mirror of
https://git.yoctoproject.org/meta-security
synced 2026-06-04 14:10:22 +00:00
John Edward Broadbent
5c2379f4bc
Updating libhoth to match version in openbmc https://gerrit.openbmc.org/c/openbmc/openbmc/+/63424 libhoth detailed changes: Willy Tu Expose header files expose USB APIs aranikam Add flash_spi_info command Add address mode flag for spi update/read Chris Evans Rename ec_ commands; permit old command names as an alias. Apply clang-format, and enable it as a check action. (#24) Sui Chen Add payload status Add console snapshot Daimeng Wang libhoth: automated mtd mailbox discovery libhoth: implement MTD transport libhoth: add MTD backend boilerplate API Yoan Andreev Dont check for non-snapshot console params Extern c wrap (#22) Build improvements (#18) Add basic abstraction to libhoth and SPIDEV support (#17) Vidya Satyamsetti Add extern Kor Nielsen htool console: Don't leave O_NONBLOCK set on stdin [fix] In legacy mailbox protocol, look at response size. [fix] Support legacy response buffers larger than 62 bytes. [feat] htool: Support Hoth-B devices. Add --baud_rate flag to "htool console". Setup github workflow to build project. Rename "htool console -l" to "htool console -n". Add --onlcr flag to "htool console". Make example visibility public. Fix BUILD file formatting. Remove out-of-date :enumerate and :ec_hello. Add libusb to bazel WORKSPACE. Fix undefined behavior in htool command handling. Signed-off-by: John Edward Broadbent <jebr@google.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Meta-security
=============
The bbappend files for some recipes (e.g. linux-yocto) in this layer need
to have 'security' in DISTRO_FEATURES to have effect.
To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " security"
If meta-security is included, but security is not enabled as a
distro feature a warning is printed at parse time:
You have included the meta-security layer, but
'security' has not been enabled in your DISTRO_FEATURES. Some bbappend files
and preferred version setting may not take effect.
If you know what you are doing, this warning can be disabled by setting the following
variable in your configuration:
SKIP_META_SECURITY_SANITY_CHECK = 1
This layer provides security tools, hardening tools for Linux kernels
and libraries for implementing security mechanisms.
Dependencies
============
This layer depends on:
URI: git://git.openembedded.org/openembedded-core
branch: [same one as checked out for this layer]
URI: git://git.openembedded.org/meta-openembedded/meta-oe
branch: [same one as checked out for this layer]
Adding the security layer to your build
========================================
In order to use this layer, you need to make the build system aware of
it.
Assuming the security layer exists at the top-level of your
yocto build tree, you can add it to the build system by adding the
location of the security layer to bblayers.conf, along with any
other layers needed. e.g.:
BBLAYERS ?= " \
/path/to/oe-core/meta \
/path/to/meta-openembedded/meta-oe \
/path/to/layer/meta-security "
Optional Dynamic layer dependancy
======================================
URI: git://git.openembedded.org/meta-openembedded/meta-oe
URI: git://git.openembedded.org/meta-openembedded/meta-perl
URI: git://git.openembedded.org/meta-openembedded/meta-python
BBLAYERS += "/path/to/layer/meta-openembedded/meta-oe"
BBLAYERS += "/path/to/layer/meta-openembedded/meta-perl"
BBLAYERS += "/path/to/layer/meta-openembedded/meta-python"
This will activate the dynamic-layer mechanism.
Maintenance
======================================
Send pull requests, patches, comments or questions to yocto@lists.yoctoproject.org
When sending single patches, please using something like:
'git send-email -1 --to yocto@lists.yoctoproject.org --subject-prefix=meta-security][PATCH'
These values can be set as defaults for this repository:
$ git config sendemail.to yocto@lists.yoctoproject.org
$ git config format.subjectPrefix meta-security][PATCH
Now you can just do 'git send-email origin/master' to send all local patches.
For pull requests, please use create-pull-request and send-pull-request.
Maintainers: Armin Kuster <akuster808@gmail.com>
License
=======
All metadata is MIT licensed unless otherwise stated. Source code included
in tree for individual recipes is under the LICENSE stated in each recipe
(.bb file) unless otherwise stated.