<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git/classes, branch walnascar</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=walnascar</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=walnascar'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2025-03-12T19:31:15+00:00</updated>
<entry>
<title>dm-verity-img.bbclass: set sparse as "never" during initial file copy</title>
<updated>2025-03-12T19:31:15+00:00</updated>
<author>
<name>Lorenzo Arena</name>
<email>arena.lor@gmail.com</email>
</author>
<published>2025-02-17T14:54:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=674f1e3367c7cfb606047b2050338c725ba2eca2'/>
<id>urn:sha1:674f1e3367c7cfb606047b2050338c725ba2eca2</id>
<content type='text'>
This is needed when a verity image is used in conjunction with tools
like a WIC and a bmap file, as avoiding writing "sparse" sectors
can result in errors in the signature verification.

Signed-off-by: Lorenzo Arena &lt;arena.lor@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity: set staging correctly in case basename has changed</title>
<updated>2024-12-16T17:49:13+00:00</updated>
<author>
<name>Louis Rannou</name>
<email>louis.rannou@non.se.com</email>
</author>
<published>2024-05-20T19:33:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=8c9cdd60e429025ad75827eca08d37ef2725b832'/>
<id>urn:sha1:8c9cdd60e429025ad75827eca08d37ef2725b832</id>
<content type='text'>
Fix the verity class when the IMAGE_BASENAME has changed. Prefer DM_VERITY_IMAGE
for staging env and wic fragment so it matchs what is used in the
dm-verity-image-initramfs and the base wks systemd-bootdisk-dmverity.wks.in.

Signed-off-by: Louis Rannou &lt;louis.rannou@non.se.com&gt;
Signed-off-by: Louis Rannou &lt;louis.rannou@syslinbit.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity-img.bbclass: add DM_VERITY_SETUP_ARGS</title>
<updated>2024-12-16T17:49:04+00:00</updated>
<author>
<name>gr embeter</name>
<email>grembeter=gmail.com@lists.yoctoproject.org</email>
</author>
<published>2024-11-09T11:31:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=29d46054c2a3c71ae1ad164a6f32bd6ecbe1b07b'/>
<id>urn:sha1:29d46054c2a3c71ae1ad164a6f32bd6ecbe1b07b</id>
<content type='text'>
Useful to pass additional arguments to veritysetup, for example
'--no-superblock' to make system less vulnerable to certain types of
attacks and data maniputaion on the disk.

Signed-off-by: Grygorii Tertychnyi &lt;grembeter@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity: Set the IMAGE_FSTYPES correctly when dm-verity is enabled</title>
<updated>2024-03-27T16:36:58+00:00</updated>
<author>
<name>Kevin Hao</name>
<email>kexin.hao@windriver.com</email>
</author>
<published>2024-02-22T01:21:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d80cd2ba6a3ef850cef12578671a5b17d86d3e7c'/>
<id>urn:sha1:d80cd2ba6a3ef850cef12578671a5b17d86d3e7c</id>
<content type='text'>
After the using inherit_defer for the image classes in oe-core commit
451363438d38 ("classes/recipes: Switch to use inherit_defer"),
the using of anonymous python function in dm-verity-img.bbclass to
set the IMAGE_FSTYPES doesn't work anymore. The reason is that
image.bbclass also use anonymous python function to add the do_image_xxx
task for the corresponding filesystem type. The anonymous function in
dm-verity-img.bbclass is evaluated much later than the one in
image.bbclass. Then the task such as do_image_vhash will not be added
as we expect. So we choose to use "+=" to set the IMAGE_FSTYPES.

The populate_sdk_ext.bbclass may generate a dependency list like below:
  core-image-minimal.do_sdk_depends -&gt; lib32-core-image-minimal.do_image_vhash

So we also need to make sure the do_image_vhash task for the multilib
filesystem is added.

Signed-off-by: Kevin Hao &lt;kexin.hao@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity: Adjust the image names according to the oe-core change</title>
<updated>2024-03-27T16:36:58+00:00</updated>
<author>
<name>Kevin Hao</name>
<email>kexin.hao@windriver.com</email>
</author>
<published>2024-02-22T01:21:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=7b951e3900943b5f4a05a0c06cdff6bd29b4fa00'/>
<id>urn:sha1:7b951e3900943b5f4a05a0c06cdff6bd29b4fa00</id>
<content type='text'>
After the oe-core commit 26d97acc7137 ("image-artifact-names: include
${IMAGE_NAME_SUFFIX} directly in both ${IMAGE_NAME} and
${IMAGE_LINK_NAME}"), the image names have changed from
  core-image-minimal-qemux86-64-20230307181808.rootfs.ext4
  core-image-minimal-qemux86-64.ext4
to
  core-image-minimal-qemux86-64.rootfs-20230307181456.ext4
  core-image-minimal-qemux86-64.rootfs.ext4

Adjust the images name used by dm-verity according to this change.

Signed-off-by: Kevin Hao &lt;kexin.hao@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity-img.bbclass: add DM_VERITY_DEPLOY_DIR</title>
<updated>2023-12-29T14:09:30+00:00</updated>
<author>
<name>Mikko Rapeli</name>
<email>mikko.rapeli@linaro.org</email>
</author>
<published>2023-12-21T07:57:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=73e03651ef78d42577e052d7abfc13a9a36b3cbd'/>
<id>urn:sha1:73e03651ef78d42577e052d7abfc13a9a36b3cbd</id>
<content type='text'>
If image recipe A wants to embed another image B which used
dm-verity-img.bbclass and generated the .wks file, then
recipe B must deploy everything to IMGDEPLOYDIR but recipe A
finds the output from DM_VERITY_DEPLOY_DIR = "${DEPLOY_DIR_IMAGE}".

Now both A and B images can use dm-verity-img.bbclass.

Signed-off-by: Mikko Rapeli &lt;mikko.rapeli@linaro.org&gt;
Reviewed-by: Erik Schilling &lt;erik.schilling@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity-img.bbclass: remove IMAGE_NAME_SUFFIX</title>
<updated>2023-12-29T14:09:30+00:00</updated>
<author>
<name>Erik Schilling</name>
<email>erik.schilling@linaro.org</email>
</author>
<published>2023-12-21T07:57:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=fd295b2c28219a0cd53087e7ff96edecd9b23d9d'/>
<id>urn:sha1:fd295b2c28219a0cd53087e7ff96edecd9b23d9d</id>
<content type='text'>
It is embedded into IMAGE_NAME since poky master branch commit
6f6c79029bc2020907295858449c725952d560a1

Signed-off-by: Mikko Rapeli &lt;mikko.rapeli@linaro.org&gt;
Signed-off-by: Erik Schilling &lt;erik.schilling@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity-img.bbclass: use bc-native</title>
<updated>2023-12-29T14:09:30+00:00</updated>
<author>
<name>Erik Schilling</name>
<email>erik.schilling@linaro.org</email>
</author>
<published>2023-12-21T07:57:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=57723ce65ebf4c8647fcf94e139c56cc4634913f'/>
<id>urn:sha1:57723ce65ebf4c8647fcf94e139c56cc4634913f</id>
<content type='text'>
Build host may not have bc.

Signed-off-by: Mikko Rapeli &lt;mikko.rapeli@linaro.org&gt;
Signed-off-by: Erik Schilling &lt;erik.schilling@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity: add wks.in fragment with dynamic build hash data</title>
<updated>2023-06-25T19:05:28+00:00</updated>
<author>
<name>Paul Gortmaker</name>
<email>paul.gortmaker@windriver.com</email>
</author>
<published>2023-06-21T17:13:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=3b88f75323bd399615eb6c0897b13cbb59e35e64'/>
<id>urn:sha1:3b88f75323bd399615eb6c0897b13cbb59e35e64</id>
<content type='text'>
Export the dynamic build data for consumption in wic image generation.

It can either be included directly or manually parsed for useful chunks
in custom configurations people end up making.

For convenience, it is placed alongside the work-shared/dm-verity dir
where we already store the plain environment file and the veritysetup
formatting argument that was used.

There is a subtle thing going on here with respect to using an include,
which warrants a mention.  The wic (wks.in) stuff only has access to
normal Yocto/OE/bitbake variables.

So, instead of a fragment, say if you had:
   DM_VERITY_ROOT_HASH = "__not_set__"
and then later, did a:
   d.setVar("DM_VERITY_ROOT_HASH", value)
after the image was built, and the hash was known - that seems sane.

But the problem is that once you do that, your variables are tracked
by default, and bitbake/lib/bb/siggen.py will be angry with you for
changing metadata during a build.  In theory one should be able to avoid
this with BB_BASEHASH_IGNORE_VARS and "vardepsexclude" but it means more
exposed variables, and as much as I tried, I couldn't get this to work.

Creating a fragment with the dynamic data for inclusion avoids all that.
The wks template itself remains static, and hence doesn't trigger warns.

Signed-off-by: Paul Gortmaker &lt;paul.gortmaker@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>dm-verity: add support for hash storage on separate partition</title>
<updated>2023-06-25T19:05:28+00:00</updated>
<author>
<name>Paul Gortmaker</name>
<email>paul.gortmaker@windriver.com</email>
</author>
<published>2023-06-21T17:13:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=4922b3053af9e0f66a3e0a65bd25b9f51df3a4f9'/>
<id>urn:sha1:4922b3053af9e0f66a3e0a65bd25b9f51df3a4f9</id>
<content type='text'>
There are essentially two ways for dealing with where to put the hash
data for dm-verity block integrity checks.

You can store both in a single partition, by using ~95% of the storage
space for the filesystem and the remaining 5% tail for the hash, or you
can use a completely separate partition (or even device) for storing the
hash data elsewhere.

Method A relies on using a hash offset argument during creation, which
is generally OK from a scripted use case but is error prone when run
from the command line and the offset calculated manually.

Method B has the advantage of using the basic partition/device
compartmentalization of the kernel to ensure the fs data doesn't
overwrite the hash or vice versa.  It takes any possible errors due to
math miscalculations completely off the table.

At the moment, our current support is hard coded to only support the
offset method A.  Here we add support for separate hash as per B.

As multiple partitions are now in play, we use the UUID creation
standard adopted by the systemd/verity community which implicitly links
the root and hash partitions by splitting the top roothash in two for
the UUIDs of the components.

This change optionally creates the separate hash file but no examples
use it yet.  Further commits will implement an example.

Signed-off-by: Paul Gortmaker &lt;paul.gortmaker@windriver.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
