Use Case: I am developing a IoT Linux system for my Raspberry Pi. Read Only rootfs is not an option, because I want to upgrade executables on the fly. What I thought is my solution: I develop a tool which can sign ELF-Files (Linux executables and libraries). It signes the sections with some pub/priv key, saves the signature into a section and checks the file before executing it (like DigSig but with the help of openssl-lib). The library loader(glibc) is also modified to check all linux ".so"-libraries before loading it. At the end I want to publish the project and my solution under an open source license. Currently it is not finish and far away from stability.
Develoment state:
- ELF-File Sign tool is finished.
- Kernel is modified (new security module / own syscall function to check elf-binary signature).
- Glibc is modified and patched for my local source.
- Quemu is patched to support my new syscall.
- Yocto environment is set up. And the image runs on my RaspberryPi 2 test machine.
So far so good. I have the feeling I am very close to my solution.
Now I need to: Make Yocto / bitbake enable that ALL ELF-Files are signed after the build process. Best would be if the rpm-files have already the signed ELF-files included. And the signing process would be done by one recipe for all the other packages. (So I do not want to create a post installation script which modifies only the files on the root folder).
After searching hours in google and checking the documentation of yocto I have no solution. It would be very great if someone can help me.
