Commit Graph

Select branches

Hide Pull Requests

gatesgarth

honister

master

rocko

sumo

thud

#1

#1

#10

#10

#100

#101

#102

#103

#104

#105

#106

#107

#109

#11

#110

#111

#112

#113

#115

#116

#117

#118

#119

#12

#12

#120

#121

#122

#123

#124

#125

#126

#127

#128

#129

#13

#130

#131

#132

#133

#134

#136

#137

#138

#139

#14

#140

#141

#142

#143

#144

#145

#146

#147

#148

#149

#15

#150

#151

#152

#153

#154

#156

#157

#158

#160

#161

#162

#163

#164

#165

#166

#167

#168

#169

#17

#170

#171

#172

#173

#174

#175

#176

#177

#178

#179

#18

#180

#181

#182

#184

#185

#186

#187

#188

#189

#19

#190

#191

#192

#193

#195

#196

#197

#198

#199

#2

#20

#200

#201

#203

#205

#207

#208

#21

#211

#212

#213

#214

#215

#216

#217

#218

#219

#22

#220

#221

#222

#223

#224

#225

#226

#227

#228

#230

#231

#232

#233

#233

#234

#235

#238

#239

#24

#240

#241

#244

#249

#25

#250

#251

#252

#253

#255

#257

#258

#26

#26

#260

#261

#262

#27

#28

#29

#3

#31

#32

#33

#34

#35

#36

#37

#38

#39

#4

#40

#41

#42

#43

#44

#45

#45

#46

#46

#47

#48

#5

#50

#51

#52

#53

#54

#55

#56

#58

#59

#60

#62

#63

#64

#65

#66

#67

#68

#69

#7

#7

#70

#71

#72

#74

#75

#76

#77

#78

#8

#8

#80

#81

#82

#83

#84

#85

#87

#88

#89

#9

#90

#91

#92

#93

#96

#97

#99

Mono Color

• 7bbeefe9bd key-store: Fix typo in key-store-ima-privkey name Tom Rini 2018-05-11 16:10:19 -04:00
• 485d2db235 grub-efi: fix compile errors for arm64 Kai Kang 2018-05-10 02:28:01 -07:00
• 67e52b9f40 grub-efi: refresh patches to fix QA warning Yi Zhao 2018-05-10 08:57:24 +08:00
• 8ee475b6dc meta-efi-secure-core: Move kernel-initramfs.bbappend Tom Rini 2018-05-05 09:46:03 -04:00
• 4d27285e28 kernel-initramfs: Rework to use update-alternatives directly Tom Rini 2018-05-05 09:38:03 -04:00
• e00aed3e08 efitools: Rework how we deal with rpath and linking of Linux apps Tom Rini 2018-05-01 20:42:20 -04:00
• 15a25c9a4a initrdscripts-secure-core: Provide all directories init requires Tom Rini 2018-04-26 13:31:18 -04:00
• bd31f81f78 README: Clarify local.conf required changes for IMA Tom Rini 2018-04-19 20:17:30 -04:00
• 4a6de14094 keyutils: refresh patches to fix QA warning Yi Zhao 2018-04-11 21:38:43 +08:00
• 04c1072d8f init.ima: Fix up the syntax error Jia Zhang 2018-03-19 22:46:19 -04:00
• b56c19c8af grub/boot-menu: Rename _bakup suffix to _backup Jia Zhang 2018-03-19 21:50:58 -04:00
• f1ac8a4553 ima/linux-yocto: Enable CONFIG_IMA_READ_POLICY and CONFIG_IMA_APPRAISE_BOOTPARAM Jia Zhang 2018-03-19 21:24:35 -04:00
• 73cae2678d integrity/linux-yocto: Enable CONFIG_SYSTEM_BLACKLIST_KEYRING Jia Zhang 2018-03-19 21:23:37 -04:00
• f13d2e0ef8 init.ima: Fix the failure when importing the external policy from real rootfs Jia Zhang 2018-03-19 17:04:03 -04:00
• e9bfbabd51 README: Document the instruction to install kernel image Jia Zhang 2018-03-19 15:22:44 -04:00
• 387a9bf500 cryptfs-tpm2: Update the upstream URL Jia Zhang 2018-03-13 08:43:45 -04:00
• fb838242ad seloader: sync up with upstream Jia Zhang 2018-02-28 23:10:04 -05:00
• 184dc8bb25 meta-integrity: Ensure that we have CONFIG_SECURITY enabled in the kernel Tom Rini 2018-02-21 13:18:37 -05:00
• 365a400ed9 meta-secure-core: update TSS 2.0 to the latest stable version Jia Zhang 2018-02-19 04:39:19 -05:00
• cf8ae9e69b meta-integrity: Fix build problem on ima-inspect Tom Rini 2018-02-16 15:12:31 -05:00
• d0c0bedbbe meta-integrity: Add ima-inspect utility Tom Rini 2018-02-15 12:18:11 -05:00
• 59a9f43b89 meta-integrity: Drop RPM patches that are upstream now Tom Rini 2018-02-13 08:45:39 -05:00
• af05e4860f kernel-initramfs: use oe.utils.read_file Jackie Huang 2018-02-06 21:38:13 -08:00
• cfb63e60d7 efitools: use oe.utils.str_filter_out Jackie Huang 2018-02-06 21:36:59 -08:00
• 0c4d9a8268 util-linux: Fix package name extension Holger Dengler 2017-12-07 11:06:03 +01:00
• 00324b6b3e README: update README Jia Zhang 2017-12-04 12:25:12 +08:00
• a22324542d linux-yocto: fix loading kernel module due to being stripped Jia Zhang 2017-11-25 18:47:15 +08:00
• 5758c189a3 README.md: update to claim the support of modsign Jia Zhang 2017-11-21 09:33:01 -05:00
• 59ca43808c meta-integrity: enable modsign support in kernel Jia Zhang 2017-11-21 09:32:12 -05:00
• bd0f4cbe40 meta-signing-key: support to build key-store with modsign and extra system trusted key support Jia Zhang 2017-11-21 09:30:51 -05:00
• a97b3363b6 scripts/create-user-key-store.sh: support to generate the user keys for modsign and extra system trusted key Jia Zhang 2017-11-21 09:29:33 -05:00
• 56033f310f meta-signing-key: add the sample keys for modsign and extra system trusted key Jia Zhang 2017-11-21 09:27:25 -05:00
• 3ad05893e5 meta-signing-key, meta-efi-secure-boot: Rework for dependencies Tom Rini 2017-11-15 22:28:01 -05:00
• d3a05a62c1 README update Tom Rini 2017-11-15 22:27:23 -05:00
• 1259958f3c initrdscripts: rename expected ima certificate (#28) Yunguo Wei 2017-11-12 09:43:48 +08:00
• 99f7472019 seloader: sync up with upstream Jia Zhang 2017-10-27 23:27:07 +08:00
• 0477a93cf9 rpm: always include rpm-integrity.inc for RPM signing Jia Zhang 2017-10-27 23:25:55 +08:00
• c2b8134dc3 meta-integrity: fix build failure caused by 6aa83f98b Jia Zhang 2017-10-27 22:04:09 +08:00
• ffe79fe91e shim: drop fallback Jia Zhang 2017-10-22 19:48:39 +08:00
• 6aa83f98bc rpm: only apply bbappend file when ima in DISTRO_FEATURES (#27) Kai 2017-10-27 20:57:45 +08:00
• a852a68227 shim: disable OVERRIDE_SECURITY_POLICY for 32bit target (#25) Wenzong Fan 2017-09-30 15:50:25 +08:00
• 5080ec0fac grub-efi: fix build error with qemux86 (#24) Wenzong Fan 2017-09-30 11:00:39 +08:00
• 616263c4e6 keyutils: update to 1.5.10 (#22) Wenzong Fan 2017-09-27 17:36:58 +08:00
• db7acb7d28 user-key-store.bbclass: add deploy_rpm_keys (#20) Wenzong Fan 2017-09-25 15:27:07 +08:00
• 6dff36ef09 Install packages if distro flag set (#21) Wenzong Fan 2017-09-25 15:25:27 +08:00
• afc39392a6 cryptsetup:add lvm2-udevrules into RDEPENDS (#19) WarrickJiang 2017-09-25 15:24:24 +08:00
• 8206812e75 kernel-initramfs: fix the issue rm kernel source codes (#18) fli 2017-09-25 15:24:03 +08:00
• 091e2cc6fa meta-tpm2: clean up bootstrap Jia Zhang 2017-09-20 01:46:21 -04:00
• 8e40927026 Change the email address of MAINTAINER Jia Zhang 2017-09-20 01:45:58 -04:00
• c28e821fe6 packagegroup-tpm: include tpm-quote-tools (#17) Wenzong Fan 2017-09-12 22:02:25 +08:00
• b69537380c meta-secure-core: clean up ${COREBASE}/LICENSE and ${COREBASE}/meta/COPYING.MIT Jia Zhang 2017-09-02 11:11:00 +08:00
• 7f72300c23 tpm : openssl-tpm-engine: parse an encrypted TPM key password from env (#15) limeng-linux 2017-09-02 10:16:57 +08:00
• 49fadf7ef0 Update BB_HASHBASE_WHITELIST Jia Zhang 2017-09-01 20:28:38 +08:00
• a10fc38e3f create-user-key-store.sh: Add arguments to specify gpg's key name and email address (#14) yunguowei 2017-08-28 00:44:00 +08:00
• 0e6d3a3e1c meta-efi-secure-boot/README.md: document shim_cert as unused Jia Zhang 2017-08-26 17:11:50 +08:00
• aa14422754 meta-ids: install packagegroup-ids if the feature ids configured Jia Zhang 2017-08-24 21:01:32 +08:00
• 5a24b8f94f key-store: Fix two key-store-rpm-pubkey user key issues (#13) Guojian 2017-08-24 19:52:34 +08:00
• 90fd1b523a meta-ids: initial commit for IDS support (#11) Wenzong Fan 2017-08-24 17:21:52 +08:00
• c41b36ea73 meta-integrity: add tpm2, tpm as LAYERRECOMMENDS (#9) Wenzong Fan 2017-08-24 13:34:03 +08:00
• c2962bba6d sign_rpm_ext: make sure all target recipes are signed Jia Zhang 2017-08-24 08:18:01 +08:00
• 6fd5d7be55 meta-integrity: remove INHERIT += "sign_rpm_ext" Jia Zhang 2017-08-23 17:38:01 +08:00
• c1cdc3d466 secure-core-image: install dnf by default Jia Zhang 2017-08-23 17:37:33 +08:00
• 1106a2c325 secure-core-image-initramfs: enlarge the max size Jia Zhang 2017-08-23 11:43:18 +08:00
• 8637f3bd63 meta-signing-key: replace the sample RPM signing key Jia Zhang 2017-08-23 05:12:35 +08:00
• bfd800fe02 shim: sync up with upstream Jia Zhang 2017-08-22 17:53:49 +08:00
• 6ad9a338e6 Fix the user rpm sign key can not be found issue (#5) Guojian 2017-08-22 15:14:21 +08:00
• ab05be3c9c signing-keys: fix the race condition when concurrent import operations occur Jia Zhang 2017-08-20 22:42:32 +08:00
• ddb0b8d6d2 meta-tpm: tss 1.x always depends on openssl 1.0.x Jia Zhang 2017-08-20 20:31:58 +08:00
• b1e14f4e88 encrypted-storage: use luks as the feature name for current implementation Jia Zhang 2017-08-20 15:31:11 +08:00
• cbdefad44c create-user-key-store.sh: support gpg 2.x used to generate rpm signing key Jia Zhang 2017-08-20 15:06:22 +08:00
• 038aa54bc2 signing-keys: fix gpg key import failure due to wrong option position Jia Zhang 2017-08-20 15:03:18 +08:00
• 373d7276bc signing-keys: clean up Jia Zhang 2017-08-20 15:02:15 +08:00
• 6b7e09b444 sign_rpm_ext: define the location of default gpg keyring to TMPDIR Jia Zhang 2017-08-20 15:00:05 +08:00
• 5c584cb628 sign_rpm_ext: fix permission warning Jia Zhang 2017-08-20 11:18:24 +08:00
• d5ca542dfb signing-keys: fix gpg key import failure Jia Zhang 2017-08-19 21:53:21 +08:00
• 820376c2b5 sign_rpm_ext.bbclass: clean up Jia Zhang 2017-08-19 21:52:51 +08:00
• 050cc889bb sign_rpm_ext: Fix the GPG_PATH directory not exist issue (#4) Guojian 2017-08-19 15:18:58 +08:00
• b8fd1f0fef keyutils: Fix keyutils man7 files conflict with man-pages same name files (#3) Guojian 2017-08-19 15:17:38 +08:00
• 8544d2a4a5 sign_rpm_ext.bbclass: use the default setting from meta-signing-key Jia Zhang 2017-08-19 12:48:03 +08:00
• e3f58965ab sign_rpm_ext: set default GPG_PATH if it is not specified (#2) yunguowei 2017-08-19 12:44:39 +08:00
• 60588ac929 grub-efi: remove the unused patch Jia Zhang 2017-08-18 13:24:21 +08:00
• 52bf3b6636 meta-integrity: move gpg keyring initialization to signing-keys Jia Zhang 2017-08-17 23:29:26 +08:00
• e11a0bd8de efitools: fix searching openssl.cnf for target build Jia Zhang 2017-08-17 20:39:48 +08:00
• 464433a169 sign_rpm_ext: support RPM signing Lans Zhang 2017-08-17 11:22:49 +08:00
• d5a4de8f09 efitools: support to build with openssl-1.1.x Lans Zhang 2017-08-16 20:31:33 +08:00
• 8ff4d25a90 ima-evm-utils: support to build with openssl-1.1.x Lans Zhang 2017-08-16 14:56:23 +08:00
• ead58497c8 cryptfs-tpm2: sync up with upstream Lans Zhang 2017-08-16 11:20:18 +08:00
• b7705a7587 README.md: update reference links Lans Zhang 2017-08-16 10:57:24 +08:00
• 9fc35f2627 meta-integrity/README.md: update Lans Zhang 2017-08-16 10:47:33 +08:00
• 4b41056970 sbsigntool: fix build failure with openssl-1.0.x Lans Zhang 2017-08-16 10:12:21 +08:00
• eb08a619d8 init.ima: clean up and allow to load extra IMA policies from the real rootfs Lans Zhang 2017-08-15 16:15:38 +08:00
• 656706373f ima_policy: update the comment Lans Zhang 2017-08-15 16:14:31 +08:00
• c8fff6a0ff meta-integrity/README.md: update Lans Zhang 2017-08-15 13:19:02 +08:00
• c912483e87 sbsigntool: update to support openssl-1.1.0 Lans Zhang 2017-08-15 13:11:45 +08:00
• 2c265a6fc3 meta-integrity/README.md: update Lans Zhang 2017-08-15 09:56:49 +08:00
• 09f1239567 meta-signing-key: clean up the default values of sample RPM signing key Lans Zhang 2017-08-15 09:22:51 +08:00
• b2c2716c20 meta-signing-key: renew the sample keys for UEFI Secure Boot Lans Zhang 2017-08-14 15:07:57 +08:00
• 4a676cd301 create-user-key-store.sh: gpg key creation updates Lans Zhang 2017-08-11 16:39:22 +08:00
• 104a01a25d shim: refresh fallback patchset Lans Zhang 2017-08-11 14:14:39 +08:00
• 0951a620b5 init: don't explicitly set the LUKS partition name Lans Zhang 2017-08-09 10:54:48 +08:00