diff options
Diffstat (limited to 'meta-security/meta-tpm')
6 files changed, 62 insertions, 1 deletions
diff --git a/meta-security/meta-tpm/conf/layer.conf b/meta-security/meta-tpm/conf/layer.conf index c3372c707..46d0279cc 100644 --- a/meta-security/meta-tpm/conf/layer.conf +++ b/meta-security/meta-tpm/conf/layer.conf @@ -15,3 +15,7 @@ LAYERDEPENDS_tpm-layer = " \ openembedded-layer \ " BBLAYERS_LAYERINDEX_NAME_tpm-layer = "meta-tpm" + +BBFILES_DYNAMIC += " \ +networking-layer:${LAYERDIR}/dynamic-layers/meta-networking/recipes-*/*/*.bbappend \ +" diff --git a/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/files/0001-xfrmi-Only-build-if-libcharon-is-built.patch b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/files/0001-xfrmi-Only-build-if-libcharon-is-built.patch new file mode 100644 index 000000000..825028222 --- /dev/null +++ b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/files/0001-xfrmi-Only-build-if-libcharon-is-built.patch @@ -0,0 +1,38 @@ +From db772305c6baa01f6c6750be74733e4bfc1d6106 Mon Sep 17 00:00:00 2001 +From: Tobias Brunner <tobias@strongswan.org> +Date: Tue, 14 Apr 2020 10:44:19 +0200 +Subject: [PATCH] xfrmi: Only build if libcharon is built + +The kernel-netlink plugin is only built if libcharon is. + +Closes strongswan/strongswan#167. + +Upstream-Status: Backport +Signed-off-by: Armin Kuster <akuster808@gmail.com> + +--- + src/Makefile.am | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +Index: strongswan-5.8.4/src/Makefile.am +=================================================================== +--- strongswan-5.8.4.orig/src/Makefile.am ++++ strongswan-5.8.4/src/Makefile.am +@@ -42,6 +42,9 @@ endif + + if USE_LIBCHARON + SUBDIRS += libcharon ++if USE_KERNEL_NETLINK ++ SUBDIRS += xfrmi ++endif + endif + + if USE_FILE_CONFIG +@@ -143,7 +146,3 @@ endif + if USE_TPM + SUBDIRS += tpm_extendpcr + endif +- +-if USE_KERNEL_NETLINK +- SUBDIRS += xfrmi +-endif diff --git a/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-tpm.inc b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-tpm.inc new file mode 100644 index 000000000..d8604e116 --- /dev/null +++ b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan-tpm.inc @@ -0,0 +1,12 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +DEPENDS = "libtspi" + +SRC_URI_append = " file://0001-xfrmi-Only-build-if-libcharon-is-built.patch" + +PACKAGECONFIG += "aikgen tpm" + +PACKAGECONFIG[tpm] = "--enable-tpm,--disable-tpm,," +PACKAGECONFIG[aikgen] = "--enable-aikgen,--disable-aikgen,," + +EXTRA_OECONF += "--with-linux-headers=${STAGING_KERNEL_DIR}" diff --git a/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend new file mode 100644 index 000000000..34757bb47 --- /dev/null +++ b/meta-security/meta-tpm/dynamic-layers/meta-networking/recipes-support/strongswan/strongswan_5.%.bbappend @@ -0,0 +1 @@ +require ${@bb.utils.contains('DISTRO_FEATURES', 'tpm', 'strongswan-tpm.inc', '', d)} diff --git a/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb b/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb index 8f5c537b9..a553a63d8 100644 --- a/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb +++ b/meta-security/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb @@ -7,6 +7,7 @@ inherit packagegroup PACKAGES = "${PN}" +PREFERRED_PROVIDER_cryptsetup ?= "cryptsetup-tpm-incubator" SUMMARY_packagegroup-security-tpm2 = "Security TPM 2.0 support" RDEPENDS_packagegroup-security-tpm2 = " \ tpm2-tools \ @@ -19,5 +20,5 @@ RDEPENDS_packagegroup-security-tpm2 = " \ tpm2-abrmd \ tpm2-pkcs11 \ ibmswtpm2 \ - cryptsetup-tpm-incubator \ + ${PREFERRED_PROVIDER_cryptsetup} \ " diff --git a/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb b/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb index b706d1505..261716235 100644 --- a/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb +++ b/meta-security/meta-tpm/recipes-tpm2/cryptsetup-tpm-incubator/cryptsetup-tpm-incubator_0.9.9.bb @@ -36,7 +36,12 @@ FILES_${PN} += "${libdir}/tmpfiles.d" RDEPENDS_${PN} += "lvm2 libdevmapper" RRECOMMENDS_${PN} += "lvm2-udevrules" +RPROVIDES_${PN} = "cryptsetup" RREPLACES_${PN} = "cryptsetup" RCONFLICTS_${PN} ="cryptsetup" +RPROVIDES_${PN}-dev = "cryptsetup-dev" +RREPLACES_${PN}-dev = "cryptsetup-dev" +RCONFLICTS_${PN}-dev ="cryptsetup-dev" + BBCLASSEXTEND = "native nativesdk" |