From: venkata pyla <venkata.pyla@...>

This kas option file adds additonal packages required only while testing
using cip-security-tests[1].

Also it provides additional rootfs size required for testing.

[1] https://gitlab.com/cip-project/cip-testing/cip-security-tests

Signed-off-by: venkata pyla <venkata.pyla@...>
---
kas/opt/security-testing.yml | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
create mode 100644 kas/opt/security-testing.yml

diff --git a/kas/opt/security-testing.yml b/kas/opt/security-testing.yml
new file mode 100644
index 0000000..19215f1
--- /dev/null
+++ b/kas/opt/security-testing.yml
@@ -0,0 +1,20 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Toshiba Corporation, 2022
+#
+# Authors:
+# Venkata Pyla <venkata.pyla@...>
+#
+# SPDX-License-Identifier: MIT
+#
+header:
+ version: 10
+ includes:
+ - kas/opt/security.yml
+
+local_conf_header:
+ security_testing: |
+ IMAGE_PREINSTALL_append = " sshpass"
+ ROOTFS_EXTRA = "8192"
+
--
2.20.1

On 04.07.22 19:21, venkata.pyla@... wrote:

From: venkata pyla <venkata.pyla@...>

This kas option file adds additonal packages required only while testing
using cip-security-tests[1].

Also it provides additional rootfs size required for testing.

[1] https://gitlab.com/cip-project/cip-testing/cip-security-tests

Signed-off-by: venkata pyla <venkata.pyla@...>
---
kas/opt/security-testing.yml | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
create mode 100644 kas/opt/security-testing.yml

diff --git a/kas/opt/security-testing.yml b/kas/opt/security-testing.yml
new file mode 100644
index 0000000..19215f1
--- /dev/null
+++ b/kas/opt/security-testing.yml
@@ -0,0 +1,20 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Toshiba Corporation, 2022
+#
+# Authors:
+# Venkata Pyla <venkata.pyla@...>
+#
+# SPDX-License-Identifier: MIT
+#
+header:
+ version: 10
+ includes:
+ - kas/opt/security.yml
+
+local_conf_header:
+ security_testing: |
+ IMAGE_PREINSTALL_append = " sshpass"
+ ROOTFS_EXTRA = "8192"
+

There is already kas/opt/test.yml. Can't we piggy-back on that one?
Would also already come with kconfig support.

Jan

--
Siemens AG, Technology
Competence Center Embedded Linux

On 05.07.22 13:14, Venkata.Pyla@... wrote:

-----Original Message-----
From: Jan Kiszka <jan.kiszka@...>
Sent: 05 July 2022 14:24
To: pyla venkata(ＴＳＩＰ TMIEC ODG Porting) <Venkata.Pyla@toshiba-
tsip.com>; cip-dev@...
Cc: dinesh kumar(ＴＳＩＰ) <dinesh.kumar@...>; hayashi
kazuhiro(林 和宏 □ＳＷＣ◯ＡＣＴ) <kazuhiro3.hayashi@...>
Subject: Re: [isar-cip-core][PATCH] security-testing.yml: Add kas option for IEC
layer testing

On 04.07.22 19:21, venkata.pyla@... wrote:

From: venkata pyla <venkata.pyla@...>

This kas option file adds additonal packages required only while
testing using cip-security-tests[1].

Also it provides additional rootfs size required for testing.

[1] https://gitlab.com/cip-project/cip-testing/cip-security-tests

Signed-off-by: venkata pyla <venkata.pyla@...>
---
kas/opt/security-testing.yml | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
create mode 100644 kas/opt/security-testing.yml

diff --git a/kas/opt/security-testing.yml
b/kas/opt/security-testing.yml new file mode 100644 index
0000000..19215f1
--- /dev/null
+++ b/kas/opt/security-testing.yml
@@ -0,0 +1,20 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Toshiba Corporation, 2022 # # Authors:
+# Venkata Pyla <venkata.pyla@...> # #
+SPDX-License-Identifier: MIT #
+header:
+ version: 10
+ includes:
+ - kas/opt/security.yml
+
+local_conf_header:
+ security_testing: |
+ IMAGE_PREINSTALL_append = " sshpass"
+ ROOTFS_EXTRA = "8192"
+

There is already kas/opt/test.yml. Can't we piggy-back on that one?
Would also already come with kconfig support.

Yes I thin so, we can also add security testing requirements in to test.yml,
but does it not create any side effect to the original test image?
security testing requirements adds additional package `sshpass` and increases
the rootfs size.

Or, can we select the local_conf_header fragment ('testing' or 'security_testing')
from the kconfig based on image is selected?

Adding Nobuhiro, he once wrote that. But I strongly suspect the impact
is not relevant, in both directions. If there should be, we can look
into image-specific additions, but via the same option file.

My goal here is to keep the number of kas option files low whenever
possible. From a user perspective, it does not matter if a regular or a
security image is augmented with testing features.

Jan

--
Siemens AG, Technology
Competence Center Embedded Linux