]> git.proxmox.com Git - swtpm.git/blob - configure.ac
projects / swtpm.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
build-sys: Add support for --enable-default-pcr-banks=list of PCR banks
[swtpm.git] / configure.ac
1 #
2 # configure.ac
3 #
4 # The Initial Developer of the Original Code is International
5 # Business Machines Corporation. Portions created by IBM
6 # Corporation are Copyright (C) 2014 International Business
7 # Machines Corporation. All Rights Reserved.
8 #
9 # This program is free software; you can redistribute it and/or modify
10 # it under the terms of the Common Public License as published by
11 # IBM Corporation; either version 1 of the License, or (at your option)
12 # any later version.
13 #
14 # This program is distributed in the hope that it will be useful,
15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # Common Public License for more details.
18 #
19 # You should have received a copy of the Common Public License
20 # along with this program; if not, a copy can be viewed at
21 # http://www.opensource.org/licenses/cpl1.0.php.
22 #
23 # This file is derived from tpm-tool's configure.in.
24 #
25
26 AC_INIT([swtpm],[0.7.0])
27 AC_PREREQ([2.69])
28 AC_CONFIG_SRCDIR(Makefile.am)
29 AC_CONFIG_HEADERS([config.h])
30
31 SWTPM_VER_MAJOR=`echo $PACKAGE_VERSION | cut -d "." -f1`
32 SWTPM_VER_MINOR=`echo $PACKAGE_VERSION | cut -d "." -f2`
33 SWTPM_VER_MICRO=`echo $PACKAGE_VERSION | cut -d "." -f3`
34
35 AC_SUBST([SWTPM_VER_MAJOR])
36 AC_SUBST([SWTPM_VER_MINOR])
37 AC_SUBST([SWTPM_VER_MICRO])
38
39 dnl Check for programs
40 AC_PROG_CC
41 AC_PROG_INSTALL
42 AC_PROG_LN_S
43 LT_INIT
44
45 AC_CONFIG_MACRO_DIR([m4])
46 AC_CANONICAL_TARGET
47 AC_CANONICAL_HOST
48 AM_INIT_AUTOMAKE([foreign 1.6])
49 AM_SILENT_RULES([yes])
50
51 DEBUG=""
52 AC_MSG_CHECKING([for debug-enabled build])
53 AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug],[create a debug build]),
54 [if test "$enableval" = "yes"; then
55 DEBUG="yes"
56 AC_MSG_RESULT([yes])
57 else
58 DEBUG="no"
59 AC_MSG_RESULT([no])
60 fi],
61 [DEBUG="no",
62 AC_MSG_RESULT([no])])
63
64 # If the user has not set CFLAGS, do something appropriate
65 test_CFLAGS=${CFLAGS+set}
66 if test "$test_CFLAGS" != set; then
67 if test "$DEBUG" = "yes"; then
68 CFLAGS="-O0 -g -DDEBUG"
69 else
70 CFLAGS="-g -O2"
71 fi
72 elif test "$DEBUG" = "yes"; then
73 CFLAGS="$CFLAGS -O0 -g -DDEBUG"
74 fi
75
76 AC_C_CONST
77 AC_C_INLINE
78
79 AC_TYPE_SIZE_T
80
81 AC_PROG_CC
82 AC_PROG_INSTALL
83 AC_PROG_MKDIR_P
84
85 AC_ARG_WITH([selinux],
86 AS_HELP_STRING([--with-selinux],
87 [add SELinux policy extensions @<:@default=check@:>@]))
88 m4_divert_text([DEFAULTS], [with_selinux=check])
89
90 dnl Check for SELinux policy support
91
92 if test "$with_selinux" != "no"; then
93 if test "$with_selinux" = "check" || test "$with_selinux" = "yes"; then
94 if ! test -f /usr/share/selinux/devel/Makefile; then
95 if test "$with_selinux" = "yes"; then
96 AC_MSG_ERROR("Is selinux-policy-devel installed?")
97 else
98 with_selinux="no"
99 fi
100 fi
101 AC_PATH_PROG([SEMODULE], semodule)
102 if test "x$SEMODULE" = "x"; then
103 if test "$with_selinux" = "yes"; then
104 AC_MSG_ERROR("Is selinux-policy-devel installed?")
105 else
106 with_selinux="no"
107 fi
108 fi
109 if test "$with_selinux" = "check"; then
110 with_selinux="yes"
111 fi
112 fi
113 fi
114 AM_CONDITIONAL([WITH_SELINUX], [test "x$with_selinux" = "xyes"])
115
116 if test "$prefix" = "/usr" && test "$sysconfdir" = '${prefix}/etc'; then
117 sysconfdir="/etc"
118 fi
119 if test "$prefix" = "" && test "$datarootdir" = '${prefix}/share'; then
120 datarootdir="/usr/share"
121 fi
122 if test "$prefix" = "/usr" && test "$localstatedir" = '${prefix}/var'; then
123 localstatedir="/var"
124 fi
125 if test "x$prefix" = "xNONE"; then
126 prefix="/usr/local"
127 fi
128 if test "x$exec_prefix" = "xNONE"; then
129 exec_prefix=$prefix
130 fi
131 SYSCONFDIR=`eval echo $sysconfdir`
132 DATAROOTDIR=`eval echo $datarootdir`
133 LOCALSTATEDIR=`eval echo $localstatedir`
134 BINDIR=`eval echo $bindir`
135 AC_SUBST([SYSCONFDIR])
136 AC_SUBST([DATAROOTDIR])
137 AC_SUBST([LOCALSTATEDIR])
138 AC_SUBST([BINDIR])
139
140 cryptolib=openssl
141
142 AC_ARG_WITH([openssl],
143 [AS_HELP_STRING([--with-openssl],
144 [build with openssl library])],
145 [],
146 [])
147
148 case "$cryptolib" in
149 openssl)
150 AC_CHECK_LIB(crypto,
151 [AES_set_encrypt_key],
152 [true],
153 AC_MSG_ERROR(Faulty openssl crypto library))
154 AC_CHECK_HEADERS([openssl/aes.h],[],
155 AC_MSG_ERROR(Is openssl-devel/libssl-dev installed?))
156 AC_MSG_RESULT([Building with openssl crypto library])
157 LIBCRYPTO_LIBS=$(pkg-config --libs libcrypto)
158 AC_SUBST([LIBCRYPTO_LIBS])
159 ;;
160 esac
161
162 LIBTASN1_LIBS=$(pkg-config --libs libtasn1)
163 if test $? -ne 0; then
164 AC_MSG_ERROR("Is libtasn1-devel installed? -- could not get libs for libtasn1")
165 fi
166 AC_SUBST([LIBTASN1_LIBS])
167
168 PKG_CHECK_MODULES(
169 [LIBTPMS],
170 [libtpms],
171 ,
172 AC_MSG_ERROR("no libtpms.pc found; please set PKG_CONFIG_PATH to the directory where libtpms.pc is located")
173 )
174 LDFLAGS="$LDFLAGS $LIBTPMS_LIBS"
175 CFLAGS="$CFLAGS $LIBTPMS_CFLAGS"
176 AC_CHECK_LIB(tpms,
177 TPMLIB_ChooseTPMVersion,[true],
178 AC_MSG_ERROR("libtpms 0.6 or later is required")
179 )
180 AC_SUBST([LIBTPMS_LIBS])
181
182 AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt")
183 AC_SUBST([LIBRT_LIBS])
184
185 AC_PATH_PROG([TCSD], tcsd)
186 if test "x$TCSD" = "x"; then
187 have_tcsd=no
188 AC_MSG_WARN([tcsd could not be found; typically need it for tss user account and tests])
189 else
190 have_tcsd=yes
191 fi
192 AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no")
193
194 dnl We either need netstat (more common across systems) or 'ss' for test cases
195 AC_PATH_PROG([NETSTAT], [netstat])
196 if test "x$NETSTAT" = "x"; then
197 AC_PATH_PROG([SS], [ss])
198 if test "x$SS" = "x"; then
199 AC_MSG_ERROR(['netstat' and 'ss' tools are missing for tests: net-tools OR iproute/iproute2 package])
200 fi
201 fi
202
203 AC_MSG_CHECKING([for whether to build with CUSE interface])
204 AC_ARG_WITH([cuse],
205 AS_HELP_STRING([--with-cuse],[build with CUSE interface]),
206 [],
207 [with_cuse=check]
208 )
209
210 if test "$with_cuse" != "no"; then
211 LIBFUSE_CFLAGS=$(pkg-config fuse --cflags 2>/dev/null)
212 if test $? -ne 0; then
213 if test "$with_cuse" = "yes"; then
214 AC_MSG_ERROR("Is fuse-devel installed? -- could not get cflags for libfuse")
215 else
216 with_cuse=no
217 fi
218 else
219 with_cuse=yes
220 fi
221 fi
222
223 JSON_GLIB_CFLAGS=$(pkg-config --cflags json-glib-1.0)
224 if test $? -ne 0; then
225 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get cflags")
226 fi
227 AC_SUBST([JSON_GLIB_CFLAGS])
228
229 JSON_GLIB_LIBS=$(pkg-config --libs json-glib-1.0)
230 if test $? -ne 0; then
231 AC_MSG_ERROR("Is libjson-glib-dev/json-glib-devel installed? -- could not get libs")
232 fi
233 AC_SUBST([JSON_GLIB_LIBS])
234
235 GLIB_CFLAGS=$(pkg-config --cflags glib-2.0)
236 if test $? -ne 0; then
237 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get cflags")
238 fi
239 AC_SUBST([GLIB_CFLAGS])
240
241 GLIB_LIBS=$(pkg-config --libs glib-2.0)
242 if test $? -ne 0; then
243 AC_MSG_ERROR("Is libglib-2.0-dev/glib2-devel installed? -- could not get libs")
244 fi
245 AC_SUBST([GLIB_LIBS])
246
247 dnl with_cuse is now yes or no
248 if test "$with_cuse" != "no"; then
249 LIBFUSE_LIBS=$(pkg-config fuse --libs)
250 if test $? -ne 0; then
251 AC_MSG_ERROR("Is fuse-devel installed? -- could not get libs for libfuse")
252 fi
253 AC_SUBST([LIBFUSE_CFLAGS])
254 AC_SUBST([LIBFUSE_LIBS])
255 AC_DEFINE_UNQUOTED([WITH_CUSE], 1,
256 [whether to build with CUSE interface])
257
258 GTHREAD_LIBS=$(pkg-config --libs gthread-2.0)
259 if test $? -ne 0; then
260 AC_MSG_ERROR("Is glib-2.0 installed? -- could not get libs for gthread-2.0")
261 fi
262 AC_SUBST([GTHREAD_LIBS])
263 fi
264 AM_CONDITIONAL([WITH_CUSE],[test "$with_cuse" = "yes"])
265 AC_MSG_RESULT($with_cuse)
266
267 AC_MSG_CHECKING([for whether to build with chardev interface])
268 case $host_os in
269 linux-*)
270 with_chardev=yes
271 AC_DEFINE_UNQUOTED([WITH_CHARDEV], 1,
272 [whether to build with chardev interface])
273 ;;
274 *)
275 with_chardev=no
276 esac
277 AM_CONDITIONAL([WITH_CHARDEV],[test "$with_chardev" = "yes"])
278 AC_MSG_RESULT($with_cuse)
279
280 AC_ARG_WITH([gnutls],
281 AS_HELP_STRING([--with-gnutls],[build with gnutls library]),
282 [],
283 [with_gnutls=check]
284 )
285
286 if test "x$with_gnutls" != "xno"; then
287 GNUTLS_LDFLAGS=$(pkg-config --libs gnutls)
288 if test $? -ne 0; then
289 if test "x$with_gnutls" = "xyes"; then
290 AC_MSG_ERROR("Is gnutls installed? -- could not get libs for gnutls")
291 else
292 with_gnutls=no
293 fi
294 fi
295 fi
296
297 if test "x$with_gnutls" != "xno"; then
298 AC_PATH_PROG([GNUTLS_CERTTOOL], certtool)
299 if test "x$GNUTLS_CERTTOOL" = "x"; then
300 if test "x$with_gnutls" = "xyes"; then
301 AC_MSG_ERROR("Could not find certtool. Is gnutls-utils/gnutls-bin installed?")
302 else
303 with_gnutls=no
304 fi
305 fi
306 dnl certtool changed how it takes private key passwords
307 dnl 3.3.29 is too old (RHEL 7); we need at least gnutls 3.4.0
308 AC_MSG_CHECKING([for gnutls 3.4.0 or later])
309 $(pkg-config gnutls --atleast-version=3.4.0)
310 if test $? -ne 0; then
311 AC_MSG_ERROR([gnutls 3.4.0 is required])
312 fi
313 AC_MSG_RESULT([yes])
314 fi
315
316 if test "x$with_gnutls" != "xno"; then
317 ORIG_CFLAGS="$CFLAGS"
318 GNUTLS_CFLAGS=$(pkg-config gnutls --cflags)
319 CFLAGS="$CFLAGS $GNUTLS_CFLAGS $GNUTLS_LDFLAGS"
320 AC_CHECK_LIB([gnutls], [gnutls_load_file], [
321 GNUTLS_LIBS=-lgnutls
322 ],
323 [if test "x$with_gnutls" = "xyes"; then
324 AC_MSG_ERROR([GNUTLS >= 3.1.0 library not found: libgnutls.so])
325 else
326 with_gnutls="no"
327 fi])
328 CFLAGS="$ORIG_CFLAGS"
329 fi
330
331 if test "x$with_gnutls" != "xno"; then
332 ORIG_CFLAGS="$CFLAGS"
333 CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
334 AC_CHECK_HEADER(gnutls/abstract.h, [], \
335 [if test "x$with_gnutls" = "xyes"; then
336 AC_MSG_ERROR([GNUTLS >= 3.1.0 library header not found: gnutls/abstract.h])
337 else
338 with_gnutls="no"
339 fi])
340 CFLAGS="$ORIG_CFLAGS"
341 fi
342
343 if test "x$with_gnutls" != "xno"; then
344 with_gnutls="yes"
345 fi
346 AM_CONDITIONAL([WITH_GNUTLS], [test "x$with_gnutls" = "xyes"])
347 AC_SUBST([GNUTLS_LIBS])
348
349 DEFAULT_PCR_BANKS="sha256"
350 AC_ARG_ENABLE([default-pcr-banks],
351 AS_HELP_STRING(
352 [--enable-default-pcr-banks=list of PCR banks],
353 [Have swtpm_setup activate the given PCR banks by default;
354 default is sha256]
355 ),
356 [],
357 []
358 )
359
360 if test "x$enable_default_pcr_banks" != "x"; then
361 DEFAULT_PCR_BANKS="$enable_default_pcr_banks"
362 fi
363 AC_MSG_CHECKING([which PCR banks to activate by default])
364 if $srcdir/scripts/test_pcr_bank_list $DEFAULT_PCR_BANKS; then
365 AC_MSG_RESULT([$DEFAULT_PCR_BANKS])
366 else
367 AC_MSG_ERROR([$DEFAULT_PCR_BANKS is an invalid list of PCR banks])
368 fi
369 AC_SUBST([DEFAULT_PCR_BANKS])
370
371 AC_PATH_PROG([EXPECT], expect)
372 if test "x$EXPECT" = "x"; then
373 AC_MSG_ERROR([expect is required: expect package])
374 fi
375
376 AC_PATH_PROG([GAWK], gawk)
377 if test "x$GAWK" = "x"; then
378 AC_MSG_ERROR([gawk is required: gawk package])
379 fi
380
381 AC_PATH_PROG([SOCAT], socat)
382 if test "x$SOCAT" = "x"; then
383 AC_MSG_ERROR([socat is required: socat package])
384 fi
385
386 AC_PATH_PROG([BASE64], base64)
387 if test "x$BASE64" = "x"; then
388 AC_MSG_ERROR([base64 is required: base64 package])
389 fi
390
391 AC_PATH_PROG([CP], cp)
392 if test "x$CP" = "x"; then
393 AC_MSG_ERROR([cp is required])
394 fi
395
396 AM_PATH_PYTHON([3.3])
397
398 AC_ARG_ENABLE([hardening],
399 AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
400
401 if test "x$enable_hardening" != "xno"; then
402 TMP="$($CC -fstack-protector-strong $srcdir/include/swtpm/tpm_ioctl.h 2>&1)"
403 if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then
404 HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
405 else
406 HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector"
407 fi
408
409 dnl Must not have -O0 but must have a -O for -D_FORTIFY_SOURCE=2
410 TMP1="$(echo $CFLAGS | sed -n 's/.*\(-O0\).*/\1/p')"
411 TMP2="$(echo $CFLAGS | sed -n 's/.*\(-O\).*/\1/p')"
412 if test -z "$TMP1" && test -n "$TMP2"; then
413 HARDENING_CFLAGS="$HARDENING_CFLAGS -D_FORTIFY_SOURCE=2"
414 fi
415 dnl Check linker for 'relro' and 'now'
416 save_CFLAGS="$CFLAGS"
417 CFLAGS="-Wl,-z,relro -Werror"
418 AC_MSG_CHECKING([whether linker supports -Wl,-z,relro])
419 AC_LINK_IFELSE(
420 [AC_LANG_SOURCE([[int main() { return 0; }]])],
421 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,relro"
422 AC_MSG_RESULT(yes)],
423 [AC_MSG_RESULT(no)]
424 )
425 CFLAGS="-Wl,-z,now -Werror"
426 AC_MSG_CHECKING([whether linker supports -Wl,-z,now])
427 AC_LINK_IFELSE(
428 [AC_LANG_SOURCE([[int main() { return 0; }]])],
429 [HARDENING_LDFLAGS="$HARDENING_LDFLAGS -Wl,-z,now"
430 AC_MSG_RESULT(yes)],
431 [AC_MSG_RESULT(no)]
432 )
433 CFLAGS="$save_CFLAGS"
434 AC_SUBST([HARDENING_CFLAGS])
435 AC_SUBST([HARDENING_LDFLAGS])
436 fi
437
438 AC_ARG_ENABLE([test-coverage],
439 AS_HELP_STRING([--enable-test-coverage], [Enable test coverage flags]))
440
441 if test "x$enable_test_coverage" = "xyes"; then
442 COVERAGE_CFLAGS="-fprofile-arcs -ftest-coverage"
443 COVERAGE_LDFLAGS="-fprofile-arcs"
444 fi
445
446 AC_ARG_ENABLE([sanitizers],
447 AS_HELP_STRING([--enable-sanitizers], [Enable address/undefined sanitizers]))
448
449 if test "x$enable_sanitizers" = "xyes"; then
450 save_CFLAGS="$CFLAGS"
451 CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
452 AC_MSG_CHECKING([whether linker supports sanitizer])
453 AC_LINK_IFELSE(
454 [AC_LANG_SOURCE([[int main() { return 0; }]])],
455 [SANITIZER_CFLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
456 SANITIZER_LDFLAGS="-fsanitize=address,undefined"
457 AC_MSG_RESULT(yes)],
458 [AC_MSG_RESULT(no)]
459 )
460 CFLAGS="$save_CFLAGS"
461 fi
462
463 AC_ARG_WITH([tss-user],
464 AS_HELP_STRING([--with-tss-user=TSS_USER],[The tss user to use]),
465 [TSS_USER="$withval"],
466 [TSS_USER="tss"]
467 )
468
469 AC_ARG_WITH([tss-group],
470 AS_HELP_STRING([--with-tss-group=TSS_GROUP],[The tss group to use]),
471 [TSS_GROUP="$withval"],
472 [TSS_GROUP="tss"]
473 )
474
475 case $have_tcsd in
476 yes)
477 AC_MSG_CHECKING([whether TSS_USER $TSS_USER is available])
478 if ! test $(id -u $TSS_USER); then
479 AC_MSG_ERROR(["$TSS_USER is not available"])
480 else
481 AC_MSG_RESULT([yes])
482 fi
483 AC_MSG_CHECKING([whether TSS_GROUP $TSS_GROUP is available])
484 if ! test $(id -g $TSS_GROUP); then
485 AC_MSG_ERROR(["$TSS_GROUP is not available"])
486 else
487 AC_MSG_RESULT([yes])
488 fi
489 ;;
490 esac
491
492 AC_SUBST([TSS_USER])
493 AC_SUBST([TSS_GROUP])
494
495 CFLAGS="$CFLAGS -Wreturn-type -Wsign-compare -Wswitch-enum"
496 CFLAGS="$CFLAGS -Wmissing-prototypes -Wall -Werror"
497 CFLAGS="$CFLAGS -Wformat -Wformat-security"
498 CFLAGS="$CFLAGS $GNUTLS_CFLAGS $COVERAGE_CFLAGS $SANITIZER_CFLAGS"
499
500 LDFLAGS="$LDFLAGS $COVERAGE_LDFLAGS $SANITIZER_LDFLAGS"
501
502 dnl Simulate the following for systems with pkg-config < 0.28:
503 dnl PKG_CHECK_VAR([libtpms_cryptolib], [libtpms], [cryptolib],
504 dnl [], AC_MSG_ERROR([Could not determine libtpms crypto library.]))
505 PKG_PROG_PKG_CONFIG
506
507 AC_MSG_CHECKING([Checking the crypto library libtpms is linked to])
508 libtpms_cryptolib=`$PKG_CONFIG --variable cryptolib libtpms`
509 if test "x$libtpms_cryptolib" = "x"; then
510 AC_MSG_WARN([Could not determine the crypto library libtpms is using, assuming ${cryptolib}])
511 libtpms_cryptolib=${cryptolib}
512 fi
513 AC_MSG_RESULT($libtpms_cryptolib)
514
515 if test "$libtpms_cryptolib" != "$cryptolib"; then
516 echo "libtpms is using $libtpms_cryptolib; we have to use the same"
517 if test "$cryptolib" = "openssl"; then
518 AC_MSG_ERROR([do not use --with-openssl])
519 else
520 AC_MSG_ERROR([use --with-openssl])
521 fi
522 fi
523
524 with_vtpm_proxy=no
525 case $host_os in
526 linux-*)
527 with_vtpm_proxy=yes
528 AC_DEFINE_UNQUOTED([WITH_VTPM_PROXY], 1,
529 [whether to build in vTPM proxy support (Linux only)])
530 esac
531
532 case $host_os in
533 cygwin)
534 CFLAGS="$CFLAGS -D__USE_LINUX_IOCTL_DEFS"
535 esac
536
537 dnl Seccomp profile using -lseccomp (Linux only)
538 case $host_os in
539 linux-*)
540 with_seccomp_default=yes
541 ;;
542 *)
543 with_seccomp_default=no
544 ;;
545 esac
546
547 AC_MSG_CHECKING([for whether to build with seccomp profile])
548 AC_ARG_WITH([seccomp],
549 AS_HELP_STRING([--with-seccomp],[build with seccomp profile]),
550 AC_MSG_RESULT([$with_seccomp]),
551 [with_seccomp=$with_seccomp_default]
552 AC_MSG_RESULT([$with_seccomp])
553 )
554
555 if test "$with_seccomp" != "no"; then
556 LIBSECCOMP_CFLAGS=$(pkg-config libseccomp --cflags 2>/dev/null)
557 if test $? -ne 0; then
558 AC_MSG_ERROR("Is libseccomp-devel installed? -- could not get cflags for libseccomp")
559 else
560 with_libseccomp=yes
561 fi
562 LIBSECCOMP_LIBS=$(pkg-config --libs libseccomp)
563 AC_SUBST([LIBSECCOMP_LIBS])
564 AC_SUBST([LIBSECCOMP_CFLAGS])
565 AC_DEFINE_UNQUOTED([WITH_SECCOMP], 1,
566 [whether to build in seccomp profile (Linux only)])
567 fi
568
569 MY_CFLAGS="$CFLAGS"
570 MY_LDFLAGS="$LDFLAGS"
571 AC_SUBST([MY_CFLAGS])
572 AC_SUBST([MY_LDFLAGS])
573
574 AC_CONFIG_FILES([Makefile \
575 debian/swtpm-tools.postinst \
576 swtpm.spec \
577 samples/Makefile \
578 samples/swtpm-localca.conf \
579 samples/swtpm-create-user-config-files \
580 samples/swtpm_setup.conf \
581 scripts/Makefile \
582 include/Makefile \
583 include/swtpm/Makefile \
584 include/swtpm.h \
585 src/Makefile \
586 src/selinux/Makefile \
587 src/swtpm/Makefile \
588 src/swtpm_bios/Makefile \
589 src/swtpm_cert/Makefile \
590 src/swtpm_ioctl/Makefile \
591 src/swtpm_localca/Makefile \
592 src/swtpm_localca/swtpm_localca_conf.h \
593 src/swtpm_setup/Makefile \
594 src/swtpm_setup/swtpm_setup_conf.h \
595 src/utils/Makefile \
596 man/Makefile \
597 man/man3/Makefile \
598 man/man8/Makefile \
599 tests/Makefile \
600 tests/test_config \
601 ])
602 AC_CONFIG_FILES([samples/swtpm-localca],
603 [chmod 755 samples/swtpm-localca])
604 AC_OUTPUT
605
606 echo
607 printf "with_gnutls : %5s (no = swtpm_cert will NOT be built)\n" $with_gnutls
608 printf "with_selinux : %5s (no = SELinux policy extensions will NOT be built)\n" $with_selinux
609 printf "with_cuse : %5s (no = no CUSE interface)\n" $with_cuse
610 printf "with_chardev : %5s (no = no chardev interface)\n" $with_chardev
611 printf "with_vtpm_proxy : %5s (no = no vtpm proxy support; Linux only)\n" $with_vtpm_proxy
612 printf "with_seccomp : %5s (no = no seccomp profile; Linux only)\n" $with_seccomp
613 printf "\n"
614 printf "active PCR banks : %s\n" $DEFAULT_PCR_BANKS
615 echo
616 echo "Version to build : $PACKAGE_VERSION"
617 echo "Crypto library : $cryptolib"
618 echo
619 echo " MY_CFLAGS = $MY_CFLAGS"
620 echo " HARDENING_CFLAGS = $HARDENING_CFLAGS"
621 echo "HARDENING_LDFLAGS = $HARDENING_LDFLAGS"
622 echo " MY_LDFLAGS = $MY_LDFLAGS"
623 echo " LIBSECCOMP_LIBS = $LIBSECCOMP_LIBS"
624 echo " JSON_GLIB_CFLAGS = $JSON_GLIB_CFLAGS"
625 echo " JSON_GLIB_LIBS = $JSON_GLIB_LIBS"
626 echo " GLIB_CFLAGS = $GLIB_CFLAGS"
627 echo " GLIB_LIBS = $GLIB_LIBS"
628 echo
629 echo "TSS_USER=$TSS_USER"
630 echo "TSS_GROUP=$TSS_GROUP"
631 echo
Software TPM used for PVE's Virtual Machines