meta-security: subtree update:ab239f1497..46f7e7acbe

Armin Kuster (18):
      python3-scapy: update to 2.4.5
      lkrg-module: update 0.9.1
      packagegroup-core-security: exclude ossec-hids from musl
      ossec-hids: musl not compatable
      sssd: update to 2.5.0
      busybox: drop as libsecomp is in core
      linux-%_5.%.bbappend: drop recipe
      initramfs-framework: fix YCL issue.
      python3-scapy: drop , now in meta-python
      packagegroup-core-security: drop python3-scapy
      meta-hardening/initscripts: missed overide.
      meta-security: add sanity check
      meta-security/recipe-kernel: use sanity check
      linux-yocto-dev: drop bbappend
      meta-tpm: add layer sanity check
      meta-tpm/linux-yocto: use sanity support
      meta-integrity: add sanity check
      meta-integrity/recipe-kernel: use sanity check

Federico Pellegrin (1):
      aircrack-ng: update to 1.6

Kai Kang (2):
      sssd: set pid path with /run
      sssd: add fix-ldblibdir.patch back

Ricardo Salveti (1):
      tpm2-tss: fix usrmerge udev install path

Robert P. J. Day (1):
      Correct "securiyt" typo in maintainers.inc

Sekine Shigeki (1):
      smack: add 3 cves to allowlist

Upgrade Helper (2):
      clamav: upgrade to latest revision
      opendnssec: upgrade 2.1.8 -> 2.1.9

Yi Zhao (1):
      libgssglue: update SRC_URI

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I3bcabc218b240681d525111d16f963eb9b33c922
diff --git a/meta-security/meta-integrity/recipes-kernel/linux/linux-%.bbappend b/meta-security/meta-integrity/recipes-kernel/linux/linux-%.bbappend
index f9a48cd..be60bfe 100644
--- a/meta-security/meta-integrity/recipes-kernel/linux/linux-%.bbappend
+++ b/meta-security/meta-integrity/recipes-kernel/linux/linux-%.bbappend
@@ -1,5 +1 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
-
-KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
-
-inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}
+require ${@bb.utils.contains_any('DISTRO_FEATURES', 'integrity ', 'linux_ima.inc', '', d)}
diff --git a/meta-security/meta-integrity/recipes-kernel/linux/linux_ima.inc b/meta-security/meta-integrity/recipes-kernel/linux/linux_ima.inc
new file mode 100644
index 0000000..f9a48cd
--- /dev/null
+++ b/meta-security/meta-integrity/recipes-kernel/linux/linux_ima.inc
@@ -0,0 +1,5 @@
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
+
+KERNEL_FEATURES_append = " ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', ' features/ima/modsign.scc', '', d)}"
+
+inherit ${@bb.utils.contains('DISTRO_FEATURES', 'modsign', 'kernel-modsign', '', d)}