aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-kernel
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-kernel')
-rw-r--r--recipes-kernel/linux/files/lkrg.cfg4
-rw-r--r--recipes-kernel/linux/files/lkrg.scc5
-rw-r--r--recipes-kernel/linux/linux-%_5.%.bbappend4
-rw-r--r--recipes-kernel/linux/linux-yocto-dev.bbappend2
-rw-r--r--recipes-kernel/linux/linux-yocto-rt_%.bbappend1
-rw-r--r--recipes-kernel/linux/linux-yocto_%.bbappend1
-rw-r--r--recipes-kernel/linux/linux-yocto_5.%.bbappend2
-rw-r--r--recipes-kernel/linux/linux-yocto_security.inc6
-rw-r--r--recipes-kernel/lkrg/lkrg-module_0.9.7.bb38
9 files changed, 55 insertions, 8 deletions
diff --git a/recipes-kernel/linux/files/lkrg.cfg b/recipes-kernel/linux/files/lkrg.cfg
new file mode 100644
index 0000000..e02bf76
--- /dev/null
+++ b/recipes-kernel/linux/files/lkrg.cfg
@@ -0,0 +1,4 @@
+CONFIG_DEBUG_KERNEL=y
+CONFIG_KALLSYMS_ALL=y
+CONFIG_JUMP_LABEL=y
+CONFIG_DEBUG_SECTION_MISMATCH=y
diff --git a/recipes-kernel/linux/files/lkrg.scc b/recipes-kernel/linux/files/lkrg.scc
new file mode 100644
index 0000000..83397f8
--- /dev/null
+++ b/recipes-kernel/linux/files/lkrg.scc
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable Support for LKRG"
+define KFEATURE_COMPATIBILITY board
+
+kconf hardware lkrg.cfg
diff --git a/recipes-kernel/linux/linux-%_5.%.bbappend b/recipes-kernel/linux/linux-%_5.%.bbappend
deleted file mode 100644
index 76b5df5..0000000
--- a/recipes-kernel/linux/linux-%_5.%.bbappend
+++ /dev/null
@@ -1,4 +0,0 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "yama", " features/yama/yama.scc", "" ,d)}"
-
diff --git a/recipes-kernel/linux/linux-yocto-dev.bbappend b/recipes-kernel/linux/linux-yocto-dev.bbappend
deleted file mode 100644
index 39d4e6f..0000000
--- a/recipes-kernel/linux/linux-yocto-dev.bbappend
+++ /dev/null
@@ -1,2 +0,0 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
diff --git a/recipes-kernel/linux/linux-yocto-rt_%.bbappend b/recipes-kernel/linux/linux-yocto-rt_%.bbappend
new file mode 100644
index 0000000..79dfeac
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto-rt_%.bbappend
@@ -0,0 +1 @@
+require ${@bb.utils.contains('DISTRO_FEATURES', 'security', 'linux-yocto_security.inc', '', d)}
diff --git a/recipes-kernel/linux/linux-yocto_%.bbappend b/recipes-kernel/linux/linux-yocto_%.bbappend
new file mode 100644
index 0000000..1d9054f
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto_%.bbappend
@@ -0,0 +1 @@
+require ${@bb.utils.contains('DISTRO_FEATURES', 'security', '${BPN}_security.inc', '', d)}
diff --git a/recipes-kernel/linux/linux-yocto_5.%.bbappend b/recipes-kernel/linux/linux-yocto_5.%.bbappend
deleted file mode 100644
index 39d4e6f..0000000
--- a/recipes-kernel/linux/linux-yocto_5.%.bbappend
+++ /dev/null
@@ -1,2 +0,0 @@
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
-KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
diff --git a/recipes-kernel/linux/linux-yocto_security.inc b/recipes-kernel/linux/linux-yocto_security.inc
new file mode 100644
index 0000000..b79af80
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto_security.inc
@@ -0,0 +1,6 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
+
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
+KERNEL_FEATURES:append = " ${@bb.utils.contains("IMAGE_CLASSES", "dm-verity-img", " features/device-mapper/dm-verity.scc", "" ,d)}"
+SRC_URI += " ${@bb.utils.contains("DISTRO_FEATURES", "lkrg", "file://lkrg.scc", "" ,d)}"
diff --git a/recipes-kernel/lkrg/lkrg-module_0.9.7.bb b/recipes-kernel/lkrg/lkrg-module_0.9.7.bb
new file mode 100644
index 0000000..020c3a1
--- /dev/null
+++ b/recipes-kernel/lkrg/lkrg-module_0.9.7.bb
@@ -0,0 +1,38 @@
+SUMMARY = "Linux Kernel Runtime Guard"
+DESCRIPTION="LKRG performs runtime integrity checking of the Linux \
+kernel and detection of security vulnerability exploits against the kernel."
+SECTION = "security"
+HOMEPAGE = "https://www.openwall.com/lkrg/"
+LICENSE = "GPL-2.0-only"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=57534ed9f03a5810945cd9be4a81db41"
+
+DEPENDS = "virtual/kernel elfutils"
+
+SRC_URI = "git://github.com/lkrg-org/lkrg.git;protocol=https;branch=main"
+
+SRCREV = "5dc5cfea1f4dc8febdd5274d99e277c17df06acc"
+
+S = "${WORKDIR}/git"
+
+inherit module kernel-module-split
+
+MAKE_TARGETS = "modules"
+
+MODULE_NAME = "lkrg"
+
+do_configure:append () {
+ sed -i -e 's/^all/modules/' ${S}/Makefile
+ sed -i -e 's/^install/modules_install/' ${S}/Makefile
+ sed -i -e 's/KERNEL/KERNEL_SRC/g' ${S}/Makefile
+}
+
+module_do_install() {
+ install -d ${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel/${MODULE_NAME}
+ install -m 0644 ${MODULE_NAME}.ko \
+ ${D}${nonarch_base_libdir}/modules/${KERNEL_VERSION}/kernel/${MODULE_NAME}/${MODULE_NAME}.ko
+}
+
+RPROVIDES:${PN} += "kernel-module-lkrg"
+
+COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-19 23:09:46 +0000