Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split crates into library and applications #481

Merged
merged 3 commits into from
Dec 15, 2022
Merged

Split crates into library and applications #481

merged 3 commits into from
Dec 15, 2022

Conversation

ueno
Copy link
Contributor

@ueno ueno commented Dec 5, 2022

This is a start of refactoring the codebase into three sub-crates: keylime, keylime_agent, and keylime_ima_emulator. The keylime crate provides common facility used by the other crates as a library (currently only IMA parser).

Signed-off-by: Daiki Ueno [email protected]

@ueno ueno mentioned this pull request Dec 5, 2022
Open
@ueno ueno force-pushed the wip/split-crate branch 3 times, most recently from 6a6c69b to ad90229 Compare December 5, 2022 06:50
aplanas
aplanas reviewed Dec 5, 2022
View reviewed changes
Copy link
Contributor

@aplanas aplanas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[Seems that the tests fail because of the shim.py move]

keylime-agent/Cargo.toml Outdated Show resolved Hide resolved
tests/nopanic.ci Outdated Show resolved Hide resolved
@ueno ueno force-pushed the wip/split-crate branch 2 times, most recently from ca2f5e3 to a1e125e Compare December 6, 2022 02:14
@ueno
Copy link
Contributor Author

ueno commented Dec 6, 2022

[Seems that the tests fail because of the shim.py move]

I've reverted that change (btw: I would put shim.py in dist/ instead of tests/ as it is installed), though the tests are still failing because they modify the source code.

@aplanas
Copy link
Contributor

aplanas commented Dec 6, 2022

[Seems that the tests fail because of the shim.py move]

I've reverted that change (btw: I would put shim.py in dist/ instead of tests/ as it is installed), though the tests are still failing because they modify the source code.

Ah that is unfortunate ... I wonder what can be the correct approach here. One can be fork the keylime-tests to adapt the tests and add in the PR the address of the forked repo (I think that I saw this approach in other PR)

Another one is compile the agent as debug when testing, and adding a #[cfg(debug_assertions)] that will fetch the IMA measurement path from a env var if set.

@ueno ueno force-pushed the wip/split-crate branch 3 times, most recently from 233096d to 1968a66 Compare December 12, 2022 01:42
@ueno
Copy link
Contributor Author

ueno commented Dec 12, 2022
edited
Loading

I also tried to move tpm.rs into the library crate. The generated documentation is temporarily hosted here. My idea is to port low-level primitives first, then eventually provide a high-level (protocol) API over them. That way, we could gradually migrate the code out of the agent to the library.

@lkatalin @ansasaki any thoughts on that?

@ansasaki
Copy link
Contributor

I also tried to move tpm.rs into the library crate. The generated documentation is temporarily hosted here. My idea is to port low-level primitives first, then eventually provide a high-level (protocol) API over them. That way, we could gradually migrate the code out of the agent to the library.

@lkatalin @ansasaki any thoughts on that?

Thanks for working on this! I think it makes sense to follow this incremental approach and progressively move the code out of the agent and into the library.

I've reverted that change (btw: I would put shim.py in dist/ instead of tests/ as it is installed), though the tests are still failing because they modify the source code.

About the failing test, maybe we could use a branch while we don't have a way to configure the measured boot log path. @kkaarreell Could TMT dynamic reference help us here?

@kkaarreell
Copy link
Contributor

About the failing test, maybe we could use a branch while we don't have a way to configure the measured boot log path. @kkaarreell Could TMT dynamic reference help us here?

I think I have all the required changes in RedHat-SP-Security/keylime-tests#275
To use those updates please (temporarily) modify packit-ci.fmf file and in the environment section define variable RUST_KEYLIME_UPSTREAM_BRANCH: rust_pr_481

ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 12, 2022
@ueno
packit-ci.fmf: Use branch with adjusted file locations
69f1f70 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 12, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
1b995e1 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 12, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
ef081af 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
@ueno
Split crates into library and applications
0e638a7 
This is a start of refactoring the codebase into three sub-crates:
keylime, keylime_agent, and keylime_ima_emulator.  The keylime crate
provides common facility used by the other crates as a
library (currently only IMA parser).

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
b6f8100 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
dc50106 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
a352e52 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
29b9410 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
af57d3a 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
@ueno
Copy link
Contributor Author

ueno commented Dec 13, 2022

About the failing test, maybe we could use a branch while we don't have a way to configure the measured boot log path. @kkaarreell Could TMT dynamic reference help us here?

I think I have all the required changes in RedHat-SP-Security/keylime-tests#275 To use those updates please (temporarily) modify packit-ci.fmf file and in the environment section define variable RUST_KEYLIME_UPSTREAM_BRANCH: rust_pr_481

Thank you! I'm assuming that you meant ref: rust_pr_481 under discover, instead of RUST_KEYLIME_UPSTREAM_BRANCH. With that change, those packit tests are now passing.

@ueno ueno marked this pull request as ready for review December 13, 2022 08:17
@kkaarreell
Copy link
Contributor

Right, of course, sorry for that.

ueno added a commit to ueno/rust-keylime that referenced this pull request Dec 13, 2022
@ueno
packit-ci.fmf: Point to branch with adjusted file locations
37c1475 
Suggested by Karel Srot in:
keylime#481 (comment)

Signed-off-by: Daiki Ueno <[email protected]>
@ueno ueno mentioned this pull request Dec 14, 2022
Closed
15 tasks
@kkaarreell
Copy link
Contributor

Thank you! I'm assuming that you meant ref: rust_pr_481 under discover, instead of RUST_KEYLIME_UPSTREAM_BRANCH. With that change, those packit tests are now passing.

I have merged the test update. You can restore original reference

@ueno ueno merged commit 0b75ca9 into keylime:master Dec 15, 2022
@ueno
Copy link
Contributor Author

ueno commented Dec 15, 2022

Thank you! I'm assuming that you meant ref: rust_pr_481 under discover, instead of RUST_KEYLIME_UPSTREAM_BRANCH. With that change, those packit tests are now passing.

I have merged the test update. You can restore original reference

Thanks; done and merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lkatalin lkatalin lkatalin approved these changes

@aplanas aplanas aplanas approved these changes

@ashcrow ashcrow Awaiting requested review from ashcrow

Assignees

@ashcrow ashcrow

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ueno @aplanas @ansasaki @kkaarreell @lkatalin @ashcrow