From patchwork Sat May 21 18:56:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8342 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6EA78C433FE for ; Sat, 21 May 2022 18:56:52 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web08.8595.1653159403674301674 for ; Sat, 21 May 2022 11:56:43 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=ZMdHUtVQ; spf=pass (domain: gmail.com, ip: 209.85.210.172, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f172.google.com with SMTP id y199so10318409pfb.9 for ; Sat, 21 May 2022 11:56:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=5C20xTjb52pccnp/dhBbIB1zgwnjDIYi3dRzc+QT030=; b=ZMdHUtVQSa7pwWgsidg72lI+rbJUvA+DEby2eGLtt/ntI+jJAN9VbgmjIgOXuWGAds 9deJIuubyMgN/nZtLLNW628enDxjV37okyhgqo3Ca3S/ahsihljM73XzWLHCIcWxBHxY am2Dei/5W/oEnklzilu2FjVSDKG5w8I4cfoNIf2dGQ+WKaBYGi4JaBVW8oX83apseJuQ uUtAqItlPbLezBj4XHCSdMrEoMYQiGJZt4UCE+zOYgEYtg66ylj+qaz85JlE83rGWwhW ePSkE2jFaanppl7vJoKm24I2oRvBFDfcN53LbwrZslSvoBXbxZQ2c6Np1a49uDhqetB0 cfaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=5C20xTjb52pccnp/dhBbIB1zgwnjDIYi3dRzc+QT030=; b=kiutCwZFs75COGDo6N8qKfImAZCMKqa0lglho05wjlsoWez1VqARs9li3oxjQNchpQ jaGxd+AN9ikbVX7ljBrAdqWyVcgAdynU3TEowiWBQOkDDvHHdMx4jGJL1onR11uUjsTy sMvSS+aC+xP1ny0lsNt7DaqSA3dZij3/1/+dJSrnTYXzBUFDiwnuNtz2iGELe2yGXqNq 5KrJLaAO/gJQZRgZs4Xok0JGZym9ddcUGqGHn7fvJtfM0/QX2keHnET06KfqVROy2VAW 5FIEYK0Dyd4jC9Y/gP1Ob3nGtWTAfmPTzyS5oWJbcUEgKa0H14/HHqTWBo3nEMMV5WND 7K+A== X-Gm-Message-State: AOAM53263TIxJP0oZBMhLF1ORqObWhFSGusu2vdz9Ncaa62ctN5NsTgd Fwbzk8kjtBbo1bjkooF+2x04Z4SHH7s= X-Google-Smtp-Source: ABdhPJynpsD6uuHHM/lt1jgYzWT+5teoI0GtfswU6534he5S5psxI9htQ57ue2QeMNv3Sc6YGByyZA== X-Received: by 2002:a05:6a00:80b:b0:510:845d:ff60 with SMTP id m11-20020a056a00080b00b00510845dff60mr16332311pfk.76.1653159402637; Sat, 21 May 2022 11:56:42 -0700 (PDT) Received: from keaua.T-mobile.com (c-98-207-193-87.hsd1.ca.comcast.net. [98.207.193.87]) by smtp.gmail.com with ESMTPSA id s1-20020a170902ea0100b0015e8d4eb1c1sm1931300plg.11.2022.05.21.11.56.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 May 2022 11:56:42 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][PATCH 1/3] meta-parsec: Add pkg grps Date: Sat, 21 May 2022 11:56:38 -0700 Message-Id: <20220521185640.143194-1-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 21 May 2022 18:56:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57150 Signed-off-by: Armin Kuster --- .../packagegroup-security-parsec.bb | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb diff --git a/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb new file mode 100644 index 0000000..a8affcd --- /dev/null +++ b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb @@ -0,0 +1,26 @@ +DESCRIPTION = "Parsec Security packagegroup for Poky" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +inherit packagegroup + +PACKAGES = "\ + packagegroup-security-parsec \ + packagegroup-security-parsec-tpm2 \ + " + +SUMMARY:packagegroup-security-parsec = "Security Parsec" +RDEPENDS:packagegroup-security-parsec = "\ + softhsm \ + parsec-tool \ + parsec-service \ + " + +SUMMARY:packagegroup-security-parsec-tpm2 = "Parsec Security TPM 2.0 support" +RDEPENDS:packagegroup-security-parsec-tpm2 = " \ + tpm2-tools \ + libtss2 \ + tpm2-abrmd \ + swtpm \ + " From patchwork Sat May 21 18:56:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8343 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D0CBC433EF for ; Sat, 21 May 2022 18:56:52 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web09.8796.1653159404657145317 for ; Sat, 21 May 2022 11:56:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=avvC+igR; spf=pass (domain: gmail.com, ip: 209.85.215.179, mailfrom: akuster808@gmail.com) Received: by mail-pg1-f179.google.com with SMTP id h9so2178783pgl.4 for ; Sat, 21 May 2022 11:56:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=JLvsDUh12ePBP3ymWNxfV2tf/CaKkre/zb5ceMW9yTk=; b=avvC+igRjAKmE9w1Aabmf7Yo29W66ceJ+uoAY7Qcp1zKPUcdlEjOnLlRbmZH7Ee546 u5Xn4jCr8P7koU7Ib01PevJcHP6fw2yCMhcA0bgfjcrOFTxC/wrb7urIluNNiWxShwle IOS/Anilo0BXSlRHqcX0wmWOtQikifDzCHK7lCradcqlguO5ohND7kmP1BudC74Kj2d2 r+7zSHvNVotAsf3syoSaQAU4GuOgIbZKktLI1un3WqMPe7Jkb1zAjK8FVpnYR/pKO/1C 0VkPTRVlQL9hkqfGoa3KB9slzvnG7BtuectvIsThkW3ODjBFLYXJprEWL2uukREH8lz2 LzQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JLvsDUh12ePBP3ymWNxfV2tf/CaKkre/zb5ceMW9yTk=; b=eBZgho4ogj05S0DPvH0FS0EcCi2nNy8+jBDnQIfSkgtWE0zS9ZmfjxAzzIxHtcCs2a qMoPNf573RVomgC7WIyYKeGiOjOP+XZ5gpeFJd/i6eAui4pd21M8A46sytH0mgvtjHZi oN+/LmAEhI9fvTRWB64s+9qZSYLR0jWQ9Jaoqigx1nwsP0cSXwSGJZbeKql5D/oCIYpn DkRfZ85g3qV9UCFN9pw15UibokKYR61JKq5ejOWarC8q3y/psAPCyVrYBXhMGg3dsahC ceXh6CXI+RKmki7oofYDnUOEDQTPmPcUyFx7utea9CCsZAiGzqWjNutI46QwJ126y2D7 V8sw== X-Gm-Message-State: AOAM532IKQc2T9nXiH9d0vWAQ0bPKa9wnC2Cu+thXI7yd161LT5sNzgX m+O6IyvtokUtTGmzFfYOGvtbhYVuzYs= X-Google-Smtp-Source: ABdhPJweOz44N3/zIr0EIAvHAoNsL2jfpr5/1g5vFY9kDNQhZ6A/6uieqD7+Kgvap9dgOZ2GAbcVAQ== X-Received: by 2002:a05:6a00:23ca:b0:50e:827:9253 with SMTP id g10-20020a056a0023ca00b0050e08279253mr15985738pfc.20.1653159403885; Sat, 21 May 2022 11:56:43 -0700 (PDT) Received: from keaua.T-mobile.com (c-98-207-193-87.hsd1.ca.comcast.net. [98.207.193.87]) by smtp.gmail.com with ESMTPSA id s1-20020a170902ea0100b0015e8d4eb1c1sm1931300plg.11.2022.05.21.11.56.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 May 2022 11:56:43 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][PATCH 2/3] meta-parsec: add build image. Date: Sat, 21 May 2022 11:56:39 -0700 Message-Id: <20220521185640.143194-2-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220521185640.143194-1-akuster808@gmail.com> References: <20220521185640.143194-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 21 May 2022 18:56:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57151 Signed-off-by: Armin Kuster --- .../recipes-core/images/security-parsec-image.bb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 meta-parsec/recipes-core/images/security-parsec-image.bb diff --git a/meta-parsec/recipes-core/images/security-parsec-image.bb b/meta-parsec/recipes-core/images/security-parsec-image.bb new file mode 100644 index 0000000..547b687 --- /dev/null +++ b/meta-parsec/recipes-core/images/security-parsec-image.bb @@ -0,0 +1,15 @@ +DESCRIPTION = "A small image for building meta-parsec packages" + +inherit core-image + +IMAGE_FEATURES += "ssh-server-openssh" + +IMAGE_INSTALL = "\ + packagegroup-base \ + packagegroup-core-boot \ + packagegroup-security-parsec \ + os-release" + +export IMAGE_BASENAME = "security-parsec-image" + +IMAGE_ROOTFS_EXTRA_SPACE = "5242880" From patchwork Sat May 21 18:56:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: akuster808 X-Patchwork-Id: 8341 X-Patchwork-Delegate: akuster808@gmail.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 703D6C433F5 for ; Sat, 21 May 2022 18:56:52 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web09.8797.1653159405905044030 for ; Sat, 21 May 2022 11:56:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=KxoYoa/h; spf=pass (domain: gmail.com, ip: 209.85.210.178, mailfrom: akuster808@gmail.com) Received: by mail-pf1-f178.google.com with SMTP id y41so10311418pfw.12 for ; Sat, 21 May 2022 11:56:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=hGiAYvyadsZDYnTms/vx8Y9gJoQGoDNYsapEN/pC0ZY=; b=KxoYoa/hC1RQchSMfmbS0t5U+FswiMivsQUCEm8aeTJJ37onEVju0EoNmxLXLKhiug bazNeBS4xCzDTf2AgxhVrHHaFzOgvhDWyY8NasgG0O4ya1yMGdseQBcmf7bNMhcTRxqj Y1SOZkOusSzYJq7eDY1QXC+x4/c3/FjypVbpv7RodJJJ7J7YqxzGNVVq3oxS4QvXIUvc bPdmYOwgOTnzvG869os32E9pQHWlbw9jCcMNq9nFkHhmplEP/VPiWW3YP9aOfL8q9YwZ NbUnAGtNyrwKO0QH9i2tbIOyj/i5Lcuvi/uFCrB6isM+gFqpeBo01hU0NF5KDr6zbVIJ sJog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hGiAYvyadsZDYnTms/vx8Y9gJoQGoDNYsapEN/pC0ZY=; b=2qfjpG6yZ0MxXir+eWSY14utZWQjLXlUXNzONFYIVDMlgZEmFXvFM7VP8YlGUaqCKo K4/XxWzXdw/GIKiztb6KO7flHLNYrcaCsSBevVrEuCtzWwk6uFcVFzRGPfT+PggZKoqt 66YSfE+Pcx/ow3tXvDXgHIIn3J5n4KK24S7dAniIxhe+vN7cNh7I/bnStbCzGG6WdH8p Sw2T8va5Cx2Ma1aIwaITJDAsqOp8brSd7bRVmF+kNFOOKEexsEcBhlF1teu++SJe9IsY XgrpP3RE1ajD9wQMzB4gP7stIsST7CZpxT9coluC0T0ysPpgmc14crho0jC4rFItIHcq n2IQ== X-Gm-Message-State: AOAM530e1bRF6W6wZZv/xvnstKoAcDMDFu5Cm6a/Z66zNoTBdF0ndVzC CL4QH27fMaZNlg31A1AA97XTfW+vJZk= X-Google-Smtp-Source: ABdhPJwenLGcJSTkleTzfJ0E2aa8SdYtbvx1zwadcJThXG8EvhBjxcSWTS45l55vaRDJ+6T83qWEIg== X-Received: by 2002:a05:6a00:134c:b0:518:7a03:168a with SMTP id k12-20020a056a00134c00b005187a03168amr5948796pfu.50.1653159405081; Sat, 21 May 2022 11:56:45 -0700 (PDT) Received: from keaua.T-mobile.com (c-98-207-193-87.hsd1.ca.comcast.net. [98.207.193.87]) by smtp.gmail.com with ESMTPSA id s1-20020a170902ea0100b0015e8d4eb1c1sm1931300plg.11.2022.05.21.11.56.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 May 2022 11:56:44 -0700 (PDT) From: Armin Kuster To: yocto@lists.yoctoproject.org Subject: [meta-parsec][PATCH 3/3] oeqa: add parsec runtime tests Date: Sat, 21 May 2022 11:56:40 -0700 Message-Id: <20220521185640.143194-3-akuster808@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220521185640.143194-1-akuster808@gmail.com> References: <20220521185640.143194-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 21 May 2022 18:56:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto/message/57152 Signed-off-by: Armin Kuster --- meta-parsec/lib/oeqa/runtime/cases/parsec.py | 32 ++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 meta-parsec/lib/oeqa/runtime/cases/parsec.py diff --git a/meta-parsec/lib/oeqa/runtime/cases/parsec.py b/meta-parsec/lib/oeqa/runtime/cases/parsec.py new file mode 100644 index 0000000..d07028c --- /dev/null +++ b/meta-parsec/lib/oeqa/runtime/cases/parsec.py @@ -0,0 +1,32 @@ +# Copyright (C) 2022 Armin Kuster +# +import re + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.runtime.decorator.package import OEHasPackage + +class ParsecTest(OERuntimeTestCase): + @OEHasPackage(['parsec-service']) + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_parsec_service(self): + toml_file = '/etc/parsec/config.tom' + status, output = self.target.run('echo -n library_path = "/usr/lib/softhsm/libsofthsm2.so" >> %s' %(toml_file)) + status, output = self.target.run('echo -n slot_number = 0 >> %s' %(toml_file)) + status, output = self.target.run('echo -n user_pin = "123456" >> %s' %(toml_file)) + cmds = [ + '/etc/init.d/parsec stop', + 'sleep 5', + 'softhsm2-util --init-token --slot 0 --label "Parsec Service" --pin 123456 --so-pin 123456', + 'for d in /var/lib/softhsm/tokens/*; do chown -R parsec $d; done', + 'mkdir /tmp/myvtpm', + 'swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init &', + 'export TPM2TOOLS_TCTI="swtpm:port=2321"', + 'tpm2_startup -c', + 'sleep 2', + '/etc/init.d/parsec start', + ] + + for cmd in cmds: + status, output = self.target.run(cmd) + self.assertEqual(status, 0, msg='\n'.join([cmd, output]))