meta-security: subtree update:d6baccc068..4c2f7ffd49
Adrian (1):
gitignore added
Armin Kuster (31):
kas: build with ptest. remove apparmor
softHSM: add pkg
packagegroup-core-security: add softHSM
libest: add recipe
packagegroup-core-security: add libest package
opendnssec: add recipe
packagegroup-core-security: add opendnssec to pkg grp
gitlab-ci: allow test to fail
libseccomp: fix ptest failures.
packagegroup-core-security-ptest: remove keyutils-ptest
security-test-image: simplify
packagegroup-core-security-ptest: remove
apparmor: fix build issue with ptest enabled.
security-test-image: tweak to get more tests to runn
apparmor: update to 3.0
packagegroup-core-security: apparmor 3.0 ptest does not build
suricata: fix compiling on gcc10
qemux86-test: add apparmor back
apparmor: fix build for on musl
ecryptfs-utils: fix musl build
libest: fix musl build.
sssd: update to latest ltm 1.16.5
packagegroup-core-security: remove clamav from musl image
suricata: update to 4.1.9
kas: fixup alt configs
gitlab-ci: add qemux86 and qemuarm64 musl builds
tpm2-tss: update to 2.4.3
tpm2-totp: update to 0.2.1
tpm2-abrmd: update to 2.3.3
tpm2-tools: update to 4.3.0
tpm2-pkcs11: update to 1.4.0
Mingli Yu (1):
scap-security-guide: add expat-native to DEPENDS
Naveen Saini (3):
initramfs-framework/dmverity: add retry loop for slow boot devices
wic: add wks.in for intel dm-verity
linux-%/5.x: Add dm-verity fragment as needed
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: If3a721fdd99bb6e35c82cf4e7485f06cebaef905
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb
new file mode 100644
index 0000000..78be513
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_2.4.3.bb
@@ -0,0 +1,76 @@
+SUMMARY = "Software stack for TPM2."
+DESCRIPTION = "OSS implementation of the TCG TPM2 Software Stack (TSS2) "
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=500b2e742befc3da00684d8a1d5fd9da"
+SECTION = "tpm"
+
+DEPENDS = "autoconf-archive-native libgcrypt openssl"
+
+SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz"
+SRC_URI[sha256sum] = "e294677f8993234d0adfa191a5cbf9c5b83cc60c724c233e3d631c26712abea0"
+
+inherit autotools pkgconfig systemd extrausers
+
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[oxygen] = ",--disable-doxygen-doc, "
+PACKAGECONFIG[fapi] = "--enable-fapi,--disable-fapi,json-c "
+
+EXTRA_OECONF += "--enable-static --with-udevrulesdir=${base_prefix}/lib/udev/rules.d/"
+EXTRA_OECONF_remove = " --disable-static"
+
+
+EXTRA_USERS_PARAMS = "\
+ useradd -p '' tss; \
+ groupadd tss; \
+ "
+
+PROVIDES = "${PACKAGES}"
+PACKAGES = " \
+ ${PN} \
+ ${PN}-dbg \
+ ${PN}-doc \
+ libtss2-mu \
+ libtss2-mu-dev \
+ libtss2-mu-staticdev \
+ libtss2-tcti-device \
+ libtss2-tcti-device-dev \
+ libtss2-tcti-device-staticdev \
+ libtss2-tcti-mssim \
+ libtss2-tcti-mssim-dev \
+ libtss2-tcti-mssim-staticdev \
+ libtss2 \
+ libtss2-dev \
+ libtss2-staticdev \
+"
+
+FILES_libtss2-tcti-device = "${libdir}/libtss2-tcti-device.so.*"
+FILES_libtss2-tcti-device-dev = " \
+ ${includedir}/tss2/tss2_tcti_device.h \
+ ${libdir}/pkgconfig/tss2-tcti-device.pc \
+ ${libdir}/libtss2-tcti-device.so"
+FILES_libtss2-tcti-device-staticdev = "${libdir}/libtss2-tcti-device.*a"
+
+FILES_libtss2-tcti-mssim = "${libdir}/libtss2-tcti-mssim.so.*"
+FILES_libtss2-tcti-mssim-dev = " \
+ ${includedir}/tss2/tss2_tcti_mssim.h \
+ ${libdir}/pkgconfig/tss2-tcti-mssim.pc \
+ ${libdir}/libtss2-tcti-mssim.so"
+FILES_libtss2-tcti-mssim-staticdev = "${libdir}/libtss2-tcti-mssim.*a"
+
+FILES_libtss2-mu = "${libdir}/libtss2-mu.so.*"
+FILES_libtss2-mu-dev = " \
+ ${includedir}/tss2/tss2_mu.h \
+ ${libdir}/pkgconfig/tss2-mu.pc \
+ ${libdir}/libtss2-mu.so"
+FILES_libtss2-mu-staticdev = "${libdir}/libtss2-mu.*a"
+
+FILES_libtss2 = "${libdir}/libtss2*so.*"
+FILES_libtss2-dev = " \
+ ${includedir} \
+ ${libdir}/pkgconfig \
+ ${libdir}/libtss2*so"
+FILES_libtss2-staticdev = "${libdir}/libtss*a"
+
+FILES_${PN} = "${libdir}/udev ${base_prefix}/lib/udev"
+
+RDEPENDS_libtss2 = "libgcrypt"