Commit graph

8 commits

Author SHA1 Message Date
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
c884697acc tboot: disable stackprotector/pic hardening 2016-02-24 17:01:37 +00:00
Bjørn Forsman
c9baba9212 Fix many package descriptions
(My OCD kicked in today...)

Remove repeated package names, capitalize first word, remove trailing
periods and move overlong descriptions to longDescription.

I also simplified some descriptions as well, when they were particularly
long or technical, often based on Arch Linux' package descriptions.

I've tried to stay away from generated expressions (and I think I
succeeded).

Some specifics worth mentioning:
 * cron, has "Vixie Cron" in its description. The "Vixie" part is not
   mentioned anywhere else. I kept it in a parenthesis at the end of the
   description.

 * ctags description started with "Exuberant Ctags ...", and the
   "exuberant" part is not mentioned elsewhere. Kept it in a parenthesis
   at the end of description.

 * nix has the description "The Nix Deployment System". Since that
   doesn't really say much what it is/does (especially after removing
   the package name!), I changed that to "Powerful package manager that
   makes package management reliable and reproducible" (borrowed from
   nixos.org).

 * Tons of "GNU Foo, Foo is a [the important bits]" descriptions
   is changed to just [the important bits]. If the package name doesn't
   contain GNU I don't think it's needed to say it in the description
   either.
2014-08-24 22:31:37 +02:00
Alexander Kjeldaas
29a79bb0d5 tboot: security update to 1.8.2 (close #3562)
This includes a vulnerability fix for:
TBOOT Argument Measurement Vulnerability for GRUB2 + ELF Kernels

@vcunat: enable i686 again.
2014-08-14 14:23:44 +02:00
Vladimír Čunát
f5d6c9f252 tboot: restrict to one platform 2014-08-13 09:52:34 +02:00
Vladimír Čunát
abd361173a PR fixups: use mirror://, drop unused params, etc.
Note: hash of trousers tarball didn't match (anymore),
so I updated it to the one from sourceforge.
It's probably some safe and tiny retrospective update.
2014-08-12 19:42:23 +02:00
Alexander Kjeldaas
722455c16f Added meta information and maintainer for trusted computing pkgs. 2014-04-22 14:05:10 +02:00
Alexander Kjeldaas
dbe8d7ad03 Added trousers, tpm-tools, and tboot.
Added lcp_writepol -Z option.
2014-04-22 13:24:44 +02:00