meta-security: subtree update:d6baccc068..4c2f7ffd49
Adrian (1):
gitignore added
Armin Kuster (31):
kas: build with ptest. remove apparmor
softHSM: add pkg
packagegroup-core-security: add softHSM
libest: add recipe
packagegroup-core-security: add libest package
opendnssec: add recipe
packagegroup-core-security: add opendnssec to pkg grp
gitlab-ci: allow test to fail
libseccomp: fix ptest failures.
packagegroup-core-security-ptest: remove keyutils-ptest
security-test-image: simplify
packagegroup-core-security-ptest: remove
apparmor: fix build issue with ptest enabled.
security-test-image: tweak to get more tests to runn
apparmor: update to 3.0
packagegroup-core-security: apparmor 3.0 ptest does not build
suricata: fix compiling on gcc10
qemux86-test: add apparmor back
apparmor: fix build for on musl
ecryptfs-utils: fix musl build
libest: fix musl build.
sssd: update to latest ltm 1.16.5
packagegroup-core-security: remove clamav from musl image
suricata: update to 4.1.9
kas: fixup alt configs
gitlab-ci: add qemux86 and qemuarm64 musl builds
tpm2-tss: update to 2.4.3
tpm2-totp: update to 0.2.1
tpm2-abrmd: update to 2.3.3
tpm2-tools: update to 4.3.0
tpm2-pkcs11: update to 1.4.0
Mingli Yu (1):
scap-security-guide: add expat-native to DEPENDS
Naveen Saini (3):
initramfs-framework/dmverity: add retry loop for slow boot devices
wic: add wks.in for intel dm-verity
linux-%/5.x: Add dm-verity fragment as needed
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: If3a721fdd99bb6e35c82cf4e7485f06cebaef905
diff --git a/meta-security/recipes-security/softHSM/softhsm_2.6.1.bb b/meta-security/recipes-security/softHSM/softhsm_2.6.1.bb
new file mode 100644
index 0000000..74e837a
--- /dev/null
+++ b/meta-security/recipes-security/softHSM/softhsm_2.6.1.bb
@@ -0,0 +1,30 @@
+SUMMARY = "SoftHSM is an implementation of a cryptographic store accessible through a PKCS #11 interface."
+HOMEPAGE = "www.opendnssec.org"
+
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210"
+
+DEPENDS = "sqlite3"
+
+SRC_URI = "https://dist.opendnssec.org/source/softhsm-2.6.1.tar.gz"
+SRC_URI[sha256sum] = "61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2"
+
+inherit autotools pkgconfig siteinfo
+
+EXTRA_OECONF += " --with-sqlite3=${STAGING_DIR_HOST}/usr"
+EXTRA_OECONF += "${@oe.utils.conditional('SITEINFO_BITS', '64', ' --enable-64bit', '', d)}"
+
+PACKAGECONFIG ?= "pk11 openssl"
+
+PACKAGECONFIG[npm] = ",--disable-non-paged-memory"
+PACKAGECONFIG[ecc] = "--enable-ecc,--disable-ecc"
+PACKAGECONFIG[gost] = "--enable-gost,--disable-gost"
+PACKAGECONFIG[eddsa] = "--enable-eddsa, --disable-eddsa"
+PACKAGECONFIG[fips] = "--enable-fips, --disable-fips"
+PACKAGECONFIG[notvisable] = "--disable-visibility"
+PACKAGECONFIG[openssl] = "--with-openssl=${STAGING_DIR_HOST}/usr --with-crypto-backend=openssl, --without-openssl, openssl, openssl"
+PACKAGECONFIG[botan] = "--with-botan=${STAGING_DIR_HOST}/usr --with-crypto-backend=botan, --without-botan, botan"
+PACKAGECONFIG[migrate] = "--with-migrate"
+PACKAGECONFIG[pk11] = "--enable-p11-kit --with-p11-kit==${STAGING_DIR_HOST}/usr, --without-p11-kit, p11-kit, p11-kit"
+
+RDEPENDS_${PN} = "sqlite3"