summaryrefslogtreecommitdiffstats
path: root/meta-integrity
Commit message (Collapse)AuthorAgeFilesLines
* sign_rpm_ext: set default GPG_PATH if it is not specified (#2)yunguowei2017-08-191-0/+15
| | | | | | | | | | | commit 52bf3b6636f95a(meta-integrity: move gpg keyring initialization to signing-keys) tried to initialize keyring in the task check_public_keys of the recipe signing-keys. However, it does work with the recipe signing-keys only, and GPG_PATH can't be passed to other recipes. We bring the python anonymous function back, and it makes sure GPG_PATH is set before signing the packages for every recipe. Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
* meta-integrity: move gpg keyring initialization to signing-keysJia Zhang2017-08-172-38/+37
| | | | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
* sign_rpm_ext: support RPM signingLans Zhang2017-08-171-6/+45
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* ima-evm-utils: support to build with openssl-1.1.xLans Zhang2017-08-162-0/+300
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* README.md: update reference linksLans Zhang2017-08-161-2/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity/README.md: updateLans Zhang2017-08-161-12/+25
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* init.ima: clean up and allow to load extra IMA policies from the real rootfsLans Zhang2017-08-151-10/+18
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* ima_policy: update the commentLans Zhang2017-08-151-1/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity/README.md: updateLans Zhang2017-08-151-15/+14
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity/README.md: updateLans Zhang2017-08-151-30/+38
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* systemd: fix the conditions of PACKAGECONFIG for ima and cryptsetupLans Zhang2017-08-041-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* systemd: enable ima and cryptsetupLans Zhang2017-08-041-0/+4
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* rpm: remove PACKAGECONFIG[imaevm]Lans Zhang2017-07-281-1/+0
| | | | | | This setting is already merged to oe-core. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: code style fixupLans Zhang2017-07-282-16/+19
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: move the default policy file to /etc/ima directoryLans Zhang2017-07-252-8/+10
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: allow to write policy but deny to read policyLans Zhang2017-07-201-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: define the oe index nameLans Zhang2017-07-201-0/+2
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* sign_rpm_ext: remove the test linesLans Zhang2017-07-191-4/+0
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: enable RPM file signing if ima is configuredLans Zhang2017-07-191-1/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* rpm: allow to enable IMA signingLans Zhang2017-07-1812-0/+805
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Fix the occurrence of checking the existence of signing keysLans Zhang2017-07-121-5/+0
| | | | | | packagegroups are not the end consumers of using user-key-store. Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* packagegroup-efi-secure-boot/packagegroup-ima: depend on check_deploy_keysLans Zhang2017-07-111-0/+5
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* keyutils: fix build failure with ppcLans Zhang2017-07-112-29/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity: enable sign_rpm_ext to support rpm and file signingLans Zhang2017-07-112-0/+22
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* base-file: mount securityfsLans Zhang2017-07-111-0/+1
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: clean up IMA signingLans Zhang2017-07-113-178/+3
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Clean up RDEPENDSLans Zhang2017-07-051-1/+0
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* ima-policy: enable policy checkLans Zhang2017-07-041-0/+3
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* initrdscripts-ima: clean up code style and RDEPENDSLans Zhang2017-07-041-23/+20
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* init.ima: code style cleanupLans Zhang2017-07-041-14/+8
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Code style fixupLans Zhang2017-07-043-7/+6
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* packagegroup-ima*: clean up the RDEPENDSLans Zhang2017-07-042-11/+5
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-integrity: implement the system trusted cert and IMA trusted certLans Zhang2017-07-042-4/+9
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* Use the DER-formatted system trusted keyLans Zhang2017-07-031-3/+4
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* code style fixupLans Zhang2017-06-291-3/+5
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* IMA: refresh kernel cfgLans Zhang2017-06-267-23/+22
| | | | Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
* meta-secure-core: initial commitLans Zhang2017-06-2229-0/+1003
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 23:34:21 +0000