From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 28 Jun 2021 01:13:57 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lxdyP-0002Tj-1o for lore@lore.pengutronix.de; Mon, 28 Jun 2021 01:13:57 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lxdyO-0007LU-Ft; Mon, 28 Jun 2021 01:13:56 +0200 Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lxdxF-0006nv-0o; Mon, 28 Jun 2021 01:12:45 +0200 Received: from rhi by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1lxdxE-0007xj-OA; Mon, 28 Jun 2021 01:12:44 +0200 From: Roland Hieber To: ptxdist@pengutronix.de Date: Mon, 28 Jun 2021 01:11:16 +0200 Message-Id: <20210627231121.28313-2-rhi@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210627231121.28313-1-rhi@pengutronix.de> References: <20210627231121.28313-1-rhi@pengutronix.de> MIME-Version: 1.0 Subject: [ptxdist] [PATCH v2 2/7] ptxd_lib_code_signing: introduce role groups X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Marc Kleine-Budde , Roland Hieber Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false RnJvbTogTWFyYyBLbGVpbmUtQnVkZGUgPG1rbEBwZW5ndXRyb25peC5kZT4KCkEgcm9sZSBncm91 cCBjb25zaXN0cyBvZiBvbmUgb3IgbW9yZSByb2xlcy4gSXQgc2hvdWxkIGJlIHVzZWQgd2hlcmUg bW9yZQp0aGFuIG9uZSByb2xlIGlzIG5lZWRlZCwgYnV0IHRoZSBleGFjdCBuYW1lcyBhbmQvb3Ig bnVtYmVyIG9mIHJvbGVzCmRlcGVuZCBvbiB0aGUgdXNlZCBjb2RlIHNpZ25pbmcgcHJvdmlkZXIu CgpGb3IgZXhhbXBsZSB0aGUgZ2VuZXJhdGlvbiBvZiB0aGUgaW14IEhBQnY0IGZ1c2UgdGFibGUg Y2FuIHVzZSAxIHRvIDQKU1JLIGtleXMgYXMgaW5wdXQuIElmIHRoZSBzaWduaW5nIHByb3ZpZGVy IGlzIGFuIEhTTSwgdGhlIGN1cnJlbnQKbWVjaGFuaXNtIHdpdGggY29udGludW91cyBudW1iZXJl ZCBVUkkgbWF5IG5vdCB3b3JrIOKAkyByb2xlIGdyb3VwcyB0byB0aGUKcmVzY3VlLgoKVG8gbWFr ZSB1c2Ugb2Ygcm9sZSBncm91cHMsIGRlZmluZSByb2xlcyBhcyB1c3VhbDoKCnwgcj0iaW14LWhh YnY0LXNyazEiCnwgY3NfZGVmaW5lX3JvbGUgIiR7cn0iCnwgY3Nfc2V0X3VyaSAiJHtyfSIgInBr Y3MxMTpvYmplY3Q9U1JLIENBIDAiCnwgY3NfYXBwZW5kX2NhX2Zyb21fdXJpICIke3J9Igp8Cnwg cj0iaW14LWhhYnY0LXNyazIiCnwgY3NfZGVmaW5lX3JvbGUgIiR7cn0iCnwgY3Nfc2V0X3VyaSAi JHtyfSIgInBrY3MxMTpvYmplY3Q9U1JLIENBIDEiCnwgY3NfYXBwZW5kX2NhX2Zyb21fdXJpICIk e3J9IgoKTm93IGRlZmluZSBhIHJvbGUgZ3JvdXAgYW5kIGFkZCB0aGUgcm9sZXMgdG8gdGhlIGdy b3VwOgoKfCBnPSJpbXgtaGFidjQtc3JrIgp8IGNzX2RlZmluZV9ncm91cCAiJHtnfSIKfCBjc19n cm91cF9hZGRfcm9sZXMgIiR7Z30iICJpbXgtaGFidjQtc3JrMSIgImlteC1oYWJ2NC1zcmsyIgoK VXNlIHRoZSBmdW5jdGlvbiBjc19ncm91cF9nZXRfcm9sZXMoKSB0byBnZXQgdGhlIHJvbGVzIG9m IGEgZ3JvdXAuCgpJbiBhIGxhdGVyIHBhdGNoIHRoZSBmdW5jdGlvbiBwdHhkX21ha2VfaW14X2hh YnY0X2dlbl90YWJsZSgpIGlzCmNvbnZlcnRlZCB0byBtYWtlIHVzZSAkKGNzX2dyb3VwX2dldF9y b2xlcyBpbXgtaGFidjQtc3JrKSB0byBnZXQgdGhlCnJvbGVzIG9mIHRoZSBpbXgtaGFidjQtc3Jr IGdyb3VwLgoKQ28tYXV0aG9yZWQtYnk6IFJvbGFuZCBIaWViZXIgPHJoaUBwZW5ndXRyb25peC5k ZT4KU2lnbmVkLW9mZi1ieTogTWFyYyBLbGVpbmUtQnVkZGUgPG1rbEBwZW5ndXRyb25peC5kZT4K U2lnbmVkLW9mZi1ieTogUm9sYW5kIEhpZWJlciA8cmhpQHBlbmd1dHJvbml4LmRlPgotLS0KUEFU Q0ggdjIgKHJoaSk6CiAtIHJlb3JkZXIgZnJvbSBQQVRDSCAxL24gdG8gUEFUQ0ggMi9uCiAtIGJl IG1vcmUgY29uY2lzZSBhbmQgY2FsbCB0aGUgbmV3IGNvbmNlcHQgInJvbGUgZ3JvdXBzIiBpbnN0 ZWFkIG9mIHRoZQogICAobGVzcyBleHByZXNzaXZlKSAiY29kZSBzaWduaW5nIGdyb3VwcyIgb3Ig ImtleSBncm91cHMiCiAtIGFkZCBBUEkgZG9jcyBmb3IgbmV3IHNoZWxsIGZ1bmN0aW9ucyAoZmVl ZGJhY2sgZnJvbSBteXNlbGYpCiAtIHJlcGhyYXNlIGFuZCBmaXggdHlwb3MgaW4gY29tbWl0IG1l c3NhZ2UKClBBVENIIHYxIChta2wpOiBodHRwczovL2xvcmUucHR4ZGlzdC5vcmcvcHR4ZGlzdC8y MDIxMDQxMjE2MTkwMC4yMzc2ODAyLTEtbWtsQHBlbmd1dHJvbml4LmRlCi0tLQogZG9jL2Rldl9j b2RlX3NpZ25pbmcucnN0ICAgICAgICAgICAgIHwgIDUgKysKIGRvYy9yZWZfY29kZV9zaWduaW5n X2hlbHBlcnMucnN0ICAgICB8IDc5ICsrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHNjcmlw dHMvbGliL3B0eGRfbGliX2NvZGVfc2lnbmluZy5zaCB8IDQ1ICsrKysrKysrKysrKysrKysKIDMg ZmlsZXMgY2hhbmdlZCwgMTI5IGluc2VydGlvbnMoKykKCmRpZmYgLS1naXQgYS9kb2MvZGV2X2Nv ZGVfc2lnbmluZy5yc3QgYi9kb2MvZGV2X2NvZGVfc2lnbmluZy5yc3QKaW5kZXggNTZhYzBlM2Iz MjE3Li4xZjQzZjJiNjBhZGUgMTAwNjQ0Ci0tLSBhL2RvYy9kZXZfY29kZV9zaWduaW5nLnJzdAor KysgYi9kb2MvZGV2X2NvZGVfc2lnbmluZy5yc3QKQEAgLTE5LDYgKzE5LDExIEBAIGRldmVsb3Bt ZW50KSB0aGUgVVJJcyBhcmUgdXN1YWxseSBub3QgaGFyZGNvZGVkIGluIHRoZSBwYWNrYWdlIGNv bmZpZ3VyYXRpb24uCiBJbnN0ZWFkLCBQVFhkaXN0IGhhcyB0aGUgaWRlYSBvZiAqKnJvbGVzKiog d2hpY2ggYXJlIHN0cmluZyBpZGVudGlmaWVycyB1c2VkIHRvCiBhY2Nlc3MgYSBzaW5nbGUgcHJp dmF0ZS9wdWJsaWMga2V5IHBhaXIgYW5kIGEgY2VydGlmaWNhdGUuCiAKK1JvbGVzIGNhbiBiZSBn cm91cGVkIGludG8gKipyb2xlIGdyb3VwcyoqLgorUm9sZSBncm91cHMgc2hvdWxkIGJlIHVzZWQg d2hlcmUgbW9yZSB0aGFuIG9uZSByb2xlIGlzIG5lZWRlZCwgYnV0IHRoZSBleGFjdAorbmFtZXMg YW5kL29yIG51bWJlciBvZiByb2xlcyBkZXBlbmQgb24gdGhlIGNvbmNyZXRlIGNvZGUgc2lnbmlu ZyBwcm92aWRlci4KK0ZvciBleGFtcGxlLCBhbiBpLk1YIEhBQnY0IGZ1c2UgdGFibGUgY2FuIGNv bnRhaW4gdXAgdG8gZm91ciBrZXlzLgorCiBGaW5hbGx5LCBvbmUgb3Igc2V2ZXJhbCAqKmNvZGUg c2lnbmluZyBwcm92aWRlcnMqKiBzdXBwbHkgdGhlIG1hcHBpbmcgZnJvbQogcm9sZXMgdG8gdGhl IHJlc3BlY3RpdmUga2V5IG1hdGVyaWFsIG9yIGV2ZW4gcHJvdmlkZSBpdCB0aGVtc2VsdmVzIGZv cgogZGV2ZWxvcG1lbnQuCmRpZmYgLS1naXQgYS9kb2MvcmVmX2NvZGVfc2lnbmluZ19oZWxwZXJz LnJzdCBiL2RvYy9yZWZfY29kZV9zaWduaW5nX2hlbHBlcnMucnN0CmluZGV4IGY3OTI4ZjUyZWJl Zi4uOTlhMzk1YjI4N2M5IDEwMDY0NAotLS0gYS9kb2MvcmVmX2NvZGVfc2lnbmluZ19oZWxwZXJz LnJzdAorKysgYi9kb2MvcmVmX2NvZGVfc2lnbmluZ19oZWxwZXJzLnJzdApAQCAtMjE1LDYgKzIx NSw4NSBAQCBQcmVjb25kaXRpb25zOgogLSB3aGVuIHVzZWQgd2l0aCBTb2Z0SFNNLCBjZXJ0aWZp Y2F0ZXMgbXVzdCBoYXZlIGJlZW4gaW1wb3J0ZWQgYmVmb3JlCiAgIChzZWUgOnJlZjpgY3NfaW1w b3J0X2NlcnRfZnJvbV9kZXJgLCA6cmVmOmBjc19pbXBvcnRfY2VydF9mcm9tX3BlbWApCiAKKy4u IF9jc19kZWZpbmVfZ3JvdXA6CisKK2NzX2RlZmluZV9ncm91cAorXl5eXl5eXl5eXl5eXl5eCisK K1VzYWdlOgorCisuLiBjb2RlLWJsb2NrOjogYmFzaAorCisgICBjc19kZWZpbmVfZ3JvdXAgPGdy b3VwPgorCitEZWZpbmUgYSBuZXcgcm9sZSBncm91cC4KKworU2VlIDpyZWY6YGNzX2dyb3VwX2Fk ZF9yb2xlc2AgZm9yIGFuIGV4YW1wbGUuCisKKy4uIF9jc19ncm91cF9hZGRfcm9sZXM6CisKK2Nz X2dyb3VwX2FkZF9yb2xlcworXl5eXl5eXl5eXl5eXl5eXl5eCisKK1VzYWdlOgorCisuLiBjb2Rl LWJsb2NrOjogYmFzaAorCisgICBjc19ncm91cF9hZGRfcm9sZXMgPGdyb3VwPiA8cm9sZXMuLi4+ CisKK0FkZCBhbGwgZ2l2ZW4gcm9sZXMgdG8gYSByb2xlIGdyb3VwLgorCitQcmVjb25kaXRpb25z OgorCistIHRoZSBncm91cCBtdXN0IGhhdmUgYmVlbiBkZWZpbmVkIChzZWUgOnJlZjpgY3NfZGVm aW5lX2dyb3VwYCkKKy0gdGhlIHJvbGUocykgbXVzdCBoYXZlIGJlZW4gZGVmaW5lZCAoc2VlIDpy ZWY6YGNzX2RlZmluZV9yb2xlYCkKKworRXhhbXBsZToKKworLi4gY29kZS1ibG9jazo6IGJhc2gK KworICAgIyBkZWZpbmUgdHdvIHJvbGVzIG5hbWVkIGlteC1oYWJ2NC1zcmsxIGFuZCBpbXgtaGFi djQtc3JrMgorICAgcj0iaW14LWhhYnY0LXNyazEiCisgICBjc19kZWZpbmVfcm9sZSAiJHtyfSIK KyAgIGNzX3NldF91cmkgIiR7cn0iICJwa2NzMTE6b2JqZWN0PVNSSyBDQSAwIgorICAgY3NfYXBw ZW5kX2NhX2Zyb21fdXJpICIke3J9IgorICAgcj0iaW14LWhhYnY0LXNyazIiCisgICBjc19kZWZp bmVfcm9sZSAiJHtyfSIKKyAgIGNzX3NldF91cmkgIiR7cn0iICJwa2NzMTE6b2JqZWN0PVNSSyBD QSAxIgorICAgY3NfYXBwZW5kX2NhX2Zyb21fdXJpICIke3J9IgorCisgICAjIGRlZmluZSBhIGdy b3VwIGFuZCBhZGQgdGhlIHJvbGVzCisgICBnPSJpbXgtaGFidjQtc3JrIgorICAgY3NfZGVmaW5l X2dyb3VwICIke2d9IgorICAgY3NfZ3JvdXBfYWRkX3JvbGVzICIke2d9IiAiaW14LWhhYnY0LXNy azEiICJpbXgtaGFidjQtc3JrMiIKKworLi4gX2NzX2dyb3VwX2dldF9yb2xlczoKKworY3NfZ3Jv dXBfZ2V0X3JvbGVzCiteXl5eXl5eXl5eXl5eXl5eXl4KKworVXNhZ2U6CisKKy4uIGNvZGUtYmxv Y2s6OiBiYXNoCisKKyAgIGNzX2dyb3VwX2dldF9yb2xlcyA8Z3JvdXA+CisKK0dldCBhIGxpc3Qg b2YgYWxsIHJvbGVzIHRoYXQgaGF2ZSBiZWVuIGFkZGVkIHRvIHRoZSByb2xlIGdyb3VwLgorCitF eGFtcGxlOgorCisuLiBjb2RlLWJsb2NrOjogYmFzaAorCisgICAjIGl0ZXJhdGUgb3ZlciByb2xl IG5hbWVzIGluIGEgcm9sZSBncm91cCwgYW5kIHByaW50IHRoZWlyIG5hbWUgYW5kIFVSSQorICAg Zm9yIHJvbGUgaW4gJChjc19ncm91cF9nZXRfcm9sZXMgImlteC1oYWJ2NC1zcmsiKTsgZG8KKyAg IAllY2hvICJyb2xlICcke3JvbGV9JyBoYXMgVVJJICckKGNzX2dldF91cmkgIiR7cm9sZX0iKSci CisgICBkb25lCisKK0luIHRoZSBleGFtcGxlIGdpdmVuIGluIDpyZWY6YGNzX2dyb3VwX2FkZF9y b2xlc2AgYWJvdmUsIHRoaXMgd291bGQgcHJpbnQ6OgorCisgICByb2xlICdpbXgtaGFidjQtc3Jr MScgaGFzIFVSSSAncGtjczExOm9iamVjdD1TUksgQ0EgMCcKKyAgIHJvbGUgJ2lteC1oYWJ2NC1z cmsyJyBoYXMgVVJJICdwa2NzMTE6b2JqZWN0PVNSSyBDQSAxJworCiBDb25zdW1lciBGdW5jdGlv bnMKIH5+fn5+fn5+fn5+fn5+fn5+fgogCmRpZmYgLS1naXQgYS9zY3JpcHRzL2xpYi9wdHhkX2xp Yl9jb2RlX3NpZ25pbmcuc2ggYi9zY3JpcHRzL2xpYi9wdHhkX2xpYl9jb2RlX3NpZ25pbmcuc2gK aW5kZXggMDAyNmNkYzRkZWMwLi5jYTEwMWQ2MzU1NzQgMTAwNjQ0Ci0tLSBhL3NjcmlwdHMvbGli L3B0eGRfbGliX2NvZGVfc2lnbmluZy5zaAorKysgYi9zY3JpcHRzL2xpYi9wdHhkX2xpYl9jb2Rl X3NpZ25pbmcuc2gKQEAgLTk5LDYgKzk5LDUxIEBAIGNzX2RlZmluZV9yb2xlKCkgewogfQogZXhw b3J0IC1mIGNzX2RlZmluZV9yb2xlCiAKKyMKKyMgY3NfZGVmaW5lX2dyb3VwIDxncm91cD4KKyMK KyMgRGVmaW5lIGEgbmV3IHJvbGUgZ3JvdXAuCisjCitjc19kZWZpbmVfZ3JvdXAoKSB7CisgICAg bG9jYWwgZ3JvdXA9IiR7MX0iCisgICAgY3NfaW5pdF92YXJpYWJsZXMKKworICAgIG1rZGlyIC1w ICIke2tleWRpcn0vJHtncm91cH0uZ3JvdXAiICYmCisgICAgcm0gLWYgIiR7a2V5ZGlyfS8ke2dy b3VwfS5ncm91cC9yb2xlcyIKK30KK2V4cG9ydCAtZiBjc19kZWZpbmVfZ3JvdXAKKworIworIyBj c19ncm91cF9hZGRfcm9sZXMgPGdyb3VwPiA8cm9sZT4gLi4uIDxyb2xlPgorIworIyBTZXQgdGhl IHJvbGVzIGZvciBhIGdyb3VwCisjCitjc19ncm91cF9hZGRfcm9sZXMoKSB7CisgICAgbG9jYWwg Z3JvdXA9IiR7MX0iCisgICAgc2hpZnQKKyAgICBjc19pbml0X3ZhcmlhYmxlcworCisgICAgbG9j YWwgb3JpZ19JRlM9IiR7SUZTfSIKKyAgICBJRlM9IgorIgorICAgIGVjaG8gIiR7Kn0iID4+ICIk e2tleWRpcn0vJHtncm91cH0uZ3JvdXAvcm9sZXMiICYmCisgICAgSUZTPSR7b3JpZ19JRlN9Cit9 CitleHBvcnQgLWYgY3NfZ3JvdXBfYWRkX3JvbGVzCisKKyMKKyMgY3NfZ3JvdXBfZ2V0X3JvbGVz IDxncm91cD4KKyMKKyMgR2V0cyB0aGUgcm9sZXMgb2YgYSBncm91cAorIworY3NfZ3JvdXBfZ2V0 X3JvbGVzKCkgeworICAgIGxvY2FsIGdyb3VwPSIkezF9IgorICAgIGNzX2luaXRfdmFyaWFibGVz CisKKyAgICBjYXQgIiR7a2V5ZGlyfS8ke2dyb3VwfS5ncm91cC9yb2xlcyIKK30KK2V4cG9ydCAt ZiBjc19ncm91cF9nZXRfcm9sZXMKKwogIwogIyBjc19zZXRfdXJpIDxyb2xlPiA8dXJpPgogIwot LSAKMi4zMC4yCgoKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X18KcHR4ZGlzdCBtYWlsaW5nIGxpc3QKcHR4ZGlzdEBwZW5ndXRyb25peC5kZQpUbyB1bnN1YnNj cmliZSwgc2VuZCBhIG1haWwgd2l0aCBzdWJqZWN0ICJ1bnN1YnNjcmliZSIgdG8gcHR4ZGlzdC1y ZXF1ZXN0QHBlbmd1dHJvbml4LmRlCg==