From 9031e4087c0855e4b33891926de865a38cbeb050 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Tue, 28 Feb 2023 10:49:12 -0600
Subject: [PATCH] ubuntu-22.04: replace swtpm with tpm_server

In multi-stage encrypt/decrypt, like pkcs11-crypt tests, the CI was
failing. I was able to debug this and swtpm and the current time is
failing as the last block coming back of plaintext is wrong. My guess is
some bug between it and this version of openssl 3.0. To save time, the
simple fix is to just use tpm_server, so do that, but don't add it do
modules as we don't want to re-trigger building of all images.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
 ubuntu-22.04.docker.m4 | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/ubuntu-22.04.docker.m4 b/ubuntu-22.04.docker.m4
index 7c03b62..9dfa98e 100644
--- a/ubuntu-22.04.docker.m4
+++ b/ubuntu-22.04.docker.m4
@@ -62,8 +62,20 @@ RUN apt-get update && \
 
 include(`pip3.m4')
 
+ARG ibmtpm_name=ibmtpm1682
+RUN cd /tmp \
+        && wget $WGET_EXTRA_FLAGS -L "https://downloads.sourceforge.net/project/ibmswtpm2/$ibmtpm_name.tar.gz" \
+        && sha256sum $ibmtpm_name.tar.gz | grep ^3cb642f871a17b23d50b046e5f95f449c2287415fc1e7aeb4bdbb8920dbcb38f \
+        && mkdir -p $ibmtpm_name \
+        && tar xv --no-same-owner -f $ibmtpm_name.tar.gz -C $ibmtpm_name \
+        && rm $ibmtpm_name.tar.gz \
+        && cd $ibmtpm_name/src \
+        && sed -i 's/-DTPM_NUVOTON/-DTPM_NUVOTON $(CFLAGS)/' makefile \
+        && CFLAGS="-DNV_MEMORY_SIZE=32768 -DMIN_EVICT_OBJECTS=7" make -j$(nproc) \
+        && cp tpm_server /usr/local/bin \
+        && rm -fr /tmp/$ibmtpm_name
+
 include(`autoconf.m4')
-include(`swtpm.m4')
 include(`junit.m4')
 
 WORKDIR /