encrypted-storage: use luks as the feature name for current implementation

encrypted-storage layer will include more security features about encrypted
storage so the term "encrypted-storage" won't be used to specify a dedicated
technology term such as "LUKS".

Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>

1 files changed, 4 insertions, 5 deletions

diff --git a/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend b/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend
index da02b5c..1700adc 100644
--- a/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend
+++ b/meta-efi-secure-boot/recipes-bsp/grub/grub-efi_2.02.bbappend
@@ -65,11 +65,10 @@ do_install_append_class-native() {
 do_install_append_class-target() {
     local menu="${WORKDIR}/boot-menu.inc"
 
-    # Enable the default IMA rules if IMA is enabled and encrypted-storage is
-    # disabled. This is because unseal operation will fail when any PCR is
-    # extended due to updating the aggregate integrity value by the default
-    # IMA rules.
-    [ x"${IMA}" = x"1" -a x"${@bb.utils.contains('DISTRO_FEATURES', 'encrypted-storage', '1', '0', d)}" != x"1" ] && {
+    # Enable the default IMA rules if IMA is enabled and luks is disabled.
+    # This is because unseal operation will fail when any PCR is extended
+    # due to updating the aggregate integrity value by the default IMA rules.
+    [ x"${IMA}" = x"1" -a x"${@bb.utils.contains('DISTRO_FEATURES', 'luks', '1', '0', d)}" != x"1" ] && {
         ! grep -q "ima_policy=tcb" "$menu" &&
             sed -i 's/^\s*linux\s\+.*bzImage.*/& ima_policy=tcb/g' "$menu"
     }