mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH] fscryptctl: new package
@ 2021-07-27 14:05 Ahmad Fatoum
  2021-07-28  9:48 ` Roland Hieber
  0 siblings, 1 reply; 6+ messages in thread
From: Ahmad Fatoum @ 2021-07-27 14:05 UTC (permalink / raw)
  To: ptxdist; +Cc: Ahmad Fatoum

fscryptctl is a low-level tool that handles raw keys and manages
policies for the Linux filesystem encryption, specifically the
"fscrypt" kernel interface which is supported by the ext4,
f2fs, and UBIFS filesystems.

fscryptctl is mainly intended for embedded systems which can't use the
full-featured fscrypt tool.  It does *not* handle key generation,
key stretching, key wrapping, or PAM integration.

Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
 rules/fscryptctl.in   | 14 ++++++++++++
 rules/fscryptctl.make | 53 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 rules/fscryptctl.in
 create mode 100644 rules/fscryptctl.make

diff --git a/rules/fscryptctl.in b/rules/fscryptctl.in
new file mode 100644
index 000000000000..712e56899d24
--- /dev/null
+++ b/rules/fscryptctl.in
@@ -0,0 +1,14 @@
+## SECTION=selinux
+
+config FSCRYPTCTL
+	tristate
+	prompt "fscryptctl"
+	help
+	  fscryptctl is a low-level tool that handles raw keys and manages
+	  policies for the Linux filesystem encryption, specifically the
+	  "fscrypt" kernel interface which is supported by the ext4,
+	  f2fs, and UBIFS filesystems.
+
+	  fscryptctl is mainly intended for embedded systems which can't use the
+	  full-featured fscrypt tool. It does *not* handle key generation,
+	  key stretching, key wrapping, or PAM integration.
diff --git a/rules/fscryptctl.make b/rules/fscryptctl.make
new file mode 100644
index 000000000000..7520ab37c203
--- /dev/null
+++ b/rules/fscryptctl.make
@@ -0,0 +1,53 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2021 by Ahmad Fatoum <a.fatoum@pengutronix.de>
+#
+
+PACKAGES-$(PTXCONF_FSCRYPTCTL) += fscryptctl
+
+#
+# Paths and names
+#
+FSCRYPTCTL_VERSION	:= 1.0.0
+FSCRYPTCTL_MD5		:= 1013d00ac166b233631100e5905004cc
+FSCRYPTCTL		:= fscryptctl-$(FSCRYPTCTL_VERSION)
+FSCRYPTCTL_SUFFIX	:= tar.gz
+FSCRYPTCTL_URL		:= https://github.com/google/fscryptctl/archive/v$(FSCRYPTCTL_VERSION).$(FSCRYPTCTL_SUFFIX)
+FSCRYPTCTL_SOURCE	:= $(SRCDIR)/$(FSCRYPTCTL).$(FSCRYPTCTL_SUFFIX)
+FSCRYPTCTL_DIR		:= $(BUILDDIR)/$(FSCRYPTCTL)
+FSCRYPTCTL_LICENSE	:= Apache-2.0
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+FSCRYPTCTL_CONF_TOOL := NO
+FSCRYPTCTL_MAKE_OPT := \
+	$(CROSS_ENV_CC) \
+	CFLAGS="-O2 -g3 -Wall" \
+	PREFIX=/usr
+
+FSCRYPTCTL_INSTALL_OPT := \
+	$(FSCRYPTCTL_MAKE_OPT) \
+	install
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/fscryptctl.targetinstall:
+	@$(call targetinfo)
+
+	@$(call install_init, fscryptctl)
+	@$(call install_fixup, fscryptctl,PRIORITY,optional)
+	@$(call install_fixup, fscryptctl,SECTION,base)
+	@$(call install_fixup, fscryptctl,AUTHOR,"Ahmad Fatoum <a.fatoum@pengutronix.de>")
+	@$(call install_fixup, fscryptctl,DESCRIPTION, "Low-level Linux fscrypt control tool")
+
+	@$(call install_copy, fscryptctl, 0, 0, 0755, -, /usr/bin/fscryptctl)
+
+	@$(call install_finish, fscryptctl)
+
+	@$(call touch)
+
+# vim: syntax=make
-- 
2.30.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [ptxdist] [PATCH] fscryptctl: new package
  2021-07-27 14:05 [ptxdist] [PATCH] fscryptctl: new package Ahmad Fatoum
@ 2021-07-28  9:48 ` Roland Hieber
  2021-08-02  5:45   ` Ahmad Fatoum
  0 siblings, 1 reply; 6+ messages in thread
From: Roland Hieber @ 2021-07-28  9:48 UTC (permalink / raw)
  To: Ahmad Fatoum; +Cc: ptxdist

On Tue, Jul 27, 2021 at 04:05:35PM +0200, Ahmad Fatoum wrote:
> fscryptctl is a low-level tool that handles raw keys and manages
> policies for the Linux filesystem encryption, specifically the
> "fscrypt" kernel interface which is supported by the ext4,
> f2fs, and UBIFS filesystems.
> 
> fscryptctl is mainly intended for embedded systems which can't use the
> full-featured fscrypt tool.  It does *not* handle key generation,
> key stretching, key wrapping, or PAM integration.
> 
> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
>  rules/fscryptctl.in   | 14 ++++++++++++
>  rules/fscryptctl.make | 53 +++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 67 insertions(+)
>  create mode 100644 rules/fscryptctl.in
>  create mode 100644 rules/fscryptctl.make
> 
> diff --git a/rules/fscryptctl.in b/rules/fscryptctl.in
> new file mode 100644
> index 000000000000..712e56899d24
> --- /dev/null
> +++ b/rules/fscryptctl.in
> @@ -0,0 +1,14 @@
> +## SECTION=selinux
> +
> +config FSCRYPTCTL
> +	tristate
> +	prompt "fscryptctl"
> +	help
> +	  fscryptctl is a low-level tool that handles raw keys and manages
> +	  policies for the Linux filesystem encryption, specifically the
> +	  "fscrypt" kernel interface which is supported by the ext4,
> +	  f2fs, and UBIFS filesystems.
> +
> +	  fscryptctl is mainly intended for embedded systems which can't use the
> +	  full-featured fscrypt tool. It does *not* handle key generation,
> +	  key stretching, key wrapping, or PAM integration.
> diff --git a/rules/fscryptctl.make b/rules/fscryptctl.make
> new file mode 100644
> index 000000000000..7520ab37c203
> --- /dev/null
> +++ b/rules/fscryptctl.make
> @@ -0,0 +1,53 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2021 by Ahmad Fatoum <a.fatoum@pengutronix.de>
> +#
> +
> +PACKAGES-$(PTXCONF_FSCRYPTCTL) += fscryptctl
> +
> +#
> +# Paths and names
> +#
> +FSCRYPTCTL_VERSION	:= 1.0.0
> +FSCRYPTCTL_MD5		:= 1013d00ac166b233631100e5905004cc
> +FSCRYPTCTL		:= fscryptctl-$(FSCRYPTCTL_VERSION)
> +FSCRYPTCTL_SUFFIX	:= tar.gz
> +FSCRYPTCTL_URL		:= https://github.com/google/fscryptctl/archive/v$(FSCRYPTCTL_VERSION).$(FSCRYPTCTL_SUFFIX)
> +FSCRYPTCTL_SOURCE	:= $(SRCDIR)/$(FSCRYPTCTL).$(FSCRYPTCTL_SUFFIX)
> +FSCRYPTCTL_DIR		:= $(BUILDDIR)/$(FSCRYPTCTL)
> +FSCRYPTCTL_LICENSE	:= Apache-2.0

FSCRYPTCTL_LICENSE_FILES	:= \
	file://fscryptctl.c;startline=5;endline=20;md5=989e571b78197682b85e3643d13296e5 \
	file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57

(Please check by running "ptxdist licensecheck fscryptctl" after adding
these lines.)

 - Roland

> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +FSCRYPTCTL_CONF_TOOL := NO
> +FSCRYPTCTL_MAKE_OPT := \
> +	$(CROSS_ENV_CC) \
> +	CFLAGS="-O2 -g3 -Wall" \
> +	PREFIX=/usr
> +
> +FSCRYPTCTL_INSTALL_OPT := \
> +	$(FSCRYPTCTL_MAKE_OPT) \
> +	install
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/fscryptctl.targetinstall:
> +	@$(call targetinfo)
> +
> +	@$(call install_init, fscryptctl)
> +	@$(call install_fixup, fscryptctl,PRIORITY,optional)
> +	@$(call install_fixup, fscryptctl,SECTION,base)
> +	@$(call install_fixup, fscryptctl,AUTHOR,"Ahmad Fatoum <a.fatoum@pengutronix.de>")
> +	@$(call install_fixup, fscryptctl,DESCRIPTION, "Low-level Linux fscrypt control tool")
> +
> +	@$(call install_copy, fscryptctl, 0, 0, 0755, -, /usr/bin/fscryptctl)
> +
> +	@$(call install_finish, fscryptctl)
> +
> +	@$(call touch)
> +
> +# vim: syntax=make
> -- 
> 2.30.2
> 
> 
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
> 

-- 
Roland Hieber, Pengutronix e.K.          | r.hieber@pengutronix.de     |
Steuerwalder Str. 21                     | https://www.pengutronix.de/ |
31137 Hildesheim, Germany                | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686         | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [ptxdist] [PATCH] fscryptctl: new package
  2021-07-28  9:48 ` Roland Hieber
@ 2021-08-02  5:45   ` Ahmad Fatoum
  2021-08-02  8:33     ` Roland Hieber
  0 siblings, 1 reply; 6+ messages in thread
From: Ahmad Fatoum @ 2021-08-02  5:45 UTC (permalink / raw)
  To: Roland Hieber; +Cc: ptxdist

Hi Roland,

On 28.07.21 11:48, Roland Hieber wrote:
> On Tue, Jul 27, 2021 at 04:05:35PM +0200, Ahmad Fatoum wrote:
>> diff --git a/rules/fscryptctl.make b/rules/fscryptctl.make
>> new file mode 100644
>> index 000000000000..7520ab37c203
>> --- /dev/null
>> +++ b/rules/fscryptctl.make
>> @@ -0,0 +1,53 @@
>> +# -*-makefile-*-
>> +#
>> +# Copyright (C) 2021 by Ahmad Fatoum <a.fatoum@pengutronix.de>
>> +#
>> +
>> +PACKAGES-$(PTXCONF_FSCRYPTCTL) += fscryptctl
>> +
>> +#
>> +# Paths and names
>> +#
>> +FSCRYPTCTL_VERSION	:= 1.0.0
>> +FSCRYPTCTL_MD5		:= 1013d00ac166b233631100e5905004cc
>> +FSCRYPTCTL		:= fscryptctl-$(FSCRYPTCTL_VERSION)
>> +FSCRYPTCTL_SUFFIX	:= tar.gz
>> +FSCRYPTCTL_URL		:= https://github.com/google/fscryptctl/archive/v$(FSCRYPTCTL_VERSION).$(FSCRYPTCTL_SUFFIX)
>> +FSCRYPTCTL_SOURCE	:= $(SRCDIR)/$(FSCRYPTCTL).$(FSCRYPTCTL_SUFFIX)
>> +FSCRYPTCTL_DIR		:= $(BUILDDIR)/$(FSCRYPTCTL)
>> +FSCRYPTCTL_LICENSE	:= Apache-2.0
> 
> FSCRYPTCTL_LICENSE_FILES	:= \
> 	file://fscryptctl.c;startline=5;endline=20;md5=989e571b78197682b85e3643d13296e5 \
> 	file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57
> 
> (Please check by running "ptxdist licensecheck fscryptctl" after adding
> these lines.)

Thanks. I just sent out a v2 with your suggested FSCRYPTCTL_LICENSE_FILES.
I didn't take startline=5 however, because that includes Google copyright
(with year) and author names. I bumped it to startline=10, which starts with:

	Licensed under the Apache License, Version 2.0 (the "License") ...

Cheers,
Ahmad

> 
>  - Roland


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [ptxdist] [PATCH] fscryptctl: new package
  2021-08-02  5:45   ` Ahmad Fatoum
@ 2021-08-02  8:33     ` Roland Hieber
  2021-08-06  6:44       ` Michael Olbrich
  0 siblings, 1 reply; 6+ messages in thread
From: Roland Hieber @ 2021-08-02  8:33 UTC (permalink / raw)
  To: Ahmad Fatoum; +Cc: ptxdist

On Mon, Aug 02, 2021 at 07:45:26AM +0200, Ahmad Fatoum wrote:
> Hi Roland,
> 
> On 28.07.21 11:48, Roland Hieber wrote:
> > On Tue, Jul 27, 2021 at 04:05:35PM +0200, Ahmad Fatoum wrote:
> >> diff --git a/rules/fscryptctl.make b/rules/fscryptctl.make
> >> new file mode 100644
> >> index 000000000000..7520ab37c203
> >> --- /dev/null
> >> +++ b/rules/fscryptctl.make
> >> @@ -0,0 +1,53 @@
> >> +# -*-makefile-*-
> >> +#
> >> +# Copyright (C) 2021 by Ahmad Fatoum <a.fatoum@pengutronix.de>
> >> +#
> >> +
> >> +PACKAGES-$(PTXCONF_FSCRYPTCTL) += fscryptctl
> >> +
> >> +#
> >> +# Paths and names
> >> +#
> >> +FSCRYPTCTL_VERSION	:= 1.0.0
> >> +FSCRYPTCTL_MD5		:= 1013d00ac166b233631100e5905004cc
> >> +FSCRYPTCTL		:= fscryptctl-$(FSCRYPTCTL_VERSION)
> >> +FSCRYPTCTL_SUFFIX	:= tar.gz
> >> +FSCRYPTCTL_URL		:= https://github.com/google/fscryptctl/archive/v$(FSCRYPTCTL_VERSION).$(FSCRYPTCTL_SUFFIX)
> >> +FSCRYPTCTL_SOURCE	:= $(SRCDIR)/$(FSCRYPTCTL).$(FSCRYPTCTL_SUFFIX)
> >> +FSCRYPTCTL_DIR		:= $(BUILDDIR)/$(FSCRYPTCTL)
> >> +FSCRYPTCTL_LICENSE	:= Apache-2.0
> > 
> > FSCRYPTCTL_LICENSE_FILES	:= \
> > 	file://fscryptctl.c;startline=5;endline=20;md5=989e571b78197682b85e3643d13296e5 \
> > 	file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57
> > 
> > (Please check by running "ptxdist licensecheck fscryptctl" after adding
> > these lines.)
> 
> Thanks. I just sent out a v2 with your suggested FSCRYPTCTL_LICENSE_FILES.
> I didn't take startline=5 however, because that includes Google copyright
> (with year) and author names. I bumped it to startline=10, which starts with:

Yes, startline=5 was deliberate to include the copyright statement. This
way it is reproduced in the license-report.pdf.

 - Roland

-- 
Roland Hieber, Pengutronix e.K.          | r.hieber@pengutronix.de     |
Steuerwalder Str. 21                     | https://www.pengutronix.de/ |
31137 Hildesheim, Germany                | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686         | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [ptxdist] [PATCH] fscryptctl: new package
  2021-08-02  8:33     ` Roland Hieber
@ 2021-08-06  6:44       ` Michael Olbrich
  2021-08-06  6:51         ` Ahmad Fatoum
  0 siblings, 1 reply; 6+ messages in thread
From: Michael Olbrich @ 2021-08-06  6:44 UTC (permalink / raw)
  To: Roland Hieber; +Cc: ptxdist, Ahmad Fatoum

Hi,

On Mon, Aug 02, 2021 at 10:33:43AM +0200, Roland Hieber wrote:
> On Mon, Aug 02, 2021 at 07:45:26AM +0200, Ahmad Fatoum wrote:
> > On 28.07.21 11:48, Roland Hieber wrote:
> > > On Tue, Jul 27, 2021 at 04:05:35PM +0200, Ahmad Fatoum wrote:
> > >> diff --git a/rules/fscryptctl.make b/rules/fscryptctl.make
> > >> new file mode 100644
> > >> index 000000000000..7520ab37c203
> > >> --- /dev/null
> > >> +++ b/rules/fscryptctl.make
> > >> @@ -0,0 +1,53 @@
> > >> +# -*-makefile-*-
> > >> +#
> > >> +# Copyright (C) 2021 by Ahmad Fatoum <a.fatoum@pengutronix.de>
> > >> +#
> > >> +
> > >> +PACKAGES-$(PTXCONF_FSCRYPTCTL) += fscryptctl
> > >> +
> > >> +#
> > >> +# Paths and names
> > >> +#
> > >> +FSCRYPTCTL_VERSION	:= 1.0.0
> > >> +FSCRYPTCTL_MD5		:= 1013d00ac166b233631100e5905004cc
> > >> +FSCRYPTCTL		:= fscryptctl-$(FSCRYPTCTL_VERSION)
> > >> +FSCRYPTCTL_SUFFIX	:= tar.gz
> > >> +FSCRYPTCTL_URL		:= https://github.com/google/fscryptctl/archive/v$(FSCRYPTCTL_VERSION).$(FSCRYPTCTL_SUFFIX)
> > >> +FSCRYPTCTL_SOURCE	:= $(SRCDIR)/$(FSCRYPTCTL).$(FSCRYPTCTL_SUFFIX)
> > >> +FSCRYPTCTL_DIR		:= $(BUILDDIR)/$(FSCRYPTCTL)
> > >> +FSCRYPTCTL_LICENSE	:= Apache-2.0
> > > 
> > > FSCRYPTCTL_LICENSE_FILES	:= \
> > > 	file://fscryptctl.c;startline=5;endline=20;md5=989e571b78197682b85e3643d13296e5 \
> > > 	file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57
> > > 
> > > (Please check by running "ptxdist licensecheck fscryptctl" after adding
> > > these lines.)
> > 
> > Thanks. I just sent out a v2 with your suggested FSCRYPTCTL_LICENSE_FILES.
> > I didn't take startline=5 however, because that includes Google copyright
> > (with year) and author names. I bumped it to startline=10, which starts with:
> 
> Yes, startline=5 was deliberate to include the copyright statement. This
> way it is reproduced in the license-report.pdf.

I agree with Roland here. Including the Copyright statement is a good idea.
It may not be strictly necessary for Apache-2.0 (I'm not sure), but it's
better to be consistent here.
And changing copyright years a really not a problem. You're supposed to
check if the License changed anyways and a changing md5 is a good reminder
to do so.

So I've modified the _LICENSE_FILES to Roland initial suggestion while
applying the patch.

Michael

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [ptxdist] [PATCH] fscryptctl: new package
  2021-08-06  6:44       ` Michael Olbrich
@ 2021-08-06  6:51         ` Ahmad Fatoum
  0 siblings, 0 replies; 6+ messages in thread
From: Ahmad Fatoum @ 2021-08-06  6:51 UTC (permalink / raw)
  To: ptxdist, Michael Olbrich; +Cc: Roland Hieber

Hi,

On 06.08.21 08:44, Michael Olbrich wrote:

[snip]

> So I've modified the _LICENSE_FILES to Roland initial suggestion while
> applying the patch.

Oh, thanks!

Cheers,
Ahmad


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2021-08-06  6:51 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-27 14:05 [ptxdist] [PATCH] fscryptctl: new package Ahmad Fatoum
2021-07-28  9:48 ` Roland Hieber
2021-08-02  5:45   ` Ahmad Fatoum
2021-08-02  8:33     ` Roland Hieber
2021-08-06  6:44       ` Michael Olbrich
2021-08-06  6:51         ` Ahmad Fatoum

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox