Digi
/
meta-digi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

trustfence: avoid encryption of read-only SQUASHFS 

SQUASHFS read-only rootfs cannot be unencrypted on-the-fly
so skip encryption if read-only-rootfs is active.

Signed-off-by: Hector Palacios <hector.palacios@digi.com>
This commit is contained in:
Hector Palacios 2021-11-24 10:37:33 +01:00 committed by Mike Engel
parent f4f84881d7
commit 7c1ab66835
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
meta-digi-dey/classes/trustfence.bbclass
View File

@ -104,7 +104,10 @@ python () {
d.setVar("TRUSTFENCE_ENCRYPT_PARTITIONS", "1"); d.setVar("TRUSTFENCE_ENCRYPT_PARTITIONS", "1");
# Enable the trustfence initramfs if and only if partition encryption is enabled # Enable the trustfence initramfs if and only if partition encryption is enabled
if (d.getVar("TRUSTFENCE_ENCRYPT_PARTITIONS", True) == "1" and d.getVar("STORAGE_MEDIA", True) == "mmc"): # and not using a read-only rootfs
if (d.getVar("TRUSTFENCE_ENCRYPT_PARTITIONS", True) == "1" and \
d.getVar("STORAGE_MEDIA", True) == "mmc" and \
d.getVar("TRUSTFENCE_READ_ONLY_ROOTFS", True) == "0"):
d.setVar("TRUSTFENCE_INITRAMFS_IMAGE", "dey-image-trustfence-initramfs"); d.setVar("TRUSTFENCE_INITRAMFS_IMAGE", "dey-image-trustfence-initramfs");
else: else:
d.setVar("TRUSTFENCE_INITRAMFS_IMAGE", ""); d.setVar("TRUSTFENCE_INITRAMFS_IMAGE", "");