| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
add two fixes for musl build issues.
also update to latest tip
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
The configure script checks for expect and socat and
fails when it is not present.
Signed-off-by: Benjamin Gaignard <benjamin.gaignard@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
cleaned up ptyhon package creation.
dropped patch no longer needed
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
backport two upstream patches and remove local verison
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Backport a patch to fix the pickling issue when save_session:
PicklingError: Can't pickle <type 'function'>: attribute lookup __builtin__.function failed
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
adds support for 4.9 and 4.10-rc1 kernels
adds support for python 3.x
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Brings in instructions for setting the log level. Setting the log level
with --log file=...,level=1 is necessary at the moment before anything
gets written to the log. Even errors are suppressed by default.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Native tools exist in recipe specific sysroots and are normally
not meant to be called from outside a build. But that's what we
need to do when using swtpm-native together with qemu, so these
wrappers make that possible by setting up the necessary environment
and hiding the internal paths.
Invoking swtpm_setup.sh gets some special support: swtpm_setup.sh runs
two daemons, tcsd and swtpm, of which tcsd insists on running as root
or tss. In practice, running as the normal user is perfectly
fine. Instead of patching the upstream source code, the approach take
here is to run under pseudo.
Usage examples:
$ bitbake swtpm-wrappers
$ mkdir -p my-machine/myvtpm0
$ tmp-glibc/work/x86_64-linux/swtpm-wrappers/1.0-r0/swtpm_setup_oe.sh --tpm-state my-machine/myvtpm0
Starting vTPM manufacturing as root:root @ Mon 16 Jan 2017 04:09:21 PM CET
TPM is listening on TCP port 55675.
-rw------- 1 root root 65 Jan 16 16:09 /tmp/tmp.2yJBKTTwRk
Ending vTPM manufacturing @ Mon 16 Jan 2017 04:09:21 PM CET
The resulting "my-machine/myvtpm0" can then be used with swtpm (this
time, it really has to be running as root because it uses CUSE to
create /dev/vtpm0, and an absolute path is needed for the tpm state
dir) and qemu-tpm (patches not currently in OE-core, have to be
applied manually):
$ sudo tmp-glibc/work/x86_64-linux/swtpm-wrappers/1.0-r0/swtpm_cuse_oe.sh -n vtpm0 --tpmstate dir=`pwd`/my-machine/myvtpm0
$ sudo chmod a+rw /dev/vtpm0
$ runqemu ... 'qemuparams=-tpmdev cuse-tpm,id=tpm0,path=/dev/vtpm0 -device tpm-tis,tpmdev=tpm0'
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The CUSE support in swtpm does not depend on selinux. It is needed
for simulating a virtual TPM, one of the use cases for swtpm-native, so
enable it by default.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building for x86-64, gcc complains:
tpm_ioctl.c:866:9: error: format ‘%llx’ expects argument of type ‘long long unsigned int’, but argument 2 has type ‘long unsigned int’ [-Werror=format=]
| printf("ptm capability is 0x%llx\n", (uint64_t)devtoh64(is_chardev, cap));
| ^
| cc1: all warnings being treated as errors
Casting to "long long unsigned" matches the format specifier in all
cases, including those where "long long" is larger than 64 bits.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
The configure script checks for tpm_nvdefine from tpm-tools and fails
when it is not present.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
For use with qemu-tpm as described in the swtpm main README, swtpm
must be compiled natively. nativesdk is added just in case that
someone wants to add this to an SDK.
The fix_lib_search_path.patch was recently removed during the version
update, but it is still needed when building natively. Here's a
version that applies cleanly again.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream dist/Makefile.am ensures that /etc/tcsd.conf is owned by
tss:tss, and that must not be changed because otherwise tcsd refuses
to start.
In addition, tss group and user should be added as special system
group resp. user, because they are not normal users. This also avoids
the host-user-contaminated QA warning because the "tss" user will
typically not get assigned a UID from the same range as the host user
that is used for building.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Installing tpm-tools for tools like tpm_takeown pull in the libtspi
package, but the resulting system is not functional unless the tcsd
(from the main "trousers" package) also gets installed. A RRECOMMENDS
entry for that takes care of that automatically.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The soname of libtspi.so is "libtspi.so.1" and therefore apps
linked against that library depend on the libtspi.so.1 symlink
to find the library.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
fix signed build issues
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
fix several build issues
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
convert to git and remove incorperated patches
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
remove incorperated patches.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Backport patches to fix compilation.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*Changes*
Bug #1861: Suricata with multi tenancy does not start in 3.1/3.1.1
Bug #1889: Suricata doesn't error on missing semicolon
Bug #1910: libhtp 0.5.23 (3.1.x)
Bug #1912: http.memcap reached condition can lead to dead lock
Bug #1913: af-packet fanout detection broken on Debian Jessie
Bug #1933: unix-command socket created with last character missing (3.1.x)
Bug #1934: make install-full does not install tls-events.rules (3.1.x)
Bug #1941: Can't set fast_pattern on tls_sni content (3.1.x)
Bug #1942: dns - back to back requests results in loss of response (3.1.x)
Bug #1943: Check redis reply in non pipeline mode (3.1.x)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Changes:
- New option 'SetAuditdFlags = r|w|x|a' to (re-)define the flags supplied
to auditd.
- New option 'PortCheckDevice = device' for the port check module, to monitor
a device regardless of the address assigned to it.
- Fix for the case sensitivity of the arguments to the Severity/Class options.
- Compiler warnings with gcc 6.2 and a few minor bugs have been fixed.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
LIC_FILES_CHKSUM change do to yr going from 2015 to 2016 in file.
Added "no update" config option.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
V2:
Fix typo and add LDFLAG to makefile
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
v2:
rebased against master-next which has 3.1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
latest version does not build either
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
add a few distro feature checks.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
.8/src/tpm_mgmt/tpm_present.c
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c: In function 'main':
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:358:5: error: this 'if' clause does not guard... [-Werror=misleading-indentation]
| if (szTpmPasswd && !isWellKnown)
| ^~
| ../../../tpm-tools-1.3.8/src/tpm_mgmt/tpm_present.c:360:2: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if'
| return iRc;
| ^~~~~~
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
V2:
Change ${S} and add OECMAKE_SOURCEPATH
use ${S} instead of ${WORKDIR} in sed cmd
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
V2:
remove CACHED_CONFIGUREVARS, not needed after all
fix typo in selinux option
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
V2:
- use SRCPV
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
V2:
- drop 1.0 from PV
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
