update version to 1.1.0

2022-07-30 10:46:47 +00:00 · 2022-07-30 10:46:47 +00:00 · 1846ed2f41
commit 1846ed2f41
parent 71e34a2c81
6 changed files with 27 additions and 91 deletions
--- a/kunpengsecl-v1.0.0.tar.gz
+++ b/kunpengsecl-v1.0.0.tar.gz
--- a/kunpengsecl-v1.1.0.tar.gz
+++ b/kunpengsecl-v1.1.0.tar.gz
--- a/kunpengsecl.spec
+++ b/kunpengsecl.spec
@ -1,17 +1,14 @@
 %global name kunpengsecl
-%global version 1.0.0
+%global version 1.1.0

 Name:            %{name}
 Version:         %{version}
-Release:         5%{?dist}
+Release:         1%{?dist}
 Summary:         A remote attestation security software components running on Kunpeng processors.
 Summary(zh_CN):  一款运行于鲲鹏处理器上的远程证明安全软件组件
 License:         Mulan PSL v2
 URL:             https://gitee.com/openeuler/kunpengsecl
 Source0:         %{name}-v%{version}.tar.gz
-Patch0000:       update-ras-test-config.patch
-Patch0001:       update-ras-rac-testfile-path.patch
-Patch0002:       update-rac-ima-bios-test-path.patch
 BuildRequires:   gettext make golang
 BuildRequires:   protobuf-compiler openssl-devel

@ -25,25 +22,22 @@ This is %{name} project, including rac, ras and rahub packages.
 Summary:       the rac package.

 %description   rac
-This is the rac rpm package.
+This is the rac rpm package, which is used to install the client of the program.

 %package       ras
 Summary:       the ras package.

 %description   ras
-This is the ras rpm package.
+This is the ras rpm package, which is used to install the server of the program.

 %package       rahub
 Summary:       the rahub package.

 %description   rahub
-This is the rahub rpm package.
+This is the rahub rpm package, which is used to cascade clients.

 %prep
 %setup -q -c
-%patch0000 -p1
-%patch0001 -p1
-%patch0002 -p1

 %build
 make build
@ -55,25 +49,26 @@ rm -rf %{buildroot}/etc/
 mkdir -p %{buildroot}/etc/attestation/rac/
 mkdir -p %{buildroot}/etc/attestation/rahub/
 mkdir -p %{buildroot}/etc/attestation/ras/
-mkdir -p %{buildroot}/etc/attestation/default_test
+mkdir -p -m 777 %{buildroot}/etc/attestation/default_test
 rm -rf %{buildroot}/usr/share/
 mkdir -p %{buildroot}/usr/share/attestation/rac/
 mkdir -p %{buildroot}/usr/share/attestation/ras/
+mkdir -p %{buildroot}/usr/share/attestation/rahub/
 mkdir -p %{buildroot}/usr/share/doc/attestation/ras/
 mkdir -p %{buildroot}/usr/share/doc/attestation/rac/
 mkdir -p %{buildroot}/usr/share/doc/attestation/rahub/

 install -m 555 %{_builddir}/%{name}-%{version}/attestation/rac/pkg/raagent %{buildroot}/usr/bin/
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/rac/pkg/rahub %{buildroot}/usr/bin/
-install -m 555 %{_builddir}/%{name}-%{version}/attestation/rac/pkg/tbprovisioner %{buildroot}/usr/bin/
+#install -m 555 %{_builddir}/%{name}-%{version}/attestation/rac/pkg/tbprovisioner %{buildroot}/usr/bin/
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/ras/pkg/ras %{buildroot}/usr/bin/

 install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/raagent/config.yaml %{buildroot}/etc/attestation/rac/
 install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/rahub/config.yaml %{buildroot}/etc/attestation/rahub/
-install -m 644 %{_builddir}/%{name}-%{version}/attestation/ras/cmd/ras/config.yaml %{buildroot}/etc/attestation/ras/
-install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/raagent/ascii_runtime_measurements %{buildroot}/etc/attestation/default_test/
-install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/raagent/binary_bios_measurements %{buildroot}/etc/attestation/default_test/
-install -m 644 %{_builddir}/%{name}-%{version}/attestation/ras/cmd/ras/ecdsakey.pub %{buildroot}/etc/attestation/default_test/
+install -m 644 %{_builddir}/%{name}-%{version}/attestation/ras/cmd/config.yaml %{buildroot}/etc/attestation/ras/
+install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/raagent/ascii_runtime_measurements* %{buildroot}/etc/attestation/default_test/
+install -m 644 %{_builddir}/%{name}-%{version}/attestation/rac/cmd/raagent/binary_bios_measurements* %{buildroot}/etc/attestation/default_test/
+install -m 644 %{_builddir}/%{name}-%{version}/attestation/ras/cmd/ecdsakey.pub %{buildroot}/etc/attestation/default_test/

 install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/prepare-database-env.sh %{buildroot}/usr/share/attestation/ras/
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/clear-database.sh %{buildroot}/usr/share/attestation/ras/
@ -81,6 +76,9 @@ install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/createT
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/clearTable.sql %{buildroot}/usr/share/attestation/ras/
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/dropTable.sql %{buildroot}/usr/share/attestation/ras/
 install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/integritytools/*.sh %{buildroot}/usr/share/attestation/rac/
+install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/prepare-rasconf-env.sh %{buildroot}/usr/share/attestation/ras/
+install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/prepare-racconf-env.sh %{buildroot}/usr/share/attestation/rac/
+install -m 555 %{_builddir}/%{name}-%{version}/attestation/quick-scripts/prepare-hubconf-env.sh %{buildroot}/usr/share/attestation/rahub/

 install -m 644 %{_builddir}/%{name}-%{version}/README.md %{buildroot}/usr/share/doc/attestation/ras/
 install -m 644 %{_builddir}/%{name}-%{version}/README.en.md %{buildroot}/usr/share/doc/attestation/ras/
@ -106,13 +104,14 @@ install -m 644 %{_builddir}/%{name}-%{version}/LICENSE %{buildroot}/usr/share/do

 %files   rac
 %{_bindir}/raagent
-%{_bindir}/tbprovisioner
+#%{_bindir}/tbprovisioner
 %{_sysconfdir}/attestation/rac/config.yaml
-%{_sysconfdir}/attestation/default_test/ascii_runtime_measurements
-%{_sysconfdir}/attestation/default_test/binary_bios_measurements
+%{_sysconfdir}/attestation/default_test/ascii_runtime_measurements*
+%{_sysconfdir}/attestation/default_test/binary_bios_measurements*
 %{_datadir}/attestation/rac/containerintegritytool.sh
 %{_datadir}/attestation/rac/pcieintegritytool.sh
 %{_datadir}/attestation/rac/hostintegritytool.sh
+%{_datadir}/attestation/rac/prepare-racconf-env.sh
 %{_docdir}/attestation/rac/README.md
 %{_docdir}/attestation/rac/README.en.md
 %{_docdir}/attestation/rac/LICENSE
@ -126,6 +125,7 @@ install -m 644 %{_builddir}/%{name}-%{version}/LICENSE %{buildroot}/usr/share/do
 %{_datadir}/attestation/ras/createTable.sql
 %{_datadir}/attestation/ras/clearTable.sql
 %{_datadir}/attestation/ras/dropTable.sql
+%{_datadir}/attestation/ras/prepare-rasconf-env.sh
 %{_docdir}/attestation/ras/README.md
 %{_docdir}/attestation/ras/README.en.md
 %{_docdir}/attestation/ras/LICENSE
@ -133,6 +133,7 @@ install -m 644 %{_builddir}/%{name}-%{version}/LICENSE %{buildroot}/usr/share/do
 %files   rahub
 %{_bindir}/rahub
 %{_sysconfdir}/attestation/rahub/config.yaml
+%{_datadir}/attestation/rahub/prepare-hubconf-env.sh
 %{_docdir}/attestation/rahub/README.md
 %{_docdir}/attestation/rahub/README.en.md
 %{_docdir}/attestation/rahub/LICENSE
@ -142,6 +143,11 @@ rm -rf %{_builddir}
 rm -rf %{buildroot}

 %changelog
+* Sun Jul 24 2022 aaron-liwang <3214053332@qq.com> - 1.1.0-1
+-   add some test files
+-   prepare corresponding script for ras\rac\rahub to deploy config file respectively
+-   update part of file paths
+-   update to 1.1.0
 * Fri Jan 21 2022 aaron-liwang <3214053332@qq.com> - 1.0.0-5
 -   install some test files to support the running of program.
 * Mon Dec 27 2021 gwei3 <11015100@qq.com> - 1.0.0-4
@ -155,4 +161,4 @@ rm -rf %{buildroot}
 -   modify the kunpengsecl.spec and buildrpm.sh files.
 -   add root Makefile to build/clean rpm package.
 * Thu Nov 11 2021 aaron-liwang <3214053332@qq.com> - 1.0.0-1
-   Update to 1.0.0
+-   update to 1.0.0
--- a/update-rac-ima-bios-test-path.patch
+++ b/update-rac-ima-bios-test-path.patch
@ -1,14 +0,0 @@
-diff -Nuar kunpengsecl-v1.0.0-pre/attestation/rac/ractools/entity.go kunpengsecl-v1.0.0/attestation/rac/ractools/entity.go
--- kunpengsecl-v1.0.0-pre/attestation/rac/ractools/entity.go	2021-12-26 12:17:34.000000000 +0800
-+++ kunpengsecl-v1.0.0/attestation/rac/ractools/entity.go	2022-01-21 21:51:32.085148450 +0800
-@@ -29,8 +29,8 @@
- 
- const (
- 	emptyPassword   = ""
-	TestImaLogPath  = "./ascii_runtime_measurements"
-	TestBiosLogPath = "./binary_bios_measurements"
-+	TestImaLogPath  = "/etc/attestation/default_test/ascii_runtime_measurements"
-+	TestBiosLogPath = "/etc/attestation/default_test/binary_bios_measurements"
- 	ImaLogPath      = "/sys/kernel/security/ima/ascii_runtime_measurements"
- 	BiosLogPath     = "/sys/kernel/security/tpm0/binary_bios_measurements"
- )
--- a/update-ras-rac-testfile-path.patch
+++ b/update-ras-rac-testfile-path.patch
@ -1,31 +0,0 @@
-diff -Nuar kunpengsecl-v1.0.0-pre/attestation/ras/config/config.go kunpengsecl-v1.0.0/attestation/ras/config/config.go
--- kunpengsecl-v1.0.0-pre/attestation/ras/config/config.go	2021-12-26 12:17:34.000000000 +0800
-+++ kunpengsecl-v1.0.0/attestation/ras/config/config.go	2022-01-21 21:50:23.509081269 +0800
-@@ -67,8 +67,8 @@
- 	NullString            = ""
- 	extKey                = ".key"
- 	extCert               = ".crt"
-	RasRootKeyFileDefault = "./pca-root"
-	RasPcaKeyFileDefault  = "./pca-ek"
-+	RasRootKeyFileDefault = strPathSysConf + "/default_test/pca-root"
-+	RasPcaKeyFileDefault  = strPathSysConf + "/default_test/pca-ek"
- 	RasRootPrivKeyFile    = "rasconfig.rootprivkeyfile"
- 	RasRootKeyCertFile    = "rasconfig.rootkeycertfile"
- 	RasPcaPrivKeyFile     = "rasconfig.pcaprivkeyfile"
-@@ -97,13 +97,13 @@
- 	RasExtRules           = "rasconfig.basevalue-extract-rules"
- 	RasAutoUpdateConfig   = "rasconfig.auto-update-config"
- 	RasAuthKeyFile        = "rasconfig.authkeyfile"
-	RasAuthKeyFileDefault = "./ecdsakey"
-+	RasAuthKeyFileDefault = strPathSysConf + "/default_test/ecdsakey"
- 	// RAC
- 	RacIKeyCertFileDefault     = "./ic"
- 	RacEKeyCertFile            = "racconfig.ekcert"
- 	RacIKeyCertFile            = "racconfig.ikcert"
-	RacEKFileDefaultTest       = "./ectest"
-	RacIKeyCertFileDefaultTest = "./ictest"
-+	RacEKFileDefaultTest       = strPathSysConf + "/default_test/ectest"
-+	RacIKeyCertFileDefaultTest = strPathSysConf + "/default_test/ictest"
- 	RacEKeyCertFileTest        = "racconfig.ekcerttest"
- 	RacIKeyCertFileTest        = "racconfig.ikcerttest"
- 	RacServer                  = "racconfig.server" // client connect to server
--- a/update-ras-test-config.patch
+++ b/update-ras-test-config.patch
@ -1,25 +0,0 @@
--- kunpengsecl-v1.0.0-pre/attestation/ras/cmd/ras/config.yaml	2021-12-26 12:17:34.000000000 +0800
-+++ kunpengsecl-v1.0.0/attestation/ras/cmd/ras/config.yaml	2022-01-21 21:48:55.182706734 +0800
-@@ -9,7 +9,7 @@
-   hbduration: 5s
-   trustduration: 2m0s
- rasconfig:
-  authkeyfile: ./ecdsakey.pub
-+  authkeyfile: /etc/attestation/default_test/ecdsakey.pub
-   auto-update-config:
-     isallupdate: false
-     updateclients: []
-@@ -31,9 +31,9 @@
-       - 4
-   changetime: 1970-01-01T08:00:00+08:00
-   mgrstrategy: auto
-  pcakeycertfile: ./pca-ek.crt
-  pcaprivkeyfile: ./pca-ek.key
-+  pcakeycertfile: /etc/attestation/default_test/pca-ek.crt
-+  pcaprivkeyfile: /etc/attestation/default_test/pca-ek.key
-   port: 127.0.0.1:40001
-   rest: 127.0.0.1:40002
-  rootkeycertfile: ./pca-root.crt
-  rootprivkeyfile: ./pca-root.key
-+  rootkeycertfile: /etc/attestation/default_test/pca-root.crt
-+  rootprivkeyfile: /etc/attestation/default_test/pca-root.key