From patchwork Wed Apr 16 17:17:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gokhan Cetin X-Patchwork-Id: 4181 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 16 Apr 2025 19:18:27 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wr1-f59.google.com (mail-wr1-f59.google.com [209.85.221.59]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 53GHIR0b011383 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Apr 2025 19:18:27 +0200 Received: by mail-wr1-f59.google.com with SMTP id ffacd0b85a97d-3913f97d115sf517545f8f.0 for ; Wed, 16 Apr 2025 10:18:27 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1744823901; cv=pass; d=google.com; s=arc-20240605; b=jXfxZvKstj/kEGtbmBilu8Nx3jgu7Cv6QPtkJhW6dNR3tuKa0qJaRvfOx4zr5+kNCR 3ceUibPitz9qhzGigNfZafsEGvZjOGWqOg44TXUyD4L7A2GXgcMyguvjyWHMYYcEz1o5 aMo98aYg3Qv1KRV7uAeWY0i74Uc/luygOEtKbxFuVr4/W5keu19MYjqiCOkAM9jujYPc 1UmcKx5evh162DM+kbkSHWdEIBFDT5BtKxMUoFrRRcuXz/dq5oIPzRB+PXnlQPht7YRp n2qkdbtrgIl/2e89mujWhRNBlfmbkAQtd+2RbgJ2mqebjtTAvDHgoLXN6bR/OqQPCV9Q blIg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=IzZa/AuhBnFMJQCtZSPb+fJCP/SxLeBMXOomVCN9NeM=; fh=F0ItOPfsibjLJeiuF8GrC6NqXAhVE49qgwr0ZMyeNRM=; b=blWhZhEMKCkfDXxzXfAqct4PA8pAb/lvmeKAkaXwGeoYXY9IywcdrpjH+BDamQhUI3 zvxGuUh6PwEkPKbP8cnDNa8BuG5YRxq2+Wfx5omoGLxzykEc+4WMQ95EGQe2QBq60vD3 2VI3AWDoPozXfUyte0aBrAfZBgJJ1s7MwDvaclQwQiolzl/RS++gCspYrFwSGpqD9L56 m6J/Dwa7c3MzUbHg/B4kyw5v+d82rA84WYKpYUvaEkAoxU72Q8ByBW6hGwf/DPOhqcY4 9Xjrl+z5vequJKf/pzYKlgWhu295jy+XpU/OCedQbUaGlAelTqZl3lqgAqaEGPp6GADN COkA==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=H5LynDEi; spf=pass (google.com: domain of fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wx@rts-flowmailer.siemens.com designates 185.136.64.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wX@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744823901; x=1745428701; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=IzZa/AuhBnFMJQCtZSPb+fJCP/SxLeBMXOomVCN9NeM=; b=lxrhfOHZcHJ+b8AkaghPD/E64RhcnGlyjVcIgneaiPH0W0DjI/TquMDeDssgfDr4T8 svNnZWonHT55vEAyPo2usw5MDYsWdxR67tP4vkeZucSr5X4IwcYSX1HG2VZkkaoIfXTD CP1KbnRsunZTJryXSu7y4oC1SGl584dOh66a/I64ZwOZ5e2jRI233aVnpWIHvOlIUxsQ v5LInXRK4ZCmghPiczJvsXskPP5Y8RaHrSjkcwdME/dhszQNgNCo81oN5i2REY5kgDRQ GobxiHH4kBqVQahDAJWEcdzAPYYuhhrT081cgQPrtngYRVKpRuqz0F6axndBs1ujIQp0 jLRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744823901; x=1745428701; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=IzZa/AuhBnFMJQCtZSPb+fJCP/SxLeBMXOomVCN9NeM=; b=aGiIAJOK5kOEQCqbTze/V4h/9DjxriDdZ5t14a8zxEo1WpDOP6WwJxk+WwtO7KOgIq ss1sTQXIM4ThuWpSxgggDtk3vtgI0W1T1lgENnmFTf0a+NwbyfjK8me8AjpQQkM93AZa imoy3BPh7+Ef9CVemUCY/RQurNG9Q8jFpH31fcGk/GPVZKa19yETTHsSyhSEkhLJ3QT6 bbeAHOevtngm9BCwJyWcsZfZ8vNqwn/8Xh+Bqq/E557PsJBGpQBeupbHdknJgpHnVHWG vHLbT3ePrTsp2YHbnu4JSRgFcjOVrp9cLGO/yRTg1kX9saAoU4qC7ehSk1hERgCwvx9k ubfQ== X-Forwarded-Encrypted: i=2; AJvYcCW8ExWRfjvmdnJ++YSP95dSEQuVZ+ggA2tvGuS/e1w2shBQekKh+vMll4qHyKvDCKShHH0NjVY=@isar-build.org X-Gm-Message-State: AOJu0YwzX6+Lac5oG6cF6bGPszx3JirwPMFe0AuXVgjrn1etX2J9QpLZ NKX1SuD6iMGKnVlBGtScxe0eOfj+NXbxb5xonHVo8LF5YMNiykYr X-Google-Smtp-Source: AGHT+IGCTPRDQtK6JfNaIW5ELl40r4SDeaHQtLqn2/FIyUZLvZjeL6Jl2hnxJhpnR6gyi1z7V8GU+g== X-Received: by 2002:a05:6000:2505:b0:39b:fa24:9523 with SMTP id ffacd0b85a97d-39ee904779dmr289524f8f.7.1744823900054; Wed, 16 Apr 2025 10:18:20 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARLLPAKl85knF61qNSZLHZ1kNnnfdTCfUe1/8NAPsk9lvs3jyQ== Received: by 2002:a05:600c:3d0b:b0:43c:f001:2ff1 with SMTP id 5b1f17b1804b1-4406227a7f8ls277125e9.0.-pod-prod-00-eu; Wed, 16 Apr 2025 10:18:15 -0700 (PDT) X-Received: by 2002:a05:600c:1e8b:b0:43b:c6a7:ac60 with SMTP id 5b1f17b1804b1-44062457615mr2312035e9.10.1744823895435; Wed, 16 Apr 2025 10:18:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744823895; cv=none; d=google.com; s=arc-20240605; b=YqmSoO8oIMoU3U9YxkUKT88JyzzDldso08Lyw6eXEW1xpIMRyhXnQiggndQ6aaZ82+ Dc9AkQdekTbRLfJA+eep4Mmhe5NRGDPPIEK57hHSFi3EHImNN0WPv6Sc754FEABQZPqa 39EPDagwJrP62RLaHpWxCTG7eSiVw8UlRQ/c9eua7S85PkVsK0+sC7ttpPx1F/MXw/Hv T68ju0LTOT2J1nNnzStB83VuEOpxEnZirQTWPdRQibItPSJi71X/9vNB9UyNbGTjAQfA 6Btqrp8DPSMXpnblnax5U0Kqh8W6BMZY+czSngIdo1jY5T3NqRQMDD2lLx0banmolWzR 8AJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=cGVcRVuVOOJtcyuaa+qyHrE/ERVxdZVxdUlgeivczkw=; fh=7H56SyJ75bwGZUIqRCOBd3K5XpBD2YtSSm9HZ9E1Jq8=; b=EWnLF3OTN3dqqAkFEkqJWhw+aBzOCvaBza7TKj5pIJIzM8zW8MZ7KSdsJ5TP8RgFAH DweqTuznpsKjYzxQjGl3AyubT/UcmdPwkeHUbfKhpSCJvKRj5BzG7n6/ajYUP+C27fsR QWomL97RYB4WIvwTuNYJIQcZAthW+JQFDxY9nkmVLSCzBDm4WpnIFglDIyJ8PhfsjlIG LA2mevEmUHbWmr8z/Hkrq2y7Pp2Ng700RCtBdOpVSnp4skPW5q8JoE5xZQmmVAJ324na 9AEA1/ETkGU6wB12yqxgtHluSuXuZDVlqdYwH5NLhgKY0MAKKRSiesfa7zCoQ3hp5BNx BUiQ==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=H5LynDEi; spf=pass (google.com: domain of fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wx@rts-flowmailer.siemens.com designates 185.136.64.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wX@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net. [185.136.64.227]) by gmr-mx.google.com with ESMTPS id 5b1f17b1804b1-4405b4ce864si419175e9.2.2025.04.16.10.18.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 Apr 2025 10:18:15 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wx@rts-flowmailer.siemens.com designates 185.136.64.227 as permitted sender) client-ip=185.136.64.227; Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 202504161718149601f8c06773fa1e9c for ; Wed, 16 Apr 2025 19:18:14 +0200 X-Patchwork-Original-From: "'Gokhan Cetin' via isar-users" From: Gokhan Cetin To: isar-users@googlegroups.com Cc: gokhan.cetin@siemens.com, jan.kiszka@siemens.com Subject: [PATCH v2 1/5] module-signer-example: define virtual package name as module-signer Date: Wed, 16 Apr 2025 19:17:05 +0200 Message-Id: <20250416171709.742191-2-gokhan.cetin@siemens.com> In-Reply-To: <20250416171709.742191-1-gokhan.cetin@siemens.com> References: <20250416171709.742191-1-gokhan.cetin@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1328731:519-21489:flowmailer X-Original-Sender: gokhan.cetin@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=H5LynDEi; spf=pass (google.com: domain of fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wx@rts-flowmailer.siemens.com designates 185.136.64.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718149601f8c06773fa1e9c-gtg3wX@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Gokhan Cetin Reply-To: Gokhan Cetin Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= This will help to easily manage dependencies on providers implemented in downstreams. Signed-off-by: Gokhan Cetin --- .../module-signer-example/module-signer-example.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-isar/recipes-devtools/module-signer-example/module-signer-example.bb b/meta-isar/recipes-devtools/module-signer-example/module-signer-example.bb index 001e8cc8..58a84d01 100644 --- a/meta-isar/recipes-devtools/module-signer-example/module-signer-example.bb +++ b/meta-isar/recipes-devtools/module-signer-example/module-signer-example.bb @@ -9,6 +9,9 @@ inherit dpkg-raw DPKG_ARCH = "all" +PROVIDES = "module-signer" +DEBIAN_PROVIDES = "module-signer" + DEPENDS = "sb-mok-keys" DEBIAN_DEPENDS += "openssl, sb-mok-keys" From patchwork Wed Apr 16 17:17:06 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gokhan Cetin X-Patchwork-Id: 4182 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 16 Apr 2025 19:18:29 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wr1-f61.google.com (mail-wr1-f61.google.com [209.85.221.61]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 53GHISuU011402 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Apr 2025 19:18:28 +0200 Received: by mail-wr1-f61.google.com with SMTP id ffacd0b85a97d-39c30f26e31sf4742140f8f.3 for ; Wed, 16 Apr 2025 10:18:28 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1744823903; cv=pass; d=google.com; s=arc-20240605; b=c2qG87Emen/Vd9LO+F2FyxHZnOFQMAxTpYle0mTzAoodLsSDuMS/Myzij1WbDDaYJ/ s9vNyPwK8UnLdXs8FJ0KJTqDrOHGWr3lRBXg3SVMP846di58GwNRApAthDcJR6wMc/LO RH0Xz5QUWl+/+tgLjjgUi2ovourmyLxZ7wgroawTDczSmBTjVxrC3AXVufkxUL95hyLH qBsQOjEoM4ycX41NFpeDT09PJqEO/qImDqZ8YXFhF+5heDlnldVccrPM8V4iuQSr4X7l 2TKlpuMhBX14skfcG57AYb1Y1TAIWAlQm0KxU7k1vkTLRFVAZn5jNfKXH5XsFI6k4Ugp Fd9Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=WQzmD0BX6yJ8oX15rQ6+j+z1D2w3oySQI5f/mrHl3Vg=; fh=6HmDdpHoUYRm8XWZbNsf0zPoyIiTR7LqcNapu+ZfSL0=; b=f6A1BiezOiLQAeY4eKmlPKGyBQPGCvfGPTgAJVAIM4d5JLtoY2H5BQipfRSmA8fN5J 6/DgUWjcEo89YuaipxRmpi7ImGnzrrPqmdAc9e5gtmSfy3MQkr6k2svewp2ClrXhURbh /HrsUvuw8Ka/lmUUy5Em1Rh+xJvUNpqPYPgKXCbPWwAA5YIntBGspyvNWMZN+bHqpNm1 XD/oenEJ0NnRwa78RQKNcTJper9moncd+SCka+EvdAg2HrYQXd9SzI7cdZtfuoWleyU2 KSu9vbsiI6Ci4539p0F4ID/ndf6HrDwVPNo1NsUyvRqDGxlQ4bGjN3FhyoILTYjO4VJo lexA==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=VSEzDnly; spf=pass (google.com: domain of fm-1328731-202504161718161f802cd64705a634b0-qyhydg@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718161f802cd64705a634b0-QYHYdg@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744823903; x=1745428703; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=WQzmD0BX6yJ8oX15rQ6+j+z1D2w3oySQI5f/mrHl3Vg=; b=caNdUj9k60JPbGGm11Amt+RmfWo7cbe6wEl8E0WaAa+Pv5Ans1QBn8hsr828RlXJDJ qB0yTuchBVshaX8gjUk8zLvc1WukY8wXuoaK3l8pu/7TzloP8fIJ5Vpfy5FDgBm5tdfD wKZKFfq+o/F/Ri0bYeQwbV8qBiqjYzdvzey4Z5nO8zde6QI4YeSNuNOrwbY39icQnUQv ebzG2ajnJb1PFb0cUsxGFPS75WR3rcxQjPWUFz7sKRjmMy7AVSeLPh21FzENEH/hk+Ys IgMK/sGgBtPavocb5kmq5ukRAq0FV2FMSg032qCLCBjvPZI2EN/SSp6x/VNahThbjE/G z6XQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744823903; x=1745428703; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=WQzmD0BX6yJ8oX15rQ6+j+z1D2w3oySQI5f/mrHl3Vg=; b=lvzW2+U5VRqSlv81HzMgopsEbm/hpgc4xc+ndzKZLl5UDQGO0DzQus7tFjUlE87Swx 83UxwlrJBZOZjEYx/FZbslWP4J1siRaU97/TXhEWJsnF951zn35Uke3RSSbM/460T6/Q sgrppLKQdRUUMblT2O/6lHA45u8aDgaz94UntWKzqkWNwsBpYLS85pqpPgfrTDhXmxEA GfCbckwnpAClIRUOnPBda7AzEkXPRHqFpv5xFcuSnRzLGLAO+6N6Z+TmLgh+9PmQoGGG p5pzVoAbB6gcr8UlQNtjXKsYeJUvJH9ImT7Ld+GCGZFqpy1YAhGROPqNap73KgmpLa+c yaqQ== X-Forwarded-Encrypted: i=2; AJvYcCXEMPk+XOxdoE4uvVa2HIjIiSHN70w4QBak4nQ++vkXvzyXbqnn1YefeZUJdWYR9YpJY6xNVCA=@isar-build.org X-Gm-Message-State: AOJu0YwS1MB3LdZKA5q1IyfuhwSTEQa7fJxjfQ7OOHFcKDMzyDFdoIsR eGoArpwvBUtXE+/xVRX4dM4YHZQHRazC4vWVHHvWPkjhNqVpf1kp X-Google-Smtp-Source: AGHT+IEvERn8C+8oEhSG1OeGyKwFZPuIIi/qGe/lNGU+ruLScvdD37BH8SPVmePpeSUoat8Rtk0Reg== X-Received: by 2002:a5d:59a2:0:b0:390:e9b5:d69c with SMTP id ffacd0b85a97d-39ee5b35db2mr2511695f8f.25.1744823901337; Wed, 16 Apr 2025 10:18:21 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARLLPALk/YRQwkQQIQkznh3SWrkPwUmXxJZlWqJ+fAdMtUEvlA== Received: by 2002:a05:600c:4584:b0:43c:fb0f:d9ae with SMTP id 5b1f17b1804b1-44062269978ls523055e9.0.-pod-prod-05-eu; Wed, 16 Apr 2025 10:18:17 -0700 (PDT) X-Received: by 2002:a05:6000:2a01:b0:39e:e75b:5cc with SMTP id ffacd0b85a97d-39ee75b0961mr1656406f8f.16.1744823896770; Wed, 16 Apr 2025 10:18:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744823896; cv=none; d=google.com; s=arc-20240605; b=ilZ1kwOq0cbnPsdNd1S4Jw+itwJphpOcFiTDhMY8g2401Ss9UvhWQ088tFFWAEwXD6 mstfaoMQ5k3q2Q3xb9dD9e1eZAzwIHCrJMbVWJEAYpBkBpFc3Ox1UR1/aqCVyqxarU4p 6Hh5MfgO1pSnDHuKu+2npWXEJK9jcuDjVeR6pRSCvYBDKAdI0IPVAdsny0wxr4vhyr0a vAhMVZTTptDLpH2yTpI3rDRHhbLB1K3r/ffZ8tP8Gp/wHmU4Gnmsd+5jIgo43sqUGB4k GsUBV3/guhwJpvSiINaIiZS3Ur1oqDvYvQ4TqfVyjYsAhBkxXfj/EVi6zWn3fs5ih+hC bk8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=JS//+uWJ6pcDHzauH1FlWVIY7MUERCxcMMWCeg5PIIY=; fh=7H56SyJ75bwGZUIqRCOBd3K5XpBD2YtSSm9HZ9E1Jq8=; b=BhhF4bLuqO2hTPD7FyuVJS1CHjU5eixHYRcslyVCZFBemsZE/NKTFVKP9eaLShzH/3 LXffZwAA/z7OoqmgNaWS4ElF3Rc68b/OkW7j6r7GIoj9DtGtlnfqQJNSiAooSpkNzotx DfrqOMPoyVsxugr0meGUA3Rq/iDTITEh5JBxzs7DRVs8ANuPn9Ie8DSpCfRebq+K9lgz fsusn+e4PyQOfAdSpn61qlxRqohpiq5pnUXlshBXG3FA4BBfWsL76C5tegCHDGOyizTL UY41we2H9M91VroYEO++z/mMe3sgNF0J1Skz40hzWxVFHN0duKsoIAHGZQoP7nU0fxOY DPXg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=VSEzDnly; spf=pass (google.com: domain of fm-1328731-202504161718161f802cd64705a634b0-qyhydg@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718161f802cd64705a634b0-QYHYdg@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net. [185.136.65.227]) by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-39ee362ec3bsi36636f8f.0.2025.04.16.10.18.16 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 Apr 2025 10:18:16 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1328731-202504161718161f802cd64705a634b0-qyhydg@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) client-ip=185.136.65.227; Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 202504161718161f802cd64705a634b0 for ; Wed, 16 Apr 2025 19:18:16 +0200 X-Patchwork-Original-From: "'Gokhan Cetin' via isar-users" From: Gokhan Cetin To: isar-users@googlegroups.com Cc: gokhan.cetin@siemens.com, jan.kiszka@siemens.com Subject: [PATCH v2 2/5] meta/recipes-kernel/linux-module: Define default paths for signing related variables Date: Wed, 16 Apr 2025 19:17:06 +0200 Message-Id: <20250416171709.742191-3-gokhan.cetin@siemens.com> In-Reply-To: <20250416171709.742191-1-gokhan.cetin@siemens.com> References: <20250416171709.742191-1-gokhan.cetin@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1328731:519-21489:flowmailer X-Original-Sender: gokhan.cetin@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=VSEzDnly; spf=pass (google.com: domain of fm-1328731-202504161718161f802cd64705a634b0-qyhydg@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718161f802cd64705a634b0-QYHYdg@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Gokhan Cetin Reply-To: Gokhan Cetin Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= They are initialized with almost standardized paths in isar-cip-core and many other layers. In this way, it is possible to get rid of dozens of repeating lines in module recipes. Signed-off-by: Gokhan Cetin --- meta/recipes-kernel/linux-module/module.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-kernel/linux-module/module.inc b/meta/recipes-kernel/linux-module/module.inc index 3b0ceae7..45d88d48 100644 --- a/meta/recipes-kernel/linux-module/module.inc +++ b/meta/recipes-kernel/linux-module/module.inc @@ -23,10 +23,10 @@ DEBIAN_BUILD_DEPENDS = "${KERNEL_HEADERS_PKG}" # Do not generate debug symbols packages, as not supported for modules DEB_BUILD_OPTIONS += "noautodbgsym" -SIGNATURE_KEYFILE ??= "" -SIGNATURE_CERTFILE ??= "" +SIGNATURE_KEYFILE ??= "/usr/share/secure-boot-secrets/secure-boot.key" +SIGNATURE_CERTFILE ??= "/usr/share/secure-boot-secrets/secure-boot.pem" SIGNATURE_HASHFN ??= "sha256" -SIGNATURE_SIGNWITH ??= "" +SIGNATURE_SIGNWITH ??= "/usr/bin/sign-module.sh" SRC_URI += "file://debian/" From patchwork Wed Apr 16 17:17:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gokhan Cetin X-Patchwork-Id: 4183 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 16 Apr 2025 19:18:29 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wm1-f59.google.com (mail-wm1-f59.google.com [209.85.128.59]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 53GHIS2n011407 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Apr 2025 19:18:28 +0200 Received: by mail-wm1-f59.google.com with SMTP id 5b1f17b1804b1-43efa869b19sf48495395e9.2 for ; Wed, 16 Apr 2025 10:18:28 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1744823903; cv=pass; d=google.com; s=arc-20240605; b=ffgWbS3ueQOqFsrBYIbXxLxIjUu4iR1u70OVCSYJBcDy1KebJYsAN/Z/Sg+Pinkxmh IGG8pci2gnrRX5QyjJA3RwWg/+8ljeyyqhLsG118GKgKiIXhjFhvPLF5o4paifFGtN3S b8vKJwBfG2PbbtaFrZ9dDl1pYlAB4MRA8hn1jRW1mVrhjUvXghzNHli2YMeMmvJqihQ1 DaD6U4jisQlJz8WpjUO06T5167urPbCxhGrOCPEliLvDi5mQp9vyaPmMTqoT4e0zJyAU BurUT44dDMTskFGZre0T3EV0p79fJsInM1S/OD22qzvvlEd3ENo5kKGRQBSEurDEAfNy ku5A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=gTKMdjjvCpcJY2QkMKUjZkG0CbGOx6NJTw8SC3aV/Js=; fh=2QAqSUiq1xSaik4gsUUR6aNavgrnALZGXee14PKPZwk=; b=NHnDm34RJ0haPv0msx/EotGSVZDHHnPN6B8w9TG8wPll91mCjX0NELyWP3GOg59rql fILSj8FCV5pqHJCVkMOhzznf59JWnAFLoA6LvhDURdooaLVAVBlUJ4nwp0EyFeR/mCTG zLnnCEnB5750aRYT5bGLv9SoVgbEejm18lb3IH230pSwei/yvYilR4xhG+I92kBB72tG lPjejs4WMxpk5sA4hYkMDggkwuWu35QH30sl9UchgztWEWvVOdxsocK8BD2YKt6tyH7u LZ8Nqxw7DNVtOlPBTK7Rmawj/B/ptsF1BlAlz02G8489FYjDRyRBKHjsvQRxhnRrvGJm zUfg==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=IcBLIYjH; spf=pass (google.com: domain of fm-1328731-202504161718174771446ee1fa96a8e9-y6skiy@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718174771446ee1fa96a8e9-y6sKiy@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744823903; x=1745428703; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=gTKMdjjvCpcJY2QkMKUjZkG0CbGOx6NJTw8SC3aV/Js=; b=HSQDDtEfwEn8hKOJexdY9lVTvfH161DdZW2aeKS3KQiOw3/Naem210UH98W25OrlJl SvTdwEbe9znvO4hxwWPLUeUM/6VmrFspUD/Cwn8icUTsGHtr4bRaBrVUPmbuvr8e+gXh 7ifdmqeG9UIBIc5iWopohJTVeo4K/80Q6VSNALHm9BzDEccHovElkCAI4TFU7DsTT4X9 7zaPE5kJ3pQs7UpucK7QMwbrPfJSYygLSZPW5qB3un66hSX088yF5JrJwo1UayWDmReE CCw/6AvgN0dSAB//s7BA8ghp4HDbwUV6SbNobKc62h4kjC+p0Nj6UG45pKK23nFylVts I9gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744823903; x=1745428703; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=gTKMdjjvCpcJY2QkMKUjZkG0CbGOx6NJTw8SC3aV/Js=; b=wu0NkhVEb9ytAKMgvviU4uDHyjR+SwF6iTGeUhCOraJNQs+ma44FZ1U5qejWGXb2ox tHHeOF9IsjiDjCMD0JxO4e7h/v9KnmKtV2y7uIjCNG9slg2Z9/um3nMGVr/QrQxw5HZZ kB1tHtb3DpJNKrYG1qqPly8EFm//qTBCUUzfdWysp+ugSvYjqWLJctRGZiy9ZLJSc96Y wfIfyqJytC+g2xQBz660vFy1sPANpe1GHTdZgU96pyag3cYZJHqZLBr8MHDYjzr7NmiK baUIoj3Le8GuRRCyKV6XJZp/Pg5hiVywQ1Iv8iwkZ6/wyRBAvhGK13q9/aEMZtcN3JPd HTMA== X-Forwarded-Encrypted: i=2; AJvYcCVkfg2d/bDYeYD70p2Y3Sw44gZTvwRF+EIN6f8W8gtYmdkdiIdECKNhmAysX+LUB+azAGkaoW8=@isar-build.org X-Gm-Message-State: AOJu0YwRvUBi1dHLmWb9mn7lCwrtniQQZGzAtx05qzlS/0asG+DZfVeM Vpv3g+iPSkqcj2nsgIpqSBNxSmCvklQtasgT9QxuKusUs+DGKLQW X-Google-Smtp-Source: AGHT+IHr1+mYk7OnbqLNINuCRVPpGl9EoSaThSijly4iTxRHxMdHYJTfdqxyzJA+Xj3/FzB+cYFd5g== X-Received: by 2002:a05:600c:5248:b0:43c:f969:13c0 with SMTP id 5b1f17b1804b1-4405d6bf389mr24571715e9.29.1744823901793; Wed, 16 Apr 2025 10:18:21 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARLLPAKBioZH/HYjdAgpSzfkyqXimKv69I+5IeH+oZ/qxyssJQ== Received: by 2002:a05:600c:259:b0:43c:ed2c:bcf2 with SMTP id 5b1f17b1804b1-440623114cbls266395e9.1.-pod-prod-05-eu; Wed, 16 Apr 2025 10:18:17 -0700 (PDT) X-Received: by 2002:a05:600c:1c07:b0:43c:ec28:d31b with SMTP id 5b1f17b1804b1-4405d616ab4mr38230165e9.10.1744823897600; Wed, 16 Apr 2025 10:18:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744823897; cv=none; d=google.com; s=arc-20240605; b=DBiR/+0gx5+5++dTAQnoCN3nlG1vmGdAnDVIDMvp5yta5eXXNaPZEbTuYKz8PD/p/n RdDKfX9hRF2Bfc3Kto1dqy3lJPuTlXcjiQ5XqdzsmWPCY6iXoOlvgmftIveFlPg5R28V SCohyc4VvdtxT3tHhMvb+n9/2tlVAatEJ2Nga9vXebs5E1Yo2gwGKX6z9cPt6i8UymUJ kgWKcML+8U53TxDeFyGnwdZNIvgDoi1sqVn4bSCaw7tndSR/E/JLRE3ICf+Ulw8pQNk9 w1yyqkbbl64C/Jd3Qq/hu02ZHw5YQvD/JzHRXbr6WBDEQUrh27w5Pc8dquZvpl4IcN8F 17nw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=S6NrBygIPBE6GAmpho4hF+RB5K6msX5N9Khy8ZLN4b0=; fh=7H56SyJ75bwGZUIqRCOBd3K5XpBD2YtSSm9HZ9E1Jq8=; b=ZXzXTlSMSR2fFkFoguDQCVeUSXC0qPTUTQpa7Iae3A4Jzcxa2sNhR0/tj0uLliiy3w 4uZBBPm3r+hePUF/Y2Gdvdl7n/6xtMRbtqSRRdHrHTR5/tznG47h+8+Mc4u2dFleHWVx g/N8JeGdXGESzDvBwmEECr8QnNizCPabglsB/QlqV0e0k0PdRIDhSFzOC1ogWfNPb+So 0QPhttNWFvnsxGn5yO2+togIIZdoOp9b8IaogdbRrKmqRMSvh6iaaWZlrYR2woWnHMZw ibVRcmb9e+bz4292IUSUROM9mx46jxs9MHN2yicpukCIZScCLf3AQGrqFeXX+2Wku9nd n5zg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=IcBLIYjH; spf=pass (google.com: domain of fm-1328731-202504161718174771446ee1fa96a8e9-y6skiy@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718174771446ee1fa96a8e9-y6sKiy@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net. [185.136.65.227]) by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-39ee362ec3bsi36636f8f.0.2025.04.16.10.18.17 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 Apr 2025 10:18:17 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1328731-202504161718174771446ee1fa96a8e9-y6skiy@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) client-ip=185.136.65.227; Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 202504161718174771446ee1fa96a8e9 for ; Wed, 16 Apr 2025 19:18:17 +0200 X-Patchwork-Original-From: "'Gokhan Cetin' via isar-users" From: Gokhan Cetin To: isar-users@googlegroups.com Cc: gokhan.cetin@siemens.com, jan.kiszka@siemens.com Subject: [PATCH v2 3/5] meta-isar/recipes-secureboot/sb-mok-keys: define virtual package name Date: Wed, 16 Apr 2025 19:17:07 +0200 Message-Id: <20250416171709.742191-4-gokhan.cetin@siemens.com> In-Reply-To: <20250416171709.742191-1-gokhan.cetin@siemens.com> References: <20250416171709.742191-1-gokhan.cetin@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1328731:519-21489:flowmailer X-Original-Sender: gokhan.cetin@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=IcBLIYjH; spf=pass (google.com: domain of fm-1328731-202504161718174771446ee1fa96a8e9-y6skiy@rts-flowmailer.siemens.com designates 185.136.65.227 as permitted sender) smtp.mailfrom=fm-1328731-202504161718174771446ee1fa96a8e9-y6sKiy@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Gokhan Cetin Reply-To: Gokhan Cetin Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As done by 946b908b, this will allow more key providers to meet further common dependencies. Signed-off-by: Gokhan Cetin --- meta-isar/recipes-secureboot/sb-mok-keys/sb-mok-keys.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-isar/recipes-secureboot/sb-mok-keys/sb-mok-keys.bb b/meta-isar/recipes-secureboot/sb-mok-keys/sb-mok-keys.bb index 61378347..2a8b66d4 100644 --- a/meta-isar/recipes-secureboot/sb-mok-keys/sb-mok-keys.bb +++ b/meta-isar/recipes-secureboot/sb-mok-keys/sb-mok-keys.bb @@ -5,6 +5,8 @@ inherit dpkg +PROVIDES = "secure-boot-secrets" +DEBIAN_PROVIDES = "secure-boot-secrets" SRC_URI = "file://Makefile.tmpl" S = "${WORKDIR}/src" From patchwork Wed Apr 16 17:17:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gokhan Cetin X-Patchwork-Id: 4185 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 16 Apr 2025 19:18:31 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-lf1-f63.google.com (mail-lf1-f63.google.com [209.85.167.63]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 53GHIU72011429 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Apr 2025 19:18:31 +0200 Received: by mail-lf1-f63.google.com with SMTP id 2adb3069b0e04-54c0a1ca4f7sf3579765e87.3 for ; Wed, 16 Apr 2025 10:18:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1744823905; cv=pass; d=google.com; s=arc-20240605; b=Nyc72+dxOan1Gqowx0juuNDuFHfdECUPNKoCZt3zVIaMSelYwXegNVONTXYbREeifA BfY/RW1E8s2AKz3UxxivMTzMXUDfC57+BUtF5xyxydpgtBhrpFGshPXhejj666iZiQ/l W3R/y+Vqn0dcfIJVFEKhJ/TEbawfutPVW50aPD/2j39LVGs0NVmHCYsZ7W1tmUmKHzvd EtosZQlyPN0iQg9HucgYzmhV+0augH4STiVyQEf69Yz+K3gNIc+fTb4LGD0/IVUkykuD NIu9wcGfcu0tEyY+0Dixhwts4GkknkmapUVP97+i9cjWylktAjc4HksJe0hHhg6RX4gw emOg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ZoeuBYM/yFYr6Qfefff0FDaH1VBBGzpVXnHF8Mxp3Gw=; fh=k51n7RcFy8WcvdnHa+mZiEsDSBg680uAD3hQuzqrRto=; b=B7tgdYw6PparJSDuOi7J1aXpiPE2kZyfKsxltTDTLEqBbUtmULtHEFyw1TuE2IqTFR CejjGs/WF8qDwkDdLcBINNPPC1qyQIVdI+4l9dFB4ofnpgM8X+SuSiGOs3ej8H5mjhNK BzQtOHe8awGjg7+vT1Qx0z7Ca8mFpVqz4bMl4IWwx4YxEUmRUFudmWuS5qN2gLXuV34M lSwr0nGxf2IPjj+ByhXKWnYzhPbZnPVMBKP8LjMTVHMayzurj4qKrtz2Smk2oP5y+sA5 o5aRr4cVrX1pd7vCHFZTivGvgwuLTVQPg1OqK8Dd7ezD/Wq2JkWs4IUqqudE2Z55647A jK5A==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=OEUz5DMS; spf=pass (google.com: domain of fm-1328731-20250416171818f71083f1e27b52dfb5-5akl8l@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171818f71083f1e27b52dfb5-5Akl8l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744823905; x=1745428705; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=ZoeuBYM/yFYr6Qfefff0FDaH1VBBGzpVXnHF8Mxp3Gw=; b=v7WkumhJ++2WlTSZ9e1kR+dcbTbC06oFu4WNsBQixpSNxIBLgDVP8WY7oRk93qftAk 0qGbYkOYTs+CvDtprEdBYWOO5FjL+qg4pFfFJlLHid7LwbRFrOyPU+Q8Uw9JwbFRbc2R VHr7uMNSr2b8T40qmv0rJq2pFNOs9vyRju4oHoQJ+3ZwBx9sFS10V/mDgYyAURz5gh1B N1Xs5nQKvhEbfqGdHMaUITDuQKrjbmqI9xqq00957EX+dyT6Kin7S+VctSohJueQ2qc0 L88NmClm/ItClgpDCUxm1vNkQU7u+4ZZbMdyYS9BiIiIJ+uM3bHVtpFyxgOLDEWu3xm7 YmYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744823905; x=1745428705; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ZoeuBYM/yFYr6Qfefff0FDaH1VBBGzpVXnHF8Mxp3Gw=; b=i0IWZ0CpuOlBauEU3805mlN/tut0RqkQilC1S7YMnuje6+PvcF73sr7JztQ5UnW3C5 61iudeTHpM5e90GnekP6BYvvHvooRzW14pVGRSzK9/QrKH5C+7yfqXXOTuLd1xFzUObG biqHwJsAryiXIygwA7PyLIzy0GqCnybNBf8k5FV9PwutWkZxjQ259OmAiBMFjnNh+gLl UDfcnakiqUtYb6Gx4vAtxGnKkpMbv8Wnb8GYPMzVmopWdhjM/0bz7dhH5G++qVRp2O8E XZkOqj0cQ7PRZcfSVFa5dP/JCeOHFHb2IhJkQuH7VkD5lPoZkOS1JqFdqmrICTxM/udr 6pJA== X-Forwarded-Encrypted: i=2; AJvYcCVukhmalEnpC8wMIvWJp0E6rD8CaJOTRjK2nXff7kXZAd/woPVA9rtJprPVwfGvPrvOewnY4sA=@isar-build.org X-Gm-Message-State: AOJu0YzeA2Jrc/zwvNoVd4QJJ8NyldA8j7IAMdbAPSkzRfIQVxEn6iDF 3Z9RDW/OouRgJi8IAT2VYqYEVO2PGsvmGEBd+5DR0hESOJGSJFUc X-Google-Smtp-Source: AGHT+IGZjGpDko9qERBC27kMyZRgr79ZqjpJun+Zqnivy3DxZyYwLrFCGFe4ACvhQi6QdEkLZn2M+A== X-Received: by 2002:a05:6512:3f03:b0:54c:a49:d3ee with SMTP id 2adb3069b0e04-54d64a7a4e3mr1040558e87.3.1744823903860; Wed, 16 Apr 2025 10:18:23 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARLLPAJ9JUfbqZokfTqoxbNoYzgH/XJm07uYqIl7mPX544drUA== Received: by 2002:a19:ca0b:0:b0:549:9b17:deaf with SMTP id 2adb3069b0e04-54d68bc611dls19240e87.0.-pod-prod-02-eu; Wed, 16 Apr 2025 10:18:19 -0700 (PDT) X-Received: by 2002:a05:6512:158f:b0:545:576:cbca with SMTP id 2adb3069b0e04-54d64a7abc3mr980565e87.8.1744823899319; Wed, 16 Apr 2025 10:18:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744823899; cv=none; d=google.com; s=arc-20240605; b=JfcYZc0YN9E+tUqkokVD95utk/ZBIcxpK+ayicDHdOQpF4m2TkY2dGdqG/8OaULN5R AtPTkUwjLegveQpoJ15XwWDfu24TTjKKIjObsb1VHRY2hFRhylOJvNDuWS5TVX61kX1J Yv8VY6vXwh/pFU5adVbd+RL2VZCOR8AaGsbnd0lZriopFK8rk7LnL8xSuIXZGYtK1leM SKSVdNTPTWgvAtnF7lRqtCM87a5beUiSmmuR+Slc890JwDEIUQLQN9YQZ3qCmqUfFQlV Iuhz9ayVEa0JvXymR9tkclbFotQeFmOGSc9cOZ9iwrekl7NjooTiXSr4XwsIaj8vYngu TB9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=M/iSOQM6rtGVleG0mHybbWpk1BUAClnsRc1LwnKKYy4=; fh=7H56SyJ75bwGZUIqRCOBd3K5XpBD2YtSSm9HZ9E1Jq8=; b=UvOtNlWEV3AhjwVNVfXHckDK8CPR66SmoJK7XtF6gwjdIyYxS009YWewZcMQS0Zcqn 6jj1aGUMLxNyJTvwqwtIgiZuuZ/Ah0Inwly2PhEGnbaAaTD1R8XO7TuJouHGGQd0Hbfu 9RzMxuSVTTrEBif12qejOTbzIhKAfDQnQI/SeKAHXGfTSdASaGO1bY3vwXTHlUpXZAtA DCm0SOltO/oj1Sf4tJAzs7IHzZBr1Wbw+KjKn/ut6PTOdY2CnLof23R0Pw+COzmqOFI8 tsTNUizx2XJLGtVWWQWe5TkziDt+VxgVZ4l5a5dLrRjpUgeKvHFjCzK6Vyu7o8J7ogTf btow==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=OEUz5DMS; spf=pass (google.com: domain of fm-1328731-20250416171818f71083f1e27b52dfb5-5akl8l@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171818f71083f1e27b52dfb5-5Akl8l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-225.siemens.flowmailer.net (mta-64-225.siemens.flowmailer.net. [185.136.64.225]) by gmr-mx.google.com with ESMTPS id 38308e7fff4ca-30f464c97e3si1117871fa.1.2025.04.16.10.18.19 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 Apr 2025 10:18:19 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1328731-20250416171818f71083f1e27b52dfb5-5akl8l@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) client-ip=185.136.64.225; Received: by mta-64-225.siemens.flowmailer.net with ESMTPSA id 20250416171818f71083f1e27b52dfb5 for ; Wed, 16 Apr 2025 19:18:18 +0200 X-Patchwork-Original-From: "'Gokhan Cetin' via isar-users" From: Gokhan Cetin To: isar-users@googlegroups.com Cc: gokhan.cetin@siemens.com, jan.kiszka@siemens.com Subject: [PATCH v2 4/5] meta/recipes-kernel/linux-module: add option to set default signing profile and dependencies Date: Wed, 16 Apr 2025 19:17:08 +0200 Message-Id: <20250416171709.742191-5-gokhan.cetin@siemens.com> In-Reply-To: <20250416171709.742191-1-gokhan.cetin@siemens.com> References: <20250416171709.742191-1-gokhan.cetin@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1328731:519-21489:flowmailer X-Original-Sender: gokhan.cetin@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=OEUz5DMS; spf=pass (google.com: domain of fm-1328731-20250416171818f71083f1e27b52dfb5-5akl8l@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171818f71083f1e27b52dfb5-5Akl8l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Gokhan Cetin Reply-To: Gokhan Cetin Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Introduces single control variable (`KERNEL_MODULE_SIGNATURES`) to set all predefined build profile and dependencies need to be configured for kernel module signing. By using this option, downstreams will be able to enable build-wide signing of kernel modules which include module.inc without appending any additional configuration into their module recipes. Signed-off-by: Gokhan Cetin --- meta/recipes-kernel/linux-module/module.inc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/meta/recipes-kernel/linux-module/module.inc b/meta/recipes-kernel/linux-module/module.inc index 45d88d48..8fe5eed4 100644 --- a/meta/recipes-kernel/linux-module/module.inc +++ b/meta/recipes-kernel/linux-module/module.inc @@ -28,6 +28,13 @@ SIGNATURE_CERTFILE ??= "/usr/share/secure-boot-secrets/secure-boot.pem" SIGNATURE_HASHFN ??= "sha256" SIGNATURE_SIGNWITH ??= "/usr/bin/sign-module.sh" +KERNEL_MODULE_SIGNATURES ??= "" + +# Define signing profile and dependencies if KERNEL_MODULE_SIGNATURES is set to "1" +DEB_BUILD_PROFILES += "${@'pkg.signwith' if bb.utils.to_boolean(d.getVar('KERNEL_MODULE_SIGNATURES')) else ''}" +DEPENDS += "${@'module-signer secure-boot-secrets' if bb.utils.to_boolean(d.getVar('KERNEL_MODULE_SIGNATURES')) else ''}" +DEBIAN_BUILD_DEPENDS .= "${@', module-signer, secure-boot-secrets' if bb.utils.to_boolean(d.getVar('KERNEL_MODULE_SIGNATURES')) else ''}" + SRC_URI += "file://debian/" AUTOLOAD ?= "" From patchwork Wed Apr 16 17:17:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gokhan Cetin X-Patchwork-Id: 4184 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Wed, 16 Apr 2025 19:18:31 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-lj1-f186.google.com (mail-lj1-f186.google.com [209.85.208.186]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 53GHIUwD011422 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Apr 2025 19:18:30 +0200 Received: by mail-lj1-f186.google.com with SMTP id 38308e7fff4ca-310855daf77sf467761fa.3 for ; Wed, 16 Apr 2025 10:18:30 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1744823904; cv=pass; d=google.com; s=arc-20240605; b=Vt+F2pKDiSO8e3niEqBk7n3DOGnhflleRCq4uXR3CBjb9zlaALou/Iv4SlznqS/fQT v4dmSmvhgkdr5DuO8Evwoo98fuOBbphX+LKW7CPTmLPaAvZeYiUUoNyog3Agn3PsQaxH evs8SSV+ngSBt17iBvONgpbtmvf15bbsu3haJeFV65Wdi/q+/itxJhR/KLh1BCAEDBVH V/mF/VbbVzGyyvYCjGnBD34nBWcAIR/p2onYi3bR01MMxV/pQRqiTCwTBiEfMmbv2UsY UoySME68JnfZ/CymrHPcPMLwysRBbWeCzCCbBH+MP8XjikTYNxuaGz96GNXu0fP4kFsT XakA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=AGSrXGmlyhi/LqPKYH/RRQ6uwkRavFpFdOUV+eooX3Y=; fh=P4HiDGBYYN46TZvthlgBjLOaSNz7XBMDdzl3nJ4MBs0=; b=dtLl1q1qSjE7c0lcayUgvbmfz8n/yk2I3OSpwQrVhdj0rqPaiQgXpP4++VekH1AM3n M97SFMTzSqxHfjveLDz7OXrJzmI3G6OknBLY16ziKt1dT7UAZtz2sSe+5OphkXuweFQT CNjF7aMXMVvulAyT6eMWkVhxODtTnpvb84YBWFshdb1Fb9SVhLLHJPmkrH+Hol+/AjTh HOpIIq1c2Eba3caYSIMYlLDpgD8Ktf8u3ZbJrIMDmErK8yImWCDB+hZp8fE+5DwOXK3O vvIygmM53PgEm3YRlq24T0vn5Uayblt0zZ/Xq/DEx2oHb3KeDzZkqTTWAcSf3yEMkCVl OjCg==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=YBJO5kRF; spf=pass (google.com: domain of fm-1328731-20250416171819762400a43abce5bbdc-2srwtn@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171819762400a43abce5bbdc-2SRwtn@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744823904; x=1745428704; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=AGSrXGmlyhi/LqPKYH/RRQ6uwkRavFpFdOUV+eooX3Y=; b=ETmPELYA8LyVsxZAbGYQSR29Da7nIDr1wg+55ZhUR3j3zXWazXkD2uVrwr+e2p+loz MGD48pgXc8GVmtwnnbfT131FW1fEkjRTXFh3HXo2tFEm9dZdTMt6eD8TlxXb06mZWTPS U0P3idXk90mPXsbLs9ICny8RGack12+vUyNIGqfC/aR5vkj1H4+CjRa5DE1t7zyay//R a+KCmmqe1Jmti9dtLZ/dvTDeBpzo7AAOSr3cdlvG4+klEzQJoE9X+JYY/h11ODGhAZcI b3L3UjEf/BBNLO2wrtre4ZghQ2pPsfd2SfAEzktBRHD7QT6QO234dZOvLR3p3ye9Inda rB+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744823904; x=1745428704; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=AGSrXGmlyhi/LqPKYH/RRQ6uwkRavFpFdOUV+eooX3Y=; b=g/XGQfJ+a3NDs8LKNuCyjg7K5/IdNwiieril/YlvmPAEJxBVWA5ollWGjhIHgEwFEW fIikchADnYNqXiN40F5ToBuUQ5UH14wYhhdCC0FqpSdzCf/7tvmjcRbidHAt7+9yLKwi M2thm5xeSALHFc3vJRI2+KmcrW2AoG+BRtgO9Yfl7eDDIGL147rMeMxsgyo/8AJAIxL7 IOWiZbZ2fVd2Wo+3DVRKZK3gBDLyt5SkSn5uKk9eTpm+FDBqf/nhs432VhV+yLH5xcOL KYdSG2EKWIff8rN0F6yOKouLQZko6fsU/ybX6C4gKoIS85zNCCJah934IqfLvZKdDBgT svzQ== X-Forwarded-Encrypted: i=2; AJvYcCXw4YoadPw/PAXQhFX7c3XM2UMpyTS3OfodOId1xndK5WGh6RTSg1CELrjPwFU4K7NCGpCWIzA=@isar-build.org X-Gm-Message-State: AOJu0Yz+ZSNa0AGcp9mifJWLr02wxdpMroPNfdlqEhehuOEgjDdu0VB6 lTPbyin58aGUFk6GKxW9YknVtx1lRVXTzcNbnfF9ImepbVoSO6qs X-Google-Smtp-Source: AGHT+IFsOyOKvzhmOo3oBYo2NE2h8jnPLLuKYOYRrkk3LlrMM5Fh8AVhPyGEST5eVcbCWdzaylwv7w== X-Received: by 2002:a2e:a814:0:b0:30b:c9cb:47e5 with SMTP id 38308e7fff4ca-3107f68c361mr13216741fa.8.1744823902450; Wed, 16 Apr 2025 10:18:22 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=ARLLPALo73i7FokU0qIaCGgnmVW9v8YRbpkE8naaqFUeldKdUw== Received: by 2002:a2e:bccc:0:b0:30b:fc92:55c1 with SMTP id 38308e7fff4ca-310850bbac9ls489651fa.0.-pod-prod-06-eu; Wed, 16 Apr 2025 10:18:20 -0700 (PDT) X-Received: by 2002:a05:651c:158c:b0:30c:189d:a169 with SMTP id 38308e7fff4ca-3107f719c28mr11815761fa.25.1744823899904; Wed, 16 Apr 2025 10:18:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1744823899; cv=none; d=google.com; s=arc-20240605; b=bls9jjVfzOyeJK3PCcF8zxtKOWpnRk+XeuDhB71zaJ9T6eU4pPIph6qqORPjCc9Dra VpwgEHZ+M5e8T531iNkRsyh90vGN0wai9tYGkBQdt4yiG4QJNdY/vSEn7jyjaFry1I5y JOZxdI1qb9cfZ/Hi5o/Kt/UM72wxHxQ5glz2bXP/ZrYeoBDKbKZVnhwFeXuptFhBcRGJ yaMWhGXupuVV9pZ6DMq8wJ3TtaPXyCm1ZIZTuN5fPhef+oqa2JbKuNeIokBUQsRqfnHr BLDRLPLRqSvazGPlZhbRQ5YudxnBxLyb1+ZMkFVcXe68Ja42mCiDQw9YuL2e+52H/DoT d+Wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=uwVBIC7iYyDpohzWuuBgLJbHfLOv9ixoc5hQwgmIjD8=; fh=7H56SyJ75bwGZUIqRCOBd3K5XpBD2YtSSm9HZ9E1Jq8=; b=N/w5G4YP67Hca76XOoA+XhDRk/jtzyt9VvsWRgpsHNlAsR/uiwAUSYodU1SvjvCUuE uhgIReDme5DRMRiAtAANGV/Olod5uHO+tbXSV7/Uf+C0ymJFcgz84gJUl7uoOK1iC6Xn vAnuoFa7U6NWJnHaq+oXPLK22fmBjCYPZmC9Wu6WaRzL8JJdrj2Dkyj7erwNvbib0VA2 s9ta8YKYpq0M+IJ/SPEhNZdpX3NA9+ZvIoSggVXVy8zmNZdLaJD5hdOlRS2f12I2G7HJ 0WE2siJKvYve/8Isj+7/1uX3H089RGBz4ntgje17XXOjsM8HPvXc48byXtnYgiG2kS7p 4o6g==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=YBJO5kRF; spf=pass (google.com: domain of fm-1328731-20250416171819762400a43abce5bbdc-2srwtn@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171819762400a43abce5bbdc-2SRwtn@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-225.siemens.flowmailer.net (mta-64-225.siemens.flowmailer.net. [185.136.64.225]) by gmr-mx.google.com with ESMTPS id 38308e7fff4ca-30f464c97e3si1117871fa.1.2025.04.16.10.18.19 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 16 Apr 2025 10:18:19 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1328731-20250416171819762400a43abce5bbdc-2srwtn@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) client-ip=185.136.64.225; Received: by mta-64-225.siemens.flowmailer.net with ESMTPSA id 20250416171819762400a43abce5bbdc for ; Wed, 16 Apr 2025 19:18:19 +0200 X-Patchwork-Original-From: "'Gokhan Cetin' via isar-users" From: Gokhan Cetin To: isar-users@googlegroups.com Cc: gokhan.cetin@siemens.com, jan.kiszka@siemens.com Subject: [PATCH v2 5/5] doc/user_manual: describe module signer and certificate provider configuration Date: Wed, 16 Apr 2025 19:17:09 +0200 Message-Id: <20250416171709.742191-6-gokhan.cetin@siemens.com> In-Reply-To: <20250416171709.742191-1-gokhan.cetin@siemens.com> References: <20250416171709.742191-1-gokhan.cetin@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1328731:519-21489:flowmailer X-Original-Sender: gokhan.cetin@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm2 header.b=YBJO5kRF; spf=pass (google.com: domain of fm-1328731-20250416171819762400a43abce5bbdc-2srwtn@rts-flowmailer.siemens.com designates 185.136.64.225 as permitted sender) smtp.mailfrom=fm-1328731-20250416171819762400a43abce5bbdc-2SRwtn@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Gokhan Cetin Reply-To: Gokhan Cetin Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Mentions how `KERNEL_MODULE_SIGNATURES` can be used and how to manage the dependencies. Signed-off-by: Gokhan Cetin --- doc/user_manual.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/user_manual.md b/doc/user_manual.md index d8e5c33e..627dacb7 100644 --- a/doc/user_manual.md +++ b/doc/user_manual.md @@ -1162,9 +1162,17 @@ To provide a signer script that implements your custom signing solution, `SIGNAT can be set for the script path within the module recipe together with `SIGNATURE_CERTFILE` to define the public certificate path of the signer. +In order to choose between different signing solutions, signer recipes should provide the `module-signer` +target and package while certificate provider recipes should provide the `secure-boot-secrets` as target and package +to meet build dependencies. This way, desired signers and certificates can be configured using `PREFERRED_PROVIDER`. + Please see how `module-signer-example` hook generates a detached signature for the kernel module implemented in `example-module-signedwith` recipe. +You can enable build-wide kernel module signing by defining `KERNEL_MODULE_SIGNATURES = "1"` globally, +in this case, `pkg.signwith` build profile is added by default in addition to +`module-signer` and `secure-boot-secrets` target and package dependencies to the kernel module recipes. + ### Cross Support for Imagers If `ISAR_CROSS_COMPILE = "1"`, the imager and optional compression tasks