[yocto] [meta-security][PATCH v2 0/9] tpm: virtual TPM for qemu

[Patrick Ohly]

I recently started using swtpm-native in combination with the qemu-tpm
patches to simulate a virtual TPM chip in qemu. The qemu-tpm patches
should go into OE-core, but currently usage is a bit cumbersome
(requires root privileges and manually starting swtpm before each
runqemu invocation), so at this time I only consider the meta-security
changes ready and useful enough for merging.

Inside the virtual machine I used tpm-tools + trousers to set up
sealed keys for EVM, which required fixing a few things.

These patches were based on Armin's swtpm+trousers version update
series which needs to be merged first to avoid merge conflicts.

Changes in V2:
- add --system to tss user and group creation
- revised commit message for wrapper scripts (swtpm_cuse needs
  absolute path to tpm state dir, can be passed via parameter)
- another swtpm SRCREV bump

Patrick Ohly (9):
  trousers: missing libtspi.so.1 in libtspi package
  trousers: recommend tcsd
  trousers: tcsd.conf must be owned tss:tss
  swtpm: enable native and nativesdk flavors
  swtpm: depends on tpm-tools
  swtpm: fix compiler format warning
  swtpm: cuse packageconfig
  swtpm-wrappers: simplify using swtpm-native
  swtpm: update to latest tip

 recipes-tpm/swtpm/files/fix_lib_search_path.patch | 64 ++++++++++++++++-
 recipes-tpm/swtpm/files/fix_signed_issue.patch    |  2 +-
 recipes-tpm/swtpm/swtpm-wrappers.bb               | 41 ++++++++++-
 recipes-tpm/swtpm/swtpm_1.0.bb                    | 14 +++-
 recipes-tpm/trousers/trousers_git.bb              | 11 +--
 5 files changed, 124 insertions(+), 8 deletions(-)
 create mode 100644 recipes-tpm/swtpm/files/fix_lib_search_path.patch
 create mode 100644 recipes-tpm/swtpm/swtpm-wrappers.bb

base-commit: 6787dd986122cd6420b1f348c4550a42ed596f57
-- 
git-series 0.9.1