mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-04-20 18:08:17 +00:00
Code Issues Projects Releases Wiki Activity
Files
8e01c0a442d468db8621f9ab921cfbfe838f4baf
meta-secure-core/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc
Lans Zhang 8e01c0a442 IMA: refresh kernel cfg 
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
2017-06-26 11:33:39 +08:00

19 lines
786 B
PHP
Raw Blame History

FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:"
IMA_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', '1', '0', d)}"
DEPENDS += "${@'key-store openssl-native' if d.getVar('IMA_ENABLED', True) == '1' else ''}"
# key-store-ima-cert is required in runtime but we hope it is available
# in initramfs only. So we don't add it to RDEPENDS_${PN} here.
SRC_URI += " \
${@'file://ima.scc file://ima.cfg file://integrity.scc file://integrity.cfg' if d.getVar('IMA_ENABLED', True) == '1' else ''} \
"
do_configure_append() {
[ -f "${STAGING_DIR_TARGET}${sysconfdir}/keys/system_trusted_key.pem" ] &&
openssl x509 -in "${STAGING_DIR_TARGET}${sysconfdir}/keys/system_trusted_key.pem" \
-outform DER -out "${B}/system_trusted_cert.x509" ||
true
}
Reference in New Issue View Git Blame Copy Permalink