aboutsummaryrefslogtreecommitdiffstats
path: root/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
diff options
context:
space:
mode:
Diffstat (limited to 'meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb')
-rw-r--r--meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb14
1 files changed, 11 insertions, 3 deletions
diff --git a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
index 95c853a..58cbe6e 100644
--- a/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
+++ b/meta-integrity/recipes-core/initrdscripts/initramfs-framework-ima.bb
@@ -14,15 +14,23 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384
# to this recipe can just point towards one of its own files.
IMA_POLICY ?= "ima-policy-hashed"
+# Force proceed IMA procedure even 'no_ima' boot parameter is available.
+IMA_FORCE ?= "false"
+
SRC_URI = " file://ima"
+inherit features_check
+REQUIRED_DISTRO_FEATURES = "ima"
+
do_install () {
install -d ${D}/${sysconfdir}/ima
install -d ${D}/init.d
install ${WORKDIR}/ima ${D}/init.d/20-ima
+
+ sed -i "s/@@FORCE_IMA@@/${IMA_FORCE}/g" ${D}/init.d/20-ima
}
-FILES_${PN} = "/init.d ${sysconfdir}"
+FILES:${PN} = "/init.d ${sysconfdir}"
-RDEPENDS_${PN} = "keyutils ${IMA_POLICY}"
-RDEPENDS_${PN} += "initramfs-framework-base"
+RDEPENDS:${PN} = "keyutils ima-evm-keys ${IMA_POLICY}"
+RDEPENDS:${PN} += "initramfs-framework-base"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 20:29:57 +0000