meta-security - Security tools for Internet connected devices

Age	Commit message (Collapse)	Author
2021-08-01	meta-integrity: Convert to new override syntax	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-12	initramfs-framework-ima: introduce IMA_FORCE	Ming Liu
	Introduce IMA_FORCE to allow the IMA policy be applied forcely even 'no_ima' boot parameter is available. This ensures the end users have a way to disable 'no_ima' support if they want to, because it may expose a security risk if an attacker can find a way to change kernel arguments, it will easily bypass rootfs authenticity checks. Signed-off-by: Sergio Prado <sergio.prado@toradex.com> Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-02-23	initramfs-framework-ima: let ima_enabled return 0	Ming Liu
	Otherwise, ima script would not run as intended. Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-02-23	initramfs-framework-ima: RDEPENDS on ima-evm-keys	Ming Liu
	Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-02-23	initramfs-framework-ima: fix a wrong path	Ming Liu
	/etc/ima-policy > /etc/ima/ima-policy. Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-01-04	meta-integrity: fix issues with yocto-check-layer	Armin Kuster
	[v2] re-did solutions Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-09-07	initramfs-framework-ima: correct IMA_POLICY name	Armin Kuster
	it had ima_policy_hashed and did not match the recipe ima-policy-hashed found by yocto-check-layer Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-08-24	integrity-image: IMA_EVM_KEY_DIR has no affect, remove	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-08-04	meta-integrity: rename IMA_EVM_BASE to INTEGRITY_BASE	Dmitry Eremin-Solenikov
	data/debug-keys will be reused for demo modsign keys, so rename IMA_EVM_BASE to more generic INTEGRITY_BASE. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com>
2019-05-28	image: add image for testing	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-05-28	initramfs: clean up to pull in packages.	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-05-28	base-files: add appending to automount securityfs	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-05-28	meta-integrity: port over from meta-intel-iot-security	Armin Kuster
	Signed-off-by: Armin Kuster <akuster808@gmail.com>