diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-12-20 00:39:26 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-12-20 00:39:27 +0300 |
commit | 9a53395458785b43f205c5aa4a2730fa3d4057a3 (patch) | |
tree | a9ad3ec666d03f483dc00b046c2538479f8f69b0 /meta-security/recipes-security | |
parent | 3e1101ba9bfca4735cc4a0f8e4c28ad56b3acf9e (diff) | |
download | openbmc-9a53395458785b43f205c5aa4a2730fa3d4057a3.tar.xz |
meta-security: subtree update:2df7dd9fba..3001c3ebfc
Armin Kuster (6):
meta-security: add layer index callouts
meta-security-compliance/conf/layer.conf: fix typo
python3-suricata-update: update to 1.1.1
libhtp: bugfix only update 0.5.32
lib/oeqa/runtime: suricata add tests
suricata: update to 4.1.6
Philip Tricca (1):
tpm2-abrmd: Port command line options to new version.
Trevor Woerner (1):
tpm2-abrmd-init.sh: fix for /dev/tpmrmX
Yi Zhao (1):
libseccomp: upgrade 2.4.1 -> 2.4.2
Change-Id: Ic00ca8ac8ff5d3fbe0b79aa4a42243b197080f14
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-security/recipes-security')
-rw-r--r-- | meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch | 45 | ||||
-rw-r--r-- | meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb (renamed from meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb) | 3 |
2 files changed, 47 insertions, 1 deletions
diff --git a/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch b/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch new file mode 100644 index 000000000..a53433fe5 --- /dev/null +++ b/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch @@ -0,0 +1,45 @@ +From 1ecdddb2a5b61cf527d1f238f88a9d129239f87a Mon Sep 17 00:00:00 2001 +From: Paul Moore <paul@paul-moore.com> +Date: Tue, 5 Nov 2019 15:11:11 -0500 +Subject: [PATCH] tests: rely on __SNR_xxx instead of __NR_xxx for syscalls + +We recently changed how libseccomp handles syscall numbers that are +not defined natively, but we missed test #15. + +Acked-by: Tom Hromatka <tom.hromatka@oracle.com> +Signed-off-by: Paul Moore <paul@paul-moore.com> + +Upstream-Status: Backport +[https://github.com/seccomp/libseccomp/commit/1ecdddb2a5b61cf527d1f238f88a9d129239f87a] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + tests/15-basic-resolver.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c +index 6badef1..0c1eefe 100644 +--- a/tests/15-basic-resolver.c ++++ b/tests/15-basic-resolver.c +@@ -55,15 +55,15 @@ int main(int argc, char *argv[]) + unsigned int arch; + char *name = NULL; + +- if (seccomp_syscall_resolve_name("open") != __NR_open) ++ if (seccomp_syscall_resolve_name("open") != __SNR_open) + goto fail; +- if (seccomp_syscall_resolve_name("read") != __NR_read) ++ if (seccomp_syscall_resolve_name("read") != __SNR_read) + goto fail; + if (seccomp_syscall_resolve_name("INVALID") != __NR_SCMP_ERROR) + goto fail; + + rc = seccomp_syscall_resolve_name_rewrite(SCMP_ARCH_NATIVE, "openat"); +- if (rc != __NR_openat) ++ if (rc != __SNR_openat) + goto fail; + + while ((arch = arch_list[iter++]) != -1) { +-- +2.17.1 + diff --git a/meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb b/meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb index 37a79829f..07db82a60 100644 --- a/meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb +++ b/meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb @@ -4,9 +4,10 @@ SECTION = "security" LICENSE = "LGPL-2.1" LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f" -SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3" +SRCREV = "1b6cfd1fc0b7499a28c24299a93a80bd18619563" SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.4 \ + file://0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch \ file://run-ptest \ " |