jiazhang0/meta-secure-core

SYSTEM_TRUSTED and SECONDARY_TRUSTED are incorrectly parsed

frasercadger opened this issue · 1 comments

Despite having, neither ima or modsign as DISTRO_FEATURES, I received the following error:

| NOTE: system_trusted_key.key is unavailable
| DEBUG: Python function check_deploy_keys finished
| ERROR: Function failed: ERROR: Unable to find user key for SYSTEM_TRUSTED ...

Everything looked OK in meta-signing-key/classes/user-key-store.bbclass.

However, after some debugging it turned out SYSTEM_TRUSTED and SECONDARY_TRUSTED were always being set to "1" - regardless of the status of ima or modsign.

I believe this is a parsing error, as when I changed the if statements to have an explicit check; i.e. if d.getVar("IMA", True) == "1" or d.getVar("MODSIGN", True) == "1". I got the correct result.

I have submitted a pull request, with a fix for this.

#60

Merged. Thanks for your contribution!