From d1d22e6713c601a72ff7329133cd86f30ac3d6ce Mon Sep 17 00:00:00 2001
From: Andrew Geissler <geissonator@yahoo.com>
Date: Fri, 16 Oct 2020 10:14:32 -0500
Subject: meta-security: subtree update:d6baccc068..4c2f7ffd49

Adrian (1):
      gitignore added

Armin Kuster (31):
      kas: build with ptest. remove apparmor
      softHSM: add pkg
      packagegroup-core-security: add softHSM
      libest: add recipe
      packagegroup-core-security: add libest package
      opendnssec: add recipe
      packagegroup-core-security:  add opendnssec to pkg grp
      gitlab-ci: allow test to fail
      libseccomp: fix ptest failures.
      packagegroup-core-security-ptest: remove keyutils-ptest
      security-test-image: simplify
      packagegroup-core-security-ptest: remove
      apparmor: fix build issue with ptest enabled.
      security-test-image: tweak to get more tests to runn
      apparmor: update to 3.0
      packagegroup-core-security: apparmor 3.0 ptest does not build
      suricata: fix compiling on gcc10
      qemux86-test: add apparmor back
      apparmor: fix build for on musl
      ecryptfs-utils: fix musl build
      libest: fix musl build.
      sssd: update to latest ltm 1.16.5
      packagegroup-core-security: remove clamav from musl image
      suricata: update to 4.1.9
      kas: fixup alt configs
      gitlab-ci: add qemux86 and qemuarm64 musl builds
      tpm2-tss: update to 2.4.3
      tpm2-totp: update to 0.2.1
      tpm2-abrmd: update to 2.3.3
      tpm2-tools: update to 4.3.0
      tpm2-pkcs11: update to 1.4.0

Mingli Yu (1):
      scap-security-guide: add expat-native to DEPENDS

Naveen Saini (3):
      initramfs-framework/dmverity: add retry loop for slow boot devices
      wic: add wks.in for intel dm-verity
      linux-%/5.x: Add dm-verity fragment as needed

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: If3a721fdd99bb6e35c82cf4e7485f06cebaef905
---
 .../packagegroup-core-security-ptest.bb            | 28 ----------------------
 .../packagegroup/packagegroup-core-security.bb     | 17 +++++++++++++
 2 files changed, 17 insertions(+), 28 deletions(-)
 delete mode 100644 meta-security/recipes-core/packagegroup/packagegroup-core-security-ptest.bb

(limited to 'meta-security/recipes-core/packagegroup')

diff --git a/meta-security/recipes-core/packagegroup/packagegroup-core-security-ptest.bb b/meta-security/recipes-core/packagegroup/packagegroup-core-security-ptest.bb
deleted file mode 100644
index cf34ded19c..0000000000
--- a/meta-security/recipes-core/packagegroup/packagegroup-core-security-ptest.bb
+++ /dev/null
@@ -1,28 +0,0 @@
-DESCRIPTION = "Security ptest packagegroup"
-LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
-                    file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
-
-inherit features_check
-
-REQUIRED_DISTRO_FEATURES = "ptest"
-
-PACKAGES = "\
-    ${PN} \
-    "
-
-ALLOW_EMPTY_${PN} = "1"
-
-SUMMARY_${PN} = "Security packages with ptests"
-RDEPENDS_${PN} = " \
-    ptest-runner \
-    samhain-standalone-ptest \
-    keyutils-ptest \
-    libseccomp-ptest \
-    python3-scapy-ptest \
-    suricata-ptest \
-    tripwire-ptest \
-    python3-fail2ban-ptest \
-    ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", "",d)} \
-    ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
-    "
diff --git a/meta-security/recipes-core/packagegroup/packagegroup-core-security.bb b/meta-security/recipes-core/packagegroup/packagegroup-core-security.bb
index 1d01800520..0a4452eeac 100644
--- a/meta-security/recipes-core/packagegroup/packagegroup-core-security.bb
+++ b/meta-security/recipes-core/packagegroup/packagegroup-core-security.bb
@@ -13,6 +13,7 @@ PACKAGES = "\
     packagegroup-security-hardening \
     packagegroup-security-ids  \
     packagegroup-security-mac  \
+    ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
     "
 
 RDEPENDS_packagegroup-core-security = "\
@@ -22,6 +23,7 @@ RDEPENDS_packagegroup-core-security = "\
     packagegroup-security-hardening \
     packagegroup-security-ids  \
     packagegroup-security-mac  \
+    ${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", d)} \
     "
 
 SUMMARY_packagegroup-security-utils = "Security utilities"
@@ -36,6 +38,9 @@ RDEPENDS_packagegroup-security-utils = "\
     python3-privacyidea \
     python3-fail2ban \
     python3-scapy \
+    softhsm \
+    libest \
+    opendnssec \
     ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 ", "", " libseccomp",d)} \
     ${@bb.utils.contains("DISTRO_FEATURES", "pam", "sssd google-authenticator-libpam", "",d)} \
     ${@bb.utils.contains("DISTRO_FEATURES", "pax", "pax-utils packctl", "",d)} \
@@ -48,6 +53,7 @@ RDEPENDS_packagegroup-security-scanners = "\
     checksecurity \
     ${@bb.utils.contains_any("TUNE_FEATURES", "riscv32 riscv64", "", " clamav clamav-freshclam clamav-cvd",d)} \
     "
+RDEPENDS_packagegroup-security-scanners_remove_libc-musl = "clamav clamav-freshclam clamav-cvd"
 
 SUMMARY_packagegroup-security-audit = "Security Audit tools "
 RDEPENDS_packagegroup-security-audit = " \
@@ -73,3 +79,14 @@ RDEPENDS_packagegroup-security-mac = " \
     ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", "",d)} \
     ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \
     "
+
+RDEPENDS_packagegroup-meta-security-ptest-packages = "\
+    ptest-runner \
+    samhain-standalone-ptest \
+    libseccomp-ptest \
+    python3-scapy-ptest \
+    suricata-ptest \
+    tripwire-ptest \
+    python3-fail2ban-ptest \
+    ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", "",d)} \
+"
-- 
cgit v1.2.3