The optee-client package provides a PKCS#11 interface that may be used by Parsec with the below configuration. For this to work, the parsec user needs to be a member of the teeclnt group. Therefore, add it when 'optee' is present in MACHINE_FEATURES.
# Provider configuration in /etc/parsec/config.toml [[provider]] name = "pkcs11-optee" provider_type = "Pkcs11" key_info_manager = "sqlite-manager" library_path = "/usr/lib/libckteec.so.0" Signed-off-by: Jerome Forissier <[email protected]> --- .../recipes-parsec/parsec-service/parsec-service_1.0.0.bb | 1 + 1 file changed, 1 insertion(+) This is a resend because a few hours after my initial post I still can't find it at https://lists.yoctoproject.org/g/yocto/messages. I am now subscribed to the list so hopefully it will help (although https://git.yoctoproject.org/meta-security/tree/README doesn't mention subscription). diff --git a/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb b/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb index ad7e560..ea2b0c9 100644 --- a/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb +++ b/meta-parsec/recipes-parsec/parsec-service/parsec-service_1.0.0.bb @@ -68,6 +68,7 @@ USERADD_PACKAGES = "${PN}" USERADD_PARAM:${PN} = "-r -g parsec -s /bin/false -d ${localstatedir}/lib/parsec parsec" GROUPADD_PARAM:${PN} = "-r parsec" GROUPMEMS_PARAM:${PN} = "${@bb.utils.contains('PACKAGECONFIG_CONFARGS', 'tpm-provider', '-a parsec -g tss', '', d)}" +GROUPMEMS_PARAM:${PN} = "${@bb.utils.contains('MACHINE_FEATURES', 'optee', '-a parsec -g teeclnt', '', d)}" FILES:${PN} += " \ ${sysconfdir}/parsec/config.toml \ -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#57934): https://lists.yoctoproject.org/g/yocto/message/57934 Mute This Topic: https://lists.yoctoproject.org/mt/93326818/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
