BMC/OpenBmc/openbmc.git - OpenBMC Distribution (mirror)

Age	Commit message (Collapse)	Author	Files	Lines
2023-05-19	subtree updates	Andrew Geissler	2	-2/+88
	meta-security: 53c5cc794f..ddf301c45c: Adrian Zaharia (1): libmhash: fix multilib header conflict - mutils/mhash_config.h Alexander Kanavin (1): maintainers.inc: rename to avoid clashes with oe-core Armin Kuster (15): meta-tpm: rename recipes-tpm to recipes-tpm1 recipes-tpm: use this for common tpm recipes swtpm: update to 0.8.0 libtpm: update to 0.9.6 ossec-hids: update to tip of 3.7.0 libhtp: update to 0.5.43 suricata: update to 6.0.11 fscryptctl: update to 1.0.1 oeqa: fix hash test to match new changes integrity-image-minimal: adapt QEMU cmdline to new changes lynis: Add decoding OE and Poky os-release.bbappend: drop now CPE_NAME is in core openembedded-release: drop as os-release does this now tpm2-tss: drop vendor from PACKAGECONFIG packagegroup-security-tpm2: restore pkgs removed earlier Paul Gortmaker (4): dm-verity: ensure people don't ignore the DISTRO_FEATURES warning dm-verity: don't make read-only-rootfs sound like a requirement dm-verity: document the meta-intel dependency in the systemd example dm-verity: add x86-64 systemd based example instructions Peter Hoyes (1): meta-parsec/layer.conf: Insert addpylib declaration Peter Kjellerstedt (1): tpm2-tools: Remove unnecessary and optional dependencies Stefan Berger (12): ima: Document and replace keys and adapt scripts for EC keys ima: Fix the ima_policy_appraise_all to appraise executables & libraries ima: Fix the IMA kernel feature ima: Rename IMA_EVM_POLICY_SYSTEMD to IMA_EVM_POLICY ima: Sign all executables and the ima-policy in the root filesystem integrity: Update the README for IMA support linux: overlayfs: Add kernel patch resolving a file change notification issue ima-evm-utils: Update ima-evm-utils to v1.5 and add a patch linux: overlayfs: Drop kernel patch resolving a file change notification issue ima: Drop kernel config option CONFIG_SQUASHFS_XATTR=y from ima.cfg integrity: Fix the do_configure function integrity: Rename linux-%.bbappend to linux-yocto%.bbappend meta-raspberrypi: bf948e0aa8..928bb234bb: Martin Jansa (3): rpi-libcamera-apps: fix flags used in aarch64 builds rpi-libcamera-apps: fix version generation on hosts with older python rpi-libcamera-apps: bump to latest SRCREV and set PV meta-arm: 0b5724266a..f9d80e1a14: Emekcan Aras (2): arm-bsp/trusted-firmware-m: Align Capsule Update with GPT changes arm-bsp/wic: corstone1000: Fix and limit the partition size for corstone1000 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: I56f7d26070d879e3138618332841c30cf57eb7d9
2023-03-31	subtree updates: raspberrypi security arm	Andrew Geissler	2	-0/+151
	meta-arm: eb9c47a4e1..9b6c8c95e4: Abdellatif El Khlifi (1): CI: append classes to INHERIT in the common fvp.yml Adam Johnston (1): arm-bsp/linux-yocto: Update N1SDP PCI quirk patch Jon Mason (10): CI: add yml files for defaults CI: add support for dev kernel, rt kernel, and poky-tiny arm-bsp/fvp-base: update to u-boot 2023.01 arm-bsp/fvp-base-arm32: remove support ci: add external-toolchain to qemuarm-secureboot arm-bsp/optee: remove unused recipes arm/optee: optee-os include cleanup arm/optee-os: update to 3.20.0 arm/edk2: update version and relocate edk2-basetools to be with edk2 arm-bsp/fvp-base: Add edk2 build testing Ross Burton (7): arm-bsp/linux-arm64-ack: update Upstream-Status tags CI: add CI_CLEAN_REPOS variable to allow cleaning the repo reference cache arm/scp-firmware: fix up whitespace arm/scp-firmware: enable verbose builds arm/scp-firmware: remove textrel from INSANE_SKIP arm/scp-firmware: improve debug packaging CI: mask poky's llvm if we're using clang Rui Miguel Silva (1): arm-bsp/optee: bump corstone1000 to v3.20 Satish Kumar (1): arm-bsp/corstone1000: new gpt based disk layout and fwu metadata Xueliang Zhong (1): arm-bsp/n1sdp: update to linux yocto kernel 6.1 meta-security: c06b9a18a6..a397a38ed9: Armin Kuster (16): openscap: update to 1.3.6 openscap: update to 1.3.7 openscap git: add DEFAULT_PREFERENCE python3-fail2ban: update to 1.0.2 python3-privacyidea: update to 3.8.1 libhtp: update to 0.5.42 lkrg-modules: update to 0.9.6 chkrootkit: update to 0.57 fscrypt: update to 1.1.0 libmspack: update to 1.11 firejail: update 0.9.72 suricata: update to 6.0.10 apparmor: update to 3.1.3 krill: update 0.12.3 cryptmout: update to 6.2.0 packagegroup-core-security: refactor the inclusion of krill Eero Aaltonen (1): dm-verity-img.bbclass: fix syntax warning Jose Quaresma (3): meta-hardening/layer: lower the priority from 10 to 6 meta-security-compliance/layer: lower the priority from 10 to 6 meta-tpm/layer: lower the priority from 10 to 6 Kevin Hao (1): dm-verity-img.bbclass: Fix the hash offset alignment issue Mikko Rapeli (1): ima-evm-utils: disable documentation from build Paul Gortmaker (3): dm-verity: update beaglebone wic to match meta-yocto dm-verity: add basic non-arch/non-BSP yocto specific settings dm-verity: document board specifics for Beaglebone Black Peter Marko (1): tpm2-tss: correct CVE product meta-raspberrypi: e15b876155..3afdbbf782: Carlos Alberto Lopez Perez (1): mesa-demos: enable build with userland graphics drivers. Khem Raj (6): linux-raspberrypi: Add recipes for 6.1 kernel psplash: Make psplash wait for the framebuffer to be ready rpi-default-versions: Use 6.1 kernel as default gstreamer1.0-plugins-bad: Drop gpl packageconfig rpidistro-ffmpeg: Pin to use gcc always rpidistro-vlc: Fix build with clang16 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: Ie6e60085306d31972098b87738eb550e5140b92a
2019-01-09	reset upstream subtrees to yocto 2.6	Brad Bishop	1	-0/+197
	Reset the following subtrees on thud HEAD: poky: 87e3a9739d meta-openembedded: 6094ae18c8 meta-security: 31dc4e7532 meta-raspberrypi: a48743dc36 meta-xilinx: c42016e2e6 Also re-apply backports that didn't make it into thud: poky: 17726d0 systemd-systemctl-native: handle Install wildcards meta-openembedded: 4321a5d libtinyxml2: update to 7.0.1 042f0a3 libcereal: Add native and nativesdk classes e23284f libcereal: Allow empty package 030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG 179a1b9 gtest: update to 1.8.1 Squashed OpenBMC subtree compatibility updates: meta-aspeed: Brad Bishop (1): aspeed: add yocto 2.6 compatibility meta-ibm: Brad Bishop (1): ibm: prepare for yocto 2.6 meta-ingrasys: Brad Bishop (1): ingrasys: set layer compatibility to yocto 2.6 meta-openpower: Brad Bishop (1): openpower: set layer compatibility to yocto 2.6 meta-phosphor: Brad Bishop (3): phosphor: set layer compatibility to thud phosphor: libgpg-error: drop patches phosphor: react to fitimage artifact rename Ed Tanous (4): Dropbear: upgrade options for latest upgrade yocto2.6: update openssl options busybox: remove upstream watchdog patch systemd: Rebase CONFIG_CGROUP_BPF patch Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

meta-security: 53c5cc794f..ddf301c45c: Adrian Zaharia (1): libmhash: fix multilib header conflict - mutils/mhash_config.h Alexander Kanavin (1): maintainers.inc: rename to avoid clashes with oe-core Armin Kuster (15): meta-tpm: rename recipes-tpm to recipes-tpm1 recipes-tpm: use this for common tpm recipes swtpm: update to 0.8.0 libtpm: update to 0.9.6 ossec-hids: update to tip of 3.7.0 libhtp: update to 0.5.43 suricata: update to 6.0.11 fscryptctl: update to 1.0.1 oeqa: fix hash test to match new changes integrity-image-minimal: adapt QEMU cmdline to new changes lynis: Add decoding OE and Poky os-release.bbappend: drop now CPE_NAME is in core openembedded-release: drop as os-release does this now tpm2-tss: drop vendor from PACKAGECONFIG packagegroup-security-tpm2: restore pkgs removed earlier Paul Gortmaker (4): dm-verity: ensure people don't ignore the DISTRO_FEATURES warning dm-verity: don't make read-only-rootfs sound like a requirement dm-verity: document the meta-intel dependency in the systemd example dm-verity: add x86-64 systemd based example instructions Peter Hoyes (1): meta-parsec/layer.conf: Insert addpylib declaration Peter Kjellerstedt (1): tpm2-tools: Remove unnecessary and optional dependencies Stefan Berger (12): ima: Document and replace keys and adapt scripts for EC keys ima: Fix the ima_policy_appraise_all to appraise executables & libraries ima: Fix the IMA kernel feature ima: Rename IMA_EVM_POLICY_SYSTEMD to IMA_EVM_POLICY ima: Sign all executables and the ima-policy in the root filesystem integrity: Update the README for IMA support linux: overlayfs: Add kernel patch resolving a file change notification issue ima-evm-utils: Update ima-evm-utils to v1.5 and add a patch linux: overlayfs: Drop kernel patch resolving a file change notification issue ima: Drop kernel config option CONFIG_SQUASHFS_XATTR=y from ima.cfg integrity: Fix the do_configure function integrity: Rename linux-%.bbappend to linux-yocto%.bbappend meta-raspberrypi: bf948e0aa8..928bb234bb: Martin Jansa (3): rpi-libcamera-apps: fix flags used in aarch64 builds rpi-libcamera-apps: fix version generation on hosts with older python rpi-libcamera-apps: bump to latest SRCREV and set PV meta-arm: 0b5724266a..f9d80e1a14: Emekcan Aras (2): arm-bsp/trusted-firmware-m: Align Capsule Update with GPT changes arm-bsp/wic: corstone1000: Fix and limit the partition size for corstone1000 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: I56f7d26070d879e3138618332841c30cf57eb7d9

meta-arm: eb9c47a4e1..9b6c8c95e4: Abdellatif El Khlifi (1): CI: append classes to INHERIT in the common fvp.yml Adam Johnston (1): arm-bsp/linux-yocto: Update N1SDP PCI quirk patch Jon Mason (10): CI: add yml files for defaults CI: add support for dev kernel, rt kernel, and poky-tiny arm-bsp/fvp-base: update to u-boot 2023.01 arm-bsp/fvp-base-arm32: remove support ci: add external-toolchain to qemuarm-secureboot arm-bsp/optee: remove unused recipes arm/optee: optee-os include cleanup arm/optee-os: update to 3.20.0 arm/edk2: update version and relocate edk2-basetools to be with edk2 arm-bsp/fvp-base: Add edk2 build testing Ross Burton (7): arm-bsp/linux-arm64-ack: update Upstream-Status tags CI: add CI_CLEAN_REPOS variable to allow cleaning the repo reference cache arm/scp-firmware: fix up whitespace arm/scp-firmware: enable verbose builds arm/scp-firmware: remove textrel from INSANE_SKIP arm/scp-firmware: improve debug packaging CI: mask poky's llvm if we're using clang Rui Miguel Silva (1): arm-bsp/optee: bump corstone1000 to v3.20 Satish Kumar (1): arm-bsp/corstone1000: new gpt based disk layout and fwu metadata Xueliang Zhong (1): arm-bsp/n1sdp: update to linux yocto kernel 6.1 meta-security: c06b9a18a6..a397a38ed9: Armin Kuster (16): openscap: update to 1.3.6 openscap: update to 1.3.7 openscap git: add DEFAULT_PREFERENCE python3-fail2ban: update to 1.0.2 python3-privacyidea: update to 3.8.1 libhtp: update to 0.5.42 lkrg-modules: update to 0.9.6 chkrootkit: update to 0.57 fscrypt: update to 1.1.0 libmspack: update to 1.11 firejail: update 0.9.72 suricata: update to 6.0.10 apparmor: update to 3.1.3 krill: update 0.12.3 cryptmout: update to 6.2.0 packagegroup-core-security: refactor the inclusion of krill Eero Aaltonen (1): dm-verity-img.bbclass: fix syntax warning Jose Quaresma (3): meta-hardening/layer: lower the priority from 10 to 6 meta-security-compliance/layer: lower the priority from 10 to 6 meta-tpm/layer: lower the priority from 10 to 6 Kevin Hao (1): dm-verity-img.bbclass: Fix the hash offset alignment issue Mikko Rapeli (1): ima-evm-utils: disable documentation from build Paul Gortmaker (3): dm-verity: update beaglebone wic to match meta-yocto dm-verity: add basic non-arch/non-BSP yocto specific settings dm-verity: document board specifics for Beaglebone Black Peter Marko (1): tpm2-tss: correct CVE product meta-raspberrypi: e15b876155..3afdbbf782: Carlos Alberto Lopez Perez (1): mesa-demos: enable build with userland graphics drivers. Khem Raj (6): linux-raspberrypi: Add recipes for 6.1 kernel psplash: Make psplash wait for the framebuffer to be ready rpi-default-versions: Use 6.1 kernel as default gstreamer1.0-plugins-bad: Drop gpl packageconfig rpidistro-ffmpeg: Pin to use gcc always rpidistro-vlc: Fix build with clang16 Signed-off-by: Andrew Geissler <geissonator@yahoo.com> Change-Id: Ie6e60085306d31972098b87738eb550e5140b92a

Reset the following subtrees on thud HEAD: poky: 87e3a9739d meta-openembedded: 6094ae18c8 meta-security: 31dc4e7532 meta-raspberrypi: a48743dc36 meta-xilinx: c42016e2e6 Also re-apply backports that didn't make it into thud: poky: 17726d0 systemd-systemctl-native: handle Install wildcards meta-openembedded: 4321a5d libtinyxml2: update to 7.0.1 042f0a3 libcereal: Add native and nativesdk classes e23284f libcereal: Allow empty package 030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG 179a1b9 gtest: update to 1.8.1 Squashed OpenBMC subtree compatibility updates: meta-aspeed: Brad Bishop (1): aspeed: add yocto 2.6 compatibility meta-ibm: Brad Bishop (1): ibm: prepare for yocto 2.6 meta-ingrasys: Brad Bishop (1): ingrasys: set layer compatibility to yocto 2.6 meta-openpower: Brad Bishop (1): openpower: set layer compatibility to yocto 2.6 meta-phosphor: Brad Bishop (3): phosphor: set layer compatibility to thud phosphor: libgpg-error: drop patches phosphor: react to fitimage artifact rename Ed Tanous (4): Dropbear: upgrade options for latest upgrade yocto2.6: update openssl options busybox: remove upstream watchdog patch systemd: Rebase CONFIG_CGROUP_BPF patch Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>