From 5ae3536204ba3764b03647ab75169ee65ca43531 Mon Sep 17 00:00:00 2001 From: Michael Opdenacker Date: Sun, 17 Aug 2025 19:33:22 +0000 Subject: [PATCH] kernel-hardening-checker: upgrade to 0.6.10.2 Major upstream changes (not a minor release update in terms of features): - RISCV support - New "-a" option: autodetect and check the security hardening options of the running kernel You can now just run "kernel-hardening-checker -a" - Require Python 3.9 - Replace setup.py by pyproject.toml - Many fixes and new features Signed-off-by: Michael Opdenacker Signed-off-by: Khem Raj --- ...cker_0.6.10.bb => kernel-hardening-checker_0.6.10.2.bb} | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) rename meta-oe/recipes-security/kernel-hardening-checker/{kernel-hardening-checker_0.6.10.bb => kernel-hardening-checker_0.6.10.2.bb} (91%) diff --git a/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.bb b/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb similarity index 91% rename from meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.bb rename to meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb index e7610ac785..559a15a009 100644 --- a/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.bb +++ b/meta-oe/recipes-security/kernel-hardening-checker/kernel-hardening-checker_0.6.10.2.bb @@ -13,13 +13,14 @@ LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504" SRC_URI = "git://github.com/a13xp0p0v/kernel-hardening-checker;protocol=https;branch=master" -SRCREV = "f4dbe258ff3d37489962ea9cf210192ae7ff9280" - +SRCREV = "0ebece346f187e7d3589883cc1d194fcd1c3cda8" PACKAGE_ARCH = "${MACHINE_ARCH}" RDEPENDS:${PN} = "\ python3-json \ + python3-misc \ + bash \ " # /boot/config is required for the analysis @@ -27,7 +28,7 @@ RRECOMMENDS:${PN}:class-target = "\ kernel-dev \ " -inherit setuptools3 +inherit python_setuptools_build_meta # allow to run on build host, if you don't want it in the image # oe-run-native kernel-hardening-checker-native kernel-hardening-checker ...