Re: [meta-security][dunfell][PATCH 0/9] Some IMA/EVM fixes to dunfell branch

Home Messages Hashtags Subgroups

Armin Kuster #52585 series in build testing -armin toggle quoted messageShow quoted text On 3/2/21 6:57 AM, liu.ming50@gmail.com wrote: From: Ming Liu <ming.liu@toradex.com> Cherry pick some IMA/EVM fixes to LTS dunfell branch, with these patches applied, I could run a ima enabled image with sysvinit/systemd on qemuarm/qemuarm64 and some NXP machines. Ming Liu (9): ima-evm-utils: set native REQUIRED_DISTRO_FEATURES to empty initramfs-framework-ima: fix a wrong path ima-evm-keys: add recipe initramfs-framework-ima: RDEPENDS on ima-evm-keys meta: refactor IMA/EVM sign rootfs README.md: update according to the refactoring in ima-evm-rootfs.bbclass initramfs-framework-ima: let ima_enabled return 0 ima-evm-rootfs.bbclass: avoid generating /etc/fstab for wic ima-policy-hashed: add CGROUP2_SUPER_MAGIC fsmagic meta-integrity/README.md \| 4 ++- meta-integrity/classes/ima-evm-rootfs.bbclass \| 33 +++++++++---------- .../initrdscripts/initramfs-framework-ima.bb \| 2 +- .../initrdscripts/initramfs-framework-ima/ima \| 3 +- .../ima-evm-keys/ima-evm-keys_1.0.bb \| 16 +++++++++ .../ima-evm-utils/ima-evm-utils_git.bb \| 1 + .../ima_policy_hashed/files/ima_policy_hashed \| 3 ++ 7 files changed, 41 insertions(+), 21 deletions(-) create mode 100644 meta-integrity/recipes-security/ima-evm-keys/ima-evm-keys_1.0.bb
More All Messages By This Member

Join yocto@lists.yoctoproject.org to automatically receive all group messages.