+ Patrick (mistyped email address).
---
Cal
On 07/14/2017 07:11 PM, California Sullivan wrote:
I'm not sure why I never tried just signing the kernel and systemd-boot,
but it works. If either one is not signed, it causes gives a security
violation error.
A con of this implementation is that
This configurable class uses sbsign to sign arbitrary EFI binaries.
Signed-off-by: California Sullivan
---
classes/uefi-sign.bbclass | 52 +++
1 file changed, 52 insertions(+)
create mode 100644
This should be added via a linux-*.bbappend, this one is just for
testing.
Signed-off-by: California Sullivan
---
common/recipes-kernel/linux/linux-intel_4.9.bb | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git
Signed-off-by: California Sullivan
---
conf/machine/include/meta-intel.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/conf/machine/include/meta-intel.inc
b/conf/machine/include/meta-intel.inc
index ff98a2a..40f3b4c 100644
---
I'm not sure why I never tried just signing the kernel and systemd-boot,
but it works. If either one is not signed, it causes gives a security
violation error.
A con of this implementation is that unlike the combo app, we don't
inherently validate the initrd. In the future we could require that
Signed-off-by: California Sullivan
---
common/recipes-bsp/systemd-boot/systemd-boot_%.bbappend | 3 +++
1 file changed, 3 insertions(+)
diff --git a/common/recipes-bsp/systemd-boot/systemd-boot_%.bbappend
> -Original Message-
> From: Tim Orling [mailto:timothy.t.orl...@linux.intel.com]
> Sent: Friday, July 14, 2017 8:45 AM
> To: Francesco Camarda (fcamarda)
> Cc: yo...@yoctoproject.org; meta-intel@yoctoproject.org
> Subject: [EXT] Re: [meta-intel] How to build module
> On Jul 13, 2017, at 5:59 AM, Francesco Camarda (fcamarda)
> wrote:
>
> Hello,
> Starting from a yocto build (details below):
>
> $ bitbake ias-kc-pf-image
> Loading cache: 100%
>