From 6158601587bb07770a71d483c046776a01e27205 Mon Sep 17 00:00:00 2001 From: pyllyukko Date: Mon, 5 Feb 2018 21:22:48 +0000 Subject: system/chipsec: Added (Platform Security Assessment Framework). Signed-off-by: David Spencer --- system/chipsec/README | 4 ++ system/chipsec/chipsec.SlackBuild | 107 ++++++++++++++++++++++++++++++++++++++ system/chipsec/chipsec.info | 10 ++++ system/chipsec/slack-desc | 19 +++++++ 4 files changed, 140 insertions(+) create mode 100644 system/chipsec/README create mode 100644 system/chipsec/chipsec.SlackBuild create mode 100644 system/chipsec/chipsec.info create mode 100644 system/chipsec/slack-desc (limited to 'system/chipsec') diff --git a/system/chipsec/README b/system/chipsec/README new file mode 100644 index 0000000000..ab63a2e6af --- /dev/null +++ b/system/chipsec/README @@ -0,0 +1,4 @@ +CHIPSEC is a framework for analyzing the security of PC platforms +including hardware, system firmware (BIOS/UEFI), and platform +components. It includes a security test suite, tools for accessing +various low level interfaces, and forensic capabilities. diff --git a/system/chipsec/chipsec.SlackBuild b/system/chipsec/chipsec.SlackBuild new file mode 100644 index 0000000000..2e1ed5ece9 --- /dev/null +++ b/system/chipsec/chipsec.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Slackware build script for chipsec + +# Copyright 2018 pyllyukko +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=chipsec +VERSION=${VERSION:-1.3.5} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +set -e + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +python setup.py install --root=$PKG + +# Sign the kernel module (if available) +if [ -f /proc/config.gz ] +then + eval $(zgrep "^CONFIG_MODULE_SIG_HASH=" /proc/config.gz) + KERNSRC=${KERNSRC:-/lib/modules/$(uname -r)/source} + if [ -n "${CONFIG_MODULE_SIG_HASH}" ] && \ + [ -f $KERNSRC/certs/signing_key.pem ] && \ + [ -f $KERNSRC/certs/signing_key.x509 ] && \ + [ -x $KERNSRC/scripts/sign-file ] + then + $KERNSRC/scripts/sign-file \ + ${CONFIG_MODULE_SIG_HASH} \ + $KERNSRC/certs/signing_key.pem \ + $KERNSRC/certs/signing_key.x509 \ + ${PKG}/usr/lib${LIBDIRSUFFIX}/python2.7/site-packages/chipsec/helper/linux/chipsec.ko + fi +fi + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a \ + AUTHORS COPYING LICENSE README README.md \ + $PKG/usr/doc/$PRGNAM-$VERSION +mv -v ${PKG}/usr/share/doc/chipsec/chipsec-manual.pdf $PKG/usr/doc/$PRGNAM-$VERSION +rmdir ${PKG}/usr/share/doc/chipsec ${PKG}/usr/share/doc ${PKG}/usr/share +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/system/chipsec/chipsec.info b/system/chipsec/chipsec.info new file mode 100644 index 0000000000..2e259b4e92 --- /dev/null +++ b/system/chipsec/chipsec.info @@ -0,0 +1,10 @@ +PRGNAM="chipsec" +VERSION="1.3.5" +HOMEPAGE="https://github.com/chipsec/chipsec" +DOWNLOAD="https://github.com/chipsec/chipsec/archive/v1.3.5/chipsec-1.3.5.tar.gz" +MD5SUM="2d1f8d1a6ae76e77b34736761b33e3fc" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="" +MAINTAINER="pyllyukko" +EMAIL="pyllyukko AT maimed dot org" diff --git a/system/chipsec/slack-desc b/system/chipsec/slack-desc new file mode 100644 index 0000000000..5ab9f19bc9 --- /dev/null +++ b/system/chipsec/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +chipsec: chipsec (Platform Security Assessment Framework) +chipsec: +chipsec: CHIPSEC is a framework for analyzing the security of PC platforms +chipsec: including hardware, system firmware (BIOS/UEFI), and platform +chipsec: components. It includes a security test suite, tools for accessing +chipsec: various low level interfaces, and forensic capabilities. +chipsec: +chipsec: +chipsec: +chipsec: Homepage: https://github.com/chipsec/chipsec +chipsec: -- cgit v1.2.3