<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git/meta-integrity, branch mickledore</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=mickledore</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=mickledore'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2023-03-26T20:02:07+00:00</updated>
<entry>
<title>ima-evm-utils: disable documentation from build</title>
<updated>2023-03-26T20:02:07+00:00</updated>
<author>
<name>Mikko Rapeli</name>
<email>mikko.rapeli@linaro.org</email>
</author>
<published>2023-03-21T06:34:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d50e7d70d9eb922774f8374083b99d691bf77e7e'/>
<id>urn:sha1:d50e7d70d9eb922774f8374083b99d691bf77e7e</id>
<content type='text'>
Building documentation fails due to missing asciidoc, xsltproc etc
so it's better to just disable building them by default.

Signed-off-by: Mikko Rapeli &lt;mikko.rapeli@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>layer.conf: update LAYERSERIES_COMPAT for mickledore</title>
<updated>2023-01-04T15:32:16+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>martin.jansa@gmail.com</email>
</author>
<published>2023-01-03T16:36:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=1550c126ce8bad2dfd91cdc1eea7c295ac7891bb'/>
<id>urn:sha1:1550c126ce8bad2dfd91cdc1eea7c295ac7891bb</id>
<content type='text'>
* oe-core switched to mickedore in:
  https://git.openembedded.org/openembedded-core/commit/?id=57239d66b933c4313cf331d35d13ec2d0661c38f

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-integrity: kernel-modsign: prevents splitting out debug symbols</title>
<updated>2022-07-05T23:26:50+00:00</updated>
<author>
<name>Jose Quaresma</name>
<email>quaresma.jose@gmail.com</email>
</author>
<published>2022-06-27T12:02:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=c1c80cf0c0f26215fb252242f0d70f8870916734'/>
<id>urn:sha1:c1c80cf0c0f26215fb252242f0d70f8870916734</id>
<content type='text'>
Starting with [1] kernel modules symbols is being slipped in OE-core
and this breaks the kernel modules sign, so disable it.

[1] https://git.openembedded.org/openembedded-core/commit/?id=e09a8fa931fe617afc05bd5e00dca5dd3fe386e8

Signed-off-by: Jose Quaresma &lt;jose.quaresma@foundries.io&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>layer.conf: Post release codename changes</title>
<updated>2022-06-07T23:58:24+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2022-06-02T15:49:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=5c215dd6793535c1382a02b3798789ef9956a6bc'/>
<id>urn:sha1:5c215dd6793535c1382a02b3798789ef9956a6bc</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ima-evm-utils: Update to 1.4</title>
<updated>2022-05-23T14:11:55+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2022-05-18T16:57:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=8e59bd9e0a5a7f5f4da00d924711e3d834d12b4e'/>
<id>urn:sha1:8e59bd9e0a5a7f5f4da00d924711e3d834d12b4e</id>
<content type='text'>
Switch from git to https in SRC_URI
Drop patches not upstreamed.

Passes OEQA:
RESULTS - ima.IMACheck.test_ima_enabled: PASSED (1.05s)
RESULTS - ima.IMACheck.test_ima_hash: PASSED (6.13s)
RESULTS - ima.IMACheck.test_ima_overwrite: PASSED (131.31s)
RESULTS - ima.IMACheck.test_ima_signature: PASSED (69.03s)

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>ima-evm-keys: don't use lnr</title>
<updated>2022-03-12T05:08:22+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2022-03-06T19:33:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=ddb27e71d8fa60cb5270b5196534e88fa79896c2'/>
<id>urn:sha1:ddb27e71d8fa60cb5270b5196534e88fa79896c2</id>
<content type='text'>
lnr is a script in oe-core that creates relative symlinks, with the same
behaviour as `ln --relative --symlink`.  It was added back in 2014[1] as
not all of the supported host distributions at the time shipped
coreutils 8.16, the first release with --relative.

However the oldest coreutils release in the supported distributions is
now 8.22 in CentOS 7, so lnr can be deprecated and users switched to ln.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>layer.conf: Update to use kirkstone</title>
<updated>2022-02-21T03:39:36+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2022-02-19T22:02:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=30a4227e3c5b47005dedb3f89299d933557b9209'/>
<id>urn:sha1:30a4227e3c5b47005dedb3f89299d933557b9209</id>
<content type='text'>
Update the layers to use the kirkstone namespace. No compatibility is made
for honister due to the variable renaming.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-integrity: drop strongswan bbappends</title>
<updated>2021-12-27T19:47:51+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2021-12-27T16:35:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d6f8b795a81f417cb4f64facb0990d26819abbdb'/>
<id>urn:sha1:d6f8b795a81f417cb4f64facb0990d26819abbdb</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>meta-integrity: kernel-modsign: Change weak default value</title>
<updated>2021-08-27T04:43:35+00:00</updated>
<author>
<name>Daiane Angolini</name>
<email>daiane.angolini@foundries.io</email>
</author>
<published>2021-08-26T17:14:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=ab90741aa2de75bf8afc4ce99a4f8f412781024a'/>
<id>urn:sha1:ab90741aa2de75bf8afc4ce99a4f8f412781024a</id>
<content type='text'>
Assign a weak default value for MODSIGN_KEY_DIR so the other layers can
set a default value for them as well.

Signed-off-by: Daiane Angolini &lt;daiane.angolini@foundries.io&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>layer.conf: Update to honister</title>
<updated>2021-08-01T15:47:08+00:00</updated>
<author>
<name>Martin Jansa</name>
<email>Martin.Jansa@gmail.com</email>
</author>
<published>2021-07-30T09:25:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=68be8afc6b3e0e354344237aed4ccb749ff45973'/>
<id>urn:sha1:68be8afc6b3e0e354344237aed4ccb749ff45973</id>
<content type='text'>
This marks the layers as compatible with honister now they use the new override
syntax.

Signed-off-by: Martin Jansa &lt;Martin.Jansa@gmail.com&gt;
</content>
</entry>
</feed>
