From f1e440673465aa768f31e78c0c201002f9f767b7 Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Thu, 15 Apr 2021 15:52:46 -0500 Subject: meta-security: subtree update:775870980b..ca9264b1e1 Anton Antonov (4): Use libest "main" branch instead of "master". Add meta-parsec layer into meta-security. Define secure images with parsec-service and parsec-tool included and add the images into gitlab CI Clearly define clang toolchain in Parsec recipes Armin Kuster (16): packagegroup-core-security: drop clamav-cvd clamav: upgrade 104.0 python3-privacyidea: upgrade 3.5.1 -> 3.5.2 clamav: fix systemd service install swtpm: now need python-cryptography, pull in layer swtpm: file pip3 issue swtpm: fix check for tscd deamon on host python3-suricata-update: update to 1.2.1 suricata: update to 6.0.2 layer.conf: add dynamic-layer for rust pkg README: cleanup .gitlab-ci.yml: reorder to speed up builds kas-security-base.yml: tweek build vars gitlab-ci: fine tune order clamav: remove rest of mirror.dat ref lkrg-module: Add Linux Kernel Runtime Guard Ming Liu (2): meta: drop IMA_POLICY from policy recipes initramfs-framework-ima: introduce IMA_FORCE Signed-off-by: Andrew Geissler Change-Id: Ifac35a0d7b7e724f1e30dce5f6634d5d4fc9b5b9 --- .../recipes-tpm/swtpm/files/oe_configure.patch | 65 ++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 meta-security/meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch (limited to 'meta-security/meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch') diff --git a/meta-security/meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch b/meta-security/meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch new file mode 100644 index 000000000..5aee933b9 --- /dev/null +++ b/meta-security/meta-tpm/recipes-tpm/swtpm/files/oe_configure.patch @@ -0,0 +1,65 @@ +Don't check for tscd deamon on host. + +Upstream-Status: OE Specific + +Signed-off-by: Armin Kuster + +Index: git/configure.ac +=================================================================== +--- git.orig/configure.ac ++++ git/configure.ac +@@ -179,15 +179,6 @@ AC_SUBST([LIBTPMS_LIBS]) + AC_CHECK_LIB(c, clock_gettime, LIBRT_LIBS="", LIBRT_LIBS="-lrt") + AC_SUBST([LIBRT_LIBS]) + +-AC_PATH_PROG([TCSD], tcsd) +-if test "x$TCSD" = "x"; then +- have_tcsd=no +- AC_MSG_WARN([tcsd could not be found; typically need it for tss user account and tests]) +-else +- have_tcsd=yes +-fi +-AM_CONDITIONAL([HAVE_TCSD], test "$have_tcsd" != "no") +- + dnl We either need netstat (more common across systems) or 'ss' for test cases + AC_PATH_PROG([NETSTAT], [netstat]) + if test "x$NETSTAT" = "x"; then +@@ -440,23 +431,6 @@ AC_ARG_WITH([tss-group], + [TSS_GROUP="tss"] + ) + +-case $have_tcsd in +-yes) +- AC_MSG_CHECKING([whether TSS_USER $TSS_USER is available]) +- if ! test $(id -u $TSS_USER); then +- AC_MSG_ERROR(["$TSS_USER is not available"]) +- else +- AC_MSG_RESULT([yes]) +- fi +- AC_MSG_CHECKING([whether TSS_GROUP $TSS_GROUP is available]) +- if ! test $(id -g $TSS_GROUP); then +- AC_MSG_ERROR(["$TSS_GROUP is not available"]) +- else +- AC_MSG_RESULT([yes]) +- fi +- ;; +-esac +- + AC_SUBST([TSS_USER]) + AC_SUBST([TSS_GROUP]) + +Index: git/tests/Makefile.am +=================================================================== +--- git.orig/tests/Makefile.am ++++ git/tests/Makefile.am +@@ -83,10 +83,6 @@ TESTS += \ + test_tpm2_swtpm_cert \ + test_tpm2_swtpm_cert_ecc \ + test_tpm2_swtpm_setup_create_cert +-if HAVE_TCSD +-TESTS += \ +- test_tpm2_samples_create_tpmca +-endif + endif + + EXTRA_DIST=$(TESTS) \ -- cgit v1.2.3