commit 157744bac930642ebf7952ec8dc3df2faffd0928
author Andrew Geissler <geissonator@yahoo.com> Fri Oct 30 15:42:05 2020 -0500
committer Andrew Geissler <geissonator@yahoo.com> Fri Oct 30 15:42:06 2020 -0500
tree 65c3c33b8f94265cb4985fe751c8fbd68d29f91f
parent 6454e3733c050bf4ec43aae71b2dd22c8ca1b9b0

meta-security: subtree update:4c2f7ffd49..e8c9e69c80

Armin Kuster (3):
      meta-security: Add gatesgarth to LAYERSERIES_COMPAT
      gitlab-ci: add meta-hardening build image
      gitlab-ci: add building meta-security-compliance pkgs

Sajjad Ahmed (1):
      layer.conf: use += instead of := to update BBFILES

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Id5439f3fdfc88fe3c987ee3c8cb7d3ed6a5a6a22

meta-security/kas/kas-security-base.yml

diff --git a/meta-security/kas/kas-security-base.yml b/meta-security/kas/kas-security-base.yml
index 6a77af5..ba0e0f8 100644
--- a/meta-security/kas/kas-security-base.yml
+++ b/meta-security/kas/kas-security-base.yml
@@ -10,6 +10,7 @@
       meta-tpm:
       meta-integrity:
       meta-security-compliance:
+      meta-hardening:
 
   poky:
     url: https://git.yoctoproject.org/git/poky

meta-security/kas/qemux86-comp.yml

diff --git a/meta-security/kas/qemux86-comp.yml b/meta-security/kas/qemux86-comp.yml
new file mode 100644
index 0000000..14c5dca
--- /dev/null
+++ b/meta-security/kas/qemux86-comp.yml
@@ -0,0 +1,11 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-compliance: |
+    IMAGE_INSTALL_append = " lynis"
+    IMAGE_INSTALL_append = " openscap openscap-daemon scap-security-guide"
+
+machine: qemux86

meta-security/kas/qemux86-harden.yml

diff --git a/meta-security/kas/qemux86-harden.yml b/meta-security/kas/qemux86-harden.yml
new file mode 100644
index 0000000..fb59dda
--- /dev/null
+++ b/meta-security/kas/qemux86-harden.yml
@@ -0,0 +1,10 @@
+header:
+  version: 8
+  includes:
+    - kas-security-base.yml
+
+local_conf_header:
+  meta-security: |
+    DISTRO = "harden"
+
+machine: qemux86