summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-security/audit
Commit message (Collapse)AuthorAgeFilesLines
* audit: Inherit python3targetconfigKhem Raj2022-12-201-1/+1
| | | | | | | | | | | | | It uses python3-config during build to grok the python specific includedirs, therefore its important to ensure that target specific python3-config is used, otherwise currently it defaults to native python3-config which ends up adding native python3 include paths which might work out ok but is exposed when target is 32bit + lfs enabled, the headers don't match between native and target python Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c7fcebd05d18c118eccbf6bc6c75ea91d0b89063) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* audit: upgrade 3.0.8 -> 3.0.9Wang Mingyu2022-12-201-1/+1
| | | | | | | | | | | | | | | | | Changelog: =========== In auditd, release the async flush lock on stop Don't allow auditd to log directly into /var/log when log_group is non-zero Cleanup krb5 memory leaks on error paths Update auditd.cron to use auditctl --signal In auparse, if too many fields, realloc array bigger (Paul Wolneykien) In auparse, special case kernel module name interpretation If overflow_action is ignore, don't treat as an error Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 01eb5561da2823a8bb80e790bfbb6cdf320ce09e) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* audit: Fix compile error for audit_2.8.5Akash Hadke2022-10-213-2/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix below compile errors 1. Fix build with linux 5.17+ audit errors out due to swig munging it does with kernel headers | audit_wrap.c: In function '_wrap_audit_rule_data_buf_set': | audit_wrap.c:4701:17: error: cast specifies array type | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4701:15: error: invalid use of flexible array member | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4703:15: error: invalid use of flexible array member | 4703 | arg1->buf = 0; | | ^ These errors are due to VLAIS from kernel headers, so we copy linux/audit.h and make the needed change in local audit.h and make needed arrangements in build to use it when building audit package Take reference of upstream commit ee3c680c3 audit: Upgrade to 3.0.8 and fix build with linux 5.17+ Update 0002-Fixed-swig-host-contamination-issue.patch 2. Fix ipx.h missing file bug for kernel 5.15 ipx.h header file is removed in kernel 5.15 Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/include/net?id=6c9b40844751ea30c72f7a2f92f4d704bc6b2927 which is causing below error for system with kernel equal and higher than 5.15 | ../../git/auparse/interpret.c:48:10: fatal error: linux/ipx.h: No such file or directory | 48 | #include <linux/ipx.h> | | ^~~~~~~~~~~~~ Add below patch to fix this issue. 0001-Make-IPX-packet-interpretation-dependent-on-the-ipx-header.patch Link: https://github.com/linux-audit/audit-userspace/commit/6b09724c69d91668418ddb3af00da6db6755208c Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Akash Hadke <hadkeakash4@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: Revert the tweak done in configure step in do_installKhem Raj2022-08-171-0/+2
| | | | | | | | | This tweak is needed for building audit but not the interfaces it may expose via the headers, therefore undo the tweak before packaging things up Reported-By: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: Fix build with muslKhem Raj2022-08-102-0/+35
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: Upgrade to 3.0.8 and fix build with linux 5.17+Khem Raj2022-08-082-11/+9
| | | | | | | | | | | | | | | | | | | | | | audit errors out due to swig munging it does with kernel headers | audit_wrap.c: In function '_wrap_audit_rule_data_buf_set': | audit_wrap.c:4701:17: error: cast specifies array type | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4701:15: error: invalid use of flexible array member | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4703:15: error: invalid use of flexible array member | 4703 | arg1->buf = 0; | | ^ These errors are due to VLAIS from kernel headers, so we copy linux/audit.h and make the needed change in local audit.h and make needed arrangements in build to use it when building audit package Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
* audit: Upgrade 3.0.6 -> 3.0.7Alex Kiernan2022-04-181-2/+1
| | | | | | | | Dependency on bash has been removed upstream. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Alex Kiernan <alexk@zuma.ai> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Update LICENSE variable to use SPDX license identifiersKhem Raj2022-03-042-2/+2
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Update SRC_URI branch and protocolsRichard Purdie2021-11-032-2/+2
| | | | | | | | | This patch updates SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls as generated by the conversion script in OE-Core. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: upgrade 3.0.5 -> 3.0.6Yi Zhao2021-10-191-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: upgrade 3.0.4 -> 3.0.5Yi Zhao2021-08-192-134/+1
| | | | | | | Drop backported patch. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: upgrade 3.0.3 -> 3.0.4Yi Zhao2021-08-112-1/+134
| | | | | | | Backport a patch to fix the wrong account associations issue. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: fix compile error for 2.8.5Yi Zhao2021-08-064-19/+110
| | | | | | | | | | | | | | * Backport a patch to fix the compile error * Refresh the patches to fix the patch-fuzz warning. * Minor tweaks to the recipe with reference to the 3.0 bb file. Fixes: tmp/work/core2-64-poky-linux/audit/2.8.5-r0/recipe-sysroot-native/usr/bin/x86_64-poky-linux/../../libexec/x86_64-poky-linux/gcc/x86_64-poky-linux/11.1.1/ld: ausearch-checkpt.o:/usr/src/debug/audit/2.8.5-r0/build/src/../../git/src/ausearch-common.h:53: multiple definition of `event_node_list'; ausearch.o:/usr/src/debug/audit/2.8.5-r0/build/src/../../git/src/ausearch-common.h:53: first defined here Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Convert to new override syntaxMartin Jansa2021-08-032-24/+24
| | | | | | | | | | This is the result of automated script (0.9.1) conversion: oe-core/scripts/contrib/convert-overrides.py . converting the metadata to use ":" as the override character instead of "_". Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* audit: upgrade 3.0.2 -> 3.0.3Yi Zhao2021-08-031-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: upgrade 3.0.1 -> 3.0.2Yi Zhao2021-07-081-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* audit: migrate from meta-selinuxArmin Kuster2021-05-127-0/+586
Move audit to a more common layer to simplify integration. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>