diff options
| author | Daniel Golle <daniel@makrotopia.org> | 2018-01-15 03:37:17 +0100 |
|---|---|---|
| committer | Daniel Golle <daniel@makrotopia.org> | 2018-08-08 02:22:54 +0200 |
| commit | 8174853c78f88b854ac66a3f0a5380d36ededa9a (patch) | |
| tree | 90db16f8c8ced86a8329cb98b87b7e593a435acc /package/base-files/Makefile | |
| parent | ec78f03de589adc9bd47a02d723d7054510601dd (diff) | |
| download | upstream-8174853c78f88b854ac66a3f0a5380d36ededa9a.tar.gz upstream-8174853c78f88b854ac66a3f0a5380d36ededa9a.tar.bz2 upstream-8174853c78f88b854ac66a3f0a5380d36ededa9a.zip | |
base-files: introduce sysupgrade signature chain verification
Verify ucert signature chains in sysupgrade images in case ucert is
installed and $CHECK_IMAGE_SIGNARURE = 1.
Also make sure ucert host binary is present and generate a self-signed
ucert in case $TOPDIR/key-build.ucert is missing.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Diffstat (limited to 'package/base-files/Makefile')
| -rw-r--r-- | package/base-files/Makefile | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/package/base-files/Makefile b/package/base-files/Makefile index 04a863a8c5..b72b17ee16 100644 --- a/package/base-files/Makefile +++ b/package/base-files/Makefile @@ -12,11 +12,11 @@ include $(INCLUDE_DIR)/version.mk include $(INCLUDE_DIR)/feeds.mk PKG_NAME:=base-files -PKG_RELEASE:=194 +PKG_RELEASE:=195 PKG_FLAGS:=nonshared PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/ -PKG_BUILD_DEPENDS:=usign/host +PKG_BUILD_DEPENDS:=usign/host ucert/host PKG_LICENSE:=GPL-2.0 # Extend depends from version.mk @@ -102,6 +102,9 @@ ifdef CONFIG_SIGNED_PACKAGES [ -s $(BUILD_KEY) -a -s $(BUILD_KEY).pub ] || \ $(STAGING_DIR_HOST)/bin/usign -G -s $(BUILD_KEY) -p $(BUILD_KEY).pub -c "Local build key" + [ -s $(BUILD_KEY).ucert ] || \ + $(STAGING_DIR_HOST)/bin/ucert -I -c $(BUILD_KEY).ucert -p $(BUILD_KEY).pub -s $(BUILD_KEY) + endef define Package/base-files/install-key |