[Openembedded-architecture] Trusted/secure/etc layers

Trevor Woerner twoerner at gmail.com
Thu May 3 13:28:40 UTC 2018


On Wed 2018-05-02 @ 08:27:01 PM, Tom Rini wrote:
> On Wed, May 02, 2018 at 11:31:02PM +0000, Otavio Salvador wrote:
> > A DISTRO_FEATURES or a MACHINE_FEATURES? It seems more related to the
> > machine.

Maybe I'm misunderstanding the inherent assumptions of this thread, and maybe
I'm overestimating the effort involved, but my guess is that although we could
throw a bunch of recipes into oe-core or meta-oe to support some of this work,
actually getting secure boot to work on any specific platform is going to need
a good chunk of work by the BSP maintainers?

Would it be fair to say that working secure boot is mostly a BSP issue?

Perhaps a better question might be: if we make this a *_FEATURE in oe-core,
does this mean oe-core needs to take on all of the tpm and secure-boot
recipes? Is it possible to standardize a *_FEATURE in oe-core, but make its
use dependent on an external layer?



More information about the Openembedded-architecture mailing list