Google Git
Sign in
gbmc / meta-gbmc-staging / 6e5ec390e49f74d21b184be02cb564a8fdc82171
commit6e5ec390e49f74d21b184be02cb564a8fdc82171[log] [tgz]
authorWilliam A. Kennington III <wak@google.com>Thu May 30 15:56:03 2024 -0700
committerWilliam Kennington <wak@google.com>Thu Jul 04 00:23:12 2024 +0000
treebabbdc88b570734ce9a194ce416f2d2ace20c07f
parent9983f25e700d54e9870ffbc62410b1a005a83ffa [diff]
linux-gbmc: Add extra security Kconfigs

This adds an assortment of previously non-selected hardening settings.
Importantly, we now clear memory after applications free it. Reboots
will now completely wipe memory before booting the new system.

Tested: Booted on an AMD Rome BMC and did some basic system sanity.

Google-Bug-Id: 343786337
Change-Id: I0a6e98ea8f9f5f6071e9ba2ca889bc4fc8c4fd0b
Signed-off-by: William A. Kennington III <wak@google.com>
1 file changed
tree: babbdc88b570734ce9a194ce416f2d2ace20c07f
  1. classes/
  2. conf/
  3. dynamic-layers/
  4. recipes-bsp/
  5. recipes-connectivity/
  6. recipes-core/
  7. recipes-devtools/
  8. recipes-extended/
  9. recipes-google/
  10. recipes-kernel/
  11. recipes-phosphor/
  12. recipes-tpm1/
  13. recipes-tpm2/
  14. LICENSE
  15. README.md
README.md

meta-gbmc-staging

This repository contains additions to the openbmc/meta-google layer that are not yet ready for OpenBMC inclusion.

How to use this layer

  1. Clone openbmc/openbmc from GitHub.
  2. Clone this layer from GitHub into a subdirectory of openbmc.