mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-01-12 01:00:15 +00:00
Code Issues Projects Releases Wiki Activity
Files
master
meta-secure-core/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc
Yi Zhao 4042043742 meta-secure-core: Convert to new override syntax 
Converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
2021-08-09 18:51:13 +08:00

42 lines
1.3 KiB
PHP
Raw Permalink Blame History

FILESEXTRAPATHS:prepend := "${THISDIR}/linux-yocto:"
IMA_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', '1', '0', d)}"
MODSIGN_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'modsign', '1', '0', d)}"
DEPENDS += "${@'key-store openssl-native' \
if d.getVar('IMA_ENABLED', True) == '1' or \
d.getVar('MODSIGN_ENABLED', True) == '1' \
else ''}"
SRC_URI += "\
${@'file://ima.scc file://ima.cfg' \
if d.getVar('IMA_ENABLED', True) == '1' else ''} \
${@'file://modsign.scc file://modsign.cfg' \
if d.getVar('MODSIGN_ENABLED', True) == '1' else ''} \
"
INHIBIT_PACKAGE_STRIP = "${@'1' if d.getVar('MODSIGN_ENABLED', True) == '1' else '0'}"
inherit user-key-store
do_configure:prepend() {
sys_cert="${STAGING_DIR_TARGET}${sysconfdir}/keys/system_trusted_key.crt"
if [ ${MODSIGN_ENABLED} = "1" ]; then
modsign_key="${@uks_modsign_keys_dir(d)}/modsign_key.key"
else
modsign_key="${STAGING_DIR_TARGET}${sysconfdir}/keys/modsign_key.key"
fi
modsign_cert="${STAGING_DIR_TARGET}${sysconfdir}/keys/modsign_key.crt"
if [ -f "$sys_cert" ]; then
install -m 0644 "$sys_cert" "${B}"
fi
if [ -f "$modsign_key" -a -f "$modsign_cert" ]; then
cat "$modsign_key" "$modsign_cert" \
> "${B}/modsign_key.pem"
else
true
fi
}
Reference in New Issue View Git Blame Copy Permalink