mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-05-08 17:19:34 +00:00
Code Issues Projects Releases Wiki Activity
1,717 Commits 39 Branches 0 Tags
ffdbb6dffd7460fde0e9a8a3add2cc2da2ca065d
Commit Graph

1717 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Armin Kuster 0581604172 lynis: update to 2.7.5 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-07-07 19:18:18 -07:00
He Zhe 586f40897a kernel: Add conditional inclusion of fragments for linux-yocto-dev 
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 3f253ddab8 clamav: minor recipe cleanup 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 37dc57c998 libmspack: update SRC_URI and package 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster f59c5437d6 tpm2-tss-engine: update to 1.0.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 6cd8959569 tpm2-totp: update to offical release v0.1.1 
Clean up recipe to match actual app

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster cdd44a61c6 tpm2-tss: update to 2.2.3 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 1a02980de6 tpm2-tools: update to 3.2.0 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 432dafda41 tpm2-tcti-uefi: update to tip 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 90e47de316 tpm2-pkcs11/tpm2-pkcs11: update to tip 
license-check-sum: Add SPDX format

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 7af4d16f33 tpm image: split out tpm2 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 44cb58c3e8 tpm2 images: create tpm2 image and fix packagegroup 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 6aae738ee6 runtime: tpm2 fix names in packagecheck 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster f63db8ce1d ima-evm-utils: update to tip 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 88350b1267 test-image: add a few more packages to image 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 2098981e0c test-image: add packagegroup-core-security-ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 55ff4e2434 packagegroup-core-security: cleanup and remove ptest 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster c44f8f3cb2 runtime: clamav test cleanup 
mirror test is independant of download

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster ee580bd011 security-test-image: add a testing image 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 723cd9e372 layers: set warrior only 
remove TEST_SUITES from main layer.conf

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:47:47 -07:00
Armin Kuster 51a4c6b517 linux-bbappends: simplify 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-26 15:46:52 -07:00
Zang Ruochen c28b72e91d python3-scapy: solved the conflict with python-scapy 
-Rename the following file to resolve the conflict with python-scapy:
	Rename /usr/bin/UTscapy to /usr/bin/UTscapy3
	Rename /usr/bin/scapy to /usr/bin/scapy3

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-10 07:35:35 -07:00
Zang Ruochen 470271aea7 python-scapy: solved the conflict with python3-scapy 
-Rename the following file to resolve the conflict with python3-scapy:
	Rename /usr/bin/UTscapy to /usr/bin/UTscapy2
	Rename /usr/bin/scapy to /usr/bin/scapy2

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-10 07:35:35 -07:00
Zang Ruochen b1e379ee5c python-scapy: Remove redundant sed operations 
-Remove redundant sed operations.

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-10 07:35:27 -07:00
Zang Ruochen 376d34368e bastille: solved the conflict with perl-module-text-wrap and base-files 
-Remove the link to perl5 to resolve the conflict with perl-module-text-wrap.

-Remove the operation on /var/lock to resolve the conflict with base-files.

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-06-10 07:35:18 -07:00
Changqing Li 74445465e3 samhain: add rconflict for client and server mode 
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 41708b0b0c image: add image for testing 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 4970243bfc runtime qa: moderize ima test 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 7b287954f7 initramfs: clean up to pull in packages. 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster d1d4e78708 data: remove policies 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster cf0123e130 policy: add ima appraise all policy 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 1293478068 ima_policy_simple: add another sample policy 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster c84f39f8e0 ima-policy-hashed: add new recipe 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 8910674d19 base-files: add appending to automount securityfs 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster e7771ce287 linux: update bbappend 
remove untested code

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster f26869aef3 ima.cfg: update to 5.0 kernel 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 756a1649b7 ima-evm-utils: cleanup and update to tip 
update to tip
backported patches to fix build issues.
fix native support

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster d86d3353b2 README: update 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster b2587711d1 layer.conf: add LAYERSERIES_COMPAT 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:52 -07:00
Armin Kuster 6680225c05 meta-integrity: port over from meta-intel-iot-security 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-28 07:38:41 -07:00
leimaohui 479d9cc23a python3-fail2ban: Fix build error of xrange. 
NameError: name 'xrange' is not defined

Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-21 08:18:36 -07:00
Armin Kuster 56d6256c83 checksec: add runtime test 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-21 08:18:36 -07:00
Armin Kuster 28629fe8a4 keyutils: fix library install path 
[v2]
fix multilib support
Als add native support

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-21 08:18:36 -07:00
Armin Kuster 7b9206d346 checksec: update to 1.11.1 
* checksec.sh: Updated to 1.11.1
* checksec.sh: resolved issues with readelf
* checksec.sh: Added docker images for testing
* checksec.sh: Added armhf and aarch64 libc locations
* checksec.sh: Replace FS_COUNT with fgrep
* checksec.sh: Fixed symbols count in csv
* checksec.sh: Fixed RW-RPATH and RW-RUNPATH
* checksec.sh: Added stack canaries generated by intel compiler
* checksec.sh: Mute stat errors for non-existent directories
* checksec.sh: Removed invalid json structures and duplicate kernel checks
* checksec.sh: fixed spaces in -d option
* checksec.sh: Added stack-protector-string check
* checksec.sh: Add arm64 specific kernel checks
* checksec.sh: Add REFCOUNT_FULL to kernel tests
* checksec.sh: Remove OSX support

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-21 08:18:36 -07:00
Armin Kuster 9f5cc2a7eb smack: kernel fragment update 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-12 11:10:44 -07:00
Armin Kuster 6e3c025a5b oe-selftest: add running cve checker 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-12 11:10:36 -07:00
Alexander Kanavin 462d76700a apparmor: fetch from git 
Tarballs from archive.ubuntu.com can and do disappear (similar to archive.debian.org).

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-12 10:49:36 -07:00
Armin Kuster 34cb20fe5c libseccomp: update to 2.4.1 
bug fix release.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-09 20:05:47 -07:00
Armin Kuster 78d7a2ef26 libldb: add earlier version 
This version does not have a dependacy on samba

Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-09 20:05:32 -07:00
Armin Kuster f524ba9665 samhain: add more tests and fix ret checks 
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2019-05-09 17:45:13 -07:00