| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-03-18 | T861: use custom Kernel certificate over the root shim signing certificate | Christian Breunig | |
| 2025-03-11 | T7233: Fix wrong MOK certs path in the script of build-kernel.sh | Youyuan | |
| 2024-10-01 | T861: Fix kernel suffix for package build by actions | Viacheslav Hletenko | |
| 2024-09-25 | T861: sign all Kernel modules with an ephemeral key | Christian Breunig | |
| The shim review board (which is the secure boot base loader) recommends using ephemeral keys when signing the Linux Kernel. This commit enables the Kernel build system to generate a one-time ephemeral key that is used to: * sign all build-in Kernel modules * sign all other out-of-tree Kernel modules The key lives in /tmp and is destroyed after the build container exits and is named: "VyOS build time autogenerated kernel key". In addition the Kernel now uses CONFIG_MODULE_SIG_FORCE. This now makes it unable to load any Kernel Module to the image that is NOT signed by the ephemeral key. | |||
| 2024-08-29 | T6674: Add build-scrips for packages without Jenkins | Viacheslav Hletenko | |
| Add build scripts for .deb packages without Jenkins. To exclude Jenkins we need some place where we can put new builds-scripts to run in parallel (old/new) during meantime We will deprecate old Jenkins package builds in the future. | |||
 |
index : vyos-build.git | |
| VyOS image build scripts (mirror of https://github.com/vyos/vyos-build.git) |
| summaryrefslogtreecommitdiff |