Hello OE,
While attempting to sign our kernel modules (using the kernel configuration
CONFIG_MODULE_SIG) the drivers in our image did not have the signature, even
the certificate was being loaded by the kernel or the driver being signed
during do_install().
Turns out package.bbclass, while it ignores to create debug info files it does
strips the kernel modules files:
python split_and_strip_files () {
...
...
for f in kernmods:
sfiles.append((f, 16, strip))
oe.utils.multiprocess_exec(sfiles, oe.package.runstrip)
#
# End of strip
#
os.chdir(oldcwd)
}
The strip is required for many reasons yet it removes the signature which we
want to preserve in this scenario.
To work around this issue add
INHIBIT_PACKAGE_STRIP = "1"
either on your virtual/kernel bb file or driver bb file.
Hope this helps someone in the future when adding signature to files, perhaps
including this into the Yocto kernel development manual.
Cheers
P.S.
In a linux-intel kernel (master) without stripped kernel modules the image size
increased in 650kb.
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
