[linux-yocto] [PATCH v2] features/security: Add more kernel hardening fragments

From: He Zhe Signed-off-by: He Zhe --- v2: Add a note for people using uvesafb or other similar things. features/security/security.cfg | 18 ++ 1 file changed, 18 insertions(+) diff --git a/features/security/security.cfg b/features/security/security.cfg index 87408b6..0a4e246

Re: [linux-yocto] failed to boot qemu with security.scc

On 6/26/19 8:27 PM, Bruce Ashfield wrote: > On Tue, Jun 25, 2019 at 10:55 PM He Zhe wrote: >> >> >> On 6/26/19 10:49 AM, Bruce Ashfield wrote: >>> On Tue, Jun 25, 2019 at 10:25 AM He Zhe wrote: Hi Bruce, Have you ever met the following error with features/security/security.scc,

[yocto] [meta-cgl][PATCH 3/3] libhtml-tagset-perl: remove recipe

The libhtml-tagset-perl recipe was added to meta-perl layer with commit: 4058e65f3c4e17ad04423f4c9edf8607fe6fdb4f We can drop this duplicate recipe. Signed-off-by: Yi Zhao --- .../recipes-perl/perl/libhtml-tagset-perl_3.20.bb | 17 - 1 file changed, 17 deletions(-) delete

[yocto] [meta-cgl][PATCH 2/3] packagegroup-cgl-applications: only install libpam and pam-passwdqc if pam distro flag set

Fix build error when pam distro flag is not set: $ bitbake packagegroup-cgl-applications ERROR: Nothing RPROVIDES 'pam-passwdqc' (but /buildarea/poky/meta-cgl/meta-cgl-common/packagegroups/packagegroup-cgl-applications.bb RDEPENDS on or otherwise requires it) ERROR: Nothing RPROVIDES 'libpam'

[yocto] [meta-cgl][PATCH 1/3] packagegroup-cgl-middleware: remove ipsec-tools and umip

The ipsec-tools and umip had been removed from meta-openembedded. We should remove them from the packagegroup. Signed-off-by: Yi Zhao --- meta-cgl-common/packagegroups/packagegroup-cgl-middleware.bb | 2 -- 1 file changed, 2 deletions(-) diff --git

Re: [yocto] Are native packages dependencies listed in license.manifest?

Thanks for the response. Have a nice day. PLB Le lun. 24 juin 2019, à 17 h 49, Burton, Ross a écrit : > The image manifest lists what is being *distributed* so doesn't > include native dependencies. > > Ross > > On Mon, 24 Jun 2019 at 19:50, wrote: > > > > Hi, > > I’m currently working to

Re: [yocto] [ptest-runner][PATCH v2 4/4] utils: ensure child can be session leader

On 6/25/19 9:51 PM, Anibal Limon wrote: On Wed, 19 Jun 2019 at 12:50, Randy MacLeod > wrote: On 6/14/19 10:48 AM, Randy MacLeod wrote: > When running the run-execscript bash ptest as a user rather than root, a warning: >    bash: cannot

Re: [linux-yocto] failed to boot qemu with security.scc

On Tue, Jun 25, 2019 at 10:55 PM He Zhe wrote: > > > > On 6/26/19 10:49 AM, Bruce Ashfield wrote: > > On Tue, Jun 25, 2019 at 10:25 AM He Zhe wrote: > >> Hi Bruce, > >> > >> Have you ever met the following error with features/security/security.scc, > >> when running qemux86? > > Hmm. No, I

[yocto] [meta-security][PATCH] kernel: Add conditional inclusion of fragments for linux-yocto-dev

From: He Zhe Signed-off-by: He Zhe --- recipes-kernel/linux/linux-yocto-dev.bbappend | 11 +++ 1 file changed, 11 insertions(+) create mode 100644 recipes-kernel/linux/linux-yocto-dev.bbappend diff --git a/recipes-kernel/linux/linux-yocto-dev.bbappend

Re: [yocto] General Question: Device specific value store

On Wed, Jun 26, 2019 at 12:03 PM Morné Lamprecht wrote: > > On Tue, Jun 25, 2019 at 09:25:13AM -0400, Larry Brown wrote: > >>> I wonder, if there are best practices, how to protect the data from > >>> getting > >>> corrupted (intentionally by an attacker or by accident through ... flash > >>>

Re: [yocto] General Question: Device specific value store

On Tue, Jun 25, 2019 at 09:25:13AM -0400, Larry Brown wrote: I wonder, if there are best practices, how to protect the data from getting corrupted (intentionally by an attacker or by accident through ... flash corruption or whatever). Ideally your hardware should have some sort of hw-based

[linux-yocto] [kernel-cache][PATCH] features/security: Add more kernel hardening fragments

From: He Zhe Signed-off-by: He Zhe --- features/security/security.cfg | 16 1 file changed, 16 insertions(+) diff --git a/features/security/security.cfg b/features/security/security.cfg index 87408b6..8b7a065 100644 --- a/features/security/security.cfg +++

Re: [yocto] [ptest-runner][PATCH v2 4/4] utils: ensure child can be session leader

On Tue, 2019-06-25 at 20:51 -0500, Anibal Limon wrote: > I plan to take the Richard patches, He added in the recipe to have > real testing and looks like > there aren't problems related to, Richard can you confirm it?, We've been running the patches for a while in the recipe (since we last