diff options
| author | Lans Zhang <jia.zhang@windriver.com> | 2017-07-04 17:19:42 +0800 |
|---|---|---|
| committer | Lans Zhang <jia.zhang@windriver.com> | 2017-07-04 17:19:42 +0800 |
| commit | 407c56068dcbb7f2c83b80fc723cf5918f5240b6 (patch) | |
| tree | 598304590df637bc56b15d20c92e6266811bc8c3 | |
| parent | 55492bcc10d49a22a614e36eec63b77f19171231 (diff) | |
| download | meta-secure-core-407c56068dcbb7f2c83b80fc723cf5918f5240b6.tar.gz | |
Code style fixup
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
4 files changed, 20 insertions, 21 deletions
diff --git a/meta-integrity/recipes-core/base-files/base-files_%.bbappend b/meta-integrity/recipes-core/base-files/base-files_%.bbappend index 2636dad..06273e1 100644 --- a/meta-integrity/recipes-core/base-files/base-files_%.bbappend +++ b/meta-integrity/recipes-core/base-files/base-files_%.bbappend | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # Append iversion option for auto types | 1 | # Append iversion option for auto types |
| 2 | do_install_append() { | 2 | do_install_append() { |
| 3 | sed -i 's/\s*auto\s*defaults/&,iversion/' ${D}${sysconfdir}/fstab | 3 | sed -i 's/\s*auto\s*defaults/&,iversion/' "${D}${sysconfdir}/fstab" |
| 4 | } | 4 | } |
diff --git a/meta-integrity/recipes-core/util-linux/util-linux_%.bbappend b/meta-integrity/recipes-core/util-linux/util-linux_%.bbappend index 1728f2e..9634f4b 100644 --- a/meta-integrity/recipes-core/util-linux/util-linux_%.bbappend +++ b/meta-integrity/recipes-core/util-linux/util-linux_%.bbappend | |||
| @@ -1,5 +1,3 @@ | |||
| 1 | PACKAGES =+ "${PN}-switch_root.static" | ||
| 2 | |||
| 3 | CFLAGS_remove += "-pie -fpie" | 1 | CFLAGS_remove += "-pie -fpie" |
| 4 | 2 | ||
| 5 | do_compile_append_class-target() { | 3 | do_compile_append_class-target() { |
| @@ -9,8 +7,11 @@ do_compile_append_class-target() { | |||
| 9 | } | 7 | } |
| 10 | 8 | ||
| 11 | do_install_append_class-target() { | 9 | do_install_append_class-target() { |
| 12 | install -d ${D}${sbindir} | 10 | install -d "${D}${sbindir}" |
| 13 | install -m 0700 ${B}/switch_root.static ${D}${sbindir}/switch_root.static | 11 | install -m 0700 "${B}/switch_root.static" \ |
| 12 | "${D}${sbindir}/switch_root.static" | ||
| 14 | } | 13 | } |
| 15 | 14 | ||
| 15 | PACKAGES =+ "${PN}-switch_root.static" | ||
| 16 | |||
| 16 | FILES_${PN}-switch_root.static = "${sbindir}/switch_root.static" | 17 | FILES_${PN}-switch_root.static = "${sbindir}/switch_root.static" |
diff --git a/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc b/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc index a93f1b7..a9e5a93 100644 --- a/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc +++ b/meta-integrity/recipes-kernel/linux/linux-yocto-integrity.inc | |||
| @@ -3,8 +3,6 @@ FILESEXTRAPATHS_prepend := "${THISDIR}/linux-yocto:" | |||
| 3 | IMA_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', '1', '0', d)}" | 3 | IMA_ENABLED = "${@bb.utils.contains('DISTRO_FEATURES', 'ima', '1', '0', d)}" |
| 4 | 4 | ||
| 5 | DEPENDS += "${@'key-store openssl-native' if d.getVar('IMA_ENABLED', True) == '1' else ''}" | 5 | DEPENDS += "${@'key-store openssl-native' if d.getVar('IMA_ENABLED', True) == '1' else ''}" |
| 6 | # key-store-ima-cert is required in runtime but we hope it is available | ||
| 7 | # in initramfs only. So we don't add it to RDEPENDS_${PN} here. | ||
| 8 | 6 | ||
| 9 | SRC_URI += "\ | 7 | SRC_URI += "\ |
| 10 | ${@'file://ima.scc file://ima.cfg file://integrity.scc file://integrity.cfg' \ | 8 | ${@'file://ima.scc file://ima.cfg file://integrity.scc file://integrity.cfg' \ |
diff --git a/meta-signing-key/recipes-support/key-store/key-store_0.1.bb b/meta-signing-key/recipes-support/key-store/key-store_0.1.bb index 40a9a98..94ffd35 100644 --- a/meta-signing-key/recipes-support/key-store/key-store_0.1.bb +++ b/meta-signing-key/recipes-support/key-store/key-store_0.1.bb | |||
| @@ -4,23 +4,11 @@ LIC_FILES_CHKSUM = "\ | |||
| 4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \ | 4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420 \ |
| 5 | " | 5 | " |
| 6 | 6 | ||
| 7 | inherit user-key-store | ||
| 8 | |||
| 9 | S = "${WORKDIR}" | 7 | S = "${WORKDIR}" |
| 10 | 8 | ||
| 11 | ALLOW_EMPTY_${PN} = "1" | 9 | inherit user-key-store |
| 12 | |||
| 13 | PACKAGES =+ "\ | ||
| 14 | ${PN}-system-trusted-cert \ | ||
| 15 | ${PN}-ima-cert \ | ||
| 16 | " | ||
| 17 | 10 | ||
| 18 | # Note any private key is not available if user key signing model used. | 11 | ALLOW_EMPTY_${PN} = "1" |
| 19 | PACKAGES_DYNAMIC += "\ | ||
| 20 | ${PN}-ima-privkey \ | ||
| 21 | ${PN}-system-trusted-privkey \ | ||
| 22 | ${PN}-rpm-pubkey \ | ||
| 23 | " | ||
| 24 | 12 | ||
| 25 | KEY_DIR = "${sysconfdir}/keys" | 13 | KEY_DIR = "${sysconfdir}/keys" |
| 26 | # For RPM verification | 14 | # For RPM verification |
| @@ -118,6 +106,18 @@ pkg_postinst_${PN}-rpm-pubkey() { | |||
| 118 | fi | 106 | fi |
| 119 | } | 107 | } |
| 120 | 108 | ||
| 109 | PACKAGES =+ "\ | ||
| 110 | ${PN}-system-trusted-cert \ | ||
| 111 | ${PN}-ima-cert \ | ||
| 112 | " | ||
| 113 | |||
| 114 | # Note any private key is not available if user key signing model used. | ||
| 115 | PACKAGES_DYNAMIC += "\ | ||
| 116 | ${PN}-ima-privkey \ | ||
| 117 | ${PN}-system-trusted-privkey \ | ||
| 118 | ${PN}-rpm-pubkey \ | ||
| 119 | " | ||
| 120 | |||
| 121 | FILES_${PN}-system-trusted-cert = "${SYSTEM_CERT}" | 121 | FILES_${PN}-system-trusted-cert = "${SYSTEM_CERT}" |
| 122 | CONFFILES_${PN}-system-trusted-cert = "${SYSTEM_CERT}" | 122 | CONFFILES_${PN}-system-trusted-cert = "${SYSTEM_CERT}" |
| 123 | 123 | ||