linux/meta-security.git/meta-integrity/recipes-security, branch master-nextMirror of git.yoctoproject.org/meta-security.githttps://git.enea.com/cgit/linux/meta-security.git/atom?h=master-next2025-11-13T20:03:36+00:00ima-evm-utils: remove unnecessary FILESEXTRAPATHS tweak2025-11-13T20:03:36+00:00Scott Murrayscott.murray@konsulko.com2025-11-13T20:03:36+00:00urn:sha1:5770a76fc0d78a645ab254979986f572fd18b3ec
It was pointed out that the recipe was wrongly doing
FILESEXTRAPATHS:append, but on inspection the recipe does
not need it at all, so just remove.
Reported-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
ima-policy: Fix S=UNPACKDIR2024-08-01T01:10:13+00:00Armin Kusterakuster808@gmail.com2024-07-29T23:59:28+00:00urn:sha1:03c0e8e03a6ff5633be47e0e2fb8c5021e6f5c96
Drop BP , these are files not src bundle
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-simple: set S2024-08-01T01:10:13+00:00Mikko Rapelimikko.rapeli@linaro.org2024-07-25T09:01:30+00:00urn:sha1:5a7efe2ed8584777ceaea862d7268ba08955a074
Build with latest poky fails without it
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-appraise-all: set S2024-08-01T01:10:13+00:00Mikko Rapelimikko.rapeli@linaro.org2024-07-25T09:01:29+00:00urn:sha1:7fd6a97183056d3f5eacc6a74fdd835359e4f9de
Build with latest poky requires it
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-hashed: set S2024-08-01T01:10:13+00:00Mikko Rapelimikko.rapeli@linaro.org2024-07-25T09:01:28+00:00urn:sha1:bcbe3fd60aa5b1d7d711b24b6ea72b5eee15a637
Build with latest poky fails without
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-simple: UNPACKDIR fix2024-08-01T01:10:13+00:00Mikko Rapelimikko.rapeli@linaro.org2024-07-25T09:01:20+00:00urn:sha1:139d3e64876383f637fc09e21f5b16d9669d8373
New poky uses UNPACKDIR instead of WORKDIR
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-appraise-all: UNPACKDIR fix2024-08-01T01:10:13+00:00Mikko Rapelimikko.rapeli@linaro.org2024-07-25T09:01:19+00:00urn:sha1:0edcbd0b82e7ba546ad00435590c225b98c30cb9
New poky uses UNPACKDIR instead of WORKDIR
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-policy-hashed: Start WORKDIR -> UNPACKDIR transition2024-06-17T12:29:08+00:00Wang Mingyuwangmy@fujitsu.com2024-06-14T18:25:05+00:00urn:sha1:cc775387a1a5fd5057f322c72bb818967627cd45
Replace references of WORKDIR with UNPACKDIR where it makes sense to do so in preparation for changing the default value of UNPACKDIR.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
*.patch: add Upstream-Status to all patches2023-06-25T19:05:28+00:00Martin JansaMartin.Jansa@gmail.com2023-06-21T10:42:15+00:00urn:sha1:ea97a23986d26f9d2b96c157964fdfdf5079ec6c
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).
This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.
This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now terrible:
0 (0%) meta-parsec
N/A (0%) meta-hardening
1 (100%) meta-integrity
15 (68%) meta-tpm
27 (61%) meta-security
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ima-evm-utils: Update ima-evm-utils to v1.5 and add a patch2023-05-06T11:54:09+00:00Stefan Bergerstefanb@linux.ibm.com2023-04-28T12:23:16+00:00urn:sha1:9de807705b27b05bbf84e9f16502fe6cdaa8928f
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>