kas: add ima, tpm and tpm2 build configs

for qemux86, qemux86-64 and qemuarm64 Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Armin Kuster <akuster808@gmail.com> 2020-07-19 15:27:21 +0000
committer: Armin Kuster <akuster808@gmail.com> 2020-07-19 19:19:59 -0700
commit: 4dc69a75502cb8f184b003e13117999f136b7899 (patch)
tree: 32d6ba3d10af2d5aad1839df7ad4d40a1ef81b32
parent: 171c3da4303d361258f785fbc6c958d643212779 (diff)
download: meta-security-4dc69a75502cb8f184b003e13117999f136b7899.tar.gz
9 files changed, 97 insertions, 1 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f7517a5..c6fba3e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -54,3 +54,35 @@ qemuriscv64:
  extends: .build
  script:
  - ./scripts/ci-build.sh  $CI_JOB_NAME security-build-image
+qemux86-64-tpm:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm-image
+qemux86-64-tpm2:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm2-image
+qemuarm64-tpm2:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME security-tpm2-image
+qemux86-ima:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
+qemux86-64-ima:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
+qemuarm64-iam:
+  extends: .build
+  script:
+  - ./scripts/ci-build.sh  $CI_JOB_NAME integrity-image-minimal
diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml
index 7f807d1..82072ef 100644
--- a/kas/kas-security-base.yml
+++ b/kas/kas-security-base.yml
@@ -5,6 +5,10 @@ distro: poky
 repos:
  meta-security:
+    layers:
+      meta-tpm:
+      meta-integrity:
+      meta-security-compliance:
  poky:
    url: https://git.yoctoproject.org/git/poky
diff --git a/kas/qemuarm64-ima.yml b/kas/qemuarm64-ima.yml
new file mode 100644
index 0000000..b478472
--- /dev/null
+++ b/kas/qemuarm64-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+machine: qemuarm64
diff --git a/kas/qemuarm64-tpm2.yml b/kas/qemuarm64-tpm2.yml
new file mode 100644
index 0000000..3a8d8fc
--- /dev/null
+++ b/kas/qemuarm64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm2"
+machine: qemuarm64 
diff --git a/kas/qemuarm64.yml b/kas/qemuarm64.yml
index d55adff..a0c2d1a 100644
--- a/kas/qemuarm64.yml
+++ b/kas/qemuarm64.yml
@@ -3,4 +3,4 @@ header:
  includes:
    - kas-security-base.yml
-machine: qemuarmu64
+machine: qemuarm64
diff --git a/kas/qemux86-64-ima.yml b/kas/qemux86-64-ima.yml
new file mode 100644
index 0000000..e64931c
--- /dev/null
+++ b/kas/qemux86-64-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm.yml b/kas/qemux86-64-tpm.yml
new file mode 100644
index 0000000..565b423
--- /dev/null
+++ b/kas/qemux86-64-tpm.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm"
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm2.yml b/kas/qemux86-64-tpm2.yml
new file mode 100644
index 0000000..a43693e
--- /dev/null
+++ b/kas/qemux86-64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " tpm2"
+machine: qemux86-64
diff --git a/kas/qemux86-ima.yml b/kas/qemux86-ima.yml
new file mode 100644
index 0000000..6528ba6
--- /dev/null
+++ b/kas/qemux86-ima.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+local_conf_header:
+  meta-security: |
+    DISTRO_FEATURES_append = " ima"
+machine: qemux86
author	Armin Kuster <akuster808@gmail.com>	2020-07-19 15:27:21 +0000
committer	Armin Kuster <akuster808@gmail.com>	2020-07-19 19:19:59 -0700
commit	4dc69a75502cb8f184b003e13117999f136b7899 (patch)
tree	32d6ba3d10af2d5aad1839df7ad4d40a1ef81b32
parent	171c3da4303d361258f785fbc6c958d643212779 (diff)
download	meta-security-4dc69a75502cb8f184b003e13117999f136b7899.tar.gz

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f7517a5..c6fba3e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml
@@ -54,3 +54,35 @@ qemuriscv64:
54	extends: .build	54	extends: .build
55	script:	55	script:
56	- ./scripts/ci-build.sh $CI_JOB_NAME security-build-image	56	- ./scripts/ci-build.sh $CI_JOB_NAME security-build-image
		57
		58	qemux86-64-tpm:
		59	extends: .build
		60	script:
		61	- ./scripts/ci-build.sh $CI_JOB_NAME security-tpm-image
		62
		63	qemux86-64-tpm2:
		64	extends: .build
		65	script:
		66	- ./scripts/ci-build.sh $CI_JOB_NAME security-tpm2-image
		67
		68	qemuarm64-tpm2:
		69	extends: .build
		70	script:
		71	- ./scripts/ci-build.sh $CI_JOB_NAME security-tpm2-image
		72
		73
		74	qemux86-ima:
		75	extends: .build
		76	script:
		77	- ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
		78
		79	qemux86-64-ima:
		80	extends: .build
		81	script:
		82	- ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
		83
		84	qemuarm64-iam:
		85	extends: .build
		86	script:
		87	- ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
		88


diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml index 7f807d1..82072ef 100644 --- a/kas/kas-security-base.yml +++ b/kas/kas-security-base.yml
@@ -5,6 +5,10 @@ distro: poky
5		5
6	repos:	6	repos:
7	meta-security:	7	meta-security:
		8	layers:
		9	meta-tpm:
		10	meta-integrity:
		11	meta-security-compliance:
8		12
9	poky:	13	poky:
10	url: https://git.yoctoproject.org/git/poky	14	url: https://git.yoctoproject.org/git/poky


diff --git a/kas/qemuarm64-ima.yml b/kas/qemuarm64-ima.yml new file mode 100644 index 0000000..b478472 --- /dev/null +++ b/kas/qemuarm64-ima.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " ima"
		9
		10	machine: qemuarm64


diff --git a/kas/qemuarm64-tpm2.yml b/kas/qemuarm64-tpm2.yml new file mode 100644 index 0000000..3a8d8fc --- /dev/null +++ b/kas/qemuarm64-tpm2.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " tpm2"
		9
		10	machine: qemuarm64


diff --git a/kas/qemuarm64.yml b/kas/qemuarm64.yml index d55adff..a0c2d1a 100644 --- a/kas/qemuarm64.yml +++ b/kas/qemuarm64.yml
@@ -3,4 +3,4 @@ header:
3	includes:	3	includes:
4	- kas-security-base.yml	4	- kas-security-base.yml
5		5
6	machine: qemuarmu64	6	machine: qemuarm64


diff --git a/kas/qemux86-64-ima.yml b/kas/qemux86-64-ima.yml new file mode 100644 index 0000000..e64931c --- /dev/null +++ b/kas/qemux86-64-ima.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " ima"
		9
		10	machine: qemux86-64


diff --git a/kas/qemux86-64-tpm.yml b/kas/qemux86-64-tpm.yml new file mode 100644 index 0000000..565b423 --- /dev/null +++ b/kas/qemux86-64-tpm.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " tpm"
		9
		10	machine: qemux86-64


diff --git a/kas/qemux86-64-tpm2.yml b/kas/qemux86-64-tpm2.yml new file mode 100644 index 0000000..a43693e --- /dev/null +++ b/kas/qemux86-64-tpm2.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " tpm2"
		9
		10	machine: qemux86-64


diff --git a/kas/qemux86-ima.yml b/kas/qemux86-ima.yml new file mode 100644 index 0000000..6528ba6 --- /dev/null +++ b/kas/qemux86-ima.yml
@@ -0,0 +1,10 @@
		1	header:
		2	version: 8
		3	includes:
		4	- kas-security-base.yml
		5
		6	local_conf_header:
		7	meta-security: \|
		8	DISTRO_FEATURES_append = " ima"
		9
		10	machine: qemux86