20 Commits

Author SHA1 Message Date
Jia Zhang 1423a3c5c5 Maintain the stable branch rocko
The modifications based on the following commits are made by the way:

- seloader: Fix building for rocko (bc6bbe2)
- meta-integrity: rpm: Add back in required patches for rocko (5fa9c85)

Because the sanity check for rocko now becomes unnecessary.

In addition, the meta-intel-sgx is removed because it is still
experimental.

- meta-intel-sgx: Initial support of linux-sgx-driver (7d4f711)

Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
2018-09-21 03:20:23 -04:00
Tom Rini cd40815e69 layer.conf: Mark as compatible with rocko
As we also work with the 'rocko' release list that in our
LAYERSERIES_COMPAT.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-07-25 20:41:35 +08:00
Trevor Woerner 18d65f8933 layer.conf: add LAYERSERIES_COMPAT
see https://patchwork.openembedded.org/patch/140542/

Signed-off-by: Trevor Woerner <twoerner@gmail.com>
2018-05-26 08:08:58 +08:00
Wenzong Fan c28e821fe6 packagegroup-tpm: include tpm-quote-tools (#17)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
2017-09-12 22:02:25 +08:00
Jia Zhang b69537380c meta-secure-core: clean up ${COREBASE}/LICENSE and ${COREBASE}/meta/COPYING.MIT
${COREBASE}/LICENSE is not a valid license file. So it is recommended
to use '${COMMON_LICENSE_DIR}/MIT' for a MIT License file in
LIC_FILES_CHKSUM. This will become an error in the future.

Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
2017-09-02 11:11:44 +08:00
limeng-linux 7f72300c23 tpm : openssl-tpm-engine: parse an encrypted TPM key password from env (#15)
when openssl-tpm-engine lib is used on an unattended device, there is no
way to input TPM key password. So add this feature to support parse an
encrypted(AES algorithm) TPM key password from env.
The default decrypting AES password and salt is set in bb file.
When we create a TPM key(TSS format), generate a 8 bytes random data
as its password, and then we need to encrypt the password with the same
AES password and salt in bb file.
At last, we set a env as below:
export TPM_KEY_ENC_PW=xxxxxxxx
"xxxxxxxx" is the encrypted TPM key password for libtpm.so.

Signed-off-by: Meng Li <Meng.Li@windriver.com>
2017-09-02 10:16:57 +08:00
Jia Zhang ddb0b8d6d2 meta-tpm: tss 1.x always depends on openssl 1.0.x
Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
2017-08-20 20:31:58 +08:00
Lans Zhang 1212f2c974 openssl-tpm-engine: fix cmdline parsing failure on arm platform
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-21 17:14:19 +08:00
Lans Zhang b8ea0f4da9 trouser: a minor fix for debug package
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-21 11:06:31 +08:00
Lans Zhang e874405319 meta-secure-core: define the oe index name
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 14:17:27 +08:00
Lans Zhang ede9a4f871 tpm-tools: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 13:51:38 +08:00
Lans Zhang d5ea27e293 tss-testsuite: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 13:32:44 +08:00
Lans Zhang 9ee97956a6 tpm-quote-tools: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 13:16:05 +08:00
Lans Zhang 788b69e11b pcr-extend: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 11:23:44 +08:00
Lans Zhang 6fd899a866 openssl-tpm-engine: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 10:58:22 +08:00
Lans Zhang dffeaacd06 meta-tpm: code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 10:30:19 +08:00
Lans Zhang 3df0a11acc trousers: update to the latest and code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-20 10:28:20 +08:00
Lans Zhang f04c4eaf6a Add the missing COPYING.MIT files
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-07-13 15:31:14 +08:00
Meng Li 92f65d3394 openssl-tpm-engine: parse an encrypted tpm SRK password from env
Before, we support reading SRK password from env TPM_SRK_PW,
but it is a plain password and not secure.
So, we improve it and support to get an encrypted (AES algorithm)
SRK password from env, and then parse it. The default decrypting
AES password and salt is set in bb file.
When we initialize TPM, and set a SRK pw, and then we need to
encrypt it with the same AES password and salt by AES algorithm.
At last, we set a env as below:
export TPM_SRK_ENC_PW=xxxxxxxx
"xxxxxxxx" is the encrypted SRK password for libtpm.so.

Signed-off-by: Meng Li <Meng.Li@windriver.com>
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-06-23 21:52:57 +08:00
Lans Zhang 1b3e594449 meta-secure-core: initial commit
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-06-22 15:24:04 +08:00