diff mbox series

[meta-security,v2,3/4] integrity: Fix the do_configure function

Message ID 20230510145125.1067280-4-stefanb@linux.ibm.com
State New
Headers show
Series Fix some issues due to IMA related changes | expand

Commit Message

Stefan Berger May 10, 2023, 2:51 p.m. UTC
Append ':append' to do_configure so it does not replace all existing
do_configure's.

Only run 'sed' when DISTRO_FEATURES contains 'ima' and the .config file
exists.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 meta-integrity/recipes-kernel/linux/linux_ima.inc | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta-integrity/recipes-kernel/linux/linux_ima.inc b/meta-integrity/recipes-kernel/linux/linux_ima.inc
index 0b6f530..7016800 100644
--- a/meta-integrity/recipes-kernel/linux/linux_ima.inc
+++ b/meta-integrity/recipes-kernel/linux/linux_ima.inc
@@ -4,8 +4,10 @@  SRC_URI += " \
     ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'file://ima.scc', '', d)} \
 "
 
-do_configure() {
-    sed -i "s|^CONFIG_SYSTEM_TRUSTED_KEYS=.*|CONFIG_SYSTEM_TRUSTED_KEYS=\"${IMA_EVM_ROOT_CA}\"|" .config
+do_configure:append() {
+    if [ "${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'yes', '', d)}" = "yes" ] && [ -f .config ] ; then
+        sed -i "s|^CONFIG_SYSTEM_TRUSTED_KEYS=.*|CONFIG_SYSTEM_TRUSTED_KEYS=\"${IMA_EVM_ROOT_CA}\"|" .config
+    fi
 }
 
 KERNEL_FEATURES:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"