+Megha
-l...@lists.01.org since you have to be a member to send to the list.
../Randy
On 2018-01-19 04:07 PM, Randy MacLeod wrote:
In chasing down a rare ccan configuration bug that sbsigntool-native
trips over, I noticed that there are several sbsigntool-native recipes,
all alike but not identical.
We have a few in the layer index:
https://layers.openembedded.org/layerindex/branch/master/recipes/?q=sbsigntool
and more elsewhere:
https://www.google.ca/search?q=sbsigntool-native
and even:
https://www.google.ca/search?q=meta-secure-core
The meta-intel and meta-secure-core versions were somewhat different but
that seems to be due to lack of co-operation rather than different
requirements.
Does it make sense to have a single version of the recipe in
a signing-key layer with the actual keys kept elsewhere I'd expect.
If so, what layer would make the most sense?
How about picking:
https://layers.openembedded.org/layerindex/branch/master/layer/meta-signing-key/
There is likely other recipe duplication in secure boot layers but
it's not something that I work on directly so I'm only mentioning
sbsigntool. Feel free to reduce more duplication!
Thanks,
--
# Randy MacLeod. WR Linux
# Wind River an Intel Company
--
_______________________________________________
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
