From 31ec9ba307fe5556b25944f44b99b9fc81a92a13 Mon Sep 17 00:00:00 2001 From: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com> Date: Thu, 9 Apr 2026 04:56:30 +0900 Subject: [PATCH] build(deps): use tpm2-tss version 4.1.3 instead of nightly Signed-off-by: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com> --- .github/actions/install-tpm2-tss/action.yml | 13 +++++++++--- .github/workflows/build.yml | 10 +++------ .github/workflows/lint.yml | 2 ++ .github/workflows/test.yml | 13 ++++-------- README.md | 23 +++++++++++++-------- 5 files changed, 33 insertions(+), 28 deletions(-) diff --git a/.github/actions/install-tpm2-tss/action.yml b/.github/actions/install-tpm2-tss/action.yml index dc05c7e..3f80e76 100644 --- a/.github/actions/install-tpm2-tss/action.yml +++ b/.github/actions/install-tpm2-tss/action.yml @@ -1,4 +1,11 @@ -name: Install tpm2-tss latest +name: Install tpm2-tss +description: "Install tpm2-tss from source" + +inputs: + version: + description: "The version (tag, branch or commit SHA) of tpm2-tss to install" + required: false + default: "4.1.3" runs: using: "composite" @@ -14,9 +21,9 @@ runs: - name: Build and Install tpm2-tss shell: bash run: | - git clone --depth 1 https://github.com/tpm2-software/tpm2-tss + git clone --filter=blob:none https://github.com/tpm2-software/tpm2-tss cd tpm2-tss - git tag "4.1.999" # Fake version + git checkout ${{ inputs.version }} ./bootstrap ./configure --prefix=/usr \ --disable-fapi --disable-weakcrypto --disable-integration diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c9f2985..757229a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,11 +50,7 @@ jobs: toolchain: ${{ matrix.toolchain }} target: ${{ matrix.target }} - uses: ./.github/actions/install-tpm2-tss + with: + version: "30e6057722058cb85c292dcb7b77760ad6410d4e" # version 4.1.3 # - run: sudo apt-get update && sudo apt-get install -y libtss2-dev pkg-config - - name: Build - env: - TSS2_ESYS_STATIC: 1 - TSS2_SYS_STATIC: 1 - TSS2_MU_STATIC: 1 - TSS2_TCTILDR_STATIC: 1 - run: cargo build --workspace --all-targets --all-features --target ${{ matrix.target }} + - run: cargo build --workspace --all-targets --all-features --target ${{ matrix.target }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 02a51b4..1afd96f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -44,5 +44,7 @@ jobs: toolchain: stable components: clippy - uses: ./.github/actions/install-tpm2-tss + with: + version: "30e6057722058cb85c292dcb7b77760ad6410d4e" # version 4.1.3 # - run: sudo apt-get update && sudo apt-get install -y libtss2-dev pkg-config - run: cargo clippy --workspace --all-targets --all-features -- -D warnings diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5788431..f3ed56c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -55,13 +55,8 @@ jobs: toolchain: ${{ matrix.toolchain }} target: ${{ matrix.target }} - uses: ./.github/actions/install-tpm2-tss + with: + version: "30e6057722058cb85c292dcb7b77760ad6410d4e" # version 4.1.3 # - run: sudo apt-get update && sudo apt-get install -y libtss2-dev pkg-config - - name: Install swtpm - run: sudo apt-get install -y swtpm - - name: Run cargo test --all-targets - env: - TSS2_ESYS_STATIC: 1 - TSS2_SYS_STATIC: 1 - TSS2_MU_STATIC: 1 - TSS2_TCTILDR_STATIC: 1 - run: cargo test --all-targets + - run: sudo apt-get update && sudo apt-get install -y swtpm + - run: cargo test --all-targets diff --git a/README.md b/README.md index 0c205d1..c437cc7 100644 --- a/README.md +++ b/README.md @@ -17,18 +17,23 @@ The `rust-tpm2-cli` crate provides a suite of Rust-based command-line tools for ### Install dependencies +- [Rust](https://rust-lang.org/): v1.88.0 or later +- [tpm2-tss](https://github.com/tpm2-software/tpm2-tss): v4.1.3 or later (C library) + +Install the latest Rust toolchain: + ```bash curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh source "$HOME/.cargo/env" ``` -`rust-tpm2-cli` targets the unreleased nightly version [tpm2-tss](https://github.com/tpm2-software/tpm2-tss), which includes significant updates beyond the 4.1.3 release (e.g. Unix domain socket support for the swtpm TCTI). -To build `tpm2-tss` from source: +Install `tpm2-tss` from package manager (may be outdated): + +```bash +sudo apt install -y libtss2-dev pkg-config +``` -> [!WARNING] -> The steps below install a locally-built nightly snapshot under `/usr` with a **fake version tag** (`4.1.999`). -> This may conflict with a distro-packaged `tpm2-tss` or with future upstream releases, as a package manager may refuse to downgrade from the fake version `4.1.999` to an official but lower version number (e.g., v4.1.4). -> Once an official release with these features is available in your distribution's packages, you can simply install `tpm2-tss` by running `sudo apt install -y libtss2-dev`. +If the version of `tpm2-tss` available from the package manager is too old, build `tpm2-tss` from source: ```bash # Install build dependencies @@ -39,9 +44,9 @@ sudo apt install -y \ libjson-c-dev libltdl-dev libssl-dev libusb-1.0-0-dev uthash-dev uuid-dev # Clone latest main and build -git clone --depth 1 https://github.com/tpm2-software/tpm2-tss +git clone --filter=blob:none https://github.com/tpm2-software/tpm2-tss cd tpm2-tss -git tag "4.1.999" # Fake version +git checkout 30e6057722058cb85c292dcb7b77760ad6410d4e # tag: 4.1.3 ./bootstrap ./configure --prefix=/usr \ --disable-fapi --disable-weakcrypto --disable-integration @@ -57,7 +62,7 @@ See also [Installation instructions for tpm2-tss](https://github.com/tpm2-softwa ```bash git clone https://github.com/hyperfinitism/rust-tpm2-cli cd rust-tpm2-cli -TSS2_ESYS_STATIC=1 TSS2_SYS_STATIC=1 TSS2_MU_STATIC=1 TSS2_TCTILDR_STATIC=1 cargo build --release +cargo build --release # => ./target/release/tpm2 ```