diff mbox series

[isar-cip-core,v5,1/6] KConfig: add option to encrypt data partitions

Message ID 20230309085321.17167-2-Quirin.Gylstorff@siemens.com (mailing list archive)
State Superseded
Headers show
Series Encrypt Partition in initramfs | expand

Commit Message

Quirin Gylstorff March 9, 2023, 8:53 a.m. UTC 
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 Kconfig | 10 ++++++++++
 1 file changed, 10 insertions(+)
diff mbox series

Patch

diff --git a/Kconfig b/Kconfig
index 7d72094..cafb04c 100644
--- a/Kconfig
+++ b/Kconfig
@@ -193,4 +193,14 @@  config KAS_INCLUDE_SWUPDATE_SECBOOT
 	default "kas/opt/ebg-swu.yml" if IMAGE_SWUPDATE && !IMAGE_SECURE_BOOT
 	default "kas/opt/ebg-secure-boot-snakeoil.yml" if IMAGE_SECURE_BOOT
 
+config IMAGE_DATA_ENCRYPTION
+	bool "Encrypt data partitions on first boot"
+	depends on TARGET_QEMU_AMD64
+	help
+	  This enables LUKS encryption for the partitions /var and /home.
+
+config KAS_INCLUDE_DATA_ENCRYPTION
+	string
+	default "kas/opt/encrypt-partitions.yml" if IMAGE_DATA_ENCRYPTION
+
 endif