From beca9ece1b3a9f47d81b98f06fc4b0180704cabe Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 22 Jun 2016 15:34:57 -0400 Subject: First cut at release engineering for software that goes with the Alpha board. This may well end up merging with the firmware super-repository, but, having started down the road of making them separate, let's keep it that way while we get the initial stuff out of the way, then merge them if it still seems like a good idea when the basics are working. --- .gitmodules | 12 +++++++++ Makefile | 65 +++++++++++++++++++++++++++++++++++++++++++++ README.md | 31 +++++++++++++++++++++ reprepro-conf/distributions | 7 +++++ reprepro-conf/options | 4 +++ sw/Makefile | 17 ++++++++++++ sw/debian/compat | 1 + sw/debian/control | 14 ++++++++++ sw/debian/copyright | 27 +++++++++++++++++++ sw/debian/rules | 4 +++ sw/debian/source/format | 1 + sw/libhal | 1 + sw/pkcs11 | 1 + sw/thirdparty/libtfm | 1 + sw/thirdparty/sqlite3 | 1 + 15 files changed, 187 insertions(+) create mode 100644 .gitmodules create mode 100644 Makefile create mode 100644 README.md create mode 100644 reprepro-conf/distributions create mode 100644 reprepro-conf/options create mode 100644 sw/Makefile create mode 100644 sw/debian/compat create mode 100644 sw/debian/control create mode 100644 sw/debian/copyright create mode 100755 sw/debian/rules create mode 100644 sw/debian/source/format create mode 160000 sw/libhal create mode 160000 sw/pkcs11 create mode 160000 sw/thirdparty/libtfm create mode 160000 sw/thirdparty/sqlite3 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..cb4501d --- /dev/null +++ b/.gitmodules @@ -0,0 +1,12 @@ +[submodule "sw/libhal"] + path = sw/libhal + url = https://git.cryptech.is/sw/libhal.git +[submodule "sw/pkcs11"] + path = sw/pkcs11 + url = https://git.cryptech.is/sw/pkcs11.git +[submodule "sw/thirdparty/libtfm"] + path = sw/thirdparty/libtfm + url = https://git.cryptech.is/sw/thirdparty/libtfm.git +[submodule "sw/thirdparty/sqlite3"] + path = sw/thirdparty/sqlite3 + url = https://git.cryptech.is/sw/thirdparty/sqlite3.git diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..8135639 --- /dev/null +++ b/Makefile @@ -0,0 +1,65 @@ +# Top-level build of software packages to work with Cryptech Alpha board. + +export CRYPTECH_VERSION := 2.0 + +HEAD_TIME := $(shell git show -s --format=%ct HEAD) +HEAD_HASH := $(shell git rev-parse HEAD) + +CRYPTECH_PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH} + +# Command to generate a new changelog containing one entry. +# Does nothing if the changelog already exists. + +DCH = test -f debian/changelog || \ + EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot ' \ + dch --create --package cryptech-alpha --newversion '${CRYPTECH_PACKAGE_VERSION}' \ + '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)' + +REPOSITORY := /home/aptbot/alpha +GNUPGHOME := /home/aptbot/gnupg +CODENAME := wheezy +REPO_UMASK := 002 +UPLOAD_USER := aptbot +UPLOAD_URI := rsync://apt.cryptech.is/alpha/ + +export GNUPGHOME + + +all: init source pbuilder homebrew + +enchilada: all reprepro upload + +init: + git submodule update --init --recursive + +clean: + git clean -dfx + git submodule foreach --recursive git clean -dfx + +sandblast: clean + git submodule deinit -f . + +source: + cd sw; ${DCH} + cd sw; debuild -S -uc -us + +# Maybe use pdebuild here? Have full-blown multi-arch multi-dist +# pbuilder example for another project, but something simpler would be +# nice.... + +pbuilder: + cd sw; debuild -b -uc -us + +reprepro: ${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options + umask ${REPO_UMASK}; for f in *.changes; do reprepro -b ${REPOSITORY} include ${CODENAME} $$f; done + +${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options: + install -D reprepro-conf/$(notdir $@) ${REPOSITORY}/conf/$(notdir $@) + +RSYNC := rsync --rsh 'ssh -l ${UPLOAD_USER}' --archive --itemize-changes + +upload: + ${RSYNC} --ignore-existing ${REPOSITORY}/ ${UPLOAD_URI} + ${RSYNC} --delete --delete-delay ${REPOSITORY}/ ${UPLOAD_URI} + +.PHONY: all init clean source pbuilder homebrew reprepro upload enchilada sandblast diff --git a/README.md b/README.md new file mode 100644 index 0000000..15c1006 --- /dev/null +++ b/README.md @@ -0,0 +1,31 @@ +Preliminary release engineering super-repository for building software +to work with the Cryptech "Alpha" board. + +Primary task here is to build the PKCS #11 library and any needed +support tools for whichever platforms we support. This will involve +some packaging voodoo. + +Our first targets for this are Debian and Ubuntu, probably the Jessie +and Xenial releases, respectively. If we really need to support +multiple releases for each of these platforms, the packaging mechanics +become more complicated, so we may just stop here for these platforms +and assume we can fill any odd corners using the associated source +package. + +Our next target for this is likely to be Mac OS X. This should be +relatively straightforward so long as we only have to support Homebrew +and we don't have to produce Homebrew "bottles" (binary packages). If +we do need to bottle, we either need one or more Mac build machines or +we need some kind of cross-compilation scheme (eg, +https://github.com/tpoechtrager/osxcross). + +Supporting Homebrew at all requires a bit of extra voodoo on top of +supporting Debian packaging, but none of it looks particularly +difficult, and the Debian packaging will produce the source tarball we +need for the Homebrew formula, so integrating production of these two +kinds of packaging makes some sense. + +Windoze is not currently on the radar. In theory, MinGW would suffice +as a cross compiler if and when we have to do something about it. + +This README is probably obsolete by the time you're reading it. diff --git a/reprepro-conf/distributions b/reprepro-conf/distributions new file mode 100644 index 0000000..57c1afc --- /dev/null +++ b/reprepro-conf/distributions @@ -0,0 +1,7 @@ +Origin: cryptech.is +Label: cryptech.is APT repository +Codename: jessie +Architectures: i386 amd64 source +Components: main +Description: cryptech.is APT Repository +SignWith: yes diff --git a/reprepro-conf/options b/reprepro-conf/options new file mode 100644 index 0000000..f5ad660 --- /dev/null +++ b/reprepro-conf/options @@ -0,0 +1,4 @@ +verbose +ask-passphrase +basedir . +ignore wrongdistribution diff --git a/sw/Makefile b/sw/Makefile new file mode 100644 index 0000000..4b494a6 --- /dev/null +++ b/sw/Makefile @@ -0,0 +1,17 @@ +# Makefile to build Debian package for Cryptech Alpha board software + +all: + cd thirdparty/sqlite3; ${MAKE} + cd thirdparty/libtfm; ${MAKE} + cd libhal; ${MAKE} daemon + cd pkcs11; ${MAKE} + +clean distclean: + for d in thirdparty/libtfm libhal thirdparty/sqlite3 pkcs11; do (cd $$d && ${MAKE} $@); done + +install: all + install -m 644 -D pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so + install -D pkcs11/p11util ${DESTDIR}/usr/sbin/p11util + install -D libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd + +# Might also want to install the firmware tarball, scripts to use it, .... diff --git a/sw/debian/compat b/sw/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/sw/debian/compat @@ -0,0 +1 @@ +9 diff --git a/sw/debian/control b/sw/debian/control new file mode 100644 index 0000000..d7440f8 --- /dev/null +++ b/sw/debian/control @@ -0,0 +1,14 @@ +Source: cryptech-alpha +Maintainer: APT Builder Robot +Section: misc +Priority: optional +Standards-Version: 3.9.6 +Build-Depends: debhelper (>= 9) +Homepage: http://trac.cryptech.is/wiki + +Package: cryptech-alpha +Architecture: any +Depends: libc6 (>= 2.13), ${misc:Depends} +Description: Cryptech open-source crypto software + "cryptech-alpha" contains software for use with the Cryptech Project + "Alpha" development board. diff --git a/sw/debian/copyright b/sw/debian/copyright new file mode 100644 index 0000000..ec25460 --- /dev/null +++ b/sw/debian/copyright @@ -0,0 +1,27 @@ +Copyright (c) 2015-2016, NORDUnet A/S All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: +- Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +- Neither the name of the NORDUnet nor the names of its contributors may + be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/sw/debian/rules b/sw/debian/rules new file mode 100755 index 0000000..2d33f6a --- /dev/null +++ b/sw/debian/rules @@ -0,0 +1,4 @@ +#!/usr/bin/make -f + +%: + dh $@ diff --git a/sw/debian/source/format b/sw/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/sw/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/sw/libhal b/sw/libhal new file mode 160000 index 0000000..52f1eb5 --- /dev/null +++ b/sw/libhal @@ -0,0 +1 @@ +Subproject commit 52f1eb5c3dccd47d2434e0c7a302c23363790e1d diff --git a/sw/pkcs11 b/sw/pkcs11 new file mode 160000 index 0000000..6e7aabc --- /dev/null +++ b/sw/pkcs11 @@ -0,0 +1 @@ +Subproject commit 6e7aabc780ff9f70bf05d41b97cc973451e0b2ee diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm new file mode 160000 index 0000000..357ca59 --- /dev/null +++ b/sw/thirdparty/libtfm @@ -0,0 +1 @@ +Subproject commit 357ca59060848fb72367b67ccae137d66de6fe34 diff --git a/sw/thirdparty/sqlite3 b/sw/thirdparty/sqlite3 new file mode 160000 index 0000000..be705c3 --- /dev/null +++ b/sw/thirdparty/sqlite3 @@ -0,0 +1 @@ +Subproject commit be705c3aecaf201b7f9c649cfed01e38e73c8f68 -- cgit v1.2.3 From 31ef2cff92b2dc6781e6549e07ab99a2b99a9fdb Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 13:42:05 -0400 Subject: Whack with club until builds under pbuilder for Debian Jessie and Ubuntu Xenial. Drop use of private sqlite3 library, probably not needed anywhere, certainly not on Debian or Ubuntu. Handling of version number of shared library (libpkcs11.so.N) is wrong, right now we just use .0, need to sort out where that version number comes from in this wonderful multi-repository universe. --- .gitmodules | 3 --- Makefile | 44 +++++++++++++++++++++----------------------- sw/Makefile | 4 ++-- sw/debian/control | 4 ++-- sw/libhal | 2 +- sw/pkcs11 | 2 +- sw/thirdparty/libtfm | 2 +- sw/thirdparty/sqlite3 | 1 - 8 files changed, 28 insertions(+), 34 deletions(-) delete mode 160000 sw/thirdparty/sqlite3 diff --git a/.gitmodules b/.gitmodules index cb4501d..f24e2a2 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,6 +7,3 @@ [submodule "sw/thirdparty/libtfm"] path = sw/thirdparty/libtfm url = https://git.cryptech.is/sw/thirdparty/libtfm.git -[submodule "sw/thirdparty/sqlite3"] - path = sw/thirdparty/sqlite3 - url = https://git.cryptech.is/sw/thirdparty/sqlite3.git diff --git a/Makefile b/Makefile index 8135639..b4f03d2 100644 --- a/Makefile +++ b/Makefile @@ -15,19 +15,20 @@ DCH = test -f debian/changelog || \ dch --create --package cryptech-alpha --newversion '${CRYPTECH_PACKAGE_VERSION}' \ '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)' -REPOSITORY := /home/aptbot/alpha -GNUPGHOME := /home/aptbot/gnupg -CODENAME := wheezy -REPO_UMASK := 002 -UPLOAD_USER := aptbot -UPLOAD_URI := rsync://apt.cryptech.is/alpha/ +export GNUPGHOME := /home/aptbot/gnupg -export GNUPGHOME +REPO_BASE := /home/aptbot/alpha +REPO_UMASK := 002 +PBUILDER_BASE := ${HOME}/pbuilder +PBUILDER_TARGETS := debian/jessie/i386 debian/jessie/amd64 ubuntu/xenial/i386 ubuntu/xenial/amd64 + +REPO_UPLOAD_USER := aptbot +REPO_UPLOAD_URI := rsync://apt.cryptech.is/alpha/ all: init source pbuilder homebrew -enchilada: all reprepro upload +enchilada: all upload init: git submodule update --init --recursive @@ -43,23 +44,20 @@ source: cd sw; ${DCH} cd sw; debuild -S -uc -us -# Maybe use pdebuild here? Have full-blown multi-arch multi-dist -# pbuilder example for another project, but something simpler would be -# nice.... - pbuilder: - cd sw; debuild -b -uc -us - -reprepro: ${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options - umask ${REPO_UMASK}; for f in *.changes; do reprepro -b ${REPOSITORY} include ${CODENAME} $$f; done - -${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options: - install -D reprepro-conf/$(notdir $@) ${REPOSITORY}/conf/$(notdir $@) + rm -f ${PBUILDER_BASE}/*result/* + umask ${REPO_UMASK}; \ + for target in ${PBUILDER_TARGETS}; do echo $$target | tr '/' ' '; done | \ + while read dist code arch; do \ + reprepro -b ${REPO_BASE}/$$dist -A $$arch list $$code cryptech-alpha | awk '{v = $$3} END {exit v != ${CRYPTECH_PACKAGE_VERSION}}' && continue; \ + pbuilder-dist $$code $$arch build cryptech-alpha_${CRYPTECH_PACKAGE_VERSION}.dsc; \ + reprepro -b ${REPO_BASE}/$$dist include $$code ${PBUILDER_BASE}/$${code}-$${arch}_result/cryptech-alpha_${CRYPTECH_PACKAGE_VERSION}_$${arch}.changes; \ + done -RSYNC := rsync --rsh 'ssh -l ${UPLOAD_USER}' --archive --itemize-changes +RSYNC := rsync --rsh 'ssh -l ${REPO_UPLOAD_USER}' --archive --itemize-changes upload: - ${RSYNC} --ignore-existing ${REPOSITORY}/ ${UPLOAD_URI} - ${RSYNC} --delete --delete-delay ${REPOSITORY}/ ${UPLOAD_URI} + ${RSYNC} --ignore-existing ${REPO_BASE}/ ${REPO_UPLOAD_URI} + ${RSYNC} --delete --delete-delay ${REPO_BASE}/ ${REPO_UPLOAD_URI} -.PHONY: all init clean source pbuilder homebrew reprepro upload enchilada sandblast +.PHONY: all init clean source pbuilder homebrew upload enchilada sandblast diff --git a/sw/Makefile b/sw/Makefile index 4b494a6..9fd3c72 100644 --- a/sw/Makefile +++ b/sw/Makefile @@ -1,17 +1,17 @@ # Makefile to build Debian package for Cryptech Alpha board software all: - cd thirdparty/sqlite3; ${MAKE} cd thirdparty/libtfm; ${MAKE} cd libhal; ${MAKE} daemon cd pkcs11; ${MAKE} clean distclean: - for d in thirdparty/libtfm libhal thirdparty/sqlite3 pkcs11; do (cd $$d && ${MAKE} $@); done + for d in thirdparty/libtfm libhal pkcs11; do (cd $$d && ${MAKE} $@); done install: all install -m 644 -D pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so install -D pkcs11/p11util ${DESTDIR}/usr/sbin/p11util install -D libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd + ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0 # Might also want to install the firmware tarball, scripts to use it, .... diff --git a/sw/debian/control b/sw/debian/control index d7440f8..8ae25b9 100644 --- a/sw/debian/control +++ b/sw/debian/control @@ -3,12 +3,12 @@ Maintainer: APT Builder Robot Section: misc Priority: optional Standards-Version: 3.9.6 -Build-Depends: debhelper (>= 9) +Build-Depends: debhelper (>= 9), libsqlite3-0, libsqlite3-dev, python (>= 2.7), python-yaml Homepage: http://trac.cryptech.is/wiki Package: cryptech-alpha Architecture: any -Depends: libc6 (>= 2.13), ${misc:Depends} +Depends: libc6 (>= 2.13), ${misc:Depends}, libsqlite3-0 Description: Cryptech open-source crypto software "cryptech-alpha" contains software for use with the Cryptech Project "Alpha" development board. diff --git a/sw/libhal b/sw/libhal index 52f1eb5..bf50cf8 160000 --- a/sw/libhal +++ b/sw/libhal @@ -1 +1 @@ -Subproject commit 52f1eb5c3dccd47d2434e0c7a302c23363790e1d +Subproject commit bf50cf8a7817274a7fb5e02d09a53598e168e22c diff --git a/sw/pkcs11 b/sw/pkcs11 index 6e7aabc..ea4c71c 160000 --- a/sw/pkcs11 +++ b/sw/pkcs11 @@ -1 +1 @@ -Subproject commit 6e7aabc780ff9f70bf05d41b97cc973451e0b2ee +Subproject commit ea4c71c075df677cd9f559ca06c79e9202630510 diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm index 357ca59..7bbbb68 160000 --- a/sw/thirdparty/libtfm +++ b/sw/thirdparty/libtfm @@ -1 +1 @@ -Subproject commit 357ca59060848fb72367b67ccae137d66de6fe34 +Subproject commit 7bbbb682d2557d7aeba63709a27838b36055db26 diff --git a/sw/thirdparty/sqlite3 b/sw/thirdparty/sqlite3 deleted file mode 160000 index be705c3..0000000 --- a/sw/thirdparty/sqlite3 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit be705c3aecaf201b7f9c649cfed01e38e73c8f68 -- cgit v1.2.3 From 3ffca7b2b7e7307777622a19256bc03ed726246a Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 14:51:58 -0400 Subject: Fix test for whether a package is already in the repository; other minor cleanup. --- Makefile | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index b4f03d2..1fc76a8 100644 --- a/Makefile +++ b/Makefile @@ -5,15 +5,8 @@ export CRYPTECH_VERSION := 2.0 HEAD_TIME := $(shell git show -s --format=%ct HEAD) HEAD_HASH := $(shell git rev-parse HEAD) -CRYPTECH_PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH} - -# Command to generate a new changelog containing one entry. -# Does nothing if the changelog already exists. - -DCH = test -f debian/changelog || \ - EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot ' \ - dch --create --package cryptech-alpha --newversion '${CRYPTECH_PACKAGE_VERSION}' \ - '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)' +PACKAGE_NAME := cryptech-alpha +PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH} export GNUPGHOME := /home/aptbot/gnupg @@ -26,6 +19,14 @@ PBUILDER_TARGETS := debian/jessie/i386 debian/jessie/amd64 ubuntu/xenial/i386 ub REPO_UPLOAD_USER := aptbot REPO_UPLOAD_URI := rsync://apt.cryptech.is/alpha/ +# Command to generate a new changelog containing one entry. +# Does nothing if the changelog already exists. + +DCH = test -f debian/changelog || \ + EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot ' \ + dch --create --package ${PACKAGE_NAME} --newversion '${PACKAGE_VERSION}' \ + '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)' + all: init source pbuilder homebrew enchilada: all upload @@ -49,9 +50,9 @@ pbuilder: umask ${REPO_UMASK}; \ for target in ${PBUILDER_TARGETS}; do echo $$target | tr '/' ' '; done | \ while read dist code arch; do \ - reprepro -b ${REPO_BASE}/$$dist -A $$arch list $$code cryptech-alpha | awk '{v = $$3} END {exit v != ${CRYPTECH_PACKAGE_VERSION}}' && continue; \ - pbuilder-dist $$code $$arch build cryptech-alpha_${CRYPTECH_PACKAGE_VERSION}.dsc; \ - reprepro -b ${REPO_BASE}/$$dist include $$code ${PBUILDER_BASE}/$${code}-$${arch}_result/cryptech-alpha_${CRYPTECH_PACKAGE_VERSION}_$${arch}.changes; \ + reprepro -b ${REPO_BASE}/$$dist -A $$arch list $$code ${PACKAGE_NAME} | awk '{v = $$3} END {exit v != "${PACKAGE_VERSION}"}' && continue; \ + pbuilder-dist $$code $$arch build ${PACKAGE_NAME}_${PACKAGE_VERSION}.dsc; \ + reprepro -b ${REPO_BASE}/$$dist include $$code ${PBUILDER_BASE}/$${code}-$${arch}_result/${PACKAGE_NAME}_${PACKAGE_VERSION}_$${arch}.changes; \ done RSYNC := rsync --rsh 'ssh -l ${REPO_UPLOAD_USER}' --archive --itemize-changes -- cgit v1.2.3 From fe95003c6343e97909a2d6c53559870e2016433b Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 14:56:15 -0400 Subject: Pull libtfm fix into releng super-repository. --- sw/thirdparty/libtfm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm index 7bbbb68..0e1cc8d 160000 --- a/sw/thirdparty/libtfm +++ b/sw/thirdparty/libtfm @@ -1 +1 @@ -Subproject commit 7bbbb682d2557d7aeba63709a27838b36055db26 +Subproject commit 0e1cc8d4e6ca53222d448df5e421c5d33383022f -- cgit v1.2.3 From ea08b95ad1a9778540cd181d7b148381630de4cf Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 23 Jun 2016 23:22:49 -0400 Subject: Drag in submodule updates. --- sw/libhal | 2 +- sw/pkcs11 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sw/libhal b/sw/libhal index bf50cf8..c521d7f 160000 --- a/sw/libhal +++ b/sw/libhal @@ -1 +1 @@ -Subproject commit bf50cf8a7817274a7fb5e02d09a53598e168e22c +Subproject commit c521d7f590ecafaaed378c20e03aa657361f1638 diff --git a/sw/pkcs11 b/sw/pkcs11 index ea4c71c..8be614f 160000 --- a/sw/pkcs11 +++ b/sw/pkcs11 @@ -1 +1 @@ -Subproject commit ea4c71c075df677cd9f559ca06c79e9202630510 +Subproject commit 8be614f02ddd5772582e375084ad0822524fd888 -- cgit v1.2.3 From cdd5bd279eef0995186a4ad961f2e9067549a122 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sat, 25 Jun 2016 19:53:30 -0400 Subject: Drag in latest subrepos. --- sw/libhal | 2 +- sw/pkcs11 | 2 +- sw/thirdparty/libtfm | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/sw/libhal b/sw/libhal index c521d7f..2cd3b6f 160000 --- a/sw/libhal +++ b/sw/libhal @@ -1 +1 @@ -Subproject commit c521d7f590ecafaaed378c20e03aa657361f1638 +Subproject commit 2cd3b6fabe5e32f169257caf5532b2bf9c83f803 diff --git a/sw/pkcs11 b/sw/pkcs11 index 8be614f..b996343 160000 --- a/sw/pkcs11 +++ b/sw/pkcs11 @@ -1 +1 @@ -Subproject commit 8be614f02ddd5772582e375084ad0822524fd888 +Subproject commit b996343a3b07228ca34e6b0df4cc7c1033e48af5 diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm index 0e1cc8d..3d85df5 160000 --- a/sw/thirdparty/libtfm +++ b/sw/thirdparty/libtfm @@ -1 +1 @@ -Subproject commit 0e1cc8d4e6ca53222d448df5e421c5d33383022f +Subproject commit 3d85df561a40cb4f08aeecb236860c189ed4343a -- cgit v1.2.3 From dfbff65fedfa40311a29302b90935835307d7842 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 26 Jun 2016 01:13:29 -0400 Subject: More GNUmakefile cleanup. --- sw/pkcs11 | 2 +- sw/thirdparty/libtfm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sw/pkcs11 b/sw/pkcs11 index b996343..6c7ea99 160000 --- a/sw/pkcs11 +++ b/sw/pkcs11 @@ -1 +1 @@ -Subproject commit b996343a3b07228ca34e6b0df4cc7c1033e48af5 +Subproject commit 6c7ea9977c45116cc51aba7a4486059926d01113 diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm index 3d85df5..269fc4e 160000 --- a/sw/thirdparty/libtfm +++ b/sw/thirdparty/libtfm @@ -1 +1 @@ -Subproject commit 3d85df561a40cb4f08aeecb236860c189ed4343a +Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c -- cgit v1.2.3 From e21726fd47adaf461a9434acf8422a865f53f78b Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 26 Jun 2016 10:44:56 -0400 Subject: Move source code one level down in tree to get names in source package right. --- .gitmodules | 12 ++++++------ Makefile | 4 ++-- source/Makefile | 17 +++++++++++++++++ source/debian/compat | 1 + source/debian/control | 14 ++++++++++++++ source/debian/copyright | 27 +++++++++++++++++++++++++++ source/debian/rules | 4 ++++ source/debian/source/format | 1 + source/sw/libhal | 1 + source/sw/pkcs11 | 1 + source/sw/thirdparty/libtfm | 1 + sw/Makefile | 17 ----------------- sw/debian/compat | 1 - sw/debian/control | 14 -------------- sw/debian/copyright | 27 --------------------------- sw/debian/rules | 4 ---- sw/debian/source/format | 1 - sw/libhal | 1 - sw/pkcs11 | 1 - sw/thirdparty/libtfm | 1 - 20 files changed, 75 insertions(+), 75 deletions(-) create mode 100644 source/Makefile create mode 100644 source/debian/compat create mode 100644 source/debian/control create mode 100644 source/debian/copyright create mode 100755 source/debian/rules create mode 100644 source/debian/source/format create mode 160000 source/sw/libhal create mode 160000 source/sw/pkcs11 create mode 160000 source/sw/thirdparty/libtfm delete mode 100644 sw/Makefile delete mode 100644 sw/debian/compat delete mode 100644 sw/debian/control delete mode 100644 sw/debian/copyright delete mode 100755 sw/debian/rules delete mode 100644 sw/debian/source/format delete mode 160000 sw/libhal delete mode 160000 sw/pkcs11 delete mode 160000 sw/thirdparty/libtfm diff --git a/.gitmodules b/.gitmodules index f24e2a2..a464eb3 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,9 +1,9 @@ -[submodule "sw/libhal"] - path = sw/libhal +[submodule "source/sw/libhal"] + path = source/sw/libhal url = https://git.cryptech.is/sw/libhal.git -[submodule "sw/pkcs11"] - path = sw/pkcs11 +[submodule "source/sw/pkcs11"] + path = source/sw/pkcs11 url = https://git.cryptech.is/sw/pkcs11.git -[submodule "sw/thirdparty/libtfm"] - path = sw/thirdparty/libtfm +[submodule "source/sw/thirdparty/libtfm"] + path = source/sw/thirdparty/libtfm url = https://git.cryptech.is/sw/thirdparty/libtfm.git diff --git a/Makefile b/Makefile index 1fc76a8..787fea4 100644 --- a/Makefile +++ b/Makefile @@ -42,8 +42,8 @@ sandblast: clean git submodule deinit -f . source: - cd sw; ${DCH} - cd sw; debuild -S -uc -us + cd source; ${DCH} + cd source; debuild -S -uc -us pbuilder: rm -f ${PBUILDER_BASE}/*result/* diff --git a/source/Makefile b/source/Makefile new file mode 100644 index 0000000..7b44136 --- /dev/null +++ b/source/Makefile @@ -0,0 +1,17 @@ +# Makefile to build Debian package for Cryptech Alpha board software + +all: + cd sw/thirdparty/libtfm; ${MAKE} + cd sw/libhal; ${MAKE} daemon + cd sw/pkcs11; ${MAKE} + +clean distclean: + for d in thirdparty/libtfm libhal pkcs11; do (cd $$d && ${MAKE} $@); done + +install: all + install -m 644 -D sw/pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so + install -D sw/pkcs11/p11util ${DESTDIR}/usr/sbin/p11util + install -D sw/libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd + ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0 + +# Might also want to install the firmware tarball, scripts to use it, .... diff --git a/source/debian/compat b/source/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/source/debian/compat @@ -0,0 +1 @@ +9 diff --git a/source/debian/control b/source/debian/control new file mode 100644 index 0000000..8ae25b9 --- /dev/null +++ b/source/debian/control @@ -0,0 +1,14 @@ +Source: cryptech-alpha +Maintainer: APT Builder Robot +Section: misc +Priority: optional +Standards-Version: 3.9.6 +Build-Depends: debhelper (>= 9), libsqlite3-0, libsqlite3-dev, python (>= 2.7), python-yaml +Homepage: http://trac.cryptech.is/wiki + +Package: cryptech-alpha +Architecture: any +Depends: libc6 (>= 2.13), ${misc:Depends}, libsqlite3-0 +Description: Cryptech open-source crypto software + "cryptech-alpha" contains software for use with the Cryptech Project + "Alpha" development board. diff --git a/source/debian/copyright b/source/debian/copyright new file mode 100644 index 0000000..ec25460 --- /dev/null +++ b/source/debian/copyright @@ -0,0 +1,27 @@ +Copyright (c) 2015-2016, NORDUnet A/S All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: +- Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +- Neither the name of the NORDUnet nor the names of its contributors may + be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/source/debian/rules b/source/debian/rules new file mode 100755 index 0000000..2d33f6a --- /dev/null +++ b/source/debian/rules @@ -0,0 +1,4 @@ +#!/usr/bin/make -f + +%: + dh $@ diff --git a/source/debian/source/format b/source/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/source/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/source/sw/libhal b/source/sw/libhal new file mode 160000 index 0000000..709a71c --- /dev/null +++ b/source/sw/libhal @@ -0,0 +1 @@ +Subproject commit 709a71c0030225ba08cddf5227a1c67c2dbb4176 diff --git a/source/sw/pkcs11 b/source/sw/pkcs11 new file mode 160000 index 0000000..6c7ea99 --- /dev/null +++ b/source/sw/pkcs11 @@ -0,0 +1 @@ +Subproject commit 6c7ea9977c45116cc51aba7a4486059926d01113 diff --git a/source/sw/thirdparty/libtfm b/source/sw/thirdparty/libtfm new file mode 160000 index 0000000..269fc4e --- /dev/null +++ b/source/sw/thirdparty/libtfm @@ -0,0 +1 @@ +Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c diff --git a/sw/Makefile b/sw/Makefile deleted file mode 100644 index 9fd3c72..0000000 --- a/sw/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -# Makefile to build Debian package for Cryptech Alpha board software - -all: - cd thirdparty/libtfm; ${MAKE} - cd libhal; ${MAKE} daemon - cd pkcs11; ${MAKE} - -clean distclean: - for d in thirdparty/libtfm libhal pkcs11; do (cd $$d && ${MAKE} $@); done - -install: all - install -m 644 -D pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so - install -D pkcs11/p11util ${DESTDIR}/usr/sbin/p11util - install -D libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd - ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0 - -# Might also want to install the firmware tarball, scripts to use it, .... diff --git a/sw/debian/compat b/sw/debian/compat deleted file mode 100644 index ec63514..0000000 --- a/sw/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/sw/debian/control b/sw/debian/control deleted file mode 100644 index 8ae25b9..0000000 --- a/sw/debian/control +++ /dev/null @@ -1,14 +0,0 @@ -Source: cryptech-alpha -Maintainer: APT Builder Robot -Section: misc -Priority: optional -Standards-Version: 3.9.6 -Build-Depends: debhelper (>= 9), libsqlite3-0, libsqlite3-dev, python (>= 2.7), python-yaml -Homepage: http://trac.cryptech.is/wiki - -Package: cryptech-alpha -Architecture: any -Depends: libc6 (>= 2.13), ${misc:Depends}, libsqlite3-0 -Description: Cryptech open-source crypto software - "cryptech-alpha" contains software for use with the Cryptech Project - "Alpha" development board. diff --git a/sw/debian/copyright b/sw/debian/copyright deleted file mode 100644 index ec25460..0000000 --- a/sw/debian/copyright +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2015-2016, NORDUnet A/S All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: -- Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - -- Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -- Neither the name of the NORDUnet nor the names of its contributors may - be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS -IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/sw/debian/rules b/sw/debian/rules deleted file mode 100755 index 2d33f6a..0000000 --- a/sw/debian/rules +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/make -f - -%: - dh $@ diff --git a/sw/debian/source/format b/sw/debian/source/format deleted file mode 100644 index 89ae9db..0000000 --- a/sw/debian/source/format +++ /dev/null @@ -1 +0,0 @@ -3.0 (native) diff --git a/sw/libhal b/sw/libhal deleted file mode 160000 index 2cd3b6f..0000000 --- a/sw/libhal +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 2cd3b6fabe5e32f169257caf5532b2bf9c83f803 diff --git a/sw/pkcs11 b/sw/pkcs11 deleted file mode 160000 index 6c7ea99..0000000 --- a/sw/pkcs11 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 6c7ea9977c45116cc51aba7a4486059926d01113 diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm deleted file mode 160000 index 269fc4e..0000000 --- a/sw/thirdparty/libtfm +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c -- cgit v1.2.3 From 856cb22d530e820c122e0dbee5b61edff91d235e Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 26 Jun 2016 13:07:40 -0400 Subject: Fix distclean target and drag in change to disable libtfm assembly code. --- source/Makefile | 4 +++- source/sw/pkcs11 | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/source/Makefile b/source/Makefile index 7b44136..e2fdb1b 100644 --- a/source/Makefile +++ b/source/Makefile @@ -6,7 +6,9 @@ all: cd sw/pkcs11; ${MAKE} clean distclean: - for d in thirdparty/libtfm libhal pkcs11; do (cd $$d && ${MAKE} $@); done + cd sw/thirdparty/libtfm; ${MAKE} $@ + cd sw/libhal; ${MAKE} $@ + cd sw/pkcs11; ${MAKE} $@ install: all install -m 644 -D sw/pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so diff --git a/source/sw/pkcs11 b/source/sw/pkcs11 index 6c7ea99..3118c13 160000 --- a/source/sw/pkcs11 +++ b/source/sw/pkcs11 @@ -1 +1 @@ -Subproject commit 6c7ea9977c45116cc51aba7a4486059926d01113 +Subproject commit 3118c1384c46140269033ea63faa6ebca9a3af5a -- cgit v1.2.3