Date
1 - 1 of 1
[meta-security][PATCH RFC 0/2] initial dm-verity documentation
Paul Gortmaker <paul.gortmaker@...>
As time marches on, it seems that more attention is given to the various
security features out there. We have the framework to incorporate dm-verity
into our builds, but it seems we have a rather steep learning curve for
people to overcome in order to use it, and accordingly only two sample
conflgs for people to reference.
This changeset attempts to rectify that by capturing the Yocto specific
settings relating to dm-verity -- in two categories ; global/generic
settings and board specific settings.
Credit to Niko Mauno who laid out a lot of information in a 0/N
series preamble[1] some time ago - hopefully this puts the information
a bit closer to where people can easily find it.
This series only documents the beaglebone-black ; I'm hoping to do some
testing with systemd-bootdisk-dmverity.wks.in and get us some documentation
for other use cases involving that. In the meantime, I figured I'd see
if there was any special doc requirements/layout/format etc. that I
might have overlooked -- or if there is any interest in this at all.
Paul.
[1] https://lists.yoctoproject.org/g/yocto/message/50621
---
Paul Gortmaker (2):
dm-verity: add basic non-arch/non-BSP yocto specific settings
dm-verity: document board specifics for Beaglebone Black
docs/dm-verity-beaglebone.txt | 37 +++++++++++
docs/dm-verity.txt | 114 ++++++++++++++++++++++++++++++++++
2 files changed, 151 insertions(+)
create mode 100644 docs/dm-verity-beaglebone.txt
create mode 100644 docs/dm-verity.txt
--
2.33.0
security features out there. We have the framework to incorporate dm-verity
into our builds, but it seems we have a rather steep learning curve for
people to overcome in order to use it, and accordingly only two sample
conflgs for people to reference.
This changeset attempts to rectify that by capturing the Yocto specific
settings relating to dm-verity -- in two categories ; global/generic
settings and board specific settings.
Credit to Niko Mauno who laid out a lot of information in a 0/N
series preamble[1] some time ago - hopefully this puts the information
a bit closer to where people can easily find it.
This series only documents the beaglebone-black ; I'm hoping to do some
testing with systemd-bootdisk-dmverity.wks.in and get us some documentation
for other use cases involving that. In the meantime, I figured I'd see
if there was any special doc requirements/layout/format etc. that I
might have overlooked -- or if there is any interest in this at all.
Paul.
[1] https://lists.yoctoproject.org/g/yocto/message/50621
---
Paul Gortmaker (2):
dm-verity: add basic non-arch/non-BSP yocto specific settings
dm-verity: document board specifics for Beaglebone Black
docs/dm-verity-beaglebone.txt | 37 +++++++++++
docs/dm-verity.txt | 114 ++++++++++++++++++++++++++++++++++
2 files changed, 151 insertions(+)
create mode 100644 docs/dm-verity-beaglebone.txt
create mode 100644 docs/dm-verity.txt
--
2.33.0