diff options
| author | Guojian <guojian.zhou@windriver.com> | 2017-08-24 19:52:34 +0800 |
|---|---|---|
| committer | Lans Zhang <lans.zhang2008@gmail.com> | 2017-08-24 19:52:34 +0800 |
| commit | 5a24b8f94f3388cece4f697f909c7c66a3bf8d49 (patch) | |
| tree | d4cad04cae8f24b9d9ece829b25b043556a7091c | |
| parent | 90fd1b523ad58a461de418bdbd97956e29897188 (diff) | |
| download | meta-secure-core-5a24b8f94f3388cece4f697f909c7c66a3bf8d49.tar.gz | |
key-store: Fix two key-store-rpm-pubkey user key issues (#13)
1. user key pub rpm package also could be created.
2. The latest bitbake could not support the d.getVar() function nest
call. Such as the following function call always return "None"
d.getVar(d.getVar('RPM_KEY_DIR', True) + '/RPM-GPG-KEY-*', True)
It caused the key-store-rpm-pubkey rpm package could not be created in
the latest oe-core project.
Signed-off-by: Guojian Zhou <guojian.zhou@windriver.com>
| -rw-r--r-- | meta-signing-key/recipes-support/key-store/key-store_0.1.bb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/meta-signing-key/recipes-support/key-store/key-store_0.1.bb b/meta-signing-key/recipes-support/key-store/key-store_0.1.bb index 472cef5..401646f 100644 --- a/meta-signing-key/recipes-support/key-store/key-store_0.1.bb +++ b/meta-signing-key/recipes-support/key-store/key-store_0.1.bb | |||
| @@ -27,7 +27,7 @@ SYSTEM_CERT = "${KEY_DIR}/system_trusted_key.crt" | |||
| 27 | IMA_CERT = "${KEY_DIR}/x509_evm.der" | 27 | IMA_CERT = "${KEY_DIR}/x509_evm.der" |
| 28 | 28 | ||
| 29 | python () { | 29 | python () { |
| 30 | if uks_signing_model(d) != "sample": | 30 | if not (uks_signing_model(d) in "sample", "user"): |
| 31 | return | 31 | return |
| 32 | 32 | ||
| 33 | pn = d.getVar('PN', True) + '-system-trusted-privkey' | 33 | pn = d.getVar('PN', True) + '-system-trusted-privkey' |
| @@ -42,8 +42,8 @@ python () { | |||
| 42 | 42 | ||
| 43 | pn = d.getVar('PN', True) + '-rpm-pubkey' | 43 | pn = d.getVar('PN', True) + '-rpm-pubkey' |
| 44 | d.setVar('PACKAGES_prepend', pn + ' ') | 44 | d.setVar('PACKAGES_prepend', pn + ' ') |
| 45 | d.setVar('FILES_' + pn, d.getVar(d.getVar('RPM_KEY_DIR', True) + '/RPM-GPG-KEY-*', True)) | 45 | d.setVar('FILES_' + pn, d.getVar('RPM_KEY_DIR', True) + '/RPM-GPG-KEY-' + d.getVar('RPM_GPG_NAME', True)) |
| 46 | d.setVar('CONFFILES_' + pn, d.getVar(d.getVar('RPM_KEY_DIR', True) + 'RPM-GPG-KEY-*', True)) | 46 | d.setVar('CONFFILES_' + pn, d.getVar('RPM_KEY_DIR', True) + '/RPM-GPG-KEY-' + d.getVar('RPM_GPG_NAME', True)) |
| 47 | d.appendVar('RDEPENDS_' + pn, ' rpm') | 47 | d.appendVar('RDEPENDS_' + pn, ' rpm') |
| 48 | } | 48 | } |
| 49 | 49 | ||
| @@ -70,14 +70,14 @@ do_install() { | |||
| 70 | key_dir="${@uks_system_trusted_keys_dir(d)}" | 70 | key_dir="${@uks_system_trusted_keys_dir(d)}" |
| 71 | install -m 0644 "$key_dir/system_trusted_key.crt" "${D}${SYSTEM_CERT}" | 71 | install -m 0644 "$key_dir/system_trusted_key.crt" "${D}${SYSTEM_CERT}" |
| 72 | 72 | ||
| 73 | if [ "${@uks_signing_model(d)}" = "sample" ]; then | 73 | if [ "${@uks_signing_model(d)}" = "sample" -o "${@uks_signing_model(d)}" = "user" ]; then |
| 74 | install -m 0400 "$key_dir/system_trusted_key.key" "${D}${SYSTEM_PRIV_KEY}" | 74 | install -m 0400 "$key_dir/system_trusted_key.key" "${D}${SYSTEM_PRIV_KEY}" |
| 75 | fi | 75 | fi |
| 76 | 76 | ||
| 77 | key_dir="${@uks_ima_keys_dir(d)}" | 77 | key_dir="${@uks_ima_keys_dir(d)}" |
| 78 | install -m 0644 "$key_dir/x509_ima.der" "${D}${IMA_CERT}" | 78 | install -m 0644 "$key_dir/x509_ima.der" "${D}${IMA_CERT}" |
| 79 | 79 | ||
| 80 | if [ "${@uks_signing_model(d)}" = "sample" ]; then | 80 | if [ "${@uks_signing_model(d)}" = "sample" -o "${@uks_signing_model(d)}" = "user" ]; then |
| 81 | install -m 0400 "$key_dir/x509_ima.key" "${D}${IMA_PRIV_KEY}" | 81 | install -m 0400 "$key_dir/x509_ima.key" "${D}${IMA_PRIV_KEY}" |
| 82 | fi | 82 | fi |
| 83 | } | 83 | } |