summaryrefslogtreecommitdiff
path: root/meta-security/meta-integrity
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/meta-integrity')
-rw-r--r--meta-security/meta-integrity/conf/layer.conf9
-rw-r--r--meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc61
-rw-r--r--meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend1
3 files changed, 68 insertions, 3 deletions
diff --git a/meta-security/meta-integrity/conf/layer.conf b/meta-security/meta-integrity/conf/layer.conf
index b4edac383..76374eb9b 100644
--- a/meta-security/meta-integrity/conf/layer.conf
+++ b/meta-security/meta-integrity/conf/layer.conf
@@ -2,8 +2,7 @@
BBPATH =. "${LAYERDIR}:"
# We have a packages directory, add to BBFILES
-BBFILES := "${BBFILES} \
- ${LAYERDIR}/recipes-*/*/*.bb \
+BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
${LAYERDIR}/recipes-*/*/*.bbappend"
BBFILE_COLLECTIONS += "integrity"
@@ -21,8 +20,12 @@ INTEGRITY_BASE := '${LAYERDIR}'
# interactive shell is enough.
OE_TERMINAL_EXPORTS += "INTEGRITY_BASE"
-LAYERSERIES_COMPAT_integrity = "dunfell"
+LAYERSERIES_COMPAT_integrity = "gatesgarth"
# ima-evm-utils depends on keyutils from meta-oe
LAYERDEPENDS_integrity = "core openembedded-layer"
BBLAYERS_LAYERINDEX_NAME_integrity = "meta-integrity"
+
+BBFILES_DYNAMIC += " \
+networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \
+"
diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc
new file mode 100644
index 000000000..a45182e51
--- /dev/null
+++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-ima.inc
@@ -0,0 +1,61 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+DEPENDS = "libtspi"
+
+SRC_URI_append = " file://0001-xfrmi-Only-build-if-libcharon-is-built.patch"
+
+PACKAGECONFIG += " \
+ aikgen \
+ tpm \
+"
+
+PACKAGECONFIG[tpm] = "--enable-tpm,--disable-tpm,,"
+PACKAGECONFIG[aikgen] = "--enable-aikgen,--disable-aikgen,,"
+
+PACKAGECONFIG_ima += "\
+ imc-test \
+ imv-test \
+ imc-scanner \
+ imv-scanner \
+ imc-os \
+ imv-os \
+ imc-attestation \
+ imv-attestation \
+ tnc-ifmap \
+ tnc-imc \
+ tnc-imv \
+ tnc-pdp \
+ tnccs-11 \
+ tnccs-20 \
+ tnccs-dynamic \
+ "
+
+EXTRA_OECONF += "--with-linux-headers=${STAGING_KERNEL_DIR}"
+
+PACKAGECONFIG[imc-test] = "--enable-imc-test,--disable-imc-test,,"
+PACKAGECONFIG[imc-scanner] = "--enable-imc-scanner,--disable-imc-scanner,,"
+PACKAGECONFIG[imc-os] = "--enable-imc-os,--disable-imc-os,,"
+PACKAGECONFIG[imc-attestation] = "--enable-imc-attestation,--disable-imc-attestation,,"
+PACKAGECONFIG[imc-swima] = "--enable-imc-swima, --disable-imc-swima,,"
+PACKAGECONFIG[imc-hcd] = "--enable-imc-hcd, --disable-imc-hcd,,"
+PACKAGECONFIG[tnc-imc] = "--enable-tnc-imc,--disable-tnc-imc,,"
+
+PACKAGECONFIG[imv-test] = "--enable-imv-test,--disable-imv-test,,"
+PACKAGECONFIG[imv-scanner] = "--enable-imv-scanner,--disable-imv-scanner,,"
+PACKAGECONFIG[imv-os] = "--enable-imv-os,--disable-imv-os,,"
+PACKAGECONFIG[imv-attestation] = "--enable-imv-attestation,--disable-imv-attestation,,"
+PACKAGECONFIG[imv-swima] = "--enable-imv-swima, --disable-imv-swima,,"
+PACKAGECONFIG[imv-hcd] = "--enable-imv-hcd, --disable-imv-hcd,,"
+PACKAGECONFIG[tnc-imv] = "--enable-tnc-imv,--disable-tnc-imv,,"
+
+PACKAGECONFIG[tnc-ifmap] = "--enable-tnc-ifmap,--disable-tnc-ifmap,libxml2,"
+PACKAGECONFIG[tnc-pdp] = "--enable-tnc-pdp,--disable-tnc-pdp,,"
+
+PACKAGECONFIG[tnccs-11] = "--enable-tnccs-11,--disable-tnccs-11,libxml2,"
+PACKAGECONFIG[tnccs-20] = "--enable-tnccs-20,--disable-tnccs-20,,"
+PACKAGECONFIG[tnccs-dynamic] = "--enable-tnccs-dynamic,--disable-tnccs-dynamic,,"
+
+#FILES_${PN} += "${libdir}/ipsec/imcvs/*.so ${datadir}/regid.2004-03.org.strongswan"
+#FILES_${PN}-dbg += "${libdir}/ipsec/imcvs/.debug"
+#FILES_${PN}-dev += "${libdir}/ipsec/imcvs/*.la"
+#FILES_${PN}-staticdev += "${libdir}/ipsec/imcvs/*.a"
diff --git a/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend
new file mode 100644
index 000000000..4669fd2a1
--- /dev/null
+++ b/meta-security/meta-integrity/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend
@@ -0,0 +1 @@
+require ${@bb.utils.contains('DISTRO_FEATURES', 'imp', 'strongswan-ima.inc', '', d)}
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-24 11:30:35 +0300