Date
1 - 1 of 1
[isar-cip-core][PATCH v5 1/6] KConfig: add option to encrypt data partitions
Quirin Gylstorff
From: Quirin Gylstorff <quirin.gylstorff@...>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
Kconfig | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/Kconfig b/Kconfig
index 7d72094..cafb04c 100644
--- a/Kconfig
+++ b/Kconfig
@@ -193,4 +193,14 @@ config KAS_INCLUDE_SWUPDATE_SECBOOT
default "kas/opt/ebg-swu.yml" if IMAGE_SWUPDATE && !IMAGE_SECURE_BOOT
default "kas/opt/ebg-secure-boot-snakeoil.yml" if IMAGE_SECURE_BOOT
+config IMAGE_DATA_ENCRYPTION
+ bool "Encrypt data partitions on first boot"
+ depends on TARGET_QEMU_AMD64
+ help
+ This enables LUKS encryption for the partitions /var and /home.
+
+config KAS_INCLUDE_DATA_ENCRYPTION
+ string
+ default "kas/opt/encrypt-partitions.yml" if IMAGE_DATA_ENCRYPTION
+
endif
--
2.39.2
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
Kconfig | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/Kconfig b/Kconfig
index 7d72094..cafb04c 100644
--- a/Kconfig
+++ b/Kconfig
@@ -193,4 +193,14 @@ config KAS_INCLUDE_SWUPDATE_SECBOOT
default "kas/opt/ebg-swu.yml" if IMAGE_SWUPDATE && !IMAGE_SECURE_BOOT
default "kas/opt/ebg-secure-boot-snakeoil.yml" if IMAGE_SECURE_BOOT
+config IMAGE_DATA_ENCRYPTION
+ bool "Encrypt data partitions on first boot"
+ depends on TARGET_QEMU_AMD64
+ help
+ This enables LUKS encryption for the partitions /var and /home.
+
+config KAS_INCLUDE_DATA_ENCRYPTION
+ string
+ default "kas/opt/encrypt-partitions.yml" if IMAGE_DATA_ENCRYPTION
+
endif
--
2.39.2