All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-security][PATCH] kas: add ima, tpm and tpm2 build configs
@ 2020-07-20  2:21 akuster
  0 siblings, 0 replies; only message in thread
From: akuster @ 2020-07-20  2:21 UTC (permalink / raw)
  To: yocto

for qemux86, qemux86-64 and qemuarm64

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .gitlab-ci.yml            | 32 ++++++++++++++++++++++++++++++++
 kas/kas-security-base.yml |  4 ++++
 kas/qemuarm64-ima.yml     | 10 ++++++++++
 kas/qemuarm64-tpm2.yml    | 10 ++++++++++
 kas/qemuarm64.yml         |  2 +-
 kas/qemux86-64-ima.yml    | 10 ++++++++++
 kas/qemux86-64-tpm.yml    | 10 ++++++++++
 kas/qemux86-64-tpm2.yml   | 10 ++++++++++
 kas/qemux86-ima.yml       | 10 ++++++++++
 9 files changed, 97 insertions(+), 1 deletion(-)
 create mode 100644 kas/qemuarm64-ima.yml
 create mode 100644 kas/qemuarm64-tpm2.yml
 create mode 100644 kas/qemux86-64-ima.yml
 create mode 100644 kas/qemux86-64-tpm.yml
 create mode 100644 kas/qemux86-64-tpm2.yml
 create mode 100644 kas/qemux86-ima.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f7517a5..c6fba3e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -54,3 +54,35 @@ qemuriscv64:
   extends: .build
   script:
   - ./scripts/ci-build.sh  $CI_JOB_NAME security-build-image
+
+qemux86-64-tpm:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm-image
+
+qemux86-64-tpm2:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm2-image
+
+qemuarm64-tpm2:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm2-image
+
+
+qemux86-ima:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
+
+qemux86-64-ima:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
+
+qemuarm64-iam:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
+
diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml
index 7f807d1..82072ef 100644
--- a/kas/kas-security-base.yml
+++ b/kas/kas-security-base.yml
@@ -5,6 +5,10 @@ distro: poky
 
 repos:
   meta-security:
+    layers:
+      meta-tpm:
+      meta-integrity:
+      meta-security-compliance:
 
   poky:
     url: https://git.yoctoproject.org/git/poky
diff --git a/kas/qemuarm64-ima.yml b/kas/qemuarm64-ima.yml
new file mode 100644
index 0000000..b478472
--- /dev/null
+++ b/kas/qemuarm64-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+
+machine: qemuarm64
diff --git a/kas/qemuarm64-tpm2.yml b/kas/qemuarm64-tpm2.yml
new file mode 100644
index 0000000..3a8d8fc
--- /dev/null
+++ b/kas/qemuarm64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm2"
+
+machine: qemuarm64 
diff --git a/kas/qemuarm64.yml b/kas/qemuarm64.yml
index d55adff..a0c2d1a 100644
--- a/kas/qemuarm64.yml
+++ b/kas/qemuarm64.yml
@@ -3,4 +3,4 @@ header:
   includes:
     - kas-security-base.yml
 
-machine: qemuarmu64
+machine: qemuarm64
diff --git a/kas/qemux86-64-ima.yml b/kas/qemux86-64-ima.yml
new file mode 100644
index 0000000..e64931c
--- /dev/null
+++ b/kas/qemux86-64-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm.yml b/kas/qemux86-64-tpm.yml
new file mode 100644
index 0000000..565b423
--- /dev/null
+++ b/kas/qemux86-64-tpm.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm"
+
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm2.yml b/kas/qemux86-64-tpm2.yml
new file mode 100644
index 0000000..a43693e
--- /dev/null
+++ b/kas/qemux86-64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm2"
+
+machine: qemux86-64
diff --git a/kas/qemux86-ima.yml b/kas/qemux86-ima.yml
new file mode 100644
index 0000000..6528ba6
--- /dev/null
+++ b/kas/qemux86-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+
+machine: qemux86
-- 
2.17.1


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2020-07-20  2:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-20  2:21 [meta-security][PATCH] kas: add ima, tpm and tpm2 build configs akuster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.