Re: single or authoritative home for sbsigntool?

Home Messages Hashtags Subgroups

Randy MacLeod #39626 +Megha -luv@... since you have to be a member to send to the list. ../Randy toggle quoted messageShow quoted text On 2018-01-19 04:07 PM, Randy MacLeod wrote: In chasing down a rare ccan configuration bug that sbsigntool-native trips over, I noticed that there are several sbsigntool-native recipes, all alike but not identical. We have a few in the layer index: https://layers.openembedded.org/layerindex/branch/master/recipes/?q=sbsigntool and more elsewhere: https://www.google.ca/search?q=sbsigntool-native and even: https://www.google.ca/search?q=meta-secure-core The meta-intel and meta-secure-core versions were somewhat different but that seems to be due to lack of co-operation rather than different requirements. Does it make sense to have a single version of the recipe in a signing-key layer with the actual keys kept elsewhere I'd expect. If so, what layer would make the most sense? How about picking: https://layers.openembedded.org/layerindex/branch/master/layer/meta-signing-key/ There is likely other recipe duplication in secure boot layers but it's not something that I work on directly so I'm only mentioning sbsigntool. Feel free to reduce more duplication! Thanks, -- # Randy MacLeod. WR Linux # Wind River an Intel Company
More All Messages By This Member

Join yocto@lists.yoctoproject.org to automatically receive all group messages.