[meta-security,7/7] meta-integrity/recipe-kernel: use sanity check

Submitted by Armin Kuster on June 5, 2021, 10:02 p.m. | Patch ID: 179862

Details

Message ID 20210605220258.414233-8-akuster808@gmail.com
State New
Headers show

Commit Message

Armin Kuster June 5, 2021, 10:02 p.m.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-integrity/recipes-kernel/linux/linux-%.bbappend | 6 +-----
 meta-integrity/recipes-kernel/linux/linux_ima.inc    | 5 +++++
 2 files changed, 6 insertions(+), 5 deletions(-)
 create mode 100644 meta-integrity/recipes-kernel/linux/linux_ima.inc

Patch hide | download patch | download mbox

diff --git a/meta-integrity/recipes-kernel/linux/linux-%.bbappend b/meta-integrity/recipes-kernel/linux/linux-%.bbappend
index f9a48cd..be60bfe 100644
--- a/meta-integrity/recipes-kernel/linux/linux-%.bbappend
+++ b/meta-integrity/recipes-kernel/linux/linux-%.bbappend
@@ -1,5 +1 @@ 
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
-
-KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
-
-inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}
+require ${@bb.utils.contains_any('DISTRO_FEATURES', 'integrity ', 'linux_ima.inc', '', d)}
diff --git a/meta-integrity/recipes-kernel/linux/linux_ima.inc b/meta-integrity/recipes-kernel/linux/linux_ima.inc
new file mode 100644
index 0000000..f9a48cd
--- /dev/null
+++ b/meta-integrity/recipes-kernel/linux/linux_ima.inc
@@ -0,0 +1,5 @@ 
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
+
+KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
+
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}