* [Buildroot] [PATCH 1/1] package/spdm-utils: new package
@ 2024-02-24 0:28 Wilfred Mallawa via buildroot
0 siblings, 0 replies; 5+ messages in thread
From: Wilfred Mallawa via buildroot @ 2024-02-24 0:28 UTC (permalink / raw
To: buildroot; +Cc: Wilfred Mallawa, alistair.francis
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
---
package/Config.in | 1 +
package/spdm-utils/Config.in | 20 ++++++++++++++++++
package/spdm-utils/spdm-utils.hash | 2 ++
package/spdm-utils/spdm-utils.mk | 34 ++++++++++++++++++++++++++++++
4 files changed, 57 insertions(+)
create mode 100644 package/spdm-utils/Config.in
create mode 100644 package/spdm-utils/spdm-utils.hash
create mode 100644 package/spdm-utils/spdm-utils.mk
diff --git a/package/Config.in b/package/Config.in
index bf0fe078b9..11075d08c3 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2697,6 +2697,7 @@ comment "Utilities"
source "package/screenfetch/Config.in"
source "package/sexpect/Config.in"
source "package/sudo/Config.in"
+ source "package/spdm-utils/Config.in"
source "package/terminology/Config.in"
source "package/time/Config.in"
source "package/tini/Config.in"
diff --git a/package/spdm-utils/Config.in b/package/spdm-utils/Config.in
new file mode 100644
index 0000000000..6729cbde90
--- /dev/null
+++ b/package/spdm-utils/Config.in
@@ -0,0 +1,20 @@
+config BR2_PACKAGE_SPDM_UTILS
+ bool "spdm-utils"
+ depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+ depends on BR2_USE_WCHAR # eudev
+ depends on !BR2_STATIC_LIBS
+ depends on BR2_USE_MMU # eudev
+ select BR2_PACKAGE_HOST_RUSTC
+ select BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_PCIUTILS
+ select BR2_PACKAGE_EUDEV
+ select BR2_PACKAGE_PYTHON3
+ select BR2_PACKAGE_LIBSPDM
+ help
+ SPDM-Utils is a Linux application designed to support,
+ test and develop SPDM requesters and responders.
+ SPDM-Utils uses libspdm as the backend to perform SPDM
+ communication. SPDM-Utils currently supports the
+ PCIe Data Object Exchange (DOE) Capability.
+
+ https://github.com/westerndigitalcorporation/spdm-utils
\ No newline at end of file
diff --git a/package/spdm-utils/spdm-utils.hash b/package/spdm-utils/spdm-utils.hash
new file mode 100644
index 0000000000..0b4e5d2eea
--- /dev/null
+++ b/package/spdm-utils/spdm-utils.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 4bb5ac80ccac3928a6b6d15266e260bbc103d07c543b054664aac42a5472b7a6 spdm-utils-0.1.1.tar.gz
diff --git a/package/spdm-utils/spdm-utils.mk b/package/spdm-utils/spdm-utils.mk
new file mode 100644
index 0000000000..7574ea9b11
--- /dev/null
+++ b/package/spdm-utils/spdm-utils.mk
@@ -0,0 +1,34 @@
+################################################################################
+#
+# spdm-utils
+#
+################################################################################
+
+SPDM_UTILS_VERSION = 0.1.1
+SPDM_UTILS_SITE = $(call github,westerndigitalcorporation,spdm-utils,v$(SPDM_UTILS_VERSION))
+SPDM_UTILS_LICENSE = Apache-2.0 or MIT
+SPDM_UTILS_POST_INSTALL_TARGET_HOOKS += SPDM_UTILS_INSTALL_CERTS
+SPDM_UTILS_DEPENDENCIES += pciutils libspdm openssl
+
+# Force PyO3 to configure as a cross-compilation
+export PYO3_CROSS=1
+
+define SPDM_UTILS_INSTALL_CERTS
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs
+ cp -r $(@D)/certs/generate_certs.sh $(TARGET_DIR)/root/certs/
+ cp -r $(@D)/certs/openssl-alias.cnf $(TARGET_DIR)/root/certs/
+ cp -r $(@D)/certs/openssl.cnf $(TARGET_DIR)/root/certs/
+ cp -r $(@D)/certs/setup_certs.sh $(TARGET_DIR)/root/certs/
+
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/immutable.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.cert.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.key $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/param.pem $(TARGET_DIR)/root/certs/slot0
+
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/manifest
+ cp $(@D)/manifest/manifest.out.cbor $(TARGET_DIR)/root/manifest
+endef
+
+$(eval $(cargo-package))
--
2.43.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/spdm-utils: new package
@ 2024-03-14 21:39 Wilfred Mallawa via buildroot
2024-03-25 0:12 ` Wilfred Mallawa via buildroot
2024-03-25 21:09 ` Yann E. MORIN
0 siblings, 2 replies; 5+ messages in thread
From: Wilfred Mallawa via buildroot @ 2024-03-14 21:39 UTC (permalink / raw
To: buildroot; +Cc: Wilfred Mallawa, Alistair Francis
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
---
package/Config.in | 1 +
package/spdm-utils/Config.in | 20 ++++++++++++++
package/spdm-utils/spdm-utils.hash | 2 ++
package/spdm-utils/spdm-utils.mk | 43 ++++++++++++++++++++++++++++++
4 files changed, 66 insertions(+)
create mode 100644 package/spdm-utils/Config.in
create mode 100644 package/spdm-utils/spdm-utils.hash
create mode 100644 package/spdm-utils/spdm-utils.mk
diff --git a/package/Config.in b/package/Config.in
index c677c3ff4a..1a31d40a0c 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2697,6 +2697,7 @@ comment "Utilities"
source "package/screen/Config.in"
source "package/screenfetch/Config.in"
source "package/sexpect/Config.in"
+ source "package/spdm-utils/Config.in"
source "package/sudo/Config.in"
source "package/terminology/Config.in"
source "package/time/Config.in"
diff --git a/package/spdm-utils/Config.in b/package/spdm-utils/Config.in
new file mode 100644
index 0000000000..97dbc51c6d
--- /dev/null
+++ b/package/spdm-utils/Config.in
@@ -0,0 +1,20 @@
+config BR2_PACKAGE_SPDM_UTILS
+ bool "spdm-utils"
+ depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+ depends on BR2_USE_WCHAR # eudev
+ depends on !BR2_STATIC_LIBS
+ depends on BR2_USE_MMU # eudev
+ select BR2_PACKAGE_HOST_RUSTC
+ select BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_PCIUTILS
+ select BR2_PACKAGE_EUDEV
+ select BR2_PACKAGE_PYTHON3
+ select BR2_PACKAGE_LIBSPDM
+ help
+ SPDM-Utils is a Linux application designed to support,
+ test and develop SPDM requesters and responders.
+ SPDM-Utils uses libspdm as the backend to perform SPDM
+ communication. SPDM-Utils currently supports the
+ PCIe Data Object Exchange (DOE) Capability.
+
+ https://github.com/westerndigitalcorporation/spdm-utils
diff --git a/package/spdm-utils/spdm-utils.hash b/package/spdm-utils/spdm-utils.hash
new file mode 100644
index 0000000000..aaa243315e
--- /dev/null
+++ b/package/spdm-utils/spdm-utils.hash
@@ -0,0 +1,2 @@
+# Locally calculated
+sha256 3f06f087220b126262a2becf68c9e06a59d8d613816f82a168c81093de087d1a spdm-utils-0.3.0.tar.gz
diff --git a/package/spdm-utils/spdm-utils.mk b/package/spdm-utils/spdm-utils.mk
new file mode 100644
index 0000000000..5129635b06
--- /dev/null
+++ b/package/spdm-utils/spdm-utils.mk
@@ -0,0 +1,43 @@
+################################################################################
+#
+# spdm-utils
+#
+################################################################################
+
+SPDM_UTILS_VERSION = 0.3.0
+SPDM_UTILS_SITE = $(call github,westerndigitalcorporation,spdm-utils,v$(SPDM_UTILS_VERSION))
+SPDM_UTILS_LICENSE = Apache-2.0 or MIT
+SPDM_UTILS_POST_PATCH_HOOKS += SPDM_UTILS_FETCH_CRATES
+SPDM_UTILS_POST_INSTALL_TARGET_HOOKS += SPDM_UTILS_INSTALL_CERTS
+SPDM_UTILS_DEPENDENCIES += pciutils libspdm openssl
+
+# We want to run the cargo-post-process script which is
+# manually run in dl-wrapper after downloading the tarball.
+# This will re-vendor in the crates, which needs to be done
+# after we patch in our extra dependencies.
+define SPDM_UTILS_FETCH_CRATES
+ cd $(SPDM_UTILS_SRCDIR) && \
+ cargo vendor \
+ --manifest-path Cargo.toml \
+ --locked VENDOR
+endef
+
+define SPDM_UTILS_INSTALL_CERTS
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs
+ cp -r $(@D)/certs/generate_certs.sh $(TARGET_DIR)/root/certs/
+ cp -r $(@D)/certs/openssl.cnf $(TARGET_DIR)/root/certs/
+ cp -r $(@D)/certs/setup_certs.sh $(TARGET_DIR)/root/certs/
+
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/immutable.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.cert.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.der $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/device.key $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/param.pem $(TARGET_DIR)/root/certs/slot0
+ cp $(@D)/certs/slot0/bundle_responder.certchain.der $(TARGET_DIR)/root/certs/slot0
+
+ $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/manifest
+ cp $(@D)/manifest/manifest.out.cbor $(TARGET_DIR)/root/manifest
+endef
+
+$(eval $(cargo-package))
--
2.44.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/spdm-utils: new package
2024-03-14 21:39 [Buildroot] [PATCH 1/1] package/spdm-utils: new package Wilfred Mallawa via buildroot
@ 2024-03-25 0:12 ` Wilfred Mallawa via buildroot
2024-03-25 21:09 ` Yann E. MORIN
1 sibling, 0 replies; 5+ messages in thread
From: Wilfred Mallawa via buildroot @ 2024-03-25 0:12 UTC (permalink / raw
To: buildroot@buildroot.org; +Cc: Alistair Francis
Gentle ping on this! :)
On Fri, 2024-03-15 at 07:39 +1000, Wilfred Mallawa via buildroot wrote:
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> ---
> package/Config.in | 1 +
> package/spdm-utils/Config.in | 20 ++++++++++++++
> package/spdm-utils/spdm-utils.hash | 2 ++
> package/spdm-utils/spdm-utils.mk | 43
> ++++++++++++++++++++++++++++++
> 4 files changed, 66 insertions(+)
> create mode 100644 package/spdm-utils/Config.in
> create mode 100644 package/spdm-utils/spdm-utils.hash
> create mode 100644 package/spdm-utils/spdm-utils.mk
>
> diff --git a/package/Config.in b/package/Config.in
> index c677c3ff4a..1a31d40a0c 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2697,6 +2697,7 @@ comment "Utilities"
> source "package/screen/Config.in"
> source "package/screenfetch/Config.in"
> source "package/sexpect/Config.in"
> + source "package/spdm-utils/Config.in"
> source "package/sudo/Config.in"
> source "package/terminology/Config.in"
> source "package/time/Config.in"
> diff --git a/package/spdm-utils/Config.in b/package/spdm-
> utils/Config.in
> new file mode 100644
> index 0000000000..97dbc51c6d
> --- /dev/null
> +++ b/package/spdm-utils/Config.in
> @@ -0,0 +1,20 @@
> +config BR2_PACKAGE_SPDM_UTILS
> + bool "spdm-utils"
> + depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
> + depends on BR2_USE_WCHAR # eudev
> + depends on !BR2_STATIC_LIBS
> + depends on BR2_USE_MMU # eudev
> + select BR2_PACKAGE_HOST_RUSTC
> + select BR2_PACKAGE_OPENSSL
> + select BR2_PACKAGE_PCIUTILS
> + select BR2_PACKAGE_EUDEV
> + select BR2_PACKAGE_PYTHON3
> + select BR2_PACKAGE_LIBSPDM
> + help
> + SPDM-Utils is a Linux application designed to support,
> + test and develop SPDM requesters and responders.
> + SPDM-Utils uses libspdm as the backend to perform SPDM
> + communication. SPDM-Utils currently supports the
> + PCIe Data Object Exchange (DOE) Capability.
> +
> + https://github.com/westerndigitalcorporation/spdm-utils
> diff --git a/package/spdm-utils/spdm-utils.hash b/package/spdm-
> utils/spdm-utils.hash
> new file mode 100644
> index 0000000000..aaa243315e
> --- /dev/null
> +++ b/package/spdm-utils/spdm-utils.hash
> @@ -0,0 +1,2 @@
> +# Locally calculated
> +sha256
> 3f06f087220b126262a2becf68c9e06a59d8d613816f82a168c81093de087d1a
> spdm-utils-0.3.0.tar.gz
> diff --git a/package/spdm-utils/spdm-utils.mk b/package/spdm-
> utils/spdm-utils.mk
> new file mode 100644
> index 0000000000..5129635b06
> --- /dev/null
> +++ b/package/spdm-utils/spdm-utils.mk
> @@ -0,0 +1,43 @@
> +####################################################################
> ############
> +#
> +# spdm-utils
> +#
> +####################################################################
> ############
> +
> +SPDM_UTILS_VERSION = 0.3.0
> +SPDM_UTILS_SITE = $(call github,westerndigitalcorporation,spdm-
> utils,v$(SPDM_UTILS_VERSION))
> +SPDM_UTILS_LICENSE = Apache-2.0 or MIT
> +SPDM_UTILS_POST_PATCH_HOOKS += SPDM_UTILS_FETCH_CRATES
> +SPDM_UTILS_POST_INSTALL_TARGET_HOOKS += SPDM_UTILS_INSTALL_CERTS
> +SPDM_UTILS_DEPENDENCIES += pciutils libspdm openssl
> +
> +# We want to run the cargo-post-process script which is
> +# manually run in dl-wrapper after downloading the tarball.
> +# This will re-vendor in the crates, which needs to be done
> +# after we patch in our extra dependencies.
> +define SPDM_UTILS_FETCH_CRATES
> + cd $(SPDM_UTILS_SRCDIR) && \
> + cargo vendor \
> + --manifest-path Cargo.toml \
> + --locked VENDOR
> +endef
> +
> +define SPDM_UTILS_INSTALL_CERTS
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs
> + cp -r $(@D)/certs/generate_certs.sh
> $(TARGET_DIR)/root/certs/
> + cp -r $(@D)/certs/openssl.cnf $(TARGET_DIR)/root/certs/
> + cp -r $(@D)/certs/setup_certs.sh $(TARGET_DIR)/root/certs/
> +
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/immutable.der
> $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.cert.der
> $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.der
> $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.key
> $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/param.pem
> $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/bundle_responder.certchain.der
> $(TARGET_DIR)/root/certs/slot0
> +
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/manifest
> + cp $(@D)/manifest/manifest.out.cbor
> $(TARGET_DIR)/root/manifest
> +endef
> +
> +$(eval $(cargo-package))
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/spdm-utils: new package
2024-03-14 21:39 [Buildroot] [PATCH 1/1] package/spdm-utils: new package Wilfred Mallawa via buildroot
2024-03-25 0:12 ` Wilfred Mallawa via buildroot
@ 2024-03-25 21:09 ` Yann E. MORIN
2024-03-28 4:53 ` Wilfred Mallawa via buildroot
1 sibling, 1 reply; 5+ messages in thread
From: Yann E. MORIN @ 2024-03-25 21:09 UTC (permalink / raw
To: Wilfred Mallawa; +Cc: Alistair Francis, buildroot
Wilfred, Alistair, All,
On 2024-03-15 07:39 +1000, Wilfred Mallawa via buildroot spake thusly:
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> ---
[--SNIP--]
> diff --git a/package/spdm-utils/Config.in b/package/spdm-utils/Config.in
> new file mode 100644
> index 0000000000..97dbc51c6d
> --- /dev/null
> +++ b/package/spdm-utils/Config.in
> @@ -0,0 +1,20 @@
> +config BR2_PACKAGE_SPDM_UTILS
> + bool "spdm-utils"
> + depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
> + depends on BR2_USE_WCHAR # eudev
> + depends on !BR2_STATIC_LIBS
> + depends on BR2_USE_MMU # eudev
MMU and !static-libs are also needed for python3, so it should
identified as well:
depends on !BR2_STATIC_LIBS # python3
depends on BR2_USE_MMU # eudev, python3
(but see below for eudev).
> + select BR2_PACKAGE_HOST_RUSTC
> + select BR2_PACKAGE_OPENSSL
> + select BR2_PACKAGE_PCIUTILS
> + select BR2_PACKAGE_EUDEV
eudev is the provider of a virtual package, so you can't select it.
Instead, you have two cases:
- the package needs a udev daemon (or library), in which case it
should "depends on BR2_PACKAGE_HAS_UDEV" (and on 'udev' in the .mk),
- or the package really needs eudev, in which case it can only depend
on it.
> + select BR2_PACKAGE_PYTHON3
python3 needs threads, so it must be propagated as well.
> + select BR2_PACKAGE_LIBSPDM
libspdm has architecture dependencies, so it should be propagated.
[--SNIP--]
> diff --git a/package/spdm-utils/spdm-utils.mk b/package/spdm-utils/spdm-utils.mk
> new file mode 100644
> index 0000000000..5129635b06
> --- /dev/null
> +++ b/package/spdm-utils/spdm-utils.mk
> @@ -0,0 +1,43 @@
> +################################################################################
> +#
> +# spdm-utils
> +#
> +################################################################################
> +
> +SPDM_UTILS_VERSION = 0.3.0
> +SPDM_UTILS_SITE = $(call github,westerndigitalcorporation,spdm-utils,v$(SPDM_UTILS_VERSION))
> +SPDM_UTILS_LICENSE = Apache-2.0 or MIT
> +SPDM_UTILS_POST_PATCH_HOOKS += SPDM_UTILS_FETCH_CRATES
> +SPDM_UTILS_POST_INSTALL_TARGET_HOOKS += SPDM_UTILS_INSTALL_CERTS
Keep the _HOOKS assignments close to where the hooks are actually
defined.
Also, it looks more sensible (and usual) that the variables are ordered
in a logical(ish) way:
- metadata: VERSION and SITE, LICENSE and LICENSE_FILES, CPE ID (if
any)...
- then the build info: DEPNDENCIES, CMDS and related HOOKS
> +SPDM_UTILS_DEPENDENCIES += pciutils libspdm openssl
> +
> +# We want to run the cargo-post-process script which is
> +# manually run in dl-wrapper after downloading the tarball.
> +# This will re-vendor in the crates, which needs to be done
> +# after we patch in our extra dependencies.
Why do we need to patch the depenencies? This should be explained in the
commit log.
Also, this means that it is no longer possible to do off-line builds,
which is something we try to avoid.
But in fact, this change adds no patch to the package at all, so we are
not modifying the dependencies, so we should not have to re-run the
vendoring...
Can you clarify that point?
> +define SPDM_UTILS_FETCH_CRATES
> + cd $(SPDM_UTILS_SRCDIR) && \
> + cargo vendor \
> + --manifest-path Cargo.toml \
> + --locked VENDOR
> +endef
Note that, if you really, really need to re-vendor the package, you'd
need more than just calling cargo.
First, cargo may not be installed system-wide, so you'd have to be using
the one built by Buildroot, which means passing PATH=${BR_PATH), and to
be sure that it looks for crates in the proper location, i.e. passing
CARGO_HOME=$(BR_CARGO_HOME)
But again, it looks like this really is not necessary, since the package
is not patched.
> +define SPDM_UTILS_INSTALL_CERTS
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs
> + cp -r $(@D)/certs/generate_certs.sh $(TARGET_DIR)/root/certs/
> + cp -r $(@D)/certs/openssl.cnf $(TARGET_DIR)/root/certs/
> + cp -r $(@D)/certs/setup_certs.sh $(TARGET_DIR)/root/certs/
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/immutable.der $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.cert.der $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.der $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/device.key $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/param.pem $(TARGET_DIR)/root/certs/slot0
> + cp $(@D)/certs/slot0/bundle_responder.certchain.der $(TARGET_DIR)/root/certs/slot0
> + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/manifest
> + cp $(@D)/manifest/manifest.out.cbor $(TARGET_DIR)/root/manifest
Why are those installed in the home for the root user, rather than
installed system-wide?
Also, why would we need the generate_certs.sh and setup_certs.sh
scripts, if certificates are installed at build time?
Regards,
Yann E. MORIN.
> +endef
> +
> +$(eval $(cargo-package))
> --
> 2.44.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/spdm-utils: new package
2024-03-25 21:09 ` Yann E. MORIN
@ 2024-03-28 4:53 ` Wilfred Mallawa via buildroot
0 siblings, 0 replies; 5+ messages in thread
From: Wilfred Mallawa via buildroot @ 2024-03-28 4:53 UTC (permalink / raw
To: yann.morin.1998@free.fr; +Cc: Alistair Francis, buildroot@buildroot.org
Hey Yann,
Thanks for all the feedback! I have left some comments inline as I'm
working to create a V2 for this.
On Mon, 2024-03-25 at 22:09 +0100, Yann E. MORIN wrote:
> Wilfred, Alistair, All,
>
> On 2024-03-15 07:39 +1000, Wilfred Mallawa via buildroot spake
> thusly:
> > Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> > ---
> [--SNIP--]
> > diff --git a/package/spdm-utils/Config.in b/package/spdm-
> > utils/Config.in
> > new file mode 100644
> > index 0000000000..97dbc51c6d
> > --- /dev/null
> > +++ b/package/spdm-utils/Config.in
> > @@ -0,0 +1,20 @@
> > +config BR2_PACKAGE_SPDM_UTILS
> > + bool "spdm-utils"
> > + depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
> > + depends on BR2_USE_WCHAR # eudev
> > + depends on !BR2_STATIC_LIBS
> > + depends on BR2_USE_MMU # eudev
>
> MMU and !static-libs are also needed for python3, so it should
> identified as well:
>
> depends on !BR2_STATIC_LIBS # python3
> depends on BR2_USE_MMU # eudev, python3
>
> (but see below for eudev).
>
> > + select BR2_PACKAGE_HOST_RUSTC
> > + select BR2_PACKAGE_OPENSSL
> > + select BR2_PACKAGE_PCIUTILS
> > + select BR2_PACKAGE_EUDEV
>
> eudev is the provider of a virtual package, so you can't select it.
>
> Instead, you have two cases:
>
> - the package needs a udev daemon (or library), in which case it
> should "depends on BR2_PACKAGE_HAS_UDEV" (and on 'udev' in the
> .mk),
>
> - or the package really needs eudev, in which case it can only
> depend
> on it.
>
> > + select BR2_PACKAGE_PYTHON3
>
> python3 needs threads, so it must be propagated as well.
>
> > + select BR2_PACKAGE_LIBSPDM
>
> libspdm has architecture dependencies, so it should be propagated.
>
> [--SNIP--]
> > diff --git a/package/spdm-utils/spdm-utils.mk b/package/spdm-
> > utils/spdm-utils.mk
> > new file mode 100644
> > index 0000000000..5129635b06
> > --- /dev/null
> > +++ b/package/spdm-utils/spdm-utils.mk
> > @@ -0,0 +1,43 @@
> > +##################################################################
> > ##############
> > +#
> > +# spdm-utils
> > +#
> > +##################################################################
> > ##############
> > +
> > +SPDM_UTILS_VERSION = 0.3.0
> > +SPDM_UTILS_SITE = $(call github,westerndigitalcorporation,spdm-
> > utils,v$(SPDM_UTILS_VERSION))
> > +SPDM_UTILS_LICENSE = Apache-2.0 or MIT
> > +SPDM_UTILS_POST_PATCH_HOOKS += SPDM_UTILS_FETCH_CRATES
> > +SPDM_UTILS_POST_INSTALL_TARGET_HOOKS += SPDM_UTILS_INSTALL_CERTS
>
> Keep the _HOOKS assignments close to where the hooks are actually
> defined.
>
> Also, it looks more sensible (and usual) that the variables are
> ordered
> in a logical(ish) way:
>
> - metadata: VERSION and SITE, LICENSE and LICENSE_FILES, CPE ID (if
> any)...
>
> - then the build info: DEPNDENCIES, CMDS and related HOOKS
>
> > +SPDM_UTILS_DEPENDENCIES += pciutils libspdm openssl
> > +
> > +# We want to run the cargo-post-process script which is
> > +# manually run in dl-wrapper after downloading the tarball.
> > +# This will re-vendor in the crates, which needs to be done
> > +# after we patch in our extra dependencies.
>
> Why do we need to patch the depenencies? This should be explained in
> the
> commit log.
>
> Also, this means that it is no longer possible to do off-line builds,
> which is something we try to avoid.
>
> But in fact, this change adds no patch to the package at all, so we
> are
> not modifying the dependencies, so we should not have to re-run the
> vendoring...
>
> Can you clarify that point?
>
We found that if a patch is applied that contains additional crates,
these are not vendored, leading to build errors. This is not an issue
for this case, because as you mentioned, there are no patches.
I think it makes the most sense to omit it, since it serves no purpose
(at-least for now).
> > +define SPDM_UTILS_FETCH_CRATES
> > + cd $(SPDM_UTILS_SRCDIR) && \
> > + cargo vendor \
> > + --manifest-path Cargo.toml \
> > + --locked VENDOR
> > +endef
>
> Note that, if you really, really need to re-vendor the package, you'd
> need more than just calling cargo.
>
> First, cargo may not be installed system-wide, so you'd have to be
> using
> the one built by Buildroot, which means passing PATH=${BR_PATH), and
> to
> be sure that it looks for crates in the proper location, i.e. passing
> CARGO_HOME=$(BR_CARGO_HOME)
>
> But again, it looks like this really is not necessary, since the
> package
> is not patched.
>
> > +define SPDM_UTILS_INSTALL_CERTS
> > + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs
> > + cp -r $(@D)/certs/generate_certs.sh
> > $(TARGET_DIR)/root/certs/
> > + cp -r $(@D)/certs/openssl.cnf $(TARGET_DIR)/root/certs/
> > + cp -r $(@D)/certs/setup_certs.sh $(TARGET_DIR)/root/certs/
> > + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/immutable.der
> > $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/device.cert.der
> > $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/device.der
> > $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/device.key
> > $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/param.pem
> > $(TARGET_DIR)/root/certs/slot0
> > + cp $(@D)/certs/slot0/bundle_responder.certchain.der
> > $(TARGET_DIR)/root/certs/slot0
> > + $(INSTALL) -d -m 0755 $(TARGET_DIR)/root/manifest
> > + cp $(@D)/manifest/manifest.out.cbor
> > $(TARGET_DIR)/root/manifest
>
> Why are those installed in the home for the root user, rather than
> installed system-wide?
>
Good point, we can change the certificate install directory something
like `usr/local`?
> Also, why would we need the generate_certs.sh and setup_certs.sh
> scripts, if certificates are installed at build time?
>
An SPDM Responder (depending on certificate model) may need to be able
to regenerate it's mutable certificate chain, on boot or if new
certificates are set etc... `setup_certs.sh` shall be used for this.
`generate_certs.sh` can also be useful to generate new certs, which
maybe useful when testing/development.
Regards,
Wilfred
> Regards,
> Yann E. MORIN.
>
> > +endef
> > +
> > +$(eval $(cargo-package))
> > --
> > 2.44.0
> >
> > _______________________________________________
> > buildroot mailing list
> > buildroot@buildroot.org
> > https://lists.buildroot.org/mailman/listinfo/buildroot
>
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-03-28 4:53 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-14 21:39 [Buildroot] [PATCH 1/1] package/spdm-utils: new package Wilfred Mallawa via buildroot
2024-03-25 0:12 ` Wilfred Mallawa via buildroot
2024-03-25 21:09 ` Yann E. MORIN
2024-03-28 4:53 ` Wilfred Mallawa via buildroot
-- strict thread matches above, loose matches on Subject: below --
2024-02-24 0:28 Wilfred Mallawa via buildroot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.