meta-security: subtree update:2df7dd9fba..3001c3ebfc
Armin Kuster (6):
meta-security: add layer index callouts
meta-security-compliance/conf/layer.conf: fix typo
python3-suricata-update: update to 1.1.1
libhtp: bugfix only update 0.5.32
lib/oeqa/runtime: suricata add tests
suricata: update to 4.1.6
Philip Tricca (1):
tpm2-abrmd: Port command line options to new version.
Trevor Woerner (1):
tpm2-abrmd-init.sh: fix for /dev/tpmrmX
Yi Zhao (1):
libseccomp: upgrade 2.4.1 -> 2.4.2
Change-Id: Ic00ca8ac8ff5d3fbe0b79aa4a42243b197080f14
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch b/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
new file mode 100644
index 0000000..a53433f
--- /dev/null
+++ b/meta-security/recipes-security/libseccomp/files/0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
@@ -0,0 +1,45 @@
+From 1ecdddb2a5b61cf527d1f238f88a9d129239f87a Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Tue, 5 Nov 2019 15:11:11 -0500
+Subject: [PATCH] tests: rely on __SNR_xxx instead of __NR_xxx for syscalls
+
+We recently changed how libseccomp handles syscall numbers that are
+not defined natively, but we missed test #15.
+
+Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+
+Upstream-Status: Backport
+[https://github.com/seccomp/libseccomp/commit/1ecdddb2a5b61cf527d1f238f88a9d129239f87a]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ tests/15-basic-resolver.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c
+index 6badef1..0c1eefe 100644
+--- a/tests/15-basic-resolver.c
++++ b/tests/15-basic-resolver.c
+@@ -55,15 +55,15 @@ int main(int argc, char *argv[])
+ unsigned int arch;
+ char *name = NULL;
+
+- if (seccomp_syscall_resolve_name("open") != __NR_open)
++ if (seccomp_syscall_resolve_name("open") != __SNR_open)
+ goto fail;
+- if (seccomp_syscall_resolve_name("read") != __NR_read)
++ if (seccomp_syscall_resolve_name("read") != __SNR_read)
+ goto fail;
+ if (seccomp_syscall_resolve_name("INVALID") != __NR_SCMP_ERROR)
+ goto fail;
+
+ rc = seccomp_syscall_resolve_name_rewrite(SCMP_ARCH_NATIVE, "openat");
+- if (rc != __NR_openat)
++ if (rc != __SNR_openat)
+ goto fail;
+
+ while ((arch = arch_list[iter++]) != -1) {
+--
+2.17.1
+
diff --git a/meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb b/meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb
similarity index 90%
rename from meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb
rename to meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb
index 37a7982..07db82a 100644
--- a/meta-security/recipes-security/libseccomp/libseccomp_2.4.1.bb
+++ b/meta-security/recipes-security/libseccomp/libseccomp_2.4.2.bb
@@ -4,9 +4,10 @@
LICENSE = "LGPL-2.1"
LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
-SRCREV = "fb43972ea1aab24f2a70193fb7445c2674f594e3"
+SRCREV = "1b6cfd1fc0b7499a28c24299a93a80bd18619563"
SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.4 \
+ file://0001-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch \
file://run-ptest \
"