Files
Tom Rini b7b42cdec7 meta-integrity: init.ima: Switch to using keyctl
Rather than parse /proc/keys directly to find out the ID of the keyring
that we're using, let keyctl do this for us.  In order to do that we
need to have /proc available as /proc, so move it around before and
after working with keyctl.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-17 20:36:23 +08:00

44 lines
784 B
BlitzBasic

DESCRIPTION = "The initrd script for Linux Integrity Measurement Architecture (IMA)"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "\
file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
"
SRC_URI = "\
file://init.ima \
"
S = "${WORKDIR}"
ALLOW_EMPTY_${PN} = "1"
do_install() {
install -m 0500 "${WORKDIR}/init.ima" "${D}"
}
FILES_${PN} += "\
/init.ima \
"
# Install the minimal stuffs only, and don't care how the external
# environment is configured.
# @coreutils: echo, printf
# @grep: grep
# @gawk: awk
# @util-linux: mount, umount
# @ima-evm-utils: evmctl
RDEPENDS_${PN} += "\
coreutils \
grep \
gawk \
util-linux-mount \
util-linux-umount \
keyutils \
ima-policy \
"
RRECOMMENDS_${PN} += "\
key-store-ima-cert \
"