meta-security: subtree update:066a04425c..787ba6faea
Armin Kuster (10):
lynis: update to 3.0.0
security images: Move to recipe-core
security packagegroups: move to recipes-core
packagegroup-security-tpm: add more packages for building
packagegroup-core-security: remove clamav for riscv*
libsecomp: rv32/rv64 target builds are not supported yet
packagegroup-core-security: remove libseccomp for riscv*
libseccomp: update to 2.5.0
packagegroup-core-security: restore riscv64 for libssecomp
trousers: Several Security fixes
Charlie Davies (1):
clamav: add INSTALL_CLAMAV_CVD flag to do_install
Kai Kang (1):
libseccomp: fix cross compile error for mips
Yi Zhao (1):
ibmswtpm2: upgrade 1563 -> 1628
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0341c0d4cd61fb6ef7db6a29f9fc60de3caa822f
diff --git a/meta-security/recipes-security/libseccomp/files/fix-mips-build-failure.patch b/meta-security/recipes-security/libseccomp/files/fix-mips-build-failure.patch
new file mode 100644
index 0000000..7d17a03
--- /dev/null
+++ b/meta-security/recipes-security/libseccomp/files/fix-mips-build-failure.patch
@@ -0,0 +1,49 @@
+Backport patch to fix cross compile error for mips:
+
+| syscalls.h:44:6: error: expected identifier or '(' before numeric constant
+| 44 | int mips;
+| | ^~~~
+
+Upstream-Status: Submitted [https://github.com/seccomp/libseccomp/pull/279/commits/04c519e5]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 04c519e5b1de53592e98307813e5c6db7418f91b Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Sun, 2 Aug 2020 09:57:39 -0400
+Subject: [PATCH] build: undefine "mips" to prevent build problems for MIPS
+ targets
+
+It turns out that the MIPS GCC compiler defines a "mips" cpp macro
+which was resulting in build failures on MIPS so we need to
+undefine the "mips" macro during build. As this should be safe
+to do in all architectures, just add it to the compiler flags by
+default.
+
+This was reported in the following GH issue:
+* https://github.com/seccomp/libseccomp/issues/274
+
+Reported-by: Rongwei Zhang <pudh4418@gmail.com>
+Suggested-by: Rongwei Zhang <pudh4418@gmail.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ configure.ac | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 40d9dcbb..3e877348 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -65,9 +65,11 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+
+ dnl ####
+ dnl build flags
++dnl NOTE: the '-Umips' is here because MIPS GCC compilers "helpfully" define it
++dnl for us which wreaks havoc on the build
+ dnl ####
+ AM_CPPFLAGS="-I\${top_srcdir}/include -I\${top_builddir}/include"
+-AM_CFLAGS="-Wall"
++AM_CFLAGS="-Wall -Umips"
+ AM_LDFLAGS="-Wl,-z -Wl,relro"
+ AC_SUBST([AM_CPPFLAGS])
+ AC_SUBST([AM_CFLAGS])