[OE-core] [PATCH 0/2] Sign the image nodes with keys different from those for configuration nodes.

Thomas Perrot Tue, 10 Aug 2021 05:32:51 -0700

The keys to sign image nodes must be different from those used to sign
configuration nodes, otherwise the "required" property, from UBOOT_DTB_BINARY,
will be set to "conf", because "conf" prevails on "image". Then the images
signature checking will not be mandatory and no error will be raised in case of
failure.


Thomas Perrot (2):
  kernel-fitimage: images should not be signed with the same keys as the
    configurations
  oeqa/selftest/fitimage: update tests to use two keys

 meta/classes/kernel-fitimage.bbclass     | 40 +++++++++++++++++++++---
 meta/lib/oeqa/selftest/cases/fitimage.py | 21 ++++++++-----
 2 files changed, 49 insertions(+), 12 deletions(-)

-- 
2.31.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#154679): 
https://lists.openembedded.org/g/openembedded-core/message/154679
Mute This Topic: https://lists.openembedded.org/mt/84791631/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH 0/2] Sign the image nodes with keys different from those for configuration nodes.

Reply via email to