diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-09-18 21:34:40 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-09-18 21:34:49 +0300 |
commit | cc58928593c3952679181b6bf8e4113080ffa867 (patch) | |
tree | e4c5a6818fc647aa8e338fceb9b09a042dcc4b8b /meta-security/kas | |
parent | 19b4e6c6daefcbe72afe57874d2e48c43c418321 (diff) | |
download | openbmc-cc58928593c3952679181b6bf8e4113080ffa867.tar.xz |
meta-security: subtree update:787ba6faea..d6baccc068
Armin Kuster (20):
trousers: update to tip
upload-error-report: add script to upload errors
kas/kas-security-base.yml: lets enable error reporting
.gitlab: send error reports
cryptsetup-tpm-incubator: drop recipe
sssd: Avoid nss function conflicts with glibc nss.h
cryptsetup-tpm-incubator: remove reference from other files
packagegroup-core-security: dont include suricata on riscv or ppc
kas-security-base: add testimage
kas: add test config
kas: add one dm-verify image build
gitlab-ci: add dm-verify-image
gitlab-ci: add testimage
meta-harden: Add a layer to demo harding OE/YP
kas-security-base: define sections as base
packagegroup-core-security: add more pkgs to base group
apparmor: exclude mips64, not supported
kas: add alt and mutli build images
kas-security-base: set RPM and disable ptest
qemu test: set ptest
Charlie Davies (1):
clamav: update SO_VER to 9.0.4
Jens Rehsack (2):
ibmswtpm2: update to 1637
ibmtpm2tss: add recipe
Jonatan PĂ„lsson (1):
sssd: Make manpages buildable
Qi.Chen@windriver.com (1):
nss: update patch to fix do_patch error
Zheng Ruoqin (1):
trousers: Fix the problem that do_package fails when multilib is enabled.
niko.mauno@vaisala.com (12):
dm-verity-img.bbclass: Fix bashisms
dm-verity-img.bbclass: Reorder parse-time check
dm-verity-image-initramfs: Ensure verity hash sync
dm-verity-image-initramfs: Bind at do_image instead
linux-yocto(-dev): Add dm-verity fragment as needed
dm-verity-img.bbclass: Stage verity.env file
initramfs-framework: Add dmverity module
dm-verity-image-initramfs: Use initramfs-framework
dm-verity-initramfs-image: Cosmetic improvements
dm-verity-image-initramfs: Add base-passwd package
dm-verity-image-initramfs: Drop locales from image
beaglebone-yocto-verity.wks.in: Refer IMGDEPLOYDIR
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I9f2debc1f48092734569fd106b56cd7bcb6180b7
Diffstat (limited to 'meta-security/kas')
-rw-r--r-- | meta-security/kas/kas-security-base.yml | 12 | ||||
-rw-r--r-- | meta-security/kas/kas-security-dm.yml | 13 | ||||
-rw-r--r-- | meta-security/kas/qemuarm64-alt.yml | 10 | ||||
-rw-r--r-- | meta-security/kas/qemuarm64-multi.yml | 12 | ||||
-rw-r--r-- | meta-security/kas/qemumips64-alt.yml | 10 | ||||
-rw-r--r-- | meta-security/kas/qemumips64-multi.yml | 14 | ||||
-rw-r--r-- | meta-security/kas/qemux86-64-alt.yml | 10 | ||||
-rw-r--r-- | meta-security/kas/qemux86-64-dm-verify.yml | 6 | ||||
-rw-r--r-- | meta-security/kas/qemux86-64-multi.yml | 12 | ||||
-rw-r--r-- | meta-security/kas/qemux86-test.yml | 11 |
10 files changed, 108 insertions, 2 deletions
diff --git a/meta-security/kas/kas-security-base.yml b/meta-security/kas/kas-security-base.yml index 768390e25..cd87d1d40 100644 --- a/meta-security/kas/kas-security-base.yml +++ b/meta-security/kas/kas-security-base.yml @@ -29,7 +29,7 @@ repos: meta-networking: local_conf_header: - meta-security: | + base: | CONF_VERSION = "1" SOURCE_MIRROR_URL = "http://downloads.yoctoproject.org/mirror/sources/" SSTATE_MIRRORS = "file://.* http://sstate.yoctoproject.org/dev/PATH;downloadfilename=PATH \n" @@ -37,6 +37,14 @@ local_conf_header: DL_DIR = "/home/srv/downloads/master" BB_HASHSERVE = "auto" BB_SIGNATURE_HANDLER = "OEEquivHash" + INHERIT += "buildstats buildstats-summary buildhistory" + INHERIT += "report-error" + INHERIT += "testimage" + TEST_QEMUBOOT_TIMEOUT = "1500" + EXTRA_IMAGE_FEATURES ?= "debug-tweaks" + DISTRO_FEATURES_remove = " ptest" + PACKAGE_CLASSES = "package_rpm" + diskmon: | BB_DISKMON_DIRS = "\ @@ -50,7 +58,7 @@ local_conf_header: ABORT,/tmp,10M,1K" bblayers_conf_header: - meta-security: | + base: | POKY_BBLAYERS_CONF_VERSION = "2" BBPATH = "${TOPDIR}" BBFILES ?= "" diff --git a/meta-security/kas/kas-security-dm.yml b/meta-security/kas/kas-security-dm.yml new file mode 100644 index 000000000..7ce0e9d72 --- /dev/null +++ b/meta-security/kas/kas-security-dm.yml @@ -0,0 +1,13 @@ +header: + version: 9 + includes: + - kas-security-base.yml + +local_conf_header: + dm-verify: | + DM_VERITY_IMAGE = "core-image-minimal" + DM_VERITY_IMAGE_TYPE = "ext4" + IMAGE_CLASSES += "dm-verity-img" + INITRAMFS_IMAGE_BUNDLE = "1" + INITRAMFS_IMAGE = "dm-verity-image-initramfs" + diff --git a/meta-security/kas/qemuarm64-alt.yml b/meta-security/kas/qemuarm64-alt.yml new file mode 100644 index 000000000..d23e38e0f --- /dev/null +++ b/meta-security/kas/qemuarm64-alt.yml @@ -0,0 +1,10 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + alt: | + DISTRO_FEATURES_append = " apparmor pam systemd" + +machine: qemuarm64 diff --git a/meta-security/kas/qemuarm64-multi.yml b/meta-security/kas/qemuarm64-multi.yml new file mode 100644 index 000000000..d79142c37 --- /dev/null +++ b/meta-security/kas/qemuarm64-multi.yml @@ -0,0 +1,12 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + multi: | + require conf/multilib.conf + MULTILIBS = "multilib:lib32" + DEFAULTTUNE_virtclass-multilib-lib32 = "armv7athf-neon" + +machine: qemuarm64 diff --git a/meta-security/kas/qemumips64-alt.yml b/meta-security/kas/qemumips64-alt.yml new file mode 100644 index 000000000..923c21370 --- /dev/null +++ b/meta-security/kas/qemumips64-alt.yml @@ -0,0 +1,10 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + alt: | + DISTRO_FEATURES_append = " pam systmed" + +machine: qemumips64 diff --git a/meta-security/kas/qemumips64-multi.yml b/meta-security/kas/qemumips64-multi.yml new file mode 100644 index 000000000..c8cf94b71 --- /dev/null +++ b/meta-security/kas/qemumips64-multi.yml @@ -0,0 +1,14 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + multi: | + require conf/multilib.conf + MULTILIBS = "multilib:lib64 multilib:lib32" + DEFAULTTUNE = "mips64-n32" + DEFAULTTUNE_virtclass-multilib-lib64 = "mips64" + DEFAULTTUNE_virtclass-multilib-lib32 = "mips32r2" + +machine: qemumips64 diff --git a/meta-security/kas/qemux86-64-alt.yml b/meta-security/kas/qemux86-64-alt.yml new file mode 100644 index 000000000..4364bf57e --- /dev/null +++ b/meta-security/kas/qemux86-64-alt.yml @@ -0,0 +1,10 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + alt: | + DISTRO_FEATURES_append = " apparmor pam systmed" + +machine: qemux86-64 diff --git a/meta-security/kas/qemux86-64-dm-verify.yml b/meta-security/kas/qemux86-64-dm-verify.yml new file mode 100644 index 000000000..1f2600887 --- /dev/null +++ b/meta-security/kas/qemux86-64-dm-verify.yml @@ -0,0 +1,6 @@ +header: + version: 8 + includes: + - kas-security-dm.yml + +machine: qemux86-64 diff --git a/meta-security/kas/qemux86-64-multi.yml b/meta-security/kas/qemux86-64-multi.yml new file mode 100644 index 000000000..711ce2863 --- /dev/null +++ b/meta-security/kas/qemux86-64-multi.yml @@ -0,0 +1,12 @@ +header: + version: 8 + includes: + - kas-security-base.yml + +local_conf_header: + multi: | + require conf/multilib.conf + MULTILIBS = "multilib:lib32" + DEFAULTTUNE_virtclass-multilib-lib32 = "x86" + +machine: qemux86-64 diff --git a/meta-security/kas/qemux86-test.yml b/meta-security/kas/qemux86-test.yml new file mode 100644 index 000000000..823a8b235 --- /dev/null +++ b/meta-security/kas/qemux86-test.yml @@ -0,0 +1,11 @@ +header: + version: 8 + includes: + - kas-security-base.yml + + +local_conf_header: + meta-security: | + DISTRO_FEATURES_append = " ptest apparmor pam" + +machine: qemux86 |