summaryrefslogtreecommitdiff
path: root/meta-security/meta-integrity/recipes-security
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/meta-integrity/recipes-security')
-rw-r--r--meta-security/meta-integrity/recipes-security/ima-evm-keys/ima-evm-keys_1.0.bb16
-rw-r--r--meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb1
-rw-r--r--meta-security/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed3
3 files changed, 20 insertions, 0 deletions
diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-keys/ima-evm-keys_1.0.bb b/meta-security/meta-integrity/recipes-security/ima-evm-keys/ima-evm-keys_1.0.bb
new file mode 100644
index 000000000..62685bbb0
--- /dev/null
+++ b/meta-security/meta-integrity/recipes-security/ima-evm-keys/ima-evm-keys_1.0.bb
@@ -0,0 +1,16 @@
+SUMMARY = "IMA/EMV public keys"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+inherit features_check
+REQUIRED_DISTRO_FEATURES = "ima"
+
+ALLOW_EMPTY_${PN} = "1"
+
+do_install () {
+ if [ -e "${IMA_EVM_X509}" ]; then
+ install -d ${D}/${sysconfdir}/keys
+ install "${IMA_EVM_X509}" ${D}${sysconfdir}/keys/x509_evm.der
+ lnr ${D}${sysconfdir}/keys/x509_evm.der ${D}${sysconfdir}/keys/x509_ima.der
+ fi
+}
diff --git a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb
index 7f649c2d6..bd8558303 100644
--- a/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb
+++ b/meta-security/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils_git.bb
@@ -26,6 +26,7 @@ S = "${WORKDIR}/git"
inherit pkgconfig autotools features_check
REQUIRED_DISTRO_FEATURES = "ima"
+REQUIRED_DISTRO_FEATURES_class-native = ""
EXTRA_OECONF_append_class-target = " --with-kernel-headers=${STAGING_KERNEL_BUILDDIR}"
diff --git a/meta-security/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed b/meta-security/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
index 7f89c8d98..4d9e4ca50 100644
--- a/meta-security/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
+++ b/meta-security/meta-integrity/recipes-security/ima_policy_hashed/files/ima_policy_hashed
@@ -53,6 +53,9 @@ dont_measure fsmagic=0x43415d53
# CGROUP_SUPER_MAGIC
dont_appraise fsmagic=0x27e0eb
dont_measure fsmagic=0x27e0eb
+# CGROUP2_SUPER_MAGIC
+dont_appraise fsmagic=0x63677270
+dont_measure fsmagic=0x63677270
# EFIVARFS_MAGIC
dont_appraise fsmagic=0xde5e81e4
dont_measure fsmagic=0xde5e81e4
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-25 00:22:50 +0300