summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* seloader: sync up with upstreamLans Zhang2017-07-031-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-signing-keys: use DER-formatted system trusted key and signed IMA ↵Lans Zhang2017-07-034-52/+52
| | | | | | trusted key Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* user-key-store: clean up the code styleLans Zhang2017-07-031-80/+16
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Use the DER-formatted system trusted keyLans Zhang2017-07-033-7/+30
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* init: clean up code styleLans Zhang2017-07-031-34/+30
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Rename .pem to .crtLans Zhang2017-07-0315-43/+24
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* initramfs-secure-core: fix missing the license fileLans Zhang2017-07-031-0/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* initramfs-secure-core: define the /init script for the initramfs imageLans Zhang2017-07-032-0/+162
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* kernel-initramfs: define this package to include the initramfs image for ↵Lans Zhang2017-07-032-0/+132
| | | | | | kernel boot Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* secure-core-image-initramfs: define the initramfs image typeLans Zhang2017-07-031-0/+35
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* secure-core-image: clean up the code styleLans Zhang2017-07-031-3/+10
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: fix OVMF crashLans Zhang2017-06-303-13/+45
| | | | | | | | - httpboot.o cannot be built if ".PRECIOUS: " is placed ahead of "<tab>CFLAGS +=". - uri pointer should not be freed if NULL. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: clean up the code styleLans Zhang2017-06-301-27/+29
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* code style fixupLans Zhang2017-06-2910-42/+51
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* create-user-key-store.sh: restructured for self-signing and ca signingLans Zhang2017-06-291-57/+51
| | | | | | Meanwhile, the IMA user key is signed by system user key. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* secure-core-image: install ima-related packages if ima feature configuredLans Zhang2017-06-261-0/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* shim: enable http boot supportLans Zhang2017-06-261-0/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* cryptfs-tpm2: sync up with upstreamLans Zhang2017-06-261-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: refresh kernel cfgLans Zhang2017-06-267-23/+22
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* linux-yocto-efi-secure-boot: don't use sccs to define the included kernel cfgLans Zhang2017-06-261-3/+3
| | | | | | | The variable sccs is used internally and thus it will be corrupted by the external definition. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* openssl-tpm-engine: parse an encrypted tpm SRK password from envMeng Li2017-06-232-0/+273
| | | | | | | | | | | | | | | | Before, we support reading SRK password from env TPM_SRK_PW, but it is a plain password and not secure. So, we improve it and support to get an encrypted (AES algorithm) SRK password from env, and then parse it. The default decrypting AES password and salt is set in bb file. When we initialize TPM, and set a SRK pw, and then we need to encrypt it with the same AES password and salt by AES algorithm. At last, we set a env as below: export TPM_SRK_ENC_PW=xxxxxxxx "xxxxxxxx" is the encrypted SRK password for libtpm.so. Signed-off-by: Meng Li <Meng.Li@windriver.com> Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Ignore the KEYS DIR in the do_package and do_sign task dependenceGuojian Zhou2017-06-231-0/+4
| | | | | Signed-off-by: Guojian Zhou <guojian.zhou@windriver.com> Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: initial commitLans Zhang2017-06-22204-0/+14086
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-29 23:38:46 +0000