Update to internal 0.53

Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>

2 files changed, 27 insertions, 0 deletions

diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/0002-Disable-LLMNR-port-5355.patch b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/0002-Disable-LLMNR-port-5355.patch
new file mode 100644
index 000000000..8b978e4fb
--- /dev/null
+++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd/0002-Disable-LLMNR-port-5355.patch
@@ -0,0 +1,26 @@
+From 9fb05323291ccdfbf19ac0d9428e366d6023b408 Mon Sep 17 00:00:00 2001
+From: Karthick Sundarrajan <karthick.sundarrajan@intel.com>
+Date: Fri, 3 Apr 2020 10:23:41 -0700
+Subject: [PATCH] Disable LLMNR (port 5355)
+
+As part of OS hardening process, the port has to be
+disabled.
+
+Signed-off-by: Karthick Sundarrajan <karthick.sundarrajan@intel.com>
+---
+ src/resolve/resolved.conf.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in
+index 6898c78..a9125fd 100644
+--- a/src/resolve/resolved.conf.in
++++ b/src/resolve/resolved.conf.in
+@@ -15,7 +15,7 @@
+ #DNS=
+ #FallbackDNS=@DNS_SERVERS@
+ #Domains=
+-#LLMNR=yes
++LLMNR=no
+ #MulticastDNS=yes
+ #DNSSEC=@DEFAULT_DNSSEC_MODE@
+ #DNSOverTLS=@DEFAULT_DNS_OVER_TLS_MODE@
diff --git a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
index d80714589..17f423dc3 100644
--- a/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
+++ b/meta-openbmc-mods/meta-common/recipes-core/systemd/systemd_%.bbappend
@@ -5,6 +5,7 @@ LICENSE = "GPL-2.0"
 FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
 
 SRC_URI += "file://0001-Modfiy-system.conf-DefaultTimeoutStopSec.patch \
+            file://0002-Disable-LLMNR-port-5355.patch \
             file://systemd-time-wait-sync.service \
            "