Re: [yocto] [meta-security][PATCH v2] fscryptctl: add v0.1.0

2017-10-24 Thread akuster 


On 10/23/2017 08:51 AM, André Draszik wrote:
> From: André Draszik 
>
> fscryptctl is a low-level tool written in C that handles
> raw keys and manages policies for Linux filesystem
> encryption [1].
>
> For a tool that presents a higher level interface and
> manages metadata, key generation, key wrapping, PAM
> integration, and passphrase hashing, see fscrypt [2].
>
> [1] https://lwn.net/Articles/639427
> [2] https://github.com/google/fscrypt
>
> Signed-off-by: André Draszik 
Merged,

Thanks,
Armin
>
> ---
> v2: add RRECOMMENDS on keyutils, as that might be useful when
> dealing with kernel keys.
> ---
>  recipes-security/fscryptctl/fscryptctl_0.1.0.bb | 27 
> +
>  1 file changed, 27 insertions(+)
>  create mode 100644 recipes-security/fscryptctl/fscryptctl_0.1.0.bb
>
> diff --git a/recipes-security/fscryptctl/fscryptctl_0.1.0.bb 
> b/recipes-security/fscryptctl/fscryptctl_0.1.0.bb
> new file mode 100644
> index 000..4f0b12c
> --- /dev/null
> +++ b/recipes-security/fscryptctl/fscryptctl_0.1.0.bb
> @@ -0,0 +1,27 @@
> +SUMMARY = "low-level tool handling Linux filesystem encryption"
> +DESCIPTION = "fscryptctl is a low-level tool written in C that handles raw 
> keys and manages \
> +policies for Linux filesystem encryption (https://lwn.net/Articles/639427). \
> +For a tool that presents a higher level interface and manages metadata, key \
> +generation, key wrapping, PAM integration, and passphrase hashing, see \
> +fscrypt (https://github.com/google/fscrypt)."
> +HOMEPAGE = "https://github.com/google/fscryptctl;
> +SECTION = "base"
> +LICENSE = "Apache-2.0"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
> +
> +SRCREV = "e4c4d0984dee2531897e13c32a18d5e54a2a4aa6"
> +SRC_URI = "git://github.com/google/fscryptctl.git"
> +
> +S = "${WORKDIR}/git"
> +
> +do_install() {
> +oe_runmake DESTDIR=${D}${bindir} install
> +}
> +
> +RRECOMMENDS_${PN} += "\
> +keyutils \
> +kernel-module-cbc \
> +kernel-module-cts \
> +kernel-module-ecb \
> +kernel-module-xts \
> +"

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] [meta-security][PATCH v2] fscryptctl: add v0.1.0

2017-10-23 Thread André Draszik 
From: André Draszik 

fscryptctl is a low-level tool written in C that handles
raw keys and manages policies for Linux filesystem
encryption [1].

For a tool that presents a higher level interface and
manages metadata, key generation, key wrapping, PAM
integration, and passphrase hashing, see fscrypt [2].

[1] https://lwn.net/Articles/639427
[2] https://github.com/google/fscrypt

Signed-off-by: André Draszik 

---
v2: add RRECOMMENDS on keyutils, as that might be useful when
dealing with kernel keys.
---
 recipes-security/fscryptctl/fscryptctl_0.1.0.bb | 27 +
 1 file changed, 27 insertions(+)
 create mode 100644 recipes-security/fscryptctl/fscryptctl_0.1.0.bb

diff --git a/recipes-security/fscryptctl/fscryptctl_0.1.0.bb 
b/recipes-security/fscryptctl/fscryptctl_0.1.0.bb
new file mode 100644
index 000..4f0b12c
--- /dev/null
+++ b/recipes-security/fscryptctl/fscryptctl_0.1.0.bb
@@ -0,0 +1,27 @@
+SUMMARY = "low-level tool handling Linux filesystem encryption"
+DESCIPTION = "fscryptctl is a low-level tool written in C that handles raw 
keys and manages \
+policies for Linux filesystem encryption (https://lwn.net/Articles/639427). \
+For a tool that presents a higher level interface and manages metadata, key \
+generation, key wrapping, PAM integration, and passphrase hashing, see \
+fscrypt (https://github.com/google/fscrypt)."
+HOMEPAGE = "https://github.com/google/fscryptctl;
+SECTION = "base"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+SRCREV = "e4c4d0984dee2531897e13c32a18d5e54a2a4aa6"
+SRC_URI = "git://github.com/google/fscryptctl.git"
+
+S = "${WORKDIR}/git"
+
+do_install() {
+oe_runmake DESTDIR=${D}${bindir} install
+}
+
+RRECOMMENDS_${PN} += "\
+keyutils \
+kernel-module-cbc \
+kernel-module-cts \
+kernel-module-ecb \
+kernel-module-xts \
+"
-- 
2.15.0.rc1

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto