linux/meta-security.git/recipes-core/initrdscripts, branch master-next

recipes: WORKDIR -> UNPACKDIR transition

2024-06-17T12:25:25+00:00

* WORKDIR -> UNPACKDIR transition * Switch away from S = WORKDIR Signed-off-by: Changqing Li [Fixed up the smack changes due to prior patch] Signed-off-by: Armin Kuster

dm-verity: hook separate hash into initramfs framework

2023-06-25T19:05:28+00:00

The prior commits create the separate hash so now it is time to update the initramfs framework so that veritysetup, which is responsible for binding the data and hash, is aware of when separate hash is in use, and can react accordingly. The added code follows the existing appended hash code style, but is considerably smaller because it doesn't have the large case statement that supports all possible identification schemes (label, UUID, ...). With the root hash split in two to create the respective partition UUIDs, we know exactly how to identify it, and the UUIDs used. Signed-off-by: Paul Gortmaker Signed-off-by: Armin Kuster

dmverity: Suppress the realpath errors

2023-06-11T14:40:33+00:00

If we use a non PARTUUID root parameter, we would always get a error like below: realpath: /dev/disk/by-partuuid//dev/mmcblk0p2: No such file or directory This seems pretty confusion and it also seems no need to emit this kind of error when we are waiting for the root device. So suppress all the realpath errors. Signed-off-by: Kevin Hao Signed-off-by: Armin Kuster

dmverity: Make use of DATA_BLOCK_SIZE variable in initrdscript.

2021-09-28T23:18:41+00:00

DATA_BLOCK_SIZE variable was set in dm-verity-img.bbclass at build time but the initrdscript was not updated to pass the DATA_BLOCK_SIZE to the veritysetup. Now the functionality is complete. Signed-off-by: Paulo Neves Signed-off-by: Armin Kuster

meta-security: Convert to new override syntax

2021-08-01T15:47:08+00:00

Signed-off-by: Armin Kuster

initramfs-framework: rename files dir

2021-06-29T16:31:13+00:00

Fixes: ERROR: initramfs-framework-1.0-r4 do_fetch: Fetcher failure for URL: 'file://dmverity'. Unable to fetch URL from any source. Signed-off-by: Armin Kuster

initramfs-framework: fix typo in conditional

2021-06-29T16:31:13+00:00

Signed-off-by: Armin Kuster

initramfs-framework: fix YCL issue.

2021-06-05T19:25:24+00:00

Signed-off-by: Armin Kuster

initramfs-framework/dmverity: add retry loop for slow boot devices

2020-10-09T14:01:47+00:00

Detection of USB devices by the kernel is slow enough. We need to keep trying for a while (default: 5s seconds, controlled by roottimeout=) and sleep between each attempt (default: one second, rootdelay=). Fix is based on https://git.yoctoproject.org/cgit.cgi/poky/commit/meta/recipes-core/initrdscripts/initramfs-framework/rootfs?id=ee6a6c3461694ce09789bf4d852cea2e22fc95e4 Signed-off-by: Naveen Saini Signed-off-by: Armin Kuster

dm-verity-image-initramfs: Use initramfs-framework

2020-09-12T15:55:28+00:00

Switch from this layer's initramfs-dm-verity recipe to poky-provided initramfs-framework suite to manage veritysetup et al. This commit also removes initramfs-dm-verity recipe which is not referred from elsewhere in this meta layer. Also update the install path of dm-verity.env from /usr/share to /usr/share/misc in order to better comply with FHS3.0, see https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s11.html#usrsharemiscMiscellaneousArchitecture Signed-off-by: Niko Mauno Signed-off-by: Armin Kuster