From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Thu, 08 Jul 2021 22:40:12 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1m1aoe-0008VC-Q2 for lore@lore.pengutronix.de; Thu, 08 Jul 2021 22:40:12 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1m1aod-00047h-Sv; Thu, 08 Jul 2021 22:40:11 +0200 Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1m1aoA-0003r0-SB; Thu, 08 Jul 2021 22:39:42 +0200 Received: from rhi by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1m1aoA-0007tM-Jd; Thu, 08 Jul 2021 22:39:42 +0200 From: Roland Hieber To: ptxdist@pengutronix.de Date: Thu, 8 Jul 2021 22:39:38 +0200 Message-Id: <20210708203941.30212-2-rhi@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210708203941.30212-1-rhi@pengutronix.de> References: <20210708203941.30212-1-rhi@pengutronix.de> MIME-Version: 1.0 Subject: [ptxdist] [PATCH v3 2/5] ptxd_lib_code_signing: introduce role groups X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Marc Kleine-Budde , Roland Hieber Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false RnJvbTogTWFyYyBLbGVpbmUtQnVkZGUgPG1rbEBwZW5ndXRyb25peC5kZT4KCkEgcm9sZSBncm91 cCBjb25zaXN0cyBvZiBvbmUgb3IgbW9yZSByb2xlcy4gSXQgc2hvdWxkIGJlIHVzZWQgd2hlcmUg bW9yZQp0aGFuIG9uZSByb2xlIGlzIG5lZWRlZCwgYnV0IHRoZSBleGFjdCBuYW1lcyBhbmQvb3Ig bnVtYmVyIG9mIHJvbGVzCmRlcGVuZCBvbiB0aGUgdXNlZCBjb2RlIHNpZ25pbmcgcHJvdmlkZXIu CgpGb3IgZXhhbXBsZSB0aGUgZ2VuZXJhdGlvbiBvZiB0aGUgaW14IEhBQnY0IGZ1c2UgdGFibGUg Y2FuIHVzZSAxIHRvIDQKU1JLIGtleXMgYXMgaW5wdXQuIElmIHRoZSBzaWduaW5nIHByb3ZpZGVy IGlzIGFuIEhTTSwgdGhlIGN1cnJlbnQKbWVjaGFuaXNtIHdpdGggY29udGludW91cyBudW1iZXJl ZCBVUkkgbWF5IG5vdCB3b3JrIOKAkyByb2xlIGdyb3VwcyB0byB0aGUKcmVzY3VlLgoKVG8gbWFr ZSB1c2Ugb2Ygcm9sZSBncm91cHMsIGRlZmluZSByb2xlcyBhcyB1c3VhbDoKCnwgcj0iaW14LWhh YnY0LXNyazEiCnwgY3NfZGVmaW5lX3JvbGUgIiR7cn0iCnwgY3Nfc2V0X3VyaSAiJHtyfSIgInBr Y3MxMTpvYmplY3Q9U1JLIENBIDAiCnwgY3NfYXBwZW5kX2NhX2Zyb21fdXJpICIke3J9Igp8Cnwg cj0iaW14LWhhYnY0LXNyazIiCnwgY3NfZGVmaW5lX3JvbGUgIiR7cn0iCnwgY3Nfc2V0X3VyaSAi JHtyfSIgInBrY3MxMTpvYmplY3Q9U1JLIENBIDEiCnwgY3NfYXBwZW5kX2NhX2Zyb21fdXJpICIk e3J9IgoKTm93IGRlZmluZSBhIHJvbGUgZ3JvdXAgYW5kIGFkZCB0aGUgcm9sZXMgdG8gdGhlIGdy b3VwOgoKfCBnPSJpbXgtaGFidjQtc3JrIgp8IGNzX2RlZmluZV9ncm91cCAiJHtnfSIKfCBjc19n cm91cF9hZGRfcm9sZXMgIiR7Z30iICJpbXgtaGFidjQtc3JrMSIgImlteC1oYWJ2NC1zcmsyIgoK VXNlIHRoZSBmdW5jdGlvbiBjc19ncm91cF9nZXRfcm9sZXMoKSB0byBnZXQgdGhlIHJvbGVzIG9m IGEgZ3JvdXAuCgpJbiBhIGxhdGVyIHBhdGNoIHRoZSBmdW5jdGlvbiBwdHhkX21ha2VfaW14X2hh YnY0X2dlbl90YWJsZSgpIGlzCmNvbnZlcnRlZCB0byBtYWtlIHVzZSAkKGNzX2dyb3VwX2dldF9y b2xlcyBpbXgtaGFidjQtc3JrKSB0byBnZXQgdGhlCnJvbGVzIG9mIHRoZSBpbXgtaGFidjQtc3Jr IGdyb3VwLgoKQ28tYXV0aG9yZWQtYnk6IFJvbGFuZCBIaWViZXIgPHJoaUBwZW5ndXRyb25peC5k ZT4KU2lnbmVkLW9mZi1ieTogTWFyYyBLbGVpbmUtQnVkZGUgPG1rbEBwZW5ndXRyb25peC5kZT4K U2lnbmVkLW9mZi1ieTogUm9sYW5kIEhpZWJlciA8cmhpQHBlbmd1dHJvbml4LmRlPgotLS0KUEFU Q0ggdjM6CiAtIG5vIGNoYW5nZXMKClBBVENIIHYyIChyaGkpOiBodHRwczovL2xvcmUucHR4ZGlz dC5vcmcvcHR4ZGlzdC8yMDIxMDYyNzIzMTEyMS4yODMxMy0yLXJoaUBwZW5ndXRyb25peC5kZQog LSByZW9yZGVyIGZyb20gUEFUQ0ggMS9uIHRvIFBBVENIIDIvbgogLSBiZSBtb3JlIGNvbmNpc2Ug YW5kIGNhbGwgdGhlIG5ldyBjb25jZXB0ICJyb2xlIGdyb3VwcyIgaW5zdGVhZCBvZiB0aGUKICAg KGxlc3MgZXhwcmVzc2l2ZSkgImNvZGUgc2lnbmluZyBncm91cHMiIG9yICJrZXkgZ3JvdXBzIgog LSBhZGQgQVBJIGRvY3MgZm9yIG5ldyBzaGVsbCBmdW5jdGlvbnMgKGZlZWRiYWNrIGZyb20gbXlz ZWxmKQogLSByZXBocmFzZSBhbmQgZml4IHR5cG9zIGluIGNvbW1pdCBtZXNzYWdlCgpQQVRDSCB2 MSAobWtsKTogaHR0cHM6Ly9sb3JlLnB0eGRpc3Qub3JnL3B0eGRpc3QvMjAyMTA0MTIxNjE5MDAu MjM3NjgwMi0xLW1rbEBwZW5ndXRyb25peC5kZQotLS0KIGRvYy9kZXZfY29kZV9zaWduaW5nLnJz dCAgICAgICAgICAgICB8ICA1ICsrCiBkb2MvcmVmX2NvZGVfc2lnbmluZ19oZWxwZXJzLnJzdCAg ICAgfCA3OSArKysrKysrKysrKysrKysrKysrKysrKysrKysrCiBzY3JpcHRzL2xpYi9wdHhkX2xp Yl9jb2RlX3NpZ25pbmcuc2ggfCA0NSArKysrKysrKysrKysrKysrCiAzIGZpbGVzIGNoYW5nZWQs IDEyOSBpbnNlcnRpb25zKCspCgpkaWZmIC0tZ2l0IGEvZG9jL2Rldl9jb2RlX3NpZ25pbmcucnN0 IGIvZG9jL2Rldl9jb2RlX3NpZ25pbmcucnN0CmluZGV4IDU2YWMwZTNiMzIxNy4uMWY0M2YyYjYw YWRlIDEwMDY0NAotLS0gYS9kb2MvZGV2X2NvZGVfc2lnbmluZy5yc3QKKysrIGIvZG9jL2Rldl9j b2RlX3NpZ25pbmcucnN0CkBAIC0xOSw2ICsxOSwxMSBAQCBkZXZlbG9wbWVudCkgdGhlIFVSSXMg YXJlIHVzdWFsbHkgbm90IGhhcmRjb2RlZCBpbiB0aGUgcGFja2FnZSBjb25maWd1cmF0aW9uLgog SW5zdGVhZCwgUFRYZGlzdCBoYXMgdGhlIGlkZWEgb2YgKipyb2xlcyoqIHdoaWNoIGFyZSBzdHJp bmcgaWRlbnRpZmllcnMgdXNlZCB0bwogYWNjZXNzIGEgc2luZ2xlIHByaXZhdGUvcHVibGljIGtl eSBwYWlyIGFuZCBhIGNlcnRpZmljYXRlLgogCitSb2xlcyBjYW4gYmUgZ3JvdXBlZCBpbnRvICoq cm9sZSBncm91cHMqKi4KK1JvbGUgZ3JvdXBzIHNob3VsZCBiZSB1c2VkIHdoZXJlIG1vcmUgdGhh biBvbmUgcm9sZSBpcyBuZWVkZWQsIGJ1dCB0aGUgZXhhY3QKK25hbWVzIGFuZC9vciBudW1iZXIg b2Ygcm9sZXMgZGVwZW5kIG9uIHRoZSBjb25jcmV0ZSBjb2RlIHNpZ25pbmcgcHJvdmlkZXIuCitG b3IgZXhhbXBsZSwgYW4gaS5NWCBIQUJ2NCBmdXNlIHRhYmxlIGNhbiBjb250YWluIHVwIHRvIGZv dXIga2V5cy4KKwogRmluYWxseSwgb25lIG9yIHNldmVyYWwgKipjb2RlIHNpZ25pbmcgcHJvdmlk ZXJzKiogc3VwcGx5IHRoZSBtYXBwaW5nIGZyb20KIHJvbGVzIHRvIHRoZSByZXNwZWN0aXZlIGtl eSBtYXRlcmlhbCBvciBldmVuIHByb3ZpZGUgaXQgdGhlbXNlbHZlcyBmb3IKIGRldmVsb3BtZW50 LgpkaWZmIC0tZ2l0IGEvZG9jL3JlZl9jb2RlX3NpZ25pbmdfaGVscGVycy5yc3QgYi9kb2MvcmVm X2NvZGVfc2lnbmluZ19oZWxwZXJzLnJzdAppbmRleCBmNzkyOGY1MmViZWYuLjk5YTM5NWIyODdj OSAxMDA2NDQKLS0tIGEvZG9jL3JlZl9jb2RlX3NpZ25pbmdfaGVscGVycy5yc3QKKysrIGIvZG9j L3JlZl9jb2RlX3NpZ25pbmdfaGVscGVycy5yc3QKQEAgLTIxNSw2ICsyMTUsODUgQEAgUHJlY29u ZGl0aW9uczoKIC0gd2hlbiB1c2VkIHdpdGggU29mdEhTTSwgY2VydGlmaWNhdGVzIG11c3QgaGF2 ZSBiZWVuIGltcG9ydGVkIGJlZm9yZQogICAoc2VlIDpyZWY6YGNzX2ltcG9ydF9jZXJ0X2Zyb21f ZGVyYCwgOnJlZjpgY3NfaW1wb3J0X2NlcnRfZnJvbV9wZW1gKQogCisuLiBfY3NfZGVmaW5lX2dy b3VwOgorCitjc19kZWZpbmVfZ3JvdXAKK15eXl5eXl5eXl5eXl5eXgorCitVc2FnZToKKworLi4g Y29kZS1ibG9jazo6IGJhc2gKKworICAgY3NfZGVmaW5lX2dyb3VwIDxncm91cD4KKworRGVmaW5l IGEgbmV3IHJvbGUgZ3JvdXAuCisKK1NlZSA6cmVmOmBjc19ncm91cF9hZGRfcm9sZXNgIGZvciBh biBleGFtcGxlLgorCisuLiBfY3NfZ3JvdXBfYWRkX3JvbGVzOgorCitjc19ncm91cF9hZGRfcm9s ZXMKK15eXl5eXl5eXl5eXl5eXl5eXgorCitVc2FnZToKKworLi4gY29kZS1ibG9jazo6IGJhc2gK KworICAgY3NfZ3JvdXBfYWRkX3JvbGVzIDxncm91cD4gPHJvbGVzLi4uPgorCitBZGQgYWxsIGdp dmVuIHJvbGVzIHRvIGEgcm9sZSBncm91cC4KKworUHJlY29uZGl0aW9uczoKKworLSB0aGUgZ3Jv dXAgbXVzdCBoYXZlIGJlZW4gZGVmaW5lZCAoc2VlIDpyZWY6YGNzX2RlZmluZV9ncm91cGApCist IHRoZSByb2xlKHMpIG11c3QgaGF2ZSBiZWVuIGRlZmluZWQgKHNlZSA6cmVmOmBjc19kZWZpbmVf cm9sZWApCisKK0V4YW1wbGU6CisKKy4uIGNvZGUtYmxvY2s6OiBiYXNoCisKKyAgICMgZGVmaW5l IHR3byByb2xlcyBuYW1lZCBpbXgtaGFidjQtc3JrMSBhbmQgaW14LWhhYnY0LXNyazIKKyAgIHI9 ImlteC1oYWJ2NC1zcmsxIgorICAgY3NfZGVmaW5lX3JvbGUgIiR7cn0iCisgICBjc19zZXRfdXJp ICIke3J9IiAicGtjczExOm9iamVjdD1TUksgQ0EgMCIKKyAgIGNzX2FwcGVuZF9jYV9mcm9tX3Vy aSAiJHtyfSIKKyAgIHI9ImlteC1oYWJ2NC1zcmsyIgorICAgY3NfZGVmaW5lX3JvbGUgIiR7cn0i CisgICBjc19zZXRfdXJpICIke3J9IiAicGtjczExOm9iamVjdD1TUksgQ0EgMSIKKyAgIGNzX2Fw cGVuZF9jYV9mcm9tX3VyaSAiJHtyfSIKKworICAgIyBkZWZpbmUgYSBncm91cCBhbmQgYWRkIHRo ZSByb2xlcworICAgZz0iaW14LWhhYnY0LXNyayIKKyAgIGNzX2RlZmluZV9ncm91cCAiJHtnfSIK KyAgIGNzX2dyb3VwX2FkZF9yb2xlcyAiJHtnfSIgImlteC1oYWJ2NC1zcmsxIiAiaW14LWhhYnY0 LXNyazIiCisKKy4uIF9jc19ncm91cF9nZXRfcm9sZXM6CisKK2NzX2dyb3VwX2dldF9yb2xlcwor Xl5eXl5eXl5eXl5eXl5eXl5eCisKK1VzYWdlOgorCisuLiBjb2RlLWJsb2NrOjogYmFzaAorCisg ICBjc19ncm91cF9nZXRfcm9sZXMgPGdyb3VwPgorCitHZXQgYSBsaXN0IG9mIGFsbCByb2xlcyB0 aGF0IGhhdmUgYmVlbiBhZGRlZCB0byB0aGUgcm9sZSBncm91cC4KKworRXhhbXBsZToKKworLi4g Y29kZS1ibG9jazo6IGJhc2gKKworICAgIyBpdGVyYXRlIG92ZXIgcm9sZSBuYW1lcyBpbiBhIHJv bGUgZ3JvdXAsIGFuZCBwcmludCB0aGVpciBuYW1lIGFuZCBVUkkKKyAgIGZvciByb2xlIGluICQo Y3NfZ3JvdXBfZ2V0X3JvbGVzICJpbXgtaGFidjQtc3JrIik7IGRvCisgICAJZWNobyAicm9sZSAn JHtyb2xlfScgaGFzIFVSSSAnJChjc19nZXRfdXJpICIke3JvbGV9IiknIgorICAgZG9uZQorCitJ biB0aGUgZXhhbXBsZSBnaXZlbiBpbiA6cmVmOmBjc19ncm91cF9hZGRfcm9sZXNgIGFib3ZlLCB0 aGlzIHdvdWxkIHByaW50OjoKKworICAgcm9sZSAnaW14LWhhYnY0LXNyazEnIGhhcyBVUkkgJ3Br Y3MxMTpvYmplY3Q9U1JLIENBIDAnCisgICByb2xlICdpbXgtaGFidjQtc3JrMicgaGFzIFVSSSAn cGtjczExOm9iamVjdD1TUksgQ0EgMScKKwogQ29uc3VtZXIgRnVuY3Rpb25zCiB+fn5+fn5+fn5+ fn5+fn5+fn4KIApkaWZmIC0tZ2l0IGEvc2NyaXB0cy9saWIvcHR4ZF9saWJfY29kZV9zaWduaW5n LnNoIGIvc2NyaXB0cy9saWIvcHR4ZF9saWJfY29kZV9zaWduaW5nLnNoCmluZGV4IDE5OWY2Nzll ZjgyOC4uYzFjNjFlMDYzYjZjIDEwMDY0NAotLS0gYS9zY3JpcHRzL2xpYi9wdHhkX2xpYl9jb2Rl X3NpZ25pbmcuc2gKKysrIGIvc2NyaXB0cy9saWIvcHR4ZF9saWJfY29kZV9zaWduaW5nLnNoCkBA IC05OSw2ICs5OSw1MSBAQCBjc19kZWZpbmVfcm9sZSgpIHsKIH0KIGV4cG9ydCAtZiBjc19kZWZp bmVfcm9sZQogCisjCisjIGNzX2RlZmluZV9ncm91cCA8Z3JvdXA+CisjCisjIERlZmluZSBhIG5l dyByb2xlIGdyb3VwLgorIworY3NfZGVmaW5lX2dyb3VwKCkgeworICAgIGxvY2FsIGdyb3VwPSIk ezF9IgorICAgIGNzX2luaXRfdmFyaWFibGVzCisKKyAgICBta2RpciAtcCAiJHtrZXlkaXJ9LyR7 Z3JvdXB9Lmdyb3VwIiAmJgorICAgIHJtIC1mICIke2tleWRpcn0vJHtncm91cH0uZ3JvdXAvcm9s ZXMiCit9CitleHBvcnQgLWYgY3NfZGVmaW5lX2dyb3VwCisKKyMKKyMgY3NfZ3JvdXBfYWRkX3Jv bGVzIDxncm91cD4gPHJvbGU+IC4uLiA8cm9sZT4KKyMKKyMgU2V0IHRoZSByb2xlcyBmb3IgYSBn cm91cAorIworY3NfZ3JvdXBfYWRkX3JvbGVzKCkgeworICAgIGxvY2FsIGdyb3VwPSIkezF9Igor ICAgIHNoaWZ0CisgICAgY3NfaW5pdF92YXJpYWJsZXMKKworICAgIGxvY2FsIG9yaWdfSUZTPSIk e0lGU30iCisgICAgSUZTPSIKKyIKKyAgICBlY2hvICIkeyp9IiA+PiAiJHtrZXlkaXJ9LyR7Z3Jv dXB9Lmdyb3VwL3JvbGVzIiAmJgorICAgIElGUz0ke29yaWdfSUZTfQorfQorZXhwb3J0IC1mIGNz X2dyb3VwX2FkZF9yb2xlcworCisjCisjIGNzX2dyb3VwX2dldF9yb2xlcyA8Z3JvdXA+CisjCisj IEdldHMgdGhlIHJvbGVzIG9mIGEgZ3JvdXAKKyMKK2NzX2dyb3VwX2dldF9yb2xlcygpIHsKKyAg ICBsb2NhbCBncm91cD0iJHsxfSIKKyAgICBjc19pbml0X3ZhcmlhYmxlcworCisgICAgY2F0ICIk e2tleWRpcn0vJHtncm91cH0uZ3JvdXAvcm9sZXMiCit9CitleHBvcnQgLWYgY3NfZ3JvdXBfZ2V0 X3JvbGVzCisKICMKICMgY3Nfc2V0X3VyaSA8cm9sZT4gPHVyaT4KICMKLS0gCjIuMzAuMgoKCl9f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCnB0eGRpc3QgbWFp bGluZyBsaXN0CnB0eGRpc3RAcGVuZ3V0cm9uaXguZGUKVG8gdW5zdWJzY3JpYmUsIHNlbmQgYSBt YWlsIHdpdGggc3ViamVjdCAidW5zdWJzY3JpYmUiIHRvIHB0eGRpc3QtcmVxdWVzdEBwZW5ndXRy b25peC5kZQo=