[PATCH 15/24] boards: qemu-virt: add security policies
Sascha Hauer
s.hauer at pengutronix.de
Thu Aug 21 07:15:55 PDT 2025
On Thu, Aug 21, 2025 at 08:57:10AM +0200, Ahmad Fatoum wrote:
> Hi,
>
> On 8/20/25 15:17, Sascha Hauer wrote:
> > From: Ahmad Fatoum <a.fatoum at barebox.org>
> >
> > To make it easier to experiment with security policies, add four example
> > configurations, two via the build system and two "externally".
>
> The configs need a make security_olddefconfig due to the addition of the
> new symbols in later commits.
Indeed.
One thing I just noticed is that the qemu-virt board is built for both
32bit and 64bit boards. The sconfig files are currently suitable for the
32bit variant, but enabling security policies in multi_v8_defconfig
results in a
Security policy qemu-virt-lockdown.sconfig.tmp was not up to date.
This is not a problem since security policies are only enabled in
virt32_secure_defconfig, but nevertheless that's something we might want
to improve somehow.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox
mailing list