Message ID | 20211123145747.101549-4-Quirin.Gylstorff@siemens.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Headers | show |
Series | Read-only root file system with dm-verity | expand |
diff --git a/recipes-kernel/linux/files/verity.cfg b/recipes-kernel/linux/files/verity.cfg new file mode 100644 index 0000000..35d8208 --- /dev/null +++ b/recipes-kernel/linux/files/verity.cfg @@ -0,0 +1,5 @@ +CONFIG_BLK_DEV_DM=y +CONFIG_DM_VERITY=y +CONFIG_DM_CRYPT=y +CONFIG_SQUASHFS=y +CONFIG_OVERLAY_FS=y diff --git a/recipes-kernel/linux/linux-cip-common.inc b/recipes-kernel/linux/linux-cip-common.inc index 1afec88..bbbf812 100644 --- a/recipes-kernel/linux/linux-cip-common.inc +++ b/recipes-kernel/linux/linux-cip-common.inc @@ -28,3 +28,7 @@ SRC_URI_append_bbb = "file://${KERNEL_DEFCONFIG}" SRCREV_cip-kernel-config ?= "cd5d43e99f4d5f20707d7ac1e721bb22d4c9e16e" S = "${WORKDIR}/linux-cip-v${PV}" + +SECURE_BOOT_KERNEL ?= "0" + +SRC_URI += "${@'file://verity.cfg' if d.getVar('SECURE_BOOT_KERNEL') == '1' else ''}"