mirror of
https://github.com/jiazhang0/meta-secure-core.git
synced 2026-07-16 12:47:00 +00:00
b7b42cdec7
Rather than parse /proc/keys directly to find out the ID of the keyring that we're using, let keyctl do this for us. In order to do that we need to have /proc available as /proc, so move it around before and after working with keyctl. Signed-off-by: Tom Rini <trini@konsulko.com>
44 lines
784 B
BlitzBasic
44 lines
784 B
BlitzBasic
DESCRIPTION = "The initrd script for Linux Integrity Measurement Architecture (IMA)"
|
|
LICENSE = "MIT"
|
|
LIC_FILES_CHKSUM = "\
|
|
file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
|
|
"
|
|
|
|
SRC_URI = "\
|
|
file://init.ima \
|
|
"
|
|
|
|
S = "${WORKDIR}"
|
|
|
|
ALLOW_EMPTY_${PN} = "1"
|
|
|
|
do_install() {
|
|
install -m 0500 "${WORKDIR}/init.ima" "${D}"
|
|
}
|
|
|
|
FILES_${PN} += "\
|
|
/init.ima \
|
|
"
|
|
|
|
# Install the minimal stuffs only, and don't care how the external
|
|
# environment is configured.
|
|
|
|
# @coreutils: echo, printf
|
|
# @grep: grep
|
|
# @gawk: awk
|
|
# @util-linux: mount, umount
|
|
# @ima-evm-utils: evmctl
|
|
RDEPENDS_${PN} += "\
|
|
coreutils \
|
|
grep \
|
|
gawk \
|
|
util-linux-mount \
|
|
util-linux-umount \
|
|
keyutils \
|
|
ima-policy \
|
|
"
|
|
|
|
RRECOMMENDS_${PN} += "\
|
|
key-store-ima-cert \
|
|
"
|