meta-security: subtree update:066a04425c..787ba6faea
Armin Kuster (10):
lynis: update to 3.0.0
security images: Move to recipe-core
security packagegroups: move to recipes-core
packagegroup-security-tpm: add more packages for building
packagegroup-core-security: remove clamav for riscv*
libsecomp: rv32/rv64 target builds are not supported yet
packagegroup-core-security: remove libseccomp for riscv*
libseccomp: update to 2.5.0
packagegroup-core-security: restore riscv64 for libssecomp
trousers: Several Security fixes
Charlie Davies (1):
clamav: add INSTALL_CLAMAV_CVD flag to do_install
Kai Kang (1):
libseccomp: fix cross compile error for mips
Yi Zhao (1):
ibmswtpm2: upgrade 1563 -> 1628
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I0341c0d4cd61fb6ef7db6a29f9fc60de3caa822f
diff --git a/meta-security/recipes-security/libseccomp/libseccomp_2.5.0.bb b/meta-security/recipes-security/libseccomp/libseccomp_2.5.0.bb
new file mode 100644
index 0000000..35365d5
--- /dev/null
+++ b/meta-security/recipes-security/libseccomp/libseccomp_2.5.0.bb
@@ -0,0 +1,48 @@
+SUMMARY = "interface to seccomp filtering mechanism"
+DESCRIPTION = "The libseccomp library provides and easy to use, platform independent,interface to the Linux Kernel's syscall filtering mechanism: seccomp."
+SECTION = "security"
+LICENSE = "LGPL-2.1"
+LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
+
+DEPENDS += "gperf-native"
+
+SRCREV = "f13f58efc690493fe7aa69f54cb52a118f3769c1"
+
+SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.5 \
+ file://run-ptest \
+ file://fix-mips-build-failure.patch \
+"
+
+COMPATIBLE_HOST_riscv32 = "null"
+
+S = "${WORKDIR}/git"
+
+inherit autotools-brokensep pkgconfig ptest
+
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[python] = "--enable-python, --disable-python, python3"
+
+DISABLE_STATIC = ""
+
+do_compile_ptest() {
+ oe_runmake -C tests check-build
+}
+
+do_install_ptest() {
+ install -d ${D}${PTEST_PATH}/tests
+ install -d ${D}${PTEST_PATH}/tools
+ for file in $(find tests/* -executable -type f); do
+ install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
+ done
+ for file in $(find tests/*.tests -type f); do
+ install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tests
+ done
+ for file in $(find tools/* -executable -type f); do
+ install -m 744 ${S}/${file} ${D}/${PTEST_PATH}/tools
+ done
+}
+
+FILES_${PN} = "${bindir} ${libdir}/${BPN}.so*"
+FILES_${PN}-dbg += "${libdir}/${PN}/tests/.debug/* ${libdir}/${PN}/tools/.debug"
+
+RDEPENDS_${PN}-ptest = "bash"