ubuntu24.04 initial commit.

.github/workflows/main.yml

@@ -12,13 +12,11 @@ jobs:
       fail-fast: false
       matrix:
         distro: [
-          "fedora-32", "fedora-32-ossl3", "fedora-34", "fedora-34-libressl",
+          "fedora-32", "fedora-34",
           "opensuse-leap-15.2", "opensuse-leap", "opensuse-leap-ossl3",
-          "ubuntu-18.04", "ubuntu-20.04",
-          "ubuntu-20.04.arm32v7", "ubuntu-20.04.arm64v8",
           "fedora-32.ppc64le",
           "alpine-3.15",
-          "ubuntu-20.04-ossl3", "ubuntu-22.04", "ubuntu-22.04-mbedtls-3.1"
+          "ubuntu-22.04", "ubuntu-22.04-mbedtls-3.1", "ubuntu-24.04"
         ]
     steps:
       -

.github/workflows/publish.yml

@@ -13,13 +13,11 @@ jobs:
       fail-fast: false
       matrix:
         distro: [
-          "fedora-32", "fedora-32-ossl3", "fedora-34", "fedora-34-libressl",
+          "fedora-32", "fedora-34",
           "opensuse-leap-15.2", "opensuse-leap", "opensuse-leap-ossl3",
-          "ubuntu-18.04", "ubuntu-20.04",
-          "ubuntu-20.04.arm32v7", "ubuntu-20.04.arm64v8",
           "fedora-32.ppc64le",
           "alpine-3.15",
-          "ubuntu-20.04-ossl3", "ubuntu-22.04", "ubuntu-22.04-mbedtls-3.1"
+          "ubuntu-22.04", "ubuntu-22.04-mbedtls-3.1", "ubuntu-24.04"
         ]
     if: "github.repository_owner == 'tpm2-software'"
     steps:

fedora-32.docker.m4

@@ -62,7 +62,8 @@ RUN dnf -y install \
     acl \
     json-glib-devel \
     libusb-devel \
-    libftdi-devel
+    libftdi-devel \
+    gmp-devel
 
 include(`pip3.m4')
 include(`autoconf.m4')

fedora-32.ppc64le.docker.m4

@@ -63,7 +63,8 @@ RUN dnf -y install \
     acl \
     json-glib-devel \
     libusb-devel \
-    libftdi-devel
+    libftdi-devel \
+    gmp-devel
 
 # The last python cryptography version that allows no rust
 # per https://github.com/pyca/cryptography/blob/75be92de8e3bce9adcec42ef3967bed0d4500902/CHANGELOG.rst#3500---2021-09-29

modules/ibmtpm1682.m4

@@ -0,0 +1,13 @@
+ARG ibmtpm_name=ibmtpm1682
+RUN cd /tmp \
+	&& wget $WGET_EXTRA_FLAGS -L "https://downloads.sourceforge.net/project/ibmswtpm2/$ibmtpm_name.tar.gz" \
+	&& sha1sum $ibmtpm_name.tar.gz | grep ^651800d0b87cfad55b004fbdace4e41dce800a61 \
+	&& mkdir -p $ibmtpm_name \
+	&& tar xv --no-same-owner -f $ibmtpm_name.tar.gz -C $ibmtpm_name \
+	&& rm $ibmtpm_name.tar.gz \
+	&& cd $ibmtpm_name/src \
+	&& sed -i 's/0x300000ff/0x310000ff/' TpmToOsslMath.h \
+	&& sed -i 's/-DTPM_NUVOTON/-DTPM_NUVOTON $(CFLAGS)/' makefile \
+	&& CFLAGS="-DNV_MEMORY_SIZE=32768 -DMIN_EVICT_OBJECTS=7" make -j$(nproc) \
+	&& cp tpm_server /usr/local/bin \
+	&& rm -fr /tmp/$ibmtpm_name

modules/pip3-withoutupgrade.m4

@@ -0,0 +1,10 @@
+#
+# upgrade pip first so packages are not reinstalled using a version other than what may have been specified
+#
+ENV PIP_BREAK_SYSTEM_PACKAGES=1
+# install everything in one shot so we don't get a newer version of a package we specified. Ie if a module has dep on cryptogtraphy
+# and we install it in different phases pip will upgrade cryptography
+RUN pkgs="cryptography==$PYCRYPTO_VERSION pyyaml cpp-coveralls pyasn1 pyasn1_modules python-pkcs11 \
+          bcrypt==$PYBCRYPT_VERSION setuptools"; \
+    pkgs=$(echo "$pkgs" | sed -E 's/==\s+/ /g'); \
+    python3 -m pip install $pkgs --break-system-packages

modules/pip3.m4

@@ -4,7 +4,9 @@
 RUN python3 -m pip install --upgrade pip
 # install everything in one shot so we don't get a newer version of a package we specified. Ie if a module has dep on cryptogtraphy
 # and we install it in different phases pip will upgrade cryptography
-RUN pkgs="cryptography==$PYCRYPTO_VERSION pyyaml cpp-coveralls pyasn1 pyasn1_modules python-pkcs11 \
-          bcrypt==$PYBCRYPT_VERSION setuptools"; \
+RUN pkgs="cryptography==$PYCRYPTO_VERSION pyyaml cpp-coveralls pyasn1 pyasn1_modules \
+          bcrypt==$PYBCRYPT_VERSION setuptools==62.0.0"; \
+    echo $pkgs; \
     pkgs=$(echo "$pkgs" | sed -E 's/==\s+/ /g'); \
-    python3 -m pip install $pkgs
+    python3 -m pip install $pkgs; \
+    python3 -m pip install python-pkcs11

opensuse-leap-15.2.docker.m4

@@ -55,7 +55,8 @@ RUN zypper -n in \
     python \
     python-pip \
     libusb-devel \
-    libftdi1-devel
+    libftdi1-devel \
+    gmp-devel
 
 include(`autoconf.m4')
 include(`python3.7.2.m4')

opensuse-leap.docker.m4

@@ -55,7 +55,8 @@ RUN zypper -n in \
     libftdi1-devel \
     libnettle-devel \
     p11-kit-devel \
-    openssh-common
+    openssh-common \
+    gmp-devel
 
 include(`autoconf.m4')
 include(`python3.7.2.m4')
@@ -74,7 +75,7 @@ RUN stat /usr/share/aclocal-1.15/python.m4
 RUN patch -d / -p1 < /tmp/python.patch
 RUN rm /tmp/python.patch
 
-include(`ibmtpm1637.m4')
+include(`ibmtpm1682.m4')
 
 ENV LIBTPMS_AUTOGEN_EXTRA="--libdir=/usr/lib64"
 ENV SWTPM_MAKE_EXTRA="CFLAGS=\"-I/usr/include/libseccomp/\""

ubuntu-22.04-mbedtls-3.1.docker.m4

@@ -56,7 +56,8 @@ RUN apt-get update && \
     acl \
     libjson-glib-dev \
     libusb-1.0-0-dev \
-    libftdi-dev
+    libftdi-dev \
+    libgmp-dev
 
 include(`pip3.m4')
 

ubuntu-24.04.docker.m4

@@ -0,0 +1,83 @@
+FROM ubuntu:noble
+
+LABEL org.opencontainers.image.source https://github.com/tpm2-software/tpm2-software-container
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV PIP_REQUIRE_VIRTUALENV=0
+ENV PIP_BREAK_SYSTEM_PACKAGES=1
+RUN apt-get update && \
+    apt-get install -y \
+    autoconf-archive \
+    curl \
+    libcmocka0 \
+    libcmocka-dev \
+    net-tools \
+    build-essential \
+    git \
+    pkg-config \
+    gcc \
+    g++ \
+    m4 \
+    libtool \
+    automake \
+    libgcrypt20-dev \
+    libssl-dev \
+    autoconf \
+    gnulib \
+    wget \
+    doxygen \
+    libdbus-1-dev \
+    libglib2.0-dev \
+    clang \
+    clang-tools \
+    pandoc \
+    lcov \
+    libcurl4-openssl-dev \
+    dbus-x11 \
+    vim-common \
+    libsqlite3-dev \
+    iproute2 \
+    libtasn1-6-dev \
+    socat \
+    libseccomp-dev \
+    expect \
+    gawk \
+    libjson-c-dev \
+    libengine-pkcs11-openssl \
+    default-jre \
+    default-jdk \
+    sqlite3 \
+    libnss3-tools \
+    python3 \
+    python3-pip \
+    libyaml-dev \
+    libmbedtls-dev \
+    uuid-dev \
+    opensc \
+    gnutls-bin \
+    rustc \
+    acl \
+    libjson-glib-dev \
+    libusb-1.0-0-dev \
+    libftdi-dev \
+    uthash-dev
+
+include(`pip3-withoutupgrade.m4')
+
+ARG ibmtpm_name=ibmtpm1682
+RUN cd /tmp \
+        && wget $WGET_EXTRA_FLAGS -L "https://downloads.sourceforge.net/project/ibmswtpm2/$ibmtpm_name.tar.gz" \
+        && sha256sum $ibmtpm_name.tar.gz | grep ^3cb642f871a17b23d50b046e5f95f449c2287415fc1e7aeb4bdbb8920dbcb38f \
+        && mkdir -p $ibmtpm_name \
+        && tar xv --no-same-owner -f $ibmtpm_name.tar.gz -C $ibmtpm_name \
+        && rm $ibmtpm_name.tar.gz \
+        && cd $ibmtpm_name/src \
+        && sed -i 's/-DTPM_NUVOTON/-DTPM_NUVOTON $(CFLAGS)/' makefile \
+        && CFLAGS="-DNV_MEMORY_SIZE=32768 -DMIN_EVICT_OBJECTS=7" make -j$(nproc) \
+        && cp tpm_server /usr/local/bin \
+        && rm -fr /tmp/$ibmtpm_name
+
+include(`autoconf.m4')
+include(`junit.m4')
+
+WORKDIR /