| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
Fix the following warning:
[INFO]: the following symbols were not found in the active configuration:
- CONFIG_IMA_NG_TEMPLATE=y
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
|
|
|
|
|
|
|
|
|
|
| |
Since commit [b41010c linux-yocto-integrity: fix modsign key path] applied,
if MODSIGN_ENABLED is "0", bbclass user-key-store will not be inherited
which causing 'uks_modsign_keys_dir' is not defined
Unconditionally inherit user-key-store, but conditionally invoke
uks_modsign_keys_dir
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
|
|
|
|
|
| |
Use modsign key directly from uks_modsign_keys_path(d), rather than from
installed package.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com>
|
|
|
|
| |
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
|
|
|
| |
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
|
|
|
|
|
|
|
|
| |
If sample keys are selected, key-store service will deploy IMA private
key during first boot, but beople may be confused if we deploy a sample
private key like "xxx.crt", so this commit is making sure key/cert on
target are consistent with key files on build system.
Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
|
|
|
|
| |
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
|
|
|
|
| |
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
|
|
|
|
|
|
|
|
| |
To make it easier to use this layer with various BSP layers we need to
ensure that we set CONFIG_SECURITY=y as that is in turn required by the
rest of our features, except for CONFIG_SECURITYFS
Signed-off-by: Tom Rini <trini@konsulko.com>
|
|
|
|
|
|
|
|
|
| |
The kernel module will be stripped during do_package, including the
modsign signature.
Use INHIBIT_PACKAGE_STRIP=1 if modsign is configured.
Signed-off-by: Jia Zhang <qianyue.zj@alibaba-inc.com>
|
|
|
|
| |
Signed-off-by: Jia Zhang <qianyue.zj@alibaba-inc.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
|
|
| |
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|
|
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
|