aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2020-07-19 15:27:21 +0000
committerArmin Kuster <akuster808@gmail.com>2020-07-19 19:19:59 -0700
commit4dc69a75502cb8f184b003e13117999f136b7899 (patch)
tree32d6ba3d10af2d5aad1839df7ad4d40a1ef81b32
parent171c3da4303d361258f785fbc6c958d643212779 (diff)
downloadmeta-security-4dc69a75502cb8f184b003e13117999f136b7899.tar.gz
meta-security-4dc69a75502cb8f184b003e13117999f136b7899.tar.bz2
meta-security-4dc69a75502cb8f184b003e13117999f136b7899.zip
kas: add ima, tpm and tpm2 build configs
for qemux86, qemux86-64 and qemuarm64 Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--.gitlab-ci.yml32
-rw-r--r--kas/kas-security-base.yml4
-rw-r--r--kas/qemuarm64-ima.yml10
-rw-r--r--kas/qemuarm64-tpm2.yml10
-rw-r--r--kas/qemuarm64.yml2
-rw-r--r--kas/qemux86-64-ima.yml10
-rw-r--r--kas/qemux86-64-tpm.yml10
-rw-r--r--kas/qemux86-64-tpm2.yml10
-rw-r--r--kas/qemux86-ima.yml10
9 files changed, 97 insertions, 1 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f7517a5..c6fba3e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -54,3 +54,35 @@ qemuriscv64:
extends: .build
script:
- ./scripts/ci-build.sh $CI_JOB_NAME security-build-image
+
+qemux86-64-tpm:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME security-tpm-image
+
+qemux86-64-tpm2:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME security-tpm2-image
+
+qemuarm64-tpm2:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME security-tpm2-image
+
+
+qemux86-ima:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
+
+qemux86-64-ima:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
+
+qemuarm64-iam:
+ extends: .build
+ script:
+ - ./scripts/ci-build.sh $CI_JOB_NAME integrity-image-minimal
+
diff --git a/kas/kas-security-base.yml b/kas/kas-security-base.yml
index 7f807d1..82072ef 100644
--- a/kas/kas-security-base.yml
+++ b/kas/kas-security-base.yml
@@ -5,6 +5,10 @@ distro: poky
repos:
meta-security:
+ layers:
+ meta-tpm:
+ meta-integrity:
+ meta-security-compliance:
poky:
url: https://git.yoctoproject.org/git/poky
diff --git a/kas/qemuarm64-ima.yml b/kas/qemuarm64-ima.yml
new file mode 100644
index 0000000..b478472
--- /dev/null
+++ b/kas/qemuarm64-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemuarm64
diff --git a/kas/qemuarm64-tpm2.yml b/kas/qemuarm64-tpm2.yml
new file mode 100644
index 0000000..3a8d8fc
--- /dev/null
+++ b/kas/qemuarm64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm2"
+
+machine: qemuarm64
diff --git a/kas/qemuarm64.yml b/kas/qemuarm64.yml
index d55adff..a0c2d1a 100644
--- a/kas/qemuarm64.yml
+++ b/kas/qemuarm64.yml
@@ -3,4 +3,4 @@ header:
includes:
- kas-security-base.yml
-machine: qemuarmu64
+machine: qemuarm64
diff --git a/kas/qemux86-64-ima.yml b/kas/qemux86-64-ima.yml
new file mode 100644
index 0000000..e64931c
--- /dev/null
+++ b/kas/qemux86-64-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm.yml b/kas/qemux86-64-tpm.yml
new file mode 100644
index 0000000..565b423
--- /dev/null
+++ b/kas/qemux86-64-tpm.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm"
+
+machine: qemux86-64
diff --git a/kas/qemux86-64-tpm2.yml b/kas/qemux86-64-tpm2.yml
new file mode 100644
index 0000000..a43693e
--- /dev/null
+++ b/kas/qemux86-64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm2"
+
+machine: qemux86-64
diff --git a/kas/qemux86-ima.yml b/kas/qemux86-ima.yml
new file mode 100644
index 0000000..6528ba6
--- /dev/null
+++ b/kas/qemux86-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemux86