meta-secure-core: Convert to new override syntax

Converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>

meta-integrity/classes/sign_rpm_ext.bbclass

@@ -21,11 +21,11 @@ check_rpm_public_key[prefuncs] += "check_deploy_keys"
 do_package_write_rpm[depends] += "${GPG_DEP}"
 do_rootfs[depends] += "${GPG_DEP}"
 
-python do_package_write_rpm_prepend() {
+python do_package_write_rpm:prepend() {
     bb.build.exec_func("check_rpm_public_key", d)
 }
 
-python do_rootfs_prepend() {
+python do_rootfs:prepend() {
     bb.build.exec_func("check_rpm_public_key", d)
 }
 

meta-integrity/conf/layer.conf

@@ -24,7 +24,7 @@ LAYERRECOMMENDS_integrity = "\
     tpm \
 "
 
-BB_HASHBASE_WHITELIST_append += "\
+BB_HASHBASE_WHITELIST += "\
     RPM_FSK_PATH \
 "
 

meta-integrity/recipes-base/packagegroups/packagegroup-ima-initramfs.bb

@@ -2,6 +2,6 @@ DESCRIPTION = "Linux Integrity Measurement Architecture (IMA) subsystem for init
 
 include packagegroup-ima.inc
 
-RDEPENDS_${PN} += "\
+RDEPENDS:${PN} += "\
     initrdscripts-ima \
 "

meta-integrity/recipes-base/packagegroups/packagegroup-ima.bb

@@ -7,14 +7,14 @@ DEPENDS += "\
     attr-native \
 "
 
-RDEPENDS_${PN} += "\
+RDEPENDS:${PN} += "\
     attr \
     ima-inspect \
     util-linux-switch-root.static \
 "
 
 # Note any private key is not available if user key signing model used.
-RRECOMMENDS_${PN} += "\
+RRECOMMENDS:${PN} += "\
     key-store-ima-cert \
     key-store-system-trusted-cert \
 "

meta-integrity/recipes-base/packagegroups/packagegroup-ima.inc

@@ -5,8 +5,8 @@ LIC_FILES_CHKSUM = "\
 
 S = "${WORKDIR}"
 
-ALLOW_EMPTY_${PN} = "1"
+ALLOW_EMPTY:${PN} = "1"
 
-RDEPENDS_${PN} = "\
+RDEPENDS:${PN} = "\
     ima-evm-utils \
 "

meta-integrity/recipes-core/base-files/base-files-integrity.inc

@@ -1,5 +1,5 @@
 # Append iversion option for auto types
-do_install_append() {
+do_install:append() {
     sed -i 's/\s*auto\s*defaults/&,iversion/' "${D}${sysconfdir}/fstab"
     echo 'securityfs  /sys/kernel/security  securityfs  defaults  0  0' >> "${D}${sysconfdir}/fstab"
 }

meta-integrity/recipes-core/initrdscripts/initrdscripts-ima.bb

@@ -10,13 +10,13 @@ SRC_URI = "\
 
 S = "${WORKDIR}"
 
-ALLOW_EMPTY_${PN} = "1"
+ALLOW_EMPTY:${PN} = "1"
 
 do_install() {
     install -m 0500 "${WORKDIR}/init.ima" "${D}"
 }
 
-FILES_${PN} += "\
+FILES:${PN} += "\
     /init.ima \
 "
 
@@ -28,7 +28,7 @@ FILES_${PN} += "\
 # @gawk: awk
 # @util-linux: mount, umount
 # @ima-evm-utils: evmctl
-RDEPENDS_${PN} += "\
+RDEPENDS:${PN} += "\
     coreutils \
     grep \
     gawk \
@@ -38,6 +38,6 @@ RDEPENDS_${PN} += "\
     ima-policy \
 "
 
-RRECOMMENDS_${PN} += "\
+RRECOMMENDS:${PN} += "\
     key-store-ima-cert \
 "

meta-integrity/recipes-core/systemd/systemd_%.bbappend

@@ -1,4 +1,4 @@
-PACKAGECONFIG_append += "\
+PACKAGECONFIG:append = " \
     ${@bb.utils.contains('DISTRO_FEATURES', 'ima', \
                          'ima', '', d)} \
 "

meta-integrity/recipes-core/util-linux/util-linux-integrity.inc

@@ -1,14 +1,14 @@
-CFLAGS_remove += "-pie -fpie"
+CFLAGS:remove += "-pie -fpie"
 
 # We need -no-pie in case the default is to generate pie code.
 #
-do_compile_append_class-target() {
+do_compile:append:class-target() {
     ${CC} ${CFLAGS} ${LDFLAGS} -no-pie -static \
         sys-utils/switch_root.o \
         -o switch_root.static
 }
 
-do_install_append_class-target() {
+do_install:append:class-target() {
     install -d "${D}${sbindir}"
     install -m 0700 "${B}/switch_root.static" \
         "${D}${sbindir}/switch_root.static"
@@ -16,4 +16,4 @@ do_install_append_class-target() {
 
 PACKAGES =+ "${PN}-switch-root.static"
 
-FILES_${PN}-switch-root.static = "${sbindir}/switch_root.static"
+FILES:${PN}-switch-root.static = "${sbindir}/switch_root.static"

meta-integrity/recipes-devtools/rpm/rpm-integrity.inc

@@ -1,20 +1,20 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/rpm:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/rpm:"
 
-PACKAGECONFIG_append = " \
+PACKAGECONFIG:append = " \
     ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'imaevm', '', d)} \
     "
 
 # IMA signing support is provided by RPM plugin.
-EXTRA_OECONF_remove += "\
+EXTRA_OECONF:remove += "\
     --disable-plugins \
 "
-EXTRA_OECONF_append_class-native = " --disable-inhibit-plugin"
+EXTRA_OECONF:append:class-native = " --disable-inhibit-plugin"
 
-SRC_URI_append = " \
+SRC_URI:append = " \
                   file://macros.ima \
                  "
 
-do_install_append () {
+do_install:append () {
     install -d ${D}${sysconfdir}/rpm
     install -m 0644 ${WORKDIR}/macros.ima ${D}${sysconfdir}/rpm/
 }

meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc

@@ -1,4 +1,4 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/linux-yocto:"
 
 IMA_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', '1', '0', d)}"
 MODSIGN_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'modsign', '1', '0', d)}"
@@ -19,7 +19,7 @@ INHIBIT_PACKAGE_STRIP = "${@'1' if d.getVar('MODSIGN_ENABLED', True) == '1' else
 
 inherit user-key-store
 
-do_configure_prepend() {
+do_configure:prepend() {
     sys_cert="${STAGING_DIR_TARGET}${sysconfdir}/keys/system_trusted_key.crt"
     if [ ${MODSIGN_ENABLED} = "1" ]; then
         modsign_key="${@uks_modsign_keys_dir(d)}/modsign_key.key"

meta-integrity/recipes-support/ima-evm-utils/ima-evm-utils_git.bb

@@ -21,8 +21,8 @@ inherit pkgconfig autotools
 # Specify any options you want to pass to the configure script using EXTRA_OECONF:
 EXTRA_OECONF = ""
 
-FILES_${PN}-dev += "${includedir}"
+FILES:${PN}-dev += "${includedir}"
 
-RDEPENDS_${PN}_class-target += "libcrypto libattr keyutils"
+RDEPENDS:${PN}:class-target += "libcrypto libattr keyutils"
 
 BBCLASSEXTEND = "native nativesdk"

meta-integrity/recipes-support/ima-policy/ima-policy_0.1.bb

@@ -16,4 +16,4 @@ do_install() {
         "${D}${sysconfdir}/ima"
 }
 
-FILES_${PN} = "${sysconfdir}"
+FILES:${PN} = "${sysconfdir}"