From 1fe918a07084c878d72cf8a7d1707f6598cc438f Mon Sep 17 00:00:00 2001
From: Andrew Geissler <geissonator@yahoo.com>
Date: Fri, 15 May 2020 14:16:47 -0500
Subject: meta-security: subtree update:b72cc7f87c..95fe86eb98
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

André Draszik (1):
      linux-yocto: update the bbappend to 5.x

Armin Kuster (36):
      README: add pull request option
      sssd: drop py2 support
      python3-fail2ban: update to latest
      Apparmor: fix some runtime depends
      linux-yocto-dev: remove "+"
      checksecurity: fix runtime issues
      buck-security: fix rdebends and minor style cleanup
      swtpm: fix configure error
      ecryptfs-utils: search nspr header files in ${STAGING_INCDIR}/nspr directory
      bastille: convert to py3
      tpm2-tools: update to 4.1.1
      tpm2-tcti-uefi: fix build issue for i386 machine
      tpm2-tss: update to 2.3.2
      ibmswtpm2: update to 1563
      python3-fail2ban: add 2-3 conversion changes
      google-authenticator-libpam: install module in pam location
      apparmor: update to tip
      clamav: add bison-native to depend
      meta-security-isafw: import layer from Intel
      isafw: fix to work against master
      layer.conf: add zeus
      README.md: update to new maintainer
      clamav-native: missed bison fix
      secuirty*-image: remove dead var and minor cleanup
      libtpm: fix build issue over pod2man
      sssd: python2 not supported
      libseccomp: update to 2.4.3
      lynis: add missing rdepends
      fail2ban: change hardcoded sysklogd to VIRTUAL-RUNTIME_base-utils-syslog
      chkrootkit: add rootkit recipe
      clamav: move to recipes-scanners
      checksec: move to recipe-scanners
      checksecurity: move to recipes-scanners
      buck-security: move to recipes-scanners
      arpwatch: add new recipe
      buck-security: fix runtime issue with missing per module

Bartosz Golaszewski (3):
      linux: drop the bbappend for linux v4.x series
      classes: provide a class for generating dm-verity meta-data images
      dm-verity: add a working example for BeagleBone Black

Haseeb Ashraf (1):
      samhain: dnmalloc hash fix for aarch64 and mips64

Jan Luebbe (2):
      apparmor: fix wrong executable permission on service file
      apparmor: update to 2.13.4

Jonatan Pålsson (10):
      README: Add meta-python to list of layer deps
      sssd: Add PACKAGECONFIG for python2
      sssd: Fix typo in PACKAGECONFIG. cyrpto -> crypto
      sssd: DEPEND on nss if nothing else is chosen
      sssd: Sort PACKAGECONFIG entries
      sssd: Add autofs PACKAGECONFIG
      sssd: Add sudo PACKAGECONFIG
      sssd: Add missing files to SYSTEMD_SERVICE
      sssd: Add missing DEPENDS on jansson
      sssd: Add infopipe PACKAGECONFIG

Kai Kang (1):
      sssd: fix for ldblibdir and systemd etc

Martin Jansa (1):
      layer.conf: update LAYERSERIES_COMPAT for dunfell

Mingli Yu (1):
      linux-yocto: update the bbappend to 5.x

Pierre-Jean Texier via Lists.Yoctoproject.Org (1):
      google-authenticator-libpam: upgrade 1.07 -> 1.08

Yi Zhao (5):
      samhain: fix build with new version attr
      scap-security-guide: fix xml parsing error when build remediation files
      scap-security-guide: pass the correct schema file path to openscap-native
      openscap-daemon: add missing runtime dependencies
      samhain-server: add volatile file for systemd

Change-Id: I3d4a4055cb9420e97d3eacf8436d9b048d34733f
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
---
 .../ibmswtpm2/files/remove_optimization.patch      | 26 +++++++++++++++++++++
 .../recipes-tpm2/ibmswtpm2/ibmswtpm2_1332.bb       | 24 -------------------
 .../recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb       | 27 ++++++++++++++++++++++
 3 files changed, 53 insertions(+), 24 deletions(-)
 create mode 100644 meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch
 delete mode 100644 meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1332.bb
 create mode 100644 meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb

(limited to 'meta-security/meta-tpm/recipes-tpm2/ibmswtpm2')

diff --git a/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch b/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch
new file mode 100644
index 000000000..2919e2e54
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/files/remove_optimization.patch
@@ -0,0 +1,26 @@
+Allow recipe to overide optimization.
+
+fixes:
+
+397 | #  warning _FORTIFY_SOURCE requires compiling with optimization (-O)
+|       |    ^~~~~~~
+| cc1: all warnings being treated as errors
+
+
+Upstream-Status: OE specific
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Index: src/makefile
+===================================================================
+--- src.orig/makefile
++++ src/makefile
+@@ -43,7 +43,7 @@ CC = /usr/bin/gcc
+ CCFLAGS = -Wall  			\
+ 	-Wmissing-declarations -Wmissing-prototypes -Wnested-externs \
+ 	-Werror -Wsign-compare \
+-	 -c -ggdb -O0 			\
++	 -c -ggdb -O 			\
+ 	-DTPM_POSIX			\
+ 	-D_POSIX_			\
+ 	-DTPM_NUVOTON
diff --git a/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1332.bb b/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1332.bb
deleted file mode 100644
index a6068e65c..000000000
--- a/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1332.bb
+++ /dev/null
@@ -1,24 +0,0 @@
-SUMMARY = "IBM's Software TPM 2.0"
-
-LICENSE = "BSD"
-SECTION = "securty/tpm"
-LIC_FILES_CHKSUM = "file://../LICENSE;md5=1e023f61454ac828b4aa1bc4293f7d5f"
-
-SRC_URI = "https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm1332.tar.gz"
-SRC_URI[md5sum] = "0ab34a655b4e09812d7ada19746af4f9"
-SRC_URI[sha256sum] = "8e8193af3d11d9ff6a951dda8cd1f4693cb01934a8ad7876b84e92c6148ab0fd"
-
-DEPENDS = "openssl"
-
-S = "${WORKDIR}/src"
-
-LDFLAGS = "${LDFALGS}"
-
-do_compile () {
-   make CC='${CC}'
-}
-
-do_install () {
-   install -d ${D}/${bindir}
-   install -m 0755 tpm_server  ${D}/${bindir}
-}
diff --git a/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb b/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb
new file mode 100644
index 000000000..80542269e
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/ibmswtpm2/ibmswtpm2_1563.bb
@@ -0,0 +1,27 @@
+SUMMARY = "IBM's Software TPM 2.0"
+LICENSE = "BSD"
+SECTION = "securty/tpm"
+LIC_FILES_CHKSUM = "file://../LICENSE;md5=1e023f61454ac828b4aa1bc4293f7d5f"
+
+DEPENDS = "openssl"
+
+SRC_URI = "https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm${PV}.tar.gz \
+           file://remove_optimization.patch \
+           "
+SRC_URI[md5sum] = "13013612b3a13dc935fefe1a5684179c"
+SRC_URI[sha256sum] = "fc3a17f8315c1f47670764f2384943afc0d3ba1e9a0422dacb08d455733bd1e9"
+SRC_URI[sha1sum] = "a2a5335024a2edc1739f08b99e716fa355be627d"
+SRC_URI[sha384sum] = "b1f278acabe2198aa79c0fe8aa0182733fe701336cbf54a88058be0b574cab768f59f9315882d0e689e634678d05b79f"
+SRC_URI[sha512sum] = "ff0b9e5f0d0070eb572b23641f7a0e70a8bc65cbf4b59dca1778be3bb014124011221a492147d4c492584e87af23e2f842ca6307641b3919f67a3f27f09312c0"
+
+S = "${WORKDIR}/src"
+
+do_compile () {
+   make CC='${CC}'
+}
+
+do_install () {
+   install -d ${D}/${bindir}
+   install -m 0755 tpm_server  ${D}/${bindir}
+}
+
-- 
cgit v1.2.3