From patchwork Mon May 23 14:08:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8397 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1DD2AC433EF for ; Mon, 23 May 2022 14:09:05 +0000 (UTC) Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) by mx.groups.io with SMTP id smtpd.web09.28219.1653314944536731877 for ; Mon, 23 May 2022 07:09:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=SDfjJF/n; spf=pass (domain: gmail.com, ip: 209.85.215.170, mailfrom: akuster808@gmail.com) Received: by mail-pg1-f170.google.com with SMTP id q76so13777931pgq.10 for ; Mon, 23 May 2022 07:09:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=xdEmx1u7wgltkFZGQ3uqLPv0q5oRRBeBzIWTyMqvivY=; b=SDfjJF/noQQip54RgsNO2WtZF70LiIb66p4hThlsO90W/3Yomqgghyln45ToxLmyYw OJMQunQAWdCybcg6bKxLm1Gr2shffiXz78uo7TQN9HNKhzxXeNsfkgLlrrg1vJIyIY9P /oJuNGReVv028yikeo0q450DJIvMzpbLFRQwGtjWMxBXbCDS1HPFLO81W7vcMmmb/YqS nATNFbu1Mie5bZf7ZgV3CVV7PhGGAWnz1VLnCShf1I3B//UcZscUzKkZf5l5AdoXlkz2 3M7WIhpX9bH4cUl2WHIWT478YIWJrpXaDWhw78R/acDMUx1nKnp+CI+HFdPoKXoT2kBt PibQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=xdEmx1u7wgltkFZGQ3uqLPv0q5oRRBeBzIWTyMqvivY=; b=UFEBYslbRls3xU0IiOZfi3Jvu2sgnEAMBB1W+OCtX5yC9nKVg2lXcvvL7BcOrRsIqP O0AbLV92tKjPWkeZuZ+JMow4MMVo8XJHvCEU3WsIgbzGfVwqsMjcTDVFkBjJ1bp82G28 nEcDofYHaFMzG74czfgljmG9WfdDAzbejrQuzpYcXPQyXO7exwHbN9Y/yhgvWMK34mDr tc5kUB/tX6LCLT8/ZHKcADq1yzlhv88yVOoqKsZhajr8JLEp7BRNwFX93zdfwPHaYADb MJ4E6yCDuj8PZnLuIPIN0PfnaV5jy1H56X9SwEd/u98hZPHC4HnFyWrCOxRUubC8P8EI 6spA== X-Gm-Message-State: AOAM530uYAL1c0FprpvgyS6ZFwwxEmPKmCe6vEA1YoqHzj/9RBGd7pJN 0wz2r/Epv8id67NGEfO19HIGyPcMYM1VSw== X-Google-Smtp-Source: ABdhPJxfDfBXgrzMP2AzU0DMJLv6izLfzOc1lY2Eev1i5sN7maF2EJqntfCu9Mflki65uGR5ZDrSEg== X-Received: by 2002:a63:2209:0:b0:3ab:113b:9a2b with SMTP id i9-20020a632209000000b003ab113b9a2bmr20661193pgi.235.1653314943577; Mon, 23 May 2022 07:09:03 -0700 (PDT) Received: from keaua.hsd1.ca.comcast.net ([2601:202:4180:a5c0:22e0:d3fa:16:d603]) by smtp.gmail.com with ESMTPSA id 6-20020a17090a0f8600b001cb6527ca39sm7466846pjz.0.2022.05.23.07.09.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 May 2022 07:09:03 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][v2][PATCH 1/3] meta-parsec: Add pkg grps Date: Mon, 23 May 2022 07:08:59 -0700 Message-Id: <20220523140901.35347-1-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 23 May 2022 14:09:05 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57158 Signed-off-by: Armin Kuster --- V2] Drop tpm pkgs, use the tpm2 pkg grp --- .../packagegroup-security-parsec.bb | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb diff --git a/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb new file mode 100644 index 0000000..b6c4f59 --- /dev/null +++ b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Parsec Security packagegroup for Poky" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +inherit packagegroup + +PACKAGES = "\ + packagegroup-security-parsec \ + " + +SUMMARY:packagegroup-security-parsec = "Security Parsec" +RDEPENDS:packagegroup-security-parsec = "\ + softhsm \ + parsec-tool \ + parsec-service \ + " From patchwork Mon May 23 14:09:00 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8398 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 009F9C433F5 for ; Mon, 23 May 2022 14:09:15 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.27725.1653314945546480556 for ; Mon, 23 May 2022 07:09:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=eKjYEiXS; spf=pass (domain: gmail.com, ip: 209.85.210.178, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f178.google.com with SMTP id y199so13793833pfb.9 for ; Mon, 23 May 2022 07:09:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=5/YawR9+g2UFLHi0iHRgy7+dhIckPW9GZPz1Ry8bUx8=; b=eKjYEiXSEiATj1jB/O1d+HE2sMs3OwArCMlUn2h5lOhGy9BMQN8+X77xUyrL3eBqx9 5bo4SRCGExKmcOKBP7fn96Rhgo/0IuWoDrLxwgoKKxz9T+t+5Go5CZmIHTTne6qOavhh lDXZkDqWHthtwbFPpTD/z7J2iQmn15Bs0gqJDCIpM4RF+8ddO/QhiZ2Mgc3uwpNyklMr aS3S7Os3Boh1jyi22O7pyDj8LaNJJ9IzuQZ1lFA8Dn73ech7YPHuZW2x4gfNfUQt+byK 2uFOEFZRA+OeeJOPArOY2U9mc1h10QWO+BDjAhT0I+OmSaqHnUJs52UExysljYPFdI9h oD2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5/YawR9+g2UFLHi0iHRgy7+dhIckPW9GZPz1Ry8bUx8=; b=kDc7lIzfJyLw4UBtIAqVjRTkiLVd/PrhiR73jDNavvwoQDmqZV70j6JXLDZHp1PNsC DgOzKBK346tZtyava4X04VGqo9u51YQn7Drx6KHACXBDqmlp4MfntQELQRY7wF/l/Th0 hqTZ2bCqwyvf2ubA1sMVKU7rEZOJFDmtEyuKqZHnUlUrY3BxTorJsYtcU7OwRyqk79N+ W8g/rUUFNt2UMB5U0u1/fHwhARDsSOIpEyjTaulUo5XdjDx5FWHd/xWiI8y3v1fp4AoR XlO4JqpqX1/9thRqkQk8j77LZmP800VAyxRS4Dv2wF5yvc5vORANK2u7V65jMtnaGc9i 80FQ== X-Gm-Message-State: AOAM533uxpzx629TeZcqG8KxuxmNjWGVRBKxzEVfJNtfwPsHM8pFo0SF MS03uL9kKneAeEnmknkETI5GEke63BsHew== X-Google-Smtp-Source: ABdhPJzqFg3+G7jg3fWuEOdGdPkXsZMzVuTkoEgnQERyTJmMLudQZlN/aIoqupRnNXVCnpqjCaxevg== X-Received: by 2002:a05:6a00:1acb:b0:518:99c4:aa2e with SMTP id f11-20020a056a001acb00b0051899c4aa2emr6327096pfv.25.1653314944782; Mon, 23 May 2022 07:09:04 -0700 (PDT) Received: from keaua.hsd1.ca.comcast.net ([2601:202:4180:a5c0:22e0:d3fa:16:d603]) by smtp.gmail.com with ESMTPSA id 6-20020a17090a0f8600b001cb6527ca39sm7466846pjz.0.2022.05.23.07.09.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 May 2022 07:09:04 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][v2][PATCH 2/3] meta-parsec: add build image. Date: Mon, 23 May 2022 07:09:00 -0700 Message-Id: <20220523140901.35347-2-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220523140901.35347-1-akuster808@gmail.com> References: <20220523140901.35347-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 23 May 2022 14:09:14 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57159 Signed-off-by: Armin Kuster --- v2] Use packagegroup-security-tpm2 add swtpm --- .../images/security-parsec-image.bb | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 meta-parsec/recipes-core/images/security-parsec-image.bb diff --git a/meta-parsec/recipes-core/images/security-parsec-image.bb b/meta-parsec/recipes-core/images/security-parsec-image.bb new file mode 100644 index 0000000..2ddc543 --- /dev/null +++ b/meta-parsec/recipes-core/images/security-parsec-image.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "A small image for building meta-parsec packages" + +inherit core-image + +IMAGE_FEATURES += "ssh-server-openssh" + +IMAGE_INSTALL = "\ + packagegroup-base \ + packagegroup-core-boot \ + packagegroup-security-tpm2 \ + packagegroup-security-parsec \ + swtpm \ + os-release" + +export IMAGE_BASENAME = "security-parsec-image" + +IMAGE_ROOTFS_EXTRA_SPACE = "5242880" From patchwork Mon May 23 14:09:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8399 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08ECAC433FE for ; Mon, 23 May 2022 14:09:15 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web08.27961.1653314947376016385 for ; Mon, 23 May 2022 07:09:07 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=cXpAIsqV; spf=pass (domain: gmail.com, ip: 209.85.214.176, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f176.google.com with SMTP id b5so6155979plx.10 for ; Mon, 23 May 2022 07:09:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=USrJTpBQ15ZogmOMjh4/dG2jDBBSVmp6154FTrZzokw=; b=cXpAIsqVYSGEFCHL9cT1+DW4OvMJ4Kpfg3PR0OBWl7nv+pv5oPSadgU8MYZ8TZhEjV 15Bh9NyZuoyEbywVBu7Fp3cPVmBD6ZhH3h037IH9KmvtAero5B3bP3NmxIDq53EusLAd /5k/k+E7xsDv5vbC6+5CZyoa9oMClSTx82dkENbEK7XWfYsABr7D/UMbgr5NT7HsTrHu S61VmsqznsK+wVh8XDeUZizSiQ+TesgbYy26v9V/IrifNG/6QAtOmZxSoK+jkCQlsMEj QFxGJ0+E9O3/nY04ApbJINJI6JwJwrCiyJoGB6VVy3oEsIcsESr0UjSvTkg/3pzbIyHn AZHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=USrJTpBQ15ZogmOMjh4/dG2jDBBSVmp6154FTrZzokw=; b=PN5z06apkt+VaKkB9ZiePttJ1GruQ6sZAcsDU0nr97haNEi8QEGHl+aez1rTPU9pf5 tSrRqUz0RYGJ+hxivXKLG7++MF1BT+Fkb9FmbQfPiVvpN5+2pnf0pe5blYjpIQhXubi6 GaVXpAe57KjHWrjEanX9oyhOlj/dMMDkn7cbajiy8vMV7n37v76KnpAkKCE+XEM80UTy rwCmDFbpO/nCuJ2BY5hCquFm+jaPp3Ie4IFYNizW63NzuetCH581aP/i6Ev3Vkxbbtx7 bXOAl4ZHxpKZzFINXTsoIvzHO45zyYUV/sbqKjuXamOah+y96lrNYQWZFnJjpHg9jedG jK8w== X-Gm-Message-State: AOAM5328Ymvt4+JCg0l9kVjs+JJvPEgXTZwLeNXrEvsJdS2vwdjCotKj yVUfoYTOvafy2McPx3qTORDqP2/tMJd/Jg== X-Google-Smtp-Source: ABdhPJzdIPsfebCIw/WSoAO88BGJzGPeFJwsvv0cWCRIVn3xlHanQUWg8YavYpA8e5BAsxwcleXRcg== X-Received: by 2002:a17:903:40c8:b0:162:39b5:9eb7 with SMTP id t8-20020a17090340c800b0016239b59eb7mr562222pld.87.1653314946554; Mon, 23 May 2022 07:09:06 -0700 (PDT) Received: from keaua.hsd1.ca.comcast.net ([2601:202:4180:a5c0:22e0:d3fa:16:d603]) by smtp.gmail.com with ESMTPSA id 6-20020a17090a0f8600b001cb6527ca39sm7466846pjz.0.2022.05.23.07.09.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 May 2022 07:09:05 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][v2][PATCH 3/3] oeqa: add parsec runtime tests Date: Mon, 23 May 2022 07:09:01 -0700 Message-Id: <20220523140901.35347-3-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220523140901.35347-1-akuster808@gmail.com> References: <20220523140901.35347-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 23 May 2022 14:09:15 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57160 Signed-off-by: Armin Kuster --- v2] Add parsec-cli-tests.sh to mix --- meta-parsec/lib/oeqa/runtime/cases/parsec.py | 33 ++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 meta-parsec/lib/oeqa/runtime/cases/parsec.py diff --git a/meta-parsec/lib/oeqa/runtime/cases/parsec.py b/meta-parsec/lib/oeqa/runtime/cases/parsec.py new file mode 100644 index 0000000..547f74c --- /dev/null +++ b/meta-parsec/lib/oeqa/runtime/cases/parsec.py @@ -0,0 +1,33 @@ +# Copyright (C) 2022 Armin Kuster +# +import re + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.runtime.decorator.package import OEHasPackage + +class ParsecTest(OERuntimeTestCase): + @OEHasPackage(['parsec-service']) + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_parsec_service(self): + toml_file = '/etc/parsec/config.tom' + status, output = self.target.run('echo library_path = "/usr/lib/softhsm/libsofthsm2.so" >> %s' %(toml_file)) + status, output = self.target.run('echo slot_number = 0 >> %s' %(toml_file)) + status, output = self.target.run('echo user_pin = "123456" >> %s' %(toml_file)) + cmds = [ + '/etc/init.d/parsec stop', + 'sleep 5', + 'softhsm2-util --init-token --slot 0 --label "Parsec Service" --pin 123456 --so-pin 123456', + 'for d in /var/lib/softhsm/tokens/*; do chown -R parsec $d; done', + 'mkdir /tmp/myvtpm', + 'swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init &', + 'export TPM2TOOLS_TCTI="swtpm:port=2321"', + 'tpm2_startup -c', + 'sleep 2', + '/etc/init.d/parsec start', + 'parsec-cli-tests.sh' + ] + + for cmd in cmds: + status, output = self.target.run(cmd) + self.assertEqual(status, 0, msg='\n'.join([cmd, output]))