On Sun, Oct 28, 2018, 20:54 <yocto-requ...@yoctoproject.org> wrote:
> Send yocto mailing list submissions to > yocto@yoctoproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.yoctoproject.org/listinfo/yocto > or, via email, send a message with subject or body 'help' to > yocto-requ...@yoctoproject.org > > You can reach the person managing the list at > yocto-ow...@yoctoproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of yocto digest..." > > > Today's Topics: > > 1. [meta-security][PATCH 02/13] tpm2-abrmd: update to 2.0.2 > (Armin Kuster) > 2. [meta-security][PATCH 03/13] packagegroup-security-tpm2: add > and remove packages (Armin Kuster) > 3. [meta-security][PATCH 05/13] packagegroup-core-security: add > few more ptest packages (Armin Kuster) > 4. [meta-security][PATCH 04/13] swtpm: switch to stable branch > and clean up recipe (Armin Kuster) > 5. [meta-security][PATCH 06/13] suricata: add ptest (Armin Kuster) > 6. [meta-security][PATCH 07/13] packagegroup-core-security: add > suricata-ptest (Armin Kuster) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 28 Oct 2018 18:50:17 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 02/13] tpm2-abrmd: update to > 2.0.2 > Message-ID: <1540752628-10832-2-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > .../tpm2-abrmd/{tpm2-abrmd_2.0.1.bb => tpm2-abrmd_2.0.2.bb} | 9 > ++++----- > .../{tpm2simulator-native_138.bb => tpm2simulator_138.bb} | 0 > 2 files changed, 4 insertions(+), 5 deletions(-) > rename meta-tpm/recipes-tpm/tpm2-abrmd/{tpm2-abrmd_2.0.1.bb => > tpm2-abrmd_2.0.2.bb} (86%) > rename meta-tpm/recipes-tpm/tpm2simulator/{tpm2simulator-native_138.bb > => tpm2simulator_138.bb} (100%) > > diff --git a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb > b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb > similarity index 86% > rename from meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb > rename to meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb > index 31e90f8..951556d 100644 > --- a/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.1.bb > +++ b/meta-tpm/recipes-tpm/tpm2-abrmd/tpm2-abrmd_2.0.2.bb > @@ -9,15 +9,16 @@ SECTION = "security/tpm" > LICENSE = "BSD-2-Clause" > LIC_FILES_CHKSUM = > "file://${S}/LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da" > > -DEPENDS += "autoconf-archive dbus glib-2.0 pkgconfig tpm2.0-tss > glib-2.0-native \ > +DEPENDS = "autoconf-archive dbus glib-2.0 tpm2.0-tss glib-2.0-native \ > libtss2 libtss2-mu libtss2-tcti-device libtss2-tcti-mssim" > > + > SRC_URI = "\ > git://github.com/01org/tpm2-abrmd.git \ > file://tpm2-abrmd-init.sh \ > file://tpm2-abrmd.default \ > " > -SRCREV = "80f8966b90d6394ad568e362d2936b333c2822bb" > +SRCREV = "d0120ace58d97bc9520c0d558657eaca87ae73b1" > > S = "${WORKDIR}/git" > > @@ -34,9 +35,7 @@ USERADD_PACKAGES = "${PN}" > GROUPADD_PARAM_${PN} = "tss" > USERADD_PARAM_${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss > tss" > > -PACKAGECONFIG ?="udev" > -PACKAGECONFIG += > "${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}" > - > +PACKAGECONFIG > ?="${@bb.utils.contains('DISTRO_FEATURES','systemd','systemd', '', d)}" > PACKAGECONFIG[systemd] = > "--with-systemdsystemunitdir=${systemd_system_unitdir}, > --with-systemdsystemunitdir=no" > > do_install_append() { > diff --git a/meta-tpm/recipes-tpm/tpm2simulator/ > tpm2simulator-native_138.bb b/meta-tpm/recipes-tpm/tpm2simulator/ > tpm2simulator_138.bb > similarity index 100% > rename from meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator-native_138.bb > rename to meta-tpm/recipes-tpm/tpm2simulator/tpm2simulator_138.bb > -- > 2.7.4 > > > > ------------------------------ > > Message: 2 > Date: Sun, 28 Oct 2018 18:50:18 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 03/13] > packagegroup-security-tpm2: add and remove packages > Message-ID: <1540752628-10832-3-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-core/packagegroup/ > packagegroup-security-tpm2.bb b/meta-tpm/recipes-core/packagegroup/ > packagegroup-security-tpm2.bb > index 099e01c..c4c8fb2 100644 > --- a/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb > +++ b/meta-tpm/recipes-core/packagegroup/packagegroup-security-tpm2.bb > @@ -1,4 +1,4 @@ > -DESCRIPTION = "Security packagegroup for Poky" > +DESCRIPTION = "TPM2 packagegroup for Security" > LICENSE = "MIT" > LIC_FILES_CHKSUM = > "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \ > > file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" > @@ -14,5 +14,5 @@ RDEPENDS_packagegroup-security-tpm2 = " \ > libtss2 \ > libtss2-tcti-device \ > libtss2-tcti-mssim \ > - resourcemgr \ > + tpm2-abrmd \ > " > -- > 2.7.4 > > > > ------------------------------ > > Message: 3 > Date: Sun, 28 Oct 2018 18:50:20 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 05/13] > packagegroup-core-security: add few more ptest packages > Message-ID: <1540752628-10832-5-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > recipes-security/packagegroup/packagegroup-core-security.bb | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb > b/recipes-security/packagegroup/packagegroup-core-security.bb > index 653d87b..9cf233f 100644 > --- a/recipes-security/packagegroup/packagegroup-core-security.bb > +++ b/recipes-security/packagegroup/packagegroup-core-security.bb > @@ -65,7 +65,7 @@ RDEPENDS_packagegroup-security-ids = " \ > SUMMARY_packagegroup-security-mac = "Security Mandatory Access Control > systems" > RDEPENDS_packagegroup-security-mac = " \ > ${@bb.utils.contains("DISTRO_FEATURES", "tomoyo", "ccs-tools", "",d)} > \ > - ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "", "",d)} \ > + ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor", > "",d)} \ > ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack", "",d)} \ > " > > @@ -76,5 +76,7 @@ RDEPENDS_packagegroup-security-ptest = " \ > keyutils-ptest \ > libseccomp-ptest \ > python-scapy-ptest \ > + ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", > "",d)} \ > + ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", > "",d)} \ > ptest-runner \ > " > -- > 2.7.4 > > > > ------------------------------ > > Message: 4 > Date: Sun, 28 Oct 2018 18:50:19 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 04/13] swtpm: switch to stable > branch and clean up recipe > Message-ID: <1540752628-10832-4-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb | 22 +++++----------------- > 1 file changed, 5 insertions(+), 17 deletions(-) > > diff --git a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb > b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb > index e0c5ffe..3fe1393 100644 > --- a/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb > +++ b/meta-tpm/recipes-tpm/swtpm/swtpm_1.0.bb > @@ -3,22 +3,21 @@ LICENSE = "BSD-3-Clause" > LIC_FILES_CHKSUM = "file://LICENSE;md5=fe8092c832b71ef20dfe4c6d3decb3a8" > SECTION = "apps" > > -DEPENDS = "libtasn1 expect socat glib-2.0 libtpm libtpm-native" > +DEPENDS = "libtasn1 expect socat glib-2.0 net-tools-native libtpm > libtpm-native" > > # configure checks for the tools already during compilation and > # then swtpm_setup needs them at runtime > DEPENDS += "tpm-tools-native expect-native socat-native" > > -SRCREV = "66b42f52ef363998cb57f039889d59381d20bdf1" > -SRC_URI = "git://github.com/stefanberger/swtpm.git \ > - file://fix_lib_search_path.patch \ > +SRCREV = "94bb9f2d716d09bcc6cd2a2e033018f8592008e7" > +SRC_URI = "git://github.com/stefanberger/swtpm.git;branch=tpm2-preview.v2 > \ > file://fix_fcntl_h.patch \ > file://ioctl_h.patch \ > " > > S = "${WORKDIR}/git" > > -inherit autotools-brokensep pkgconfig > +inherit autotools pkgconfig > PARALLEL_MAKE = "" > > TSS_USER="tss" > @@ -35,21 +34,12 @@ EXTRA_OECONF += "--with-tss-user=${TSS_USER} > --with-tss-group=${TSS_GROUP}" > > export SEARCH_DIR = "${STAGING_LIBDIR_NATIVE}" > > -# dup bootstrap > -do_configure_prepend () { > - libtoolize --force --copy > - autoheader > - aclocal > - automake --add-missing -c > - autoconf > -} > - > USERADD_PACKAGES = "${PN}" > GROUPADD_PARAM_${PN} = "--system ${TSS_USER}" > USERADD_PARAM_${PN} = "--system -g ${TSS_GROUP} --home-dir \ > --no-create-home --shell /bin/false ${BPN}" > > -RDEPENDS_${PN} = "libtpm expect socat bash" > +RDEPENDS_${PN} = "libtpm expect socat bash tpm-tools" > > BBCLASSEXTEND = "native nativesdk" > > @@ -58,5 +48,3 @@ python() { > 'filesystems-layer' not in d.getVar('BBFILE_COLLECTIONS').split(): > raise bb.parse.SkipRecipe('Cuse enabled which requires > meta-filesystems to be present.') > } > - > -RDEPENDS_${PN} += "tpm-tools" > -- > 2.7.4 > > > > ------------------------------ > > Message: 5 > Date: Sun, 28 Oct 2018 18:50:21 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 06/13] suricata: add ptest > Message-ID: <1540752628-10832-6-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > recipes-security/suricata/files/run-ptest | 3 +++ > recipes-security/suricata/suricata_4.0.5.bb | 6 +++++- > 2 files changed, 8 insertions(+), 1 deletion(-) > create mode 100644 recipes-security/suricata/files/run-ptest > > diff --git a/recipes-security/suricata/files/run-ptest > b/recipes-security/suricata/files/run-ptest > new file mode 100644 > index 0000000..666ba9c > --- /dev/null > +++ b/recipes-security/suricata/files/run-ptest > @@ -0,0 +1,3 @@ > +#!/bin/sh > + > +suricata -u > diff --git a/recipes-security/suricata/suricata_4.0.5.bb > b/recipes-security/suricata/suricata_4.0.5.bb > index 90b4638..6c0a109 100644 > --- a/recipes-security/suricata/suricata_4.0.5.bb > +++ b/recipes-security/suricata/suricata_4.0.5.bb > @@ -10,12 +10,13 @@ SRC_URI += " \ > file://volatiles.03_suricata \ > file://suricata.yaml \ > file://suricata.service \ > + file://run-ptest \ > " > > SRC_URI[rules.md5sum] = "205c5e5b54e489207ed892c03ad75b33" > SRC_URI[rules.sha256sum] = > "4aa81011b246875a57181c6a0569ca887845e366904bcaf0043220f33bd69798" > > -inherit autotools-brokensep pkgconfig python-dir systemd > +inherit autotools-brokensep pkgconfig python-dir systemd ptest > > CFLAGS += "-D_DEFAULT_SOURCE" > > @@ -28,6 +29,8 @@ EXTRA_OECONF += " --disable-debug \ > " > > PACKAGECONFIG ??= "htp jansson file pcre yaml pcap cap-ng net nfnetlink > nss nspr" > +PACKAGECONFIG_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', > 'unittests', '', d)}" > + > PACKAGECONFIG[htp] = "--with-libhtp-includes=${STAGING_INCDIR} > --with-libhtp-libraries=${STAGING_LIBDIR}, ,libhtp," > PACKAGECONFIG[pcre] = "--with-libpcre-includes=${STAGING_INCDIR} > --with-libpcre-libraries=${STAGING_LIBDIR}, ,libpcre ," > PACKAGECONFIG[yaml] = "--with-libyaml-includes=${STAGING_INCDIR} > --with-libyaml-libraries=${STAGING_LIBDIR}, ,libyaml ," > @@ -42,6 +45,7 @@ PACKAGECONFIG[file] = ",,file, file" > PACKAGECONFIG[nss] = "--with-libnss-includes=${STAGING_INCDIR} > --with-libnss-libraries=${STAGING_LIBDIR}, nss, nss," > PACKAGECONFIG[nspr] = "--with-libnspr-includes=${STAGING_INCDIR} > --with-libnspr-libraries=${STAGING_LIBDIR}, nspr, nspr," > PACKAGECONFIG[python] = "--enable-python, --disable-python, python, > python" > +PACKAGECONFIG[unittests] = "--enable-unittests, --disable-unittests," > > export logdir = "${localstatedir}/log" > > -- > 2.7.4 > > > > ------------------------------ > > Message: 6 > Date: Sun, 28 Oct 2018 18:50:22 +0000 > From: Armin Kuster <akuster...@gmail.com> > To: yocto@yoctoproject.org > Subject: [yocto] [meta-security][PATCH 07/13] > packagegroup-core-security: add suricata-ptest > Message-ID: <1540752628-10832-7-git-send-email-akuster...@gmail.com> > > Signed-off-by: Armin Kuster <akuster...@gmail.com> > --- > recipes-security/packagegroup/packagegroup-core-security.bb | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/recipes-security/packagegroup/packagegroup-core-security.bb > b/recipes-security/packagegroup/packagegroup-core-security.bb > index 9cf233f..5ee06e3 100644 > --- a/recipes-security/packagegroup/packagegroup-core-security.bb > +++ b/recipes-security/packagegroup/packagegroup-core-security.bb > @@ -76,6 +76,7 @@ RDEPENDS_packagegroup-security-ptest = " \ > keyutils-ptest \ > libseccomp-ptest \ > python-scapy-ptest \ > + suricata-ptest \ > ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "apparmor-ptest", > "",d)} \ > ${@bb.utils.contains("DISTRO_FEATURES", "smack", "smack-ptest", > "",d)} \ > ptest-runner \ > -- > 2.7.4 > > > > ------------------------------ > > -- > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto > > > End of yocto Digest, Vol 97, Issue 86 > ************************************* >
-- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto