summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* layers: set warrior onlyArmin Kuster2019-06-263-5/+3
| | | | | | remove TEST_SUITES from main layer.conf Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-bbappends: simplifyArmin Kuster2019-06-266-4/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-scapy: solved the conflict with python-scapyZang Ruochen2019-06-101-0/+4
| | | | | | | | | -Rename the following file to resolve the conflict with python-scapy: Rename /usr/bin/UTscapy to /usr/bin/UTscapy3 Rename /usr/bin/scapy to /usr/bin/scapy3 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: solved the conflict with python3-scapyZang Ruochen2019-06-101-0/+5
| | | | | | | | | -Rename the following file to resolve the conflict with python3-scapy: Rename /usr/bin/UTscapy to /usr/bin/UTscapy2 Rename /usr/bin/scapy to /usr/bin/scapy2 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-scapy: Remove redundant sed operationsZang Ruochen2019-06-101-7/+0
| | | | | | | -Remove redundant sed operations. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* bastille: solved the conflict with perl-module-text-wrap and base-filesZang Ruochen2019-06-101-3/+1
| | | | | | | | | -Remove the link to perl5 to resolve the conflict with perl-module-text-wrap. -Remove the operation on /var/lock to resolve the conflict with base-files. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samhain: add rconflict for client and server modeChangqing Li2019-05-282-0/+2
| | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* image: add image for testingArmin Kuster2019-05-281-0/+22
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* runtime qa: moderize ima testArmin Kuster2019-05-283-82/+129
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* initramfs: clean up to pull in packages.Armin Kuster2019-05-281-8/+4
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* data: remove policiesArmin Kuster2019-05-283-110/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* policy: add ima appraise all policyArmin Kuster2019-05-282-0/+47
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ima_policy_simple: add another sample policyArmin Kuster2019-05-282-0/+22
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ima-policy-hashed: add new recipeArmin Kuster2019-05-282-0/+97
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* base-files: add appending to automount securityfsArmin Kuster2019-05-282-0/+6
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux: update bbappendArmin Kuster2019-05-281-115/+2
| | | | | | remove untested code Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ima.cfg: update to 5.0 kernelArmin Kuster2019-05-282-16/+18
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ima-evm-utils: cleanup and update to tipArmin Kuster2019-05-286-22/+200
| | | | | | | | update to tip backported patches to fix build issues. fix native support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* README: updateArmin Kuster2019-05-281-4/+1
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: add LAYERSERIES_COMPATArmin Kuster2019-05-281-0/+2
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-integrity: port over from meta-intel-iot-securityArmin Kuster2019-05-2830-0/+1402
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-fail2ban: Fix build error of xrange.leimaohui2019-05-212-0/+32
| | | | | | | NameError: name 'xrange' is not defined Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* checksec: add runtime testArmin Kuster2019-05-211-0/+33
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* keyutils: fix library install pathArmin Kuster2019-05-212-6/+36
| | | | | | | | [v2] fix multilib support Als add native support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* checksec: update to 1.11.1Armin Kuster2019-05-211-1/+1
| | | | | | | | | | | | | | | | | | | | * checksec.sh: Updated to 1.11.1 * checksec.sh: resolved issues with readelf * checksec.sh: Added docker images for testing * checksec.sh: Added armhf and aarch64 libc locations * checksec.sh: Replace FS_COUNT with fgrep * checksec.sh: Fixed symbols count in csv * checksec.sh: Fixed RW-RPATH and RW-RUNPATH * checksec.sh: Added stack canaries generated by intel compiler * checksec.sh: Mute stat errors for non-existent directories * checksec.sh: Removed invalid json structures and duplicate kernel checks * checksec.sh: fixed spaces in -d option * checksec.sh: Added stack-protector-string check * checksec.sh: Add arm64 specific kernel checks * checksec.sh: Add REFCOUNT_FULL to kernel tests * checksec.sh: Remove OSX support Signed-off-by: Armin Kuster <akuster808@gmail.com>
* smack: kernel fragment updateArmin Kuster2019-05-121-6/+5
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oe-selftest: add running cve checkerArmin Kuster2019-05-121-0/+27
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apparmor: fetch from gitAlexander Kanavin2019-05-121-3/+3
| | | | | | | Tarballs from archive.ubuntu.com can and do disappear (similar to archive.debian.org). Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libseccomp: update to 2.4.1Armin Kuster2019-05-091-1/+1
| | | | | | bug fix release. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libldb: add earlier versionArmin Kuster2019-05-094-0/+328
| | | | | | This version does not have a dependacy on samba Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samhain: add more tests and fix ret checksArmin Kuster2019-05-091-4/+27
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* smack-test: add smack tests from meta-intel-iot-securityArmin Kuster2019-05-0916-0/+1364
| | | | | | ported over smack tests Signed-off-by: Armin Kuster <akuster808@gmail.com>
* smack: move patch to smack dirArmin Kuster2019-05-092-0/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apparmor: add a few more runtimeArmin Kuster2019-05-091-0/+19
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apparmor: fix fragment for 5.0 kernelArmin Kuster2019-05-091-6/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm/README: updateYi Zhao2019-05-011-0/+57
| | | | | | | Add more description Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-tpm/conf/layer.conf: update layer dependenciesYi Zhao2019-05-011-0/+1
| | | | | | | | | | | | | | | | | | Add openembedded-layer to layer dependencies. Fix the following build errors: ERROR: Required build target 'tpm2-pkcs11' has no buildable providers. Missing or unbuildable dependency chain was: ['tpm2-pkcs11', 'dstat'] ERROR: Required build target 'cryptsetup-tpm-incubator' has no buildable providers. Missing or unbuildable dependency chain was: ['cryptsetup-tpm-incubator', 'libdevmapper'] ERROR: Required build target 'tpm2-totp' has no buildable providers. Missing or unbuildable dependency chain was: ['tpm2-totp', 'qrencode'] Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav-native: fix new build issueArmin Kuster2019-04-141-22/+19
| | | | | | | | re-arch the reciped to build properly. Fixed /var/lib/clamav dir issue Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: add clamav-cvd package for cvd dbArmin Kuster2019-04-142-6/+259
| | | | | | | | | Add native package to support creating a mirror of the clamav cvd and supply it in a new package. Provide a INSTALL_CLAMAV_CVD flag to bypass this creation Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: runtime fix local routingArmin Kuster2019-04-131-0/+2
| | | | | | | | | | This addes the localhost to resolve.conf to fix: ERROR: Can't get information about database.clamav.net: Temporary failure in name resolution ERROR: Can't download main.cvd from database.clamav.net Giving up on database.clamav.net... Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libldb: add waf-cross-answeresArmin Kuster2019-04-1315-0/+557
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav: fix llvm reference versionArmin Kuster2019-04-131-1/+1
| | | | | | llvm8.0 does not exist. dropped the version part. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* clamav runtime: add resolve.conf supportArmin Kuster2019-04-131-0/+28
| | | | | | and ping test too Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libmspack: update to 0.10.1Armin Kuster2019-04-071-3/+3
| | | | | | | | For details see: https://github.com/kyz/libmspack/blob/master/libmspack/ChangeLog change compression to match that now being used from source Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ccs-tools: move to reciped-macArmin Kuster2019-04-072-0/+0
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* layer.conf: Add warrior to compatible release seriesArmin Kuster2019-04-073-3/+3
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto/5.0: add apparmor fragmentsArmin Kuster2019-04-015-0/+37
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto: make bbappend version neutralArmin Kuster2019-04-013-5/+9
| | | | | | | | | | | update apparmor configs [v2] Just update configs. leave versions intact. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apparmor: add basic runtime testArmin Kuster2019-03-311-0/+27
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* apparmor: update to 2.13.2Armin Kuster2019-03-312-40/+9
| | | | | | | Drop patch included in update: tool-paths.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-21 01:59:25 +0000