Blame - meta-evb/meta-evb-aspeed/meta-evb-ast2600/conf/templates/default/local.conf.sample - stefanberger/openbmc

blob: 95be7abc5751ad091f173c701419a54cb8d72a8d [file] [log] [blame]

Troy Lee	26bcba2	2020-12-02 10:34:53 +0800	[diff] [blame]	1	MACHINE ??= "evb-ast2600"
				2	DISTRO ?= "openbmc-phosphor"
Andrew Jeffery	605c37c	2021-09-15 09:12:36 +0930	[diff] [blame]	3	PACKAGE_CLASSES ?= "package_ipk"
Patrick Williams	ed2ee5d	2021-08-06 09:03:46 -0500	[diff] [blame]	4	SANITY_TESTED_DISTROS:append ?= " *"
				5	EXTRA_IMAGE_FEATURES ?= "debug-tweaks"
				6	USER_CLASSES ?= "buildstats"
Troy Lee	26bcba2	2020-12-02 10:34:53 +0800	[diff] [blame]	7	PATCHRESOLVE = "noop"
Patrick Williams	ed2ee5d	2021-08-06 09:03:46 -0500	[diff] [blame]	8	BB_DISKMON_DIRS ??= "\
Troy Lee	26bcba2	2020-12-02 10:34:53 +0800	[diff] [blame]	9	STOPTASKS,${TMPDIR},1G,100K \
				10	STOPTASKS,${DL_DIR},1G,100K \
				11	STOPTASKS,${SSTATE_DIR},1G,100K \
				12	STOPTASKS,/tmp,100M,100K \
George Liu	b6bf8da	2022-04-12 14:01:21 +0800	[diff] [blame]	13	HALT,${TMPDIR},100M,1K \
				14	HALT,${DL_DIR},100M,1K \
				15	HALT,${SSTATE_DIR},100M,1K \
				16	HALT,/tmp,10M,1K"
Patrick Williams	eebb12c	2021-08-10 05:48:58 -0500	[diff] [blame]	17	CONF_VERSION = "2"
Troy Lee	f51034c	2021-01-13 02:39:35 +0000	[diff] [blame]	18
Stefan Berger	ddb02fe	2023-03-28 10:16:54 -0400	[diff] [blame]	19	DISTRO_FEATURES:append = " integrity"
				20
				21	# Enable IMA kernel support
				22	# DISTRO_FEATURES:append = " ima"
				23
				24	# Once ima-evm-rootfs is activated we need the keys below for signing
				25	# executables and libraries
				26	# IMAGE_CLASSES += "ima-evm-rootfs"
				27
				28	# Modify the following variables to point to your own directory and keys
				29	# The CA must be able to verify the x509 cert:
				30	# openssl verify -CAfile ${IMA_EVM_ROOT_CA} ${IMA_EVM_X509}
				31	#
				32	# IMA_EVM_KEY_DIR = "${INTEGRITY_BASE}/data/debug-keys"
				33	# IMA_EVM_PRIVKEY = "${IMA_EVM_KEY_DIR}/privkey_ima.pem"
				34	# IMA_EVM_X509 = "${IMA_EVM_KEY_DIR}/x509_ima.der"
				35	# IMA_EVM_ROOT_CA = "${IMA_EVM_KEY_DIR}/ima-local-ca.pem"
				36
				37	# The following policy enforces IMA & EVM signatures
				38	# IMA_EVM_POLICY = "${INTEGRITY_BASE}/recipes-security/ima_policy_appraise_all/files/ima_policy_appraise_all"
				39
Stefan Berger	08d9ce3	2023-04-26 20:19:36 -0400	[diff] [blame^]	40	# Useful debugging tools
				41	# IMAGE_INSTALL:append = " attr-tools"
				42
Troy Lee	f51034c	2021-01-13 02:39:35 +0000	[diff] [blame]	43	require conf/machine/include/obmc-bsp-common.inc