diff options
Diffstat (limited to 'meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb')
-rw-r--r-- | meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb index 95c853a..58cbe6e 100644 --- a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb +++ b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb @@ -14,15 +14,23 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384 # to this recipe can just point towards one of its own files. IMA_POLICY ?= "ima-policy-hashed" +# Force proceed IMA procedure even 'no_ima' boot parameter is available. +IMA_FORCE ?= "false" + SRC_URI = " file://ima" +inherit features_check +REQUIRED_DISTRO_FEATURES = "ima" + do_install () { install -d ${D}/${sysconfdir}/ima install -d ${D}/init.d install ${WORKDIR}/ima ${D}/init.d/20-ima + + sed -i "s/@@FORCE_IMA@@/${IMA_FORCE}/g" ${D}/init.d/20-ima } -FILES_${PN} = "/init.d ${sysconfdir}" +FILES:${PN} = "/init.d ${sysconfdir}" -RDEPENDS_${PN} = "keyutils ${IMA_POLICY}" -RDEPENDS_${PN} += "initramfs-framework-base" +RDEPENDS:${PN} = "keyutils ima-evm-keys ${IMA_POLICY}" +RDEPENDS:${PN} += "initramfs-framework-base" |