From nobody Tue May 13 10:22:20 2025
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZxXbJ5q3yz5wfcr;
	Tue, 13 May 2025 10:22:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZxXbJ2rxQz3Lvd;
	Tue, 13 May 2025 10:22:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1747131740;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mMCwrb3cmKPX4ZGi4lscOxlBJEuVYwEx9I6W59sl7M4=;
	b=l09+qzqFGZPFrdnZHcaCfkMheZYYA9vhV8RlMo+gGyik0atcXswlwKRFye7Or3JsjNoqdg
	TeZrlXz1WQzshKaAQCQYPNYpq2Q2T4ajRwDm9gt17ObXww72a3NQitRnAoh/YRpIu8o4/P
	uChsu4BsqaGpVB17bRCEnzI1ylbZoqCvHPRTqfmkOQenWr+PqyXT4zeuzYX9cMiWRT2IG7
	DFmFU72Y0l+2xGRmjpToS8QUp4zV8ROBrOmggTu8EI2NV9PCSLuJVslj8v7CQ/kU6zEdO6
	+JQ+FtUqJlvMbi5VrDVom3dLOGNflKv52ha6mzkAW0f8YffKKxmR+enUJFIimg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1747131740;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mMCwrb3cmKPX4ZGi4lscOxlBJEuVYwEx9I6W59sl7M4=;
	b=k9Vd+9dAru/93ZlgPg76Oo4EWFyEATsBFvfrFXxxufWxPqjFSOu+jJl/Bro6asalNy5uVM
	OIzgMwz0uqVoXwcw2WiPlcJWxQqP55SxL7uOx4e3Qaugkq71wtYLfn5XX0Ko32hQuvLSoT
	D4irJRRXHj1nXkSNjHUgQlHd6CUhz2nEGmBL76FXHeyyGAoOt/yYflE28keOuaWLi1elVk
	cbBXKsEIwBKfcrhP/iXfnPjfdKLrN2a7FSVBJ90ADybyXcWQle/AqSddCSAiI9PDSVq8cl
	fBCkdjvhvmGvQ8aCxjOty/erK4N9MWo3zziMeJOFZBJDnbiALx3FwSlkmQC/Zw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1747131740; a=rsa-sha256; cv=none;
	b=ocAo+xRkhw7oI4DwKsNAHQ2zLgkD/9A6p+6guID/j5IjIlSMmTeuAXuc4seIgHm/TvjaF1
	7RipAZAm5PAoDrYCdtM+5fHU1zeKuZS4Ds+JCpLUSgmJpBN+XEc+nrruZ3YRGF2iNI2H60
	RJT/om9Vog3vZzCZpfb53LyqXg4uUf/a+4VO8lyQQUA4kFrvWgsovpyi7aprj6gWVeJIrj
	c3/9DXSpI03d/Kol4Kn9PHJAFXXAzmiujvF6UrDMG1D6r+CmhyWEGyGfTlJOzADb6wjGHk
	4ILpCXm8CioR6f2SoI4tFmBmmX/CYdmuOklv9IyLJm8BrG5ece7ry08PLzBX6Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZxXbJ2SHHzjsh;
	Tue, 13 May 2025 10:22:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 54DAMKmT009713;
	Tue, 13 May 2025 10:22:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 54DAMKIY009710;
	Tue, 13 May 2025 10:22:20 GMT
	(envelope-from git)
Date: Tue, 13 May 2025 10:22:20 GMT
Message-Id: <202505131022.54DAMKIY009710@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Gleb Popov <arrowd@FreeBSD.org>
Subject: git: e788fbf4300d - main - security/tpm2-abrmd: Assorted
  improvements to the port
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-main@freebsd.org
Sender: owner-dev-commits-ports-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: arrowd
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: e788fbf4300d6a78ccf680b943d16c26e0cee8c7
Auto-Submitted: auto-generated

The branch main has been updated by arrowd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e788fbf4300d6a78ccf680b943d16c26e0cee8c7

commit e788fbf4300d6a78ccf680b943d16c26e0cee8c7
Author:     Andrea Cocito <andrea@cocito.eu>
AuthorDate: 2025-05-07 08:56:00 +0000
Commit:     Gleb Popov <arrowd@FreeBSD.org>
CommitDate: 2025-05-13 10:22:15 +0000

    security/tpm2-abrmd: Assorted improvements to the port
    
    * Fix name collision on function write_all():
    * Stop installing tpm2-abrmd-devd.conf as it is useless and does not work
    * Use "wheel" as FreeBSD does not have the "root" group
    * Fix inconsistent naming of the rc script
    
    PR:             286218
    Approved by:    maintainer
    Pull Request:   https://github.com/freebsd/freebsd-ports/pull/391
---
 security/tpm2-abrmd/Makefile                       |  7 ++-----
 .../tpm2-abrmd/files/patch-dist_tpm2-abrmd.conf    | 22 +++++++++++++++++-----
 .../tpm2-abrmd/files/patch-src_response-sink.c     | 11 +++++++++++
 security/tpm2-abrmd/files/patch-src_tcti-tabrmd.c  | 11 +++++++++++
 security/tpm2-abrmd/files/patch-src_util.c         | 11 +++++++++++
 security/tpm2-abrmd/files/patch-src_util.h         | 11 +++++++++++
 security/tpm2-abrmd/files/tpm2-abrmd-devd.conf     |  9 ---------
 .../files/{tpm2-abrmd.in => tpm2_abrmd.in}         |  0
 security/tpm2-abrmd/pkg-message                    | 10 ++++++++++
 security/tpm2-abrmd/pkg-plist                      |  1 -
 10 files changed, 73 insertions(+), 20 deletions(-)

diff --git a/security/tpm2-abrmd/Makefile b/security/tpm2-abrmd/Makefile
index 0e4b4e89641a..00e8255f5b4c 100644
--- a/security/tpm2-abrmd/Makefile
+++ b/security/tpm2-abrmd/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	tpm2-abrmd
 DISTVERSION=	3.0.0
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	security
 MASTER_SITES=	https://github.com/tpm2-software/tpm2-abrmd/releases/download/${DISTVERSION}/
 
@@ -17,7 +17,7 @@ RUN_DEPENDS=	dbus-daemon:devel/dbus
 USES=		gmake libtool pkgconfig gnome
 USE_LDCONFIG=	yes
 USE_GNOME=	glib20
-USE_RC_SUBR=	tpm2-abrmd
+USE_RC_SUBR=	tpm2_abrmd
 
 GNU_CONFIGURE=	yes
 GNU_CONFIGURE_MANPREFIX=${PREFIX}/share
@@ -28,9 +28,6 @@ USERS=		_tss
 
 SUB_LIST=	DBUS_DAEMON=dbus
 
-pre-install:
-	@${INSTALL_DATA} ${FILESDIR}/tpm2-abrmd-devd.conf ${STAGEDIR}${PREFIX}/etc/devd
-
 post-install:
 	@${RM} ${STAGEDIR}${PREFIX}/lib/systemd/system-preset/tpm2-abrmd.preset
 	@${RM} ${STAGEDIR}${PREFIX}/lib/systemd/system/tpm2-abrmd.service
diff --git a/security/tpm2-abrmd/files/patch-dist_tpm2-abrmd.conf b/security/tpm2-abrmd/files/patch-dist_tpm2-abrmd.conf
index 755942458792..29c02ab9640d 100644
--- a/security/tpm2-abrmd/files/patch-dist_tpm2-abrmd.conf
+++ b/security/tpm2-abrmd/files/patch-dist_tpm2-abrmd.conf
@@ -1,25 +1,37 @@
 --- dist/tpm2-abrmd.conf.orig	2022-05-09 15:39:53 UTC
 +++ dist/tpm2-abrmd.conf
-@@ -2,7 +2,7 @@
+@@ -2,27 +2,25 @@
   "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
  <busconfig>
    <!-- ../system.conf have denied everything, so we just punch some holes -->
 -  <policy user="tss">
-+  <policy user="_tss">
-     <allow own="com.intel.tss2.Tabrmd"/>
-   </policy>
+-    <allow own="com.intel.tss2.Tabrmd"/>
+-  </policy>
+-  <policy user="root">
+-    <allow own="com.intel.tss2.Tabrmd"/>
+-  </policy>
+   <!-- Match /dev/tpmrm0 permissions tss tss 0660 -->
    <policy user="root">
-@@ -17,11 +17,11 @@
      <allow send_destination="com.intel.tss2.Tabrmd"/>
      <allow receive_sender="com.intel.tss2.Tabrmd"/>
++    <allow own="com.intel.tss2.Tabrmd"/>
+   </policy>
+-  <policy group="root">
++  <policy group="wheel">
+     <allow send_destination="com.intel.tss2.Tabrmd"/>
+     <allow receive_sender="com.intel.tss2.Tabrmd"/>
++    <allow own="com.intel.tss2.Tabrmd"/>
    </policy>
 -  <policy user="tss">
 +  <policy user="_tss">
      <allow send_destination="com.intel.tss2.Tabrmd"/>
      <allow receive_sender="com.intel.tss2.Tabrmd"/>
++    <allow own="com.intel.tss2.Tabrmd"/>
    </policy>
 -  <policy group="tss">
 +  <policy group="_tss">
      <allow send_destination="com.intel.tss2.Tabrmd"/>
      <allow receive_sender="com.intel.tss2.Tabrmd"/>
++    <allow own="com.intel.tss2.Tabrmd"/>
    </policy>
+ </busconfig>
diff --git a/security/tpm2-abrmd/files/patch-src_response-sink.c b/security/tpm2-abrmd/files/patch-src_response-sink.c
new file mode 100644
index 000000000000..a54debd6835a
--- /dev/null
+++ b/security/tpm2-abrmd/files/patch-src_response-sink.c
@@ -0,0 +1,11 @@
+--- src/response-sink.c.orig	2025-02-22 21:59:15 UTC
++++ src/response-sink.c
+@@ -188,7 +188,7 @@ response_sink_process_response (Tpm2Response *response
+ 
+     g_debug ("%s: writing 0x%x bytes", __func__, size);
+     g_debug_bytes (buffer, size, 16, 4);
+-    written = write_all (ostream, buffer, size);
++    written = g_write_all (ostream, buffer, size);
+     g_object_unref (connection);
+ 
+     return written;
diff --git a/security/tpm2-abrmd/files/patch-src_tcti-tabrmd.c b/security/tpm2-abrmd/files/patch-src_tcti-tabrmd.c
new file mode 100644
index 000000000000..4af7e9727b29
--- /dev/null
+++ b/security/tpm2-abrmd/files/patch-src_tcti-tabrmd.c
@@ -0,0 +1,11 @@
+--- src/tcti-tabrmd.c.orig	2025-02-22 21:59:15 UTC
++++ src/tcti-tabrmd.c
+@@ -46,7 +46,7 @@ tss2_tcti_tabrmd_transmit (TSS2_TCTI_CONTEXT *context,
+     g_debug_bytes (command, size, 16, 4);
+     ostream = g_io_stream_get_output_stream (TSS2_TCTI_TABRMD_IOSTREAM (context));
+     g_debug ("%s: blocking write on ostream", __func__);
+-    write_ret = write_all (ostream, command, size);
++    write_ret = g_write_all (ostream, command, size);
+     /* should switch on possible errors to translate to TSS2 error codes */
+     switch (write_ret) {
+     case -1:
diff --git a/security/tpm2-abrmd/files/patch-src_util.c b/security/tpm2-abrmd/files/patch-src_util.c
new file mode 100644
index 000000000000..32c36126c75b
--- /dev/null
+++ b/security/tpm2-abrmd/files/patch-src_util.c
@@ -0,0 +1,11 @@
+--- src/util.c.orig	2025-02-22 21:59:15 UTC
++++ src/util.c
+@@ -68,7 +68,7 @@ ssize_t
+ /** Write as many of the size bytes from buf to fd as possible.
+  */
+ ssize_t
+-write_all (GOutputStream *ostream,
++g_write_all (GOutputStream *ostream,
+            const uint8_t *buf,
+            const size_t   size)
+ {
diff --git a/security/tpm2-abrmd/files/patch-src_util.h b/security/tpm2-abrmd/files/patch-src_util.h
new file mode 100644
index 000000000000..2c8936779c7f
--- /dev/null
+++ b/security/tpm2-abrmd/files/patch-src_util.h
@@ -0,0 +1,11 @@
+--- src/util.h.orig	2025-02-22 21:59:15 UTC
++++ src/util.h
+@@ -79,7 +79,7 @@ typedef TSS2_RC (*KeyValueFunc) (const key_value_t* ke
+ #define TPMA_CC_RES(attrs)         (attrs.val & 0xc0000000)
+ */
+ 
+-ssize_t     write_all                       (GOutputStream    *ostream,
++ssize_t     g_write_all                       (GOutputStream    *ostream,
+                                              const uint8_t    *buf,
+                                              const size_t      size);
+ int         read_data                       (GInputStream     *istream,
diff --git a/security/tpm2-abrmd/files/tpm2-abrmd-devd.conf b/security/tpm2-abrmd/files/tpm2-abrmd-devd.conf
deleted file mode 100644
index f7f4091a25a5..000000000000
--- a/security/tpm2-abrmd/files/tpm2-abrmd-devd.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-# Allow members of _tss group to access tpm device
-
-notify 100 {
-	match "system"		"DEVFS";
-	match "subsystem"	"CDEV";
-	match "type"		"CREATE";
-	match "cdev"		"tpm[0-9]+";
-	action				"chgrp _tss /dev/tpm0; chmod g+rw /dev/tpm0";
-};
diff --git a/security/tpm2-abrmd/files/tpm2-abrmd.in b/security/tpm2-abrmd/files/tpm2_abrmd.in
similarity index 100%
rename from security/tpm2-abrmd/files/tpm2-abrmd.in
rename to security/tpm2-abrmd/files/tpm2_abrmd.in
diff --git a/security/tpm2-abrmd/pkg-message b/security/tpm2-abrmd/pkg-message
new file mode 100644
index 000000000000..cfc2c09fdf0b
--- /dev/null
+++ b/security/tpm2-abrmd/pkg-message
@@ -0,0 +1,10 @@
+[
+{ type: install
+  message: <<EOM
+Please add the following lines to /etc/devfs.conf as tpm2-abrmd needs /dev/tpm0
+to be mode 0660 and group _tss:
+perm	tpm0	0660
+own	tpm0	root:_tss
+EOM
+}
+]
diff --git a/security/tpm2-abrmd/pkg-plist b/security/tpm2-abrmd/pkg-plist
index d20a9a42b2ca..978d156f8219 100644
--- a/security/tpm2-abrmd/pkg-plist
+++ b/security/tpm2-abrmd/pkg-plist
@@ -1,6 +1,5 @@
 include/tss2/tss2-tcti-tabrmd.h
 etc/dbus-1/system.d/tpm2-abrmd.conf
-etc/devd/tpm2-abrmd-devd.conf
 lib/libtss2-tcti-tabrmd.a
 lib/libtss2-tcti-tabrmd.so
 lib/libtss2-tcti-tabrmd.so.0