As time marches on, it seems that more attention is given to the various security features out there. We have the framework to incorporate dm-verity into our builds, but it seems we have a rather steep learning curve for people to overcome in order to use it, and accordingly only two sample conflgs for people to reference.
This changeset attempts to rectify that by capturing the Yocto specific settings relating to dm-verity -- in two categories ; global/generic settings and board specific settings. Credit to Niko Mauno who laid out a lot of information in a 0/N series preamble[1] some time ago - hopefully this puts the information a bit closer to where people can easily find it. This series only documents the beaglebone-black ; I'm hoping to do some testing with systemd-bootdisk-dmverity.wks.in and get us some documentation for other use cases involving that. In the meantime, I figured I'd see if there was any special doc requirements/layout/format etc. that I might have overlooked -- or if there is any interest in this at all. Paul. [1] https://lists.yoctoproject.org/g/yocto/message/50621 --- Paul Gortmaker (2): dm-verity: add basic non-arch/non-BSP yocto specific settings dm-verity: document board specifics for Beaglebone Black docs/dm-verity-beaglebone.txt | 37 +++++++++++ docs/dm-verity.txt | 114 ++++++++++++++++++++++++++++++++++ 2 files changed, 151 insertions(+) create mode 100644 docs/dm-verity-beaglebone.txt create mode 100644 docs/dm-verity.txt -- 2.33.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#59380): https://lists.yoctoproject.org/g/yocto/message/59380 Mute This Topic: https://lists.yoctoproject.org/mt/97532113/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
