meta-security: subtree update:547f552c85..066a04425c
Armin Kuster (9):
python3-oauth2client: add recipe
python3-privacyidea: adding initial support for mfa
strongswan: add bbappends for tpm changes
layer.conf: add dynamic-layer for strongswan
strongswan: Add bbappends for ima changes
meta-integrity: add dynamic-layer for strongswan
add gitlab framework and qemu machine
kas: add ima, tpm and tpm2 build configs
drop ci-build: it is hiding errors
Jeremy Puhlman (2):
cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev
packagegroup-security-tpm2: Depend on preferred provider for cryptsetup
Zheng Ruoqin (2):
ccs-tools:Fix build error when enable multilib.
bastille: Deleted redundant inherit to fix error when enable multilib.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I023e45c8080c3d423cd25cc656da5c1f527295e5
diff --git a/meta-security/kas/kas-security-base.yml b/meta-security/kas/kas-security-base.yml
new file mode 100644
index 0000000..768390e
--- /dev/null
+++ b/meta-security/kas/kas-security-base.yml
@@ -0,0 +1,57 @@
+header:
+ version: 8
+
+distro: poky
+
+repos:
+ meta-security:
+ layers:
+ ../meta-security:
+ meta-tpm:
+ meta-integrity:
+ meta-security-compliance:
+
+ poky:
+ url: https://git.yoctoproject.org/git/poky
+ refspec: master
+ layers:
+ meta:
+ meta-poky:
+ meta-yocto-bsp:
+
+ meta-openembedded:
+ url: http://git.openembedded.org/meta-openembedded
+ refspec: master
+ layers:
+ meta-oe:
+ meta-perl:
+ meta-python:
+ meta-networking:
+
+local_conf_header:
+ meta-security: |
+ CONF_VERSION = "1"
+ SOURCE_MIRROR_URL = "http://downloads.yoctoproject.org/mirror/sources/"
+ SSTATE_MIRRORS = "file://.* http://sstate.yoctoproject.org/dev/PATH;downloadfilename=PATH \n"
+ SSTATE_DIR = "/home/srv/sstate/master"
+ DL_DIR = "/home/srv/downloads/master"
+ BB_HASHSERVE = "auto"
+ BB_SIGNATURE_HANDLER = "OEEquivHash"
+
+ diskmon: |
+ BB_DISKMON_DIRS = "\
+ STOPTASKS,${TMPDIR},1G,100K \
+ STOPTASKS,${DL_DIR},1G,100K \
+ STOPTASKS,${SSTATE_DIR},1G,100K \
+ STOPTASKS,/tmp,100M,100K \
+ ABORT,${TMPDIR},100M,1K \
+ ABORT,${DL_DIR},100M,1K \
+ ABORT,${SSTATE_DIR},100M,1K \
+ ABORT,/tmp,10M,1K"
+
+bblayers_conf_header:
+ meta-security: |
+ POKY_BBLAYERS_CONF_VERSION = "2"
+ BBPATH = "${TOPDIR}"
+ BBFILES ?= ""
+
diff --git a/meta-security/kas/qemuarm.yml b/meta-security/kas/qemuarm.yml
new file mode 100644
index 0000000..f51abac
--- /dev/null
+++ b/meta-security/kas/qemuarm.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemuarm
diff --git a/meta-security/kas/qemuarm64-ima.yml b/meta-security/kas/qemuarm64-ima.yml
new file mode 100644
index 0000000..b478472
--- /dev/null
+++ b/meta-security/kas/qemuarm64-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemuarm64
diff --git a/meta-security/kas/qemuarm64-tpm2.yml b/meta-security/kas/qemuarm64-tpm2.yml
new file mode 100644
index 0000000..3a8d8fc
--- /dev/null
+++ b/meta-security/kas/qemuarm64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm2"
+
+machine: qemuarm64
diff --git a/meta-security/kas/qemuarm64.yml b/meta-security/kas/qemuarm64.yml
new file mode 100644
index 0000000..a0c2d1a
--- /dev/null
+++ b/meta-security/kas/qemuarm64.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemuarm64
diff --git a/meta-security/kas/qemumips64.yml b/meta-security/kas/qemumips64.yml
new file mode 100644
index 0000000..64e52f7
--- /dev/null
+++ b/meta-security/kas/qemumips64.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemumips64
diff --git a/meta-security/kas/qemuppc.yml b/meta-security/kas/qemuppc.yml
new file mode 100644
index 0000000..3dad81c
--- /dev/null
+++ b/meta-security/kas/qemuppc.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemuppc
diff --git a/meta-security/kas/qemuriscv64.yml b/meta-security/kas/qemuriscv64.yml
new file mode 100644
index 0000000..e1b1e49
--- /dev/null
+++ b/meta-security/kas/qemuriscv64.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemuriscv64
diff --git a/meta-security/kas/qemux86-64-ima.yml b/meta-security/kas/qemux86-64-ima.yml
new file mode 100644
index 0000000..e64931c
--- /dev/null
+++ b/meta-security/kas/qemux86-64-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemux86-64
diff --git a/meta-security/kas/qemux86-64-tpm.yml b/meta-security/kas/qemux86-64-tpm.yml
new file mode 100644
index 0000000..565b423
--- /dev/null
+++ b/meta-security/kas/qemux86-64-tpm.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm"
+
+machine: qemux86-64
diff --git a/meta-security/kas/qemux86-64-tpm2.yml b/meta-security/kas/qemux86-64-tpm2.yml
new file mode 100644
index 0000000..a43693e
--- /dev/null
+++ b/meta-security/kas/qemux86-64-tpm2.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " tpm2"
+
+machine: qemux86-64
diff --git a/meta-security/kas/qemux86-64.yml b/meta-security/kas/qemux86-64.yml
new file mode 100644
index 0000000..4ba2b66
--- /dev/null
+++ b/meta-security/kas/qemux86-64.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemux86-64
diff --git a/meta-security/kas/qemux86-ima.yml b/meta-security/kas/qemux86-ima.yml
new file mode 100644
index 0000000..6528ba6
--- /dev/null
+++ b/meta-security/kas/qemux86-ima.yml
@@ -0,0 +1,10 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+local_conf_header:
+ meta-security: |
+ DISTRO_FEATURES_append = " ima"
+
+machine: qemux86
diff --git a/meta-security/kas/qemux86.yml b/meta-security/kas/qemux86.yml
new file mode 100644
index 0000000..83a5353
--- /dev/null
+++ b/meta-security/kas/qemux86.yml
@@ -0,0 +1,6 @@
+header:
+ version: 8
+ includes:
+ - kas-security-base.yml
+
+machine: qemux86