summaryrefslogtreecommitdiffstats
path: root/meta-app-framework/recipes-security
AgeCommit message (Collapse)AuthorFilesLines
2020-01-22meta-security meta-app-framework: handle xmlsec1 upgradeScott Murray1-2/+2
Remove now unneeded meta-security xmlsec1 bbappend, and update the bbappend in meta-app-framework to work with the new xmlsec1 1.2.28 recipe in oe-core. Bug-AGL: SPEC-2932 Change-Id: If57b7c9fa2a4d2b8f9470dd67e95b4579d1210c7 Signed-off-by: Scott Murray <scott.murray@konsulko.com>
2019-12-03security-manager: Improve integrationJosé Bollo1-2/+0
This fixes some issues encountered by the current integration of the security-manager: - its recipes is spread in too much directories (see SPEC-2092) - its initialization should be checked (see SPEC-2091) - the location of the database has to be changed (see SPEC-1717 that provided a workaround) All in one, I decided to create that ticket that summarize the work that can be quickly achieved to answer all this issues that are tightly coupled. Bug-AGL: SPEC-2972 Bug-AGL: SPEC-2092 Bug-AGL: SPEC-2091 Bug-AGL: SPEC-1717 Change-Id: I7af941c25cfa1624d76c2e8f512f6535918912f0 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-04-04dbus-cynara: Avoid dependency loopJosé Bollo1-38/+0
The dependency loop appeared when compiling with DISTRO_FEATURE ptest. To avoid it, I restore the logic implemented before in meta-intel-iot-security. I also remove unless files. Bug-AGL: SPEC-1334 Change-Id: Ibe8b9359a65fec034df2534c5fceb4769e63aa99 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-16Move xmlsec1 folder in meta-app-frameworkJan-Simon Möller1-0/+4
The upstream location of xmlsec1 changed from recipes-support/xmlsec1 to recipes-security/xmlsec1 Also we need to add 2 more dependencies added. Bug-AGL: SPEC-1297 Change-Id: Iba96bbb8a63ea9c9b8240f1a72e6e3423178e05c Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
2018-02-14Merge remote-tracking branch 'agl/sandbox/ronan/rocko' into HEADJan-Simon Möller1-44/+0
* agl/sandbox/ronan/rocko: (58 commits) Update ulcb conf file Remove unsed gstreamer backport [GEN3] add preferred version on omx package run-(agl-)postinst: Emit progress to console meta-security: Remove unused content Upgrade wayland-ivi-extension Revert "Fix kernel gcc7 issue" remove backport commit Revert "Fix CVE-2017-1000364 by backporting the patches for gen3" Remove fix for optee-os Remove gcc 6 fix Update rcar gen3 kernel bbappend version Update rcar gen3 driver Remove porter machine dbus-cynara: Upgrade to 1.10.20 xmlsec1: switch to meta-security version systemd: earlier smack label switch cynara: upgrade to 0.14.10 Remove smack recipe Integrate parts of meta-intel-iot-security ... Bug-AGL: SPEC-1181 Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org> Conflicts: meta-app-framework/recipes-security/cynara/cynara_git.bbappend Change-Id: I9875fcb31e960038ce6c23165c99b52a3bd1a1c0
2018-02-13cynara: upgrade to 0.14.10José Bollo2-82/+0
Change-Id: I33caaa8a435e0b36afff43c4199428ae9336d612 Signed-off-by: José Bollo <jose.bollo@iot.bzh>
2018-02-13cynara: Fix build error that causes gcc v7.0Changhyeok Bae2-0/+43
- gcc v7 requires include <functional> for std::function. - gcc v7 recognize implicit-fallthrough. Bug-AGL: SPEC-1181 Change-Id: I40b35ef54d3a1e567330102e9e7cbe6882728b95 Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
2018-01-23cynara: Fix build error that causes gcc v7.0Changhyeok Bae2-0/+43
- gcc v7 requires include <functional> for std::function. - gcc v7 recognize implicit-fallthrough. Bug-AGL: SPEC-1181 Change-Id: I40b35ef54d3a1e567330102e9e7cbe6882728b95 Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
2017-09-08Upgrade to pyroChanghyeok Bae2-0/+41
u-boot: v2017.01 dlt-daemon: Remove gzipnative inheritance - gzipnative.bbclass is removed in pyro branch. - See ab0f46400c113c0d893be872727a67739d5e794d in poky. gpm: Remove bbappend file - upstream(meta-openembedded) is using git(v1.99.7) and this is not required anymore. gnutls: Remove bbappend file - The patch is already applied in upstream. agl-image-minimal: Remove ROOTFS_PKGMANAGE_BOOTSTRAP - ROOTFS_PKGMANAGE_BOOTSTRAP is removed in upstream. - Please see 529244ee212fe14019e35a5f163fab705ddbf141 in poky. freetype: Change hash value for v2.7.1 binary shadow: Remove shadow_%.bbappend - It's already applied upstream poky. Remove nativesdk-packagegroup-sdk-host.bbappend - It's already applied in upstream poky. faac: Remove bbappend file - It's already applied meta-openembedded upstream. pulseaudio: Change bbappend naming - Upstream yocto provides pulseaudio v10.0. weston: re-create patch to apply new version (v2.0.0) - Remove 0001-compositor-drm.c-Launch-without-input-devices.patch because it's already applied in new version. mesa: Remove 12.0.3 recipe and fix build error for qemux86-64 - Yocto upstream supports 17.0.2 and v12.0.3 is not required anymore in raspberrypi - Error: | configure: error: --enable-gallium-llvm selected but llvm-config is not found wayland-ivi-extension: Upgrade to latest master version - Due to weston upgrade, wayland-ivi-extension should be upgraded. packagegroup-ivi-common-core-multimedia: Remove alsa-lib - alsa-lib has empty package and it's not required anymore. Add agl-driver and agl-passenger in group and passwd - Parsing Error: agl-users: groupname agl-passenger does not have a static ID defined. poky-agl.conf: Change gstreamer default version to v1.10.x - Yocto upstream moves gstreamer to v1.10.4. af-main: Fix build error - Error: file /usr/local conflicts between attempted installs of af-main-1.0-r0.corei7_64 and base-files-3.0.14-r89.qemux86_64 intel-corei7-64: Change gstreamer-vaapi-1.0 name - gstreamer-vaapi-1.0 is moved to oe-core and its name is changed to gstreamer1.0-vaapi. linux-raspberrypi: Drop 4.4 bbappend - The upstream meta-raspberrypi doesn't support v4.4 anymore. - CVE patches are not required anymore. glibc: Remove bbappend - The bug-20116 is already applied in 2.25 cynara,security-manager: Fix build error - cynara: Replace bb.data to d - security-manager: Temporarily use 'no' in APPLY variable u-boot-ota: Add SRC_URI - In pyro, SRC_URI and S is moved from .inc to .bb linux-yocto: Remove 4.8 and 4.4 bbappend - Yocto 2.3 (Pyro) doesn't support v4.8 kernel anymore. - CVE patches in meta-agl-bsp are already applied in Yocto 2.3. tcf-agent: Remove bbappend file - This change is merged to upstream poky (pyro) bluez5: Remove recipe and add .bbappend - Yocto 2.3 (Pyro) already has same version. - bluetooth.conf file is added in .bbappend python-pycrypto: Remove recipe - meta-openembedded (Pyro) already has same version. meta-agl-bsp/classes/image.bbclass: Arrange for pyro - image.bbclass is taken from poky/meta/classes/image.bbclass and only changed IMAGE_TYPE_vm variable. libsoup: Fix native build error temporarily v2 (jsmoeller): meta-agl-bsp/meta-ti: - workaround patches in meta-ti/recipes-arago/gstreamer/gstreamer1.0-plugins-bad_%.bbappend - fix old python code in meta-ti/recipes-arago/ipumm-fw/ipumm-fw_3.00.13.00.bb - workaround patches in meta-ti/recipes-arago/weston/weston_%.bbappend - make specific to dra7xx-evm: -- meta-ti/recipes-bsp/alsa-state/alsa-state.bbappend -- meta-ti/recipes-bsp/u-boot/u-boot-ti-staging_%.bbappend -- rename meta-ti/recipes-multimedia/pulseaudio/pulseaudio/dra7xx-evm-set-default-sink-source.patch -- rename meta-ti/recipes-multimedia/pulseaudio/pulseaudio_%.bbappend TODO/FIXME's in: - meta-agl-bsp/meta-ti/recipes-arago/gstreamer/gstreamer1.0-plugins-bad_%.bbappend - meta-agl-bsp/meta-ti/recipes-arago/weston/weston_%.bbappend - meta-agl-bsp/meta-ti/recipes-multimedia/pulseaudio/pulseaudio_%.bbappend - meta-ti/recipes-bsp/u-boot/u-boot-ti-staging_%.bbappend Bug-AGL: SPEC-646 Change-Id: I4162ae887d3334e9102575e3724483aa25f4bd9c Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org> Reviewed-on: https://gerrit.automotivelinux.org/gerrit/10457