follow stable-0.2.0 branch with fix of GnuTLS API call to get subject key ID

Remove ownership change of swtpm_setup.sh; have root own the file as required

.gitignore

@@ -0,0 +1,11 @@
+/swtpm.spec
+/swtpm-c782a85.tar.gz
+/swtpm-05d8160.tar.gz
+/swtpm-8b9484a.tar.gz
+/swtpm-2c25d13.tar.gz
+/swtpm-ca85606.tar.gz
+/swtpm-374b669.tar.gz
+/swtpm-f0b4137.tar.gz
+/swtpm-13536aa.tar.gz
+/swtpm-9227cf4.tar.gz
+/swtpm-8dae4b3.tar.gz

sources

@@ -0,0 +1,2 @@
+SHA512 (swtpm.spec) = e3e90bb54e728ec55f04616d6150b5364a6a4932ff023b7a341c31e7d2de8453a06a4bd6d27c0ae8c1b3d8ea5634221350222bb5c8221edfc3e294f701cb26ec
+SHA512 (swtpm-8dae4b3.tar.gz) = 9e3679d453a0f66bee4daf06113ae0d798c1b8188a838149eb52cd3dbb0960467e285fce815f5c600cea99e5d60459aec283f657272ad3d36e486a4dc002efac

swtpm.spec

@@ -0,0 +1,210 @@
+%bcond_without gnutls
+
+%global gitdate     20191115
+%global gitcommit   8dae4b3f9d4a71f67587d7900dae14c175a426d1
+%global gitshortcommit  %(c=%{gitcommit}; echo ${c:0:7})
+
+# Macros needed by SELinux
+%global selinuxtype targeted
+%global moduletype  contrib
+%global modulename  swtpm
+
+Summary: TPM Emulator
+Name:           swtpm
+Version:        0.2.0
+Release:        5.%{gitdate}git%{gitshortcommit}%{?dist}
+License:        BSD
+Url:            http://github.com/stefanberger/swtpm
+Source0:        %{url}/archive/%{gitcommit}/%{name}-%{gitshortcommit}.tar.gz
+
+BuildRequires:  automake
+BuildRequires:  autoconf
+BuildRequires:  libtool
+BuildRequires:  libtpms-devel >= 0.6.0
+BuildRequires:  glib2-devel
+BuildRequires:  gmp-devel
+BuildRequires:  expect
+BuildRequires:  net-tools
+BuildRequires:  openssl-devel
+BuildRequires:  socat
+BuildRequires:  python3
+BuildRequires:  python3-twisted
+BuildRequires:  trousers >= 0.3.9
+BuildRequires:  tpm-tools >= 1.3.8-6
+BuildRequires:  softhsm
+%if %{with gnutls}
+BuildRequires:  gnutls >= 3.1.0
+BuildRequires:  gnutls-devel
+BuildRequires:  gnutls-utils
+BuildRequires:  libtasn1-devel
+BuildRequires:  libtasn1
+%endif
+BuildRequires:  selinux-policy-devel
+BuildRequires:  gcc
+BuildRequires:  libseccomp-devel
+
+Requires:       %{name}-libs = %{version}-%{release}
+Requires:       libtpms >= 0.6.0
+%{?selinux_requires}
+
+%description
+TPM emulator built on libtpms providing TPM functionality for QEMU VMs
+
+%package        libs
+Summary:        Private libraries for swtpm TPM emulators
+License:        BSD
+
+%description    libs
+A private library with callback functions for libtpms based swtpm TPM emulator
+
+%package        devel
+Summary:        Include files for the TPM emulator's CUSE interface for usage by clients
+License:        BSD
+Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
+
+%description    devel
+Include files for the TPM emulator's CUSE interface.
+
+%package        tools
+Summary:        Tools for the TPM emulator
+License:        BSD
+Requires:       swtpm = %{version}-%{release}
+Requires:       trousers >= 0.3.9 tpm-tools >= 1.3.8-6 expect bash net-tools gnutls-utils
+
+%description    tools
+Tools for the TPM emulator from the swtpm package
+
+%prep
+%autosetup -n %{name}-%{gitcommit}
+
+%build
+
+NOCONFIGURE=1 ./autogen.sh
+%configure \
+%if %{with gnutls}
+        --with-gnutls \
+%endif
+        --without-cuse
+
+%make_build
+
+%check
+make %{?_smp_mflags} check
+
+%install
+
+%make_install
+rm -f $RPM_BUILD_ROOT%{_libdir}/%{name}/*.{a,la,so}
+rm -f $RPM_BUILD_ROOT%{_mandir}/man8/swtpm-create-tpmca.8*
+rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/swtpm-create-tpmca
+
+%post
+for pp in /usr/share/selinux/packages/swtpm.pp \
+          /usr/share/selinux/packages/swtpm_svirt.pp; do
+  %selinux_modules_install -s %{selinuxtype} ${pp}
+done
+restorecon %{_bindir}/swtpm
+
+%postun
+if [ $1 -eq  0 ]; then
+  for p in swtpm swtpm_svirt; do
+    %selinux_modules_uninstall -s %{selinuxtype} $p
+  done
+fi
+
+%posttrans
+%selinux_relabel_post -s %{selinuxtype}
+
+%ldconfig_post libs
+%ldconfig_postun libs
+
+%files
+%license LICENSE
+%doc README
+%{_bindir}/swtpm
+%{_mandir}/man8/swtpm.8*
+%{_datadir}/selinux/packages/swtpm.pp
+%{_datadir}/selinux/packages/swtpm_svirt.pp
+
+%files libs
+%license LICENSE
+%doc README
+
+%dir %{_libdir}/%{name}
+%{_libdir}/%{name}/libswtpm_libtpms.so.0
+%{_libdir}/%{name}/libswtpm_libtpms.so.0.0.0
+
+%files devel
+%dir %{_includedir}/%{name}
+%{_includedir}/%{name}/*.h
+%{_mandir}/man3/swtpm_ioctls.3*
+
+%files tools
+%doc README
+%{_bindir}/swtpm_bios
+%if %{with gnutls}
+%{_bindir}/swtpm_cert
+%endif
+%{_bindir}/swtpm_setup
+%{_bindir}/swtpm_setup.sh
+%{_bindir}/swtpm_ioctl
+%{_mandir}/man8/swtpm_bios.8*
+%{_mandir}/man8/swtpm_cert.8*
+%{_mandir}/man8/swtpm_ioctl.8*
+%{_mandir}/man8/swtpm-localca.conf.8*
+%{_mandir}/man8/swtpm-localca.options.8*
+%{_mandir}/man8/swtpm-localca.8*
+%{_mandir}/man8/swtpm_setup.8*
+%{_mandir}/man8/swtpm_setup.conf.8*
+%{_mandir}/man8/swtpm_setup.sh.8*
+%config(noreplace) %{_sysconfdir}/swtpm_setup.conf
+%config(noreplace) %{_sysconfdir}/swtpm-localca.options
+%config(noreplace) %{_sysconfdir}/swtpm-localca.conf
+%dir %{_datadir}/swtpm
+%{_datadir}/swtpm/swtpm-localca
+%attr( 755, tss, tss) %{_localstatedir}/lib/swtpm-localca
+
+%changelog
+* Fri Nov 15 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-5.20191018git8dae4b3
+- follow stable-0.2.0 branch with fix of GnuTLS API call to get subject key ID
+
+* Fri Oct 18 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-4.20191018git9227cf4
+- follow stable-0.2.0 branch with swtpm_cert OID bugfix for TPM 2
+
+* Tue Aug 13 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-3.20190801git13536aa
+- run 'restorecon' on swtpm in post to get SELinux label on first install
+
+* Thu Aug 01 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-2.20190801git13536aa
+- follow stable-0.2.0 branch with some bug fixes
+
+* Tue Jul 23 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-1.20190723gitf0b4137
+- follow stable-0.2.0 branch with some bug fixes
+
+* Tue Jul 16 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.2.0-0.20190716git374b669
+- (tentative) v0.2.0 release of swtpm
+
+* Thu Apr 25 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20190425gitca85606
+- pick up bug fixes
+
+* Mon Feb 04 2019 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20190204git2c25d13
+- v0.1.0 release of swtpm
+
+* Wed Dec 12 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181212git8b9484a
+- Follow improvements in swtpm repo primarily related to fixes for 'ubsan'
+
+* Tue Nov 06 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181106git05d8160
+- Follow improvements in swtpm repo
+- Remove ownership change of swtpm_setup.sh; have root own the file as required
+
+* Wed Oct 31 2018 Stefan Berger <stefanb@linux.ibm.com> - 0.1.0-0.20181031gitc782a85
+- Follow improvements and fixes in swtpm
+
+* Tue Oct 02 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20181002git0143c41
+- Fixes to SELinux policy
+- Improvements on various other parts
+* Tue Sep 25 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20180924gitce13edf
+- Initial Fedora build
+* Mon Sep 17 2018 Stefan Berger <stefanb@linux.vnet.ibm.com> - 0.1.0-0.20180918git67d7ea3
+- Created initial version of rpm spec files
+- Version is now 0.1.0
+- Bugzilla for this spec: https://bugzilla.redhat.com/show_bug.cgi?id=1611829