diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-07-25 00:10:05 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-07-25 00:10:27 +0300 |
commit | 5bea8d8239056487ed7ec39d7b1c319c664dcf68 (patch) | |
tree | 46333ed90f5cf2869b61dba854cf567ded9df998 /meta-security/meta-integrity | |
parent | 5d59ec7e23513a3a7f86280a2610ba3d2123f9a1 (diff) | |
download | openbmc-5bea8d8239056487ed7ec39d7b1c319c664dcf68.tar.xz |
meta-security: subtree update:547f552c85..066a04425c
Armin Kuster (9):
python3-oauth2client: add recipe
python3-privacyidea: adding initial support for mfa
strongswan: add bbappends for tpm changes
layer.conf: add dynamic-layer for strongswan
strongswan: Add bbappends for ima changes
meta-integrity: add dynamic-layer for strongswan
add gitlab framework and qemu machine
kas: add ima, tpm and tpm2 build configs
drop ci-build: it is hiding errors
Jeremy Puhlman (2):
cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev
packagegroup-security-tpm2: Depend on preferred provider for cryptsetup
Zheng Ruoqin (2):
ccs-tools:Fix build error when enable multilib.
bastille: Deleted redundant inherit to fix error when enable multilib.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I023e45c8080c3d423cd25cc656da5c1f527295e5
Diffstat (limited to 'meta-security/meta-integrity')
3 files changed, 66 insertions, 0 deletions
diff --git a/meta-security/meta-integrity/conf/layer.conf b/meta-security/meta-integrity/conf/layer.conf index b4edac383..f905b0be4 100644 --- a/meta-security/meta-integrity/conf/layer.conf +++ b/meta-security/meta-integrity/conf/layer.conf @@ -26,3 +26,7 @@ LAYERSERIES_COMPAT_integrity = "dunfell" LAYERDEPENDS_integrity = "core openembedded-layer" BBLAYERS_LAYERINDEX_NAME_integrity = "meta-integrity" + +BBFILES_DYNAMIC += " \ +networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \ +" diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc new file mode 100644 index 000000000..a45182e51 --- /dev/null +++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc @@ -0,0 +1,61 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +DEPENDS = "libtspi" + +SRC_URI_append = " file://0001-xfrmi-Only-build-if-libcharon-is-built.patch" + +PACKAGECONFIG += " \ + aikgen \ + tpm \ +" + +PACKAGECONFIG[tpm] = "--enable-tpm,--disable-tpm,," +PACKAGECONFIG[aikgen] = "--enable-aikgen,--disable-aikgen,," + +PACKAGECONFIG_ima += "\ + imc-test \ + imv-test \ + imc-scanner \ + imv-scanner \ + imc-os \ + imv-os \ + imc-attestation \ + imv-attestation \ + tnc-ifmap \ + tnc-imc \ + tnc-imv \ + tnc-pdp \ + tnccs-11 \ + tnccs-20 \ + tnccs-dynamic \ + " + +EXTRA_OECONF += "--with-linux-headers=${STAGING_KERNEL_DIR}" + +PACKAGECONFIG[imc-test] = "--enable-imc-test,--disable-imc-test,," +PACKAGECONFIG[imc-scanner] = "--enable-imc-scanner,--disable-imc-scanner,," +PACKAGECONFIG[imc-os] = "--enable-imc-os,--disable-imc-os,," +PACKAGECONFIG[imc-attestation] = "--enable-imc-attestation,--disable-imc-attestation,," +PACKAGECONFIG[imc-swima] = "--enable-imc-swima, --disable-imc-swima,," +PACKAGECONFIG[imc-hcd] = "--enable-imc-hcd, --disable-imc-hcd,," +PACKAGECONFIG[tnc-imc] = "--enable-tnc-imc,--disable-tnc-imc,," + +PACKAGECONFIG[imv-test] = "--enable-imv-test,--disable-imv-test,," +PACKAGECONFIG[imv-scanner] = "--enable-imv-scanner,--disable-imv-scanner,," +PACKAGECONFIG[imv-os] = "--enable-imv-os,--disable-imv-os,," +PACKAGECONFIG[imv-attestation] = "--enable-imv-attestation,--disable-imv-attestation,," +PACKAGECONFIG[imv-swima] = "--enable-imv-swima, --disable-imv-swima,," +PACKAGECONFIG[imv-hcd] = "--enable-imv-hcd, --disable-imv-hcd,," +PACKAGECONFIG[tnc-imv] = "--enable-tnc-imv,--disable-tnc-imv,," + +PACKAGECONFIG[tnc-ifmap] = "--enable-tnc-ifmap,--disable-tnc-ifmap,libxml2," +PACKAGECONFIG[tnc-pdp] = "--enable-tnc-pdp,--disable-tnc-pdp,," + +PACKAGECONFIG[tnccs-11] = "--enable-tnccs-11,--disable-tnccs-11,libxml2," +PACKAGECONFIG[tnccs-20] = "--enable-tnccs-20,--disable-tnccs-20,," +PACKAGECONFIG[tnccs-dynamic] = "--enable-tnccs-dynamic,--disable-tnccs-dynamic,," + +#FILES_${PN} += "${libdir}/ipsec/imcvs/*.so ${datadir}/regid.2004-03.org.strongswan" +#FILES_${PN}-dbg += "${libdir}/ipsec/imcvs/.debug" +#FILES_${PN}-dev += "${libdir}/ipsec/imcvs/*.la" +#FILES_${PN}-staticdev += "${libdir}/ipsec/imcvs/*.a" diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend new file mode 100644 index 000000000..4669fd2a1 --- /dev/null +++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend @@ -0,0 +1 @@ +require ${@bb.utils.contains('DISTRO_FEATURES', 'imp', 'strongswan-ima.inc', '', d)} |