summaryrefslogtreecommitdiff
path: root/meta-security/meta-integrity
diff options
context:
space:
mode:
authorAndrew Geissler <geissonator@yahoo.com>2020-07-25 00:10:05 +0300
committerAndrew Geissler <geissonator@yahoo.com>2020-07-25 00:10:27 +0300
commit5bea8d8239056487ed7ec39d7b1c319c664dcf68 (patch)
tree46333ed90f5cf2869b61dba854cf567ded9df998 /meta-security/meta-integrity
parent5d59ec7e23513a3a7f86280a2610ba3d2123f9a1 (diff)
downloadopenbmc-5bea8d8239056487ed7ec39d7b1c319c664dcf68.tar.xz
meta-security: subtree update:547f552c85..066a04425c
Armin Kuster (9): python3-oauth2client: add recipe python3-privacyidea: adding initial support for mfa strongswan: add bbappends for tpm changes layer.conf: add dynamic-layer for strongswan strongswan: Add bbappends for ima changes meta-integrity: add dynamic-layer for strongswan add gitlab framework and qemu machine kas: add ima, tpm and tpm2 build configs drop ci-build: it is hiding errors Jeremy Puhlman (2): cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev packagegroup-security-tpm2: Depend on preferred provider for cryptsetup Zheng Ruoqin (2): ccs-tools:Fix build error when enable multilib. bastille: Deleted redundant inherit to fix error when enable multilib. Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: I023e45c8080c3d423cd25cc656da5c1f527295e5
Diffstat (limited to 'meta-security/meta-integrity')
-rw-r--r--meta-security/meta-integrity/conf/layer.conf4
-rw-r--r--meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc61
-rw-r--r--meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend1
3 files changed, 66 insertions, 0 deletions
diff --git a/meta-security/meta-integrity/conf/layer.conf b/meta-security/meta-integrity/conf/layer.conf
index b4edac383..f905b0be4 100644
--- a/meta-security/meta-integrity/conf/layer.conf
+++ b/meta-security/meta-integrity/conf/layer.conf
@@ -26,3 +26,7 @@ LAYERSERIES_COMPAT_integrity = "dunfell"
LAYERDEPENDS_integrity = "core openembedded-layer"
BBLAYERS_LAYERINDEX_NAME_integrity = "meta-integrity"
+
+BBFILES_DYNAMIC += " \
+networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \
+"
diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc
new file mode 100644
index 000000000..a45182e51
--- /dev/null
+++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc
@@ -0,0 +1,61 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+DEPENDS = "libtspi"
+
+SRC_URI_append = " file://0001-xfrmi-Only-build-if-libcharon-is-built.patch"
+
+PACKAGECONFIG += " \
+ aikgen \
+ tpm \
+"
+
+PACKAGECONFIG[tpm] = "--enable-tpm,--disable-tpm,,"
+PACKAGECONFIG[aikgen] = "--enable-aikgen,--disable-aikgen,,"
+
+PACKAGECONFIG_ima += "\
+ imc-test \
+ imv-test \
+ imc-scanner \
+ imv-scanner \
+ imc-os \
+ imv-os \
+ imc-attestation \
+ imv-attestation \
+ tnc-ifmap \
+ tnc-imc \
+ tnc-imv \
+ tnc-pdp \
+ tnccs-11 \
+ tnccs-20 \
+ tnccs-dynamic \
+ "
+
+EXTRA_OECONF += "--with-linux-headers=${STAGING_KERNEL_DIR}"
+
+PACKAGECONFIG[imc-test] = "--enable-imc-test,--disable-imc-test,,"
+PACKAGECONFIG[imc-scanner] = "--enable-imc-scanner,--disable-imc-scanner,,"
+PACKAGECONFIG[imc-os] = "--enable-imc-os,--disable-imc-os,,"
+PACKAGECONFIG[imc-attestation] = "--enable-imc-attestation,--disable-imc-attestation,,"
+PACKAGECONFIG[imc-swima] = "--enable-imc-swima, --disable-imc-swima,,"
+PACKAGECONFIG[imc-hcd] = "--enable-imc-hcd, --disable-imc-hcd,,"
+PACKAGECONFIG[tnc-imc] = "--enable-tnc-imc,--disable-tnc-imc,,"
+
+PACKAGECONFIG[imv-test] = "--enable-imv-test,--disable-imv-test,,"
+PACKAGECONFIG[imv-scanner] = "--enable-imv-scanner,--disable-imv-scanner,,"
+PACKAGECONFIG[imv-os] = "--enable-imv-os,--disable-imv-os,,"
+PACKAGECONFIG[imv-attestation] = "--enable-imv-attestation,--disable-imv-attestation,,"
+PACKAGECONFIG[imv-swima] = "--enable-imv-swima, --disable-imv-swima,,"
+PACKAGECONFIG[imv-hcd] = "--enable-imv-hcd, --disable-imv-hcd,,"
+PACKAGECONFIG[tnc-imv] = "--enable-tnc-imv,--disable-tnc-imv,,"
+
+PACKAGECONFIG[tnc-ifmap] = "--enable-tnc-ifmap,--disable-tnc-ifmap,libxml2,"
+PACKAGECONFIG[tnc-pdp] = "--enable-tnc-pdp,--disable-tnc-pdp,,"
+
+PACKAGECONFIG[tnccs-11] = "--enable-tnccs-11,--disable-tnccs-11,libxml2,"
+PACKAGECONFIG[tnccs-20] = "--enable-tnccs-20,--disable-tnccs-20,,"
+PACKAGECONFIG[tnccs-dynamic] = "--enable-tnccs-dynamic,--disable-tnccs-dynamic,,"
+
+#FILES_${PN} += "${libdir}/ipsec/imcvs/*.so ${datadir}/regid.2004-03.org.strongswan"
+#FILES_${PN}-dbg += "${libdir}/ipsec/imcvs/.debug"
+#FILES_${PN}-dev += "${libdir}/ipsec/imcvs/*.la"
+#FILES_${PN}-staticdev += "${libdir}/ipsec/imcvs/*.a"
diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend
new file mode 100644
index 000000000..4669fd2a1
--- /dev/null
+++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend
@@ -0,0 +1 @@
+require ${@bb.utils.contains('DISTRO_FEATURES', 'imp', 'strongswan-ima.inc', '', d)}
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-03 17:00:41 +0300