diff options
-rw-r--r-- | conf/template.atom-c3000/bblayers.conf.sample | 5 | ||||
-rw-r--r-- | conf/template.atom-c3000/local.conf.sample | 2 | ||||
-rw-r--r-- | conf/template.xeon-d/bblayers.conf.sample | 5 | ||||
-rw-r--r-- | conf/template.xeon-d/local.conf.sample | 2 | ||||
-rw-r--r-- | images/enea-nfv-access-host-common.inc | 1 | ||||
-rw-r--r-- | images/secure-boot.inc | 18 |
6 files changed, 31 insertions, 2 deletions
diff --git a/conf/template.atom-c3000/bblayers.conf.sample b/conf/template.atom-c3000/bblayers.conf.sample index a5e705d..d8b8fc3 100644 --- a/conf/template.atom-c3000/bblayers.conf.sample +++ b/conf/template.atom-c3000/bblayers.conf.sample | |||
@@ -23,4 +23,9 @@ BBLAYERS ?= " \ | |||
23 | ##OEROOT##/meta-openembedded/meta-webserver \ | 23 | ##OEROOT##/meta-openembedded/meta-webserver \ |
24 | ##OEROOT##/meta-java \ | 24 | ##OEROOT##/meta-java \ |
25 | ##OEROOT##/meta-updater \ | 25 | ##OEROOT##/meta-updater \ |
26 | ##OEROOT##/meta-openembedded/meta-perl \ | ||
27 | ##OEROOT##/meta-secure-core/meta \ | ||
28 | ##OEROOT##/meta-secure-core/meta-signing-key \ | ||
29 | ##OEROOT##/meta-secure-core/meta-efi-secure-boot \ | ||
30 | ##OEROOT##/meta-enea-user-keys \ | ||
26 | " | 31 | " |
diff --git a/conf/template.atom-c3000/local.conf.sample b/conf/template.atom-c3000/local.conf.sample index 8c24e77..544d279 100644 --- a/conf/template.atom-c3000/local.conf.sample +++ b/conf/template.atom-c3000/local.conf.sample | |||
@@ -244,6 +244,6 @@ SKIP_META_VIRT_SANITY_CHECK = "1" | |||
244 | 244 | ||
245 | SOTA_MACHINE ?= "${MACHINE}" | 245 | SOTA_MACHINE ?= "${MACHINE}" |
246 | 246 | ||
247 | DISTRO_FEATURES_append = " sota" | 247 | DISTRO_FEATURES_append = " sota efi-secure-boot" |
248 | DISTRO_FEATURES_NATIVE_append = " sota" | 248 | DISTRO_FEATURES_NATIVE_append = " sota" |
249 | INHERIT += " sota" | 249 | INHERIT += " sota" |
diff --git a/conf/template.xeon-d/bblayers.conf.sample b/conf/template.xeon-d/bblayers.conf.sample index a5e705d..d8b8fc3 100644 --- a/conf/template.xeon-d/bblayers.conf.sample +++ b/conf/template.xeon-d/bblayers.conf.sample | |||
@@ -23,4 +23,9 @@ BBLAYERS ?= " \ | |||
23 | ##OEROOT##/meta-openembedded/meta-webserver \ | 23 | ##OEROOT##/meta-openembedded/meta-webserver \ |
24 | ##OEROOT##/meta-java \ | 24 | ##OEROOT##/meta-java \ |
25 | ##OEROOT##/meta-updater \ | 25 | ##OEROOT##/meta-updater \ |
26 | ##OEROOT##/meta-openembedded/meta-perl \ | ||
27 | ##OEROOT##/meta-secure-core/meta \ | ||
28 | ##OEROOT##/meta-secure-core/meta-signing-key \ | ||
29 | ##OEROOT##/meta-secure-core/meta-efi-secure-boot \ | ||
30 | ##OEROOT##/meta-enea-user-keys \ | ||
26 | " | 31 | " |
diff --git a/conf/template.xeon-d/local.conf.sample b/conf/template.xeon-d/local.conf.sample index 3b1063e..34f5890 100644 --- a/conf/template.xeon-d/local.conf.sample +++ b/conf/template.xeon-d/local.conf.sample | |||
@@ -245,6 +245,6 @@ SKIP_META_VIRT_SANITY_CHECK = "1" | |||
245 | 245 | ||
246 | SOTA_MACHINE ?= "${MACHINE}" | 246 | SOTA_MACHINE ?= "${MACHINE}" |
247 | 247 | ||
248 | DISTRO_FEATURES_append = " sota" | 248 | DISTRO_FEATURES_append = " sota efi-secure-boot" |
249 | DISTRO_FEATURES_NATIVE_append = " sota" | 249 | DISTRO_FEATURES_NATIVE_append = " sota" |
250 | INHERIT += " sota" | 250 | INHERIT += " sota" |
diff --git a/images/enea-nfv-access-host-common.inc b/images/enea-nfv-access-host-common.inc index 6e3df91..352f734 100644 --- a/images/enea-nfv-access-host-common.inc +++ b/images/enea-nfv-access-host-common.inc | |||
@@ -1,5 +1,6 @@ | |||
1 | require images/enea-nfv-access-common.inc | 1 | require images/enea-nfv-access-common.inc |
2 | require classes/override_grub-efi.inc | 2 | require classes/override_grub-efi.inc |
3 | require images/secure-boot.inc | ||
3 | 4 | ||
4 | IMAGE_INSTALL += " \ | 5 | IMAGE_INSTALL += " \ |
5 | packagegroup-enea-virtualization-host \ | 6 | packagegroup-enea-virtualization-host \ |
diff --git a/images/secure-boot.inc b/images/secure-boot.inc new file mode 100644 index 0000000..d482ae1 --- /dev/null +++ b/images/secure-boot.inc | |||
@@ -0,0 +1,18 @@ | |||
1 | SECURE_CORE_IMAGE_EXTRA_INSTALL_append += "\ | ||
2 | ${@bb.utils.contains("DISTRO_FEATURES", "efi-secure-boot", \ | ||
3 | "packagegroup-efi-secure-boot", "", d)} \ | ||
4 | ${@bb.utils.contains("DISTRO_FEATURES", "tpm", \ | ||
5 | "packagegroup-tpm", "", d)} \ | ||
6 | ${@bb.utils.contains("DISTRO_FEATURES", "tpm2", \ | ||
7 | "packagegroup-tpm2", "", d)} \ | ||
8 | ${@bb.utils.contains("DISTRO_FEATURES", "ima", \ | ||
9 | "packagegroup-ima", "", d)} \ | ||
10 | ${@bb.utils.contains("DISTRO_FEATURES", "luks", \ | ||
11 | "packagegroup-luks", "", d)} \ | ||
12 | ${@bb.utils.contains("DISTRO_FEATURES", "ids", \ | ||
13 | "packagegroup-ids", "", d)} \ | ||
14 | " | ||
15 | |||
16 | IMAGE_INSTALL += "\ | ||
17 | ${SECURE_CORE_IMAGE_EXTRA_INSTALL} \ | ||
18 | " | ||