./VERSION already

tpm2-tools-5.6 patch: comment out git versioning output under ./VERSION; module: output current version under ./VERSION instead. Document under module

Signed-off-by: Thierry Laurion <insurgo@riseup.net>

modules/tpm2-tools

@@ -8,34 +8,30 @@ ifeq "$(CONFIG_TPM2_TOOLS)" "y"
 	export CONFIG_TPM=y
 endif
 
-tpm2-tools_version := 5.2
+tpm2-tools_version := 5.6
 #tpm2-tools_version := 78a7681
 #tpm2-tools_repo := https://github.com/tpm2-software/tpm2-tools.git
 
 tpm2-tools_dir := tpm2-tools-$(tpm2-tools_version)
 tpm2-tools_tar := tpm2-tools-$(tpm2-tools_version).tar.gz
 tpm2-tools_url := https://github.com/tpm2-software/tpm2-tools/releases/download/$(tpm2-tools_version)/$(tpm2-tools_tar)
-tpm2-tools_hash := c0b402f6a7b3456e8eb2445211e2d41c46c7e769e05fe4d8909ff64119f7a630
+tpm2-tools_hash := 52c8bcbaadca082abfe5eb7ee4967d2d632d84b1677675f2f071b6d2ec22cec3
 
-# we have ESYS 3.0, but it doesn't figure that out on its own
+#tpm2-tools 5.6 adds release version based on git, while tarball downloaded doesn't include any .git
+#  the patch comments out git output to ./VERSION, and we fill it here based on this Makefile's version
+#tpm2-tools doesn't play nice with reproducible builds, hardcoding lib paths without providing a configure option to remove rpaths
+#  We make sure no hardcoding of libdir flags exist in configure script prior of calling the script with sed call
+#  We pass additional remapping of prefix-map from $INSTALL to local dir
 tpm2-tools_configure := \
-	./bootstrap \
+	echo "$(tpm2-tools_version)" > ./VERSION \
-	&& sed -i 's/hardcode_direct=yes/hardcode_direct=no/g' configure \
+	&& ./bootstrap \
-	&& sed -i 's/hardcode_libdir_flag_spec=.*/hardcode_libdir_flag_spec=" "/' configure \
+	&& sed -i 's/hardcode_libdir_flag_spec=.*/hardcode_libdir_flag_spec=/' configure \
-	&& sed -i 's/hardcode_minus_L=yes/hardcode_minus_L=no/g' configure \
-	&& sed -i 's/hardcode_automatic=yes/hardcode_automatic=no/g' configure \
-	&& sed -i 's/hardcode_runpath_var=yes/hardcode_runpath_var=no/g' configure \
-	&& sed -i 's/hardcode_into_libs=yes/hardcode_into_libs=no/g' configure \
-	&& sed -i 's/hardcode_direct_absolute=yes/hardcode_direct_absolute=no/g' configure \
-	&& sed -i 's/inherit_rpath=yes/inherit_rpath=no/g' configure \
-	&& sed -i "s/VERSION='.*'/VERSION='reproducible_build'/g" configure \
 	&& ./configure \
 	$(CROSS_TOOLS) \
 	--host $(MUSL_ARCH)-elf-linux \
 	--prefix "/" \
 	--disable-fapi \
-	TSS2_ESYS_3_0_CFLAGS="-I$(INSTALL)/include" \
+	CFLAGS="-fdebug-prefix-map=$(INSTALL)=." \
-	TSS2_ESYS_3_0_LIBS="-ltss2-esys" \
 
 tpm2-tools_target := $(MAKE_JOBS) \
 	DESTDIR="$(INSTALL)" \

patches/tpm2-tools-5.2.patch

@@ -1,33 +0,0 @@
-diff --git a/Makefile.am b/Makefile.am
-index 7132215..32e2193 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -93,7 +93,7 @@ tss2_tools = \
- 
- # Bundle all the tools into a single program similar to busybox
- bin_PROGRAMS += tools/tpm2
--tools_tpm2_LDADD = $(LDADD) $(CURL_LIBS)
-+tools_tpm2_LDADD = $(LDADD)
- tools_tpm2_CFLAGS = $(AM_CFLAGS) -DTPM2_TOOLS_MAX="$(words $(tpm2_tools))"
- tools_tpm2_SOURCES = \
- 	tools/tpm2_tool.c \
-@@ -127,7 +127,6 @@ tpm2_tools = \
-     tools/tpm2_encryptdecrypt.c \
-     tools/tpm2_evictcontrol.c \
-     tools/tpm2_flushcontext.c \
--    tools/tpm2_getekcertificate.c \
-     tools/tpm2_getrandom.c \
-     tools/tpm2_gettime.c \
-     tools/tpm2_hash.c \
-diff --git a/configure.ac b/configure.ac
-index f1c1711..7279baa 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -59,7 +59,6 @@ PKG_CHECK_MODULES([TSS2_MU], [tss2-mu])
- PKG_CHECK_MODULES([TSS2_RC], [tss2-rc])
- PKG_CHECK_MODULES([TSS2_SYS], [tss2-sys])
- PKG_CHECK_MODULES([CRYPTO], [libcrypto >= 1.1.0])
--PKG_CHECK_MODULES([CURL], [libcurl])
- 
- # pretty print of devicepath if efivar library is present
- PKG_CHECK_MODULES([EFIVAR], [efivar],,[true])

patches/tpm2-tools-5.6.patch

@@ -0,0 +1,42 @@
+--- ./bootstrap.orig    2023-11-08 02:19:36.000000000 -0500
++++ ./bootstrap 2024-04-03 12:18:46.722995465 -0400
+@@ -5,7 +5,7 @@
+
+ # Generate a VERSION file that is included in the dist tarball to avoid needed git
+ # when calling autoreconf in a release tarball.
+-git describe --tags --always --dirty > VERSION
++#git describe --tags --always --dirty > VERSION
+
+ # generate list of source files for use in Makefile.am
+ # if you add new source files, you must run ./bootstrap again
+diff --git a/Makefile.am b/Makefile.am
+index 7132215..32e2193 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -93,7 +93,7 @@ tss2_tools = \
+ 
+ # Bundle all the tools into a single program similar to busybox
+ bin_PROGRAMS += tools/tpm2
+-tools_tpm2_LDADD = $(LDADD) $(CURL_LIBS)
++tools_tpm2_LDADD = $(LDADD)
+ tools_tpm2_CFLAGS = $(AM_CFLAGS) -DTPM2_TOOLS_MAX="$(words $(tpm2_tools))"
+ tools_tpm2_SOURCES = \
+ 	tools/tpm2_tool.c \
+@@ -127,7 +127,6 @@ tpm2_tools = \
+     tools/tpm2_encryptdecrypt.c \
+     tools/tpm2_evictcontrol.c \
+     tools/tpm2_flushcontext.c \
+-    tools/tpm2_getekcertificate.c \
+     tools/tpm2_getrandom.c \
+     tools/tpm2_gettime.c \
+     tools/tpm2_hash.c \
+--- ./configure.ac.orig	2023-11-08 02:19:36.000000000 -0500
++++ ./configure.ac	2024-04-02 12:05:00.270985575 -0400
+@@ -80,7 +80,6 @@
+ AC_CHECK_LIB(crypto, [EVP_sm4_cfb128], [
+         AC_DEFINE([HAVE_EVP_SM4_CFB], [1], [Support EVP_sm4_cfb in openssl])],
+         [])
+-PKG_CHECK_MODULES([CURL], [libcurl])
+ 
+ # pretty print of devicepath if efivar library is present
+ # auto detect if not specified via the --with-efivar option.