From: Bartosz Golaszewski <bgolaszewski@...> This adds various bits and pieces to enable generating a working example of a full chain of trust up to dm-verity-protected rootfs level on

From: Bartosz Golaszewski <bgolaszewski@...> This adds a class that allows to generate conversions of ext[234] and btrfs partitions images with dm-verity hash data appended at the end

From: Bartosz Golaszewski <bgolaszewski@...> I'm terribly sorry for spamming, but I eventually decided to resend it: not only the tags were messed up but I also added a v2 on top. This time

pt., 10 kwi 2020 o 14:34 Bartosz Golaszewski <brgl@...> napisał(a): Eek, this was supposed to be tagged [meta-security]. But since I'm posting it as an RFC I won't be resending for now. Bart

From: Bartosz Golaszewski <bgolaszewski@...> This adds various bits and pieces to enable generating a working example of a full chain of trust up to dm-verity-protected rootfs level on

From: Bartosz Golaszewski <bgolaszewski@...> This adds a class that allows to generate conversions of ext[234] and btrfs partitions images with dm-verity hash data appended at the end

From: Bartosz Golaszewski <bgolaszewski@...> This series attempts to introduce support for dm-verity in meta-security. It depends on a series[1] I submitted for OE-core that introduces

Hi, in meta-intel in machine configuration SERIAL_CONSOLES are defined as : SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1 115200;ttyS2" I would like to remove content of this variable (as on my

Reproducible builds are part of the standard OE QA tests. You can run them with: oe-selftest -r reproducible It currently tests core-image-sato, which I thought would cover the kernel, so I'm a

The simplest thing I've found is checking/comparing the BuildID that GCC embeds in the ELF file after I force it to recompile. Eg: $ file

I can tweak linux-yocto in the direction of reproducibility without much trouble (for the build part). But I'm a bit out of my normal flow for testing that it really is reproducible. So if anyone can

I don’t know offhand, but the kernel documentation seems relatively straightforward. I can start investigating in that direction and see how complex it looks like it’s going to be. When you

We have had a recent push for reproducible builds (and they are now enabled by default). Do you have any idea how much effort it would take to make the kernel build reproducibly? It's

Anyone have any thoughts or guidance on this? It seems like a pretty major bug to me. We’re willing to put the work in to fix it, and if it’s not something the upstream community is

Hi Please give some information about your plafform. Kernel release u-boot release architecture ubifs or not Michael -- | Michael Nazzareno Trimarchi Amarula Solutions BV | |

This fails in the ab. https://errors.yoctoproject.org/Errors/Build/100954/https://errors.yoctoproject.org/Errors/Details/401501/

If you’re using systemd, you can use systemd-analyze to get some boot performance statistics. They can help identify slow-starting services, dependency chains, and other bottlenecks. -a

Hi Rudolf, I did some digging in imx-atf_1.0.bb and saw that it copies bl31-imx8mq.bin to the imx-boot-tools folder in do_deploy(). In imx-boot_0.2.bb I can see that its do_compile is setup to run

Whilst this will "fix" the problem, it is just by hiding it. Any user using meta-intel will run into a failure if they try and build this image and it may as well be disabled and it won't work for