| Age | Commit message (Collapse) | Author |
|---|
|
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.
Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
https://nvd.nist.gov/vuln/detail/CVE-2017-16544
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Radovan Scasny <radovan.scasny@siemens.com>
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- fixed link creation to shell
- reported bug with suid shells [https://bugs.busybox.net/show_bug.cgi?id=10346]
- removed and modified already merged patches
- updated defconfig regarding to new version
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Radovan Scasny <radovan.scasny@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
There is an issue for requesting dynamic IP with ifup/ifdown command
when using dhclient.
Steps to reproduce:
1. Build a full-cmdline image and install dhcp-client as the default DHCP client.
2. Configure a static IP for eth0 in /etc/networking/interfaces and reboot.
$ ifconfig eth0
eth0 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
$ ifdown eth0
3. Modify /etc/networking/interfaces to configure a dynamic IP for eth0
$ ifup eth0
$ ifconfig eth0
eth0 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
You could see the eth0 still has a static IP. But actually it also has a
dynamic IP:
$ ip addr show eth0
eth0:
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
inet 128.224.162.173/23 brd 128.224.163.255 scope global eth0
The root cause is the ifdown invokes "ifconfig" to down the eth0 but
doesn't remove its IP. The dhclient would invoke "ip" to configure the
interface. It can not remove an IP from down interface with "ip addr
flush" and "ip addr add" command can set multiple IPs on one interface.
To fix this issue, we should use the "ip" command to implement
ifup/ifdown, rather than using the older "ifconfig". It will flush the
IP before down the interface.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is needed for avahi-autoipd, which attempts to
create a link-scope route as part of its work.
Without iproute scope support in busybox, the route is
not created due to an error message, and hence we
aren't accessible by, and can't access ourselves,
IP addresses outside the link-local scope
(169.254.0.0/16) unless we also have a proper
non link-local IP address, which somehow defeats the
purpose of zeroconf.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Stephane Ayotte <sayotte@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
A following linking error was observed:
| ==========
| archival/lib.a(tar.o): In function `tar_main':
| archival/tar.c:1168: undefined reference to `unpack_Z_stream'
| archival/tar.c:1168: undefined reference to `unpack_Z_stream'
| ld: busybox_unstripped: hidden symbol `unpack_Z_stream' isn't defined
| ld: final link failed: Bad value
this happened with clang compiler, with the following configs:
| CONFIG_TAR=y
| # CONFIG_FEATURE_SEAMLESS_Z is not set
which can be fixed by adding IF_FEATURE_* checks in.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Some distros might choose another syslogd provider like rsyslogd.
update-alternative will update the link from syslogd to the right
provider. However the syslogd feature is still present and enabled
in busybox.
This commit adds a new configuration fragment to make syslogd
optionnal in busybox.
Signed-off-by: Romain Perier <romain.perier@collabora.com>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
It is common for *ash shells to have 'command' available as a built-in
function. POSIX 2008 also documents the availability of this command.
Additionally the /etc/profile of base-files requires this command to be
available as of commit e77cdb7611 ("base-files: profile: Do not assume
that the tty command exists"). If it is not available the following
message is output during login on a image using busybox.
-sh: command: not found
It however should be noted that tcsh and csh do not provide 'command'
(built-in or otherwise).
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Martin Balik <martin.balik@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ntpd: NTP server denial of service flaw
CVE: CVE-2016-6301
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upstream accepted the flock fix with some improvements. Backport those
changes.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
There is no break in busybox's "defconfig" file to show where Runit
settings suddenly morph into SELinux settings, so add some comments.
(From OE-Core rev: 0fa590ed6c26aa065a9da8edbf65436fa1f6d04f)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These changes are required for compatibility with ConnMan, which by default
uses table ids greater than 255.
Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fractional durations (e.g. 0.5s) for the sleep command are useful and
not terribly uncommon in practice, especially in scripts associated
with test cases (e.g. mdadm, lttng-tools). Enable FEATURE_FLOAT_SLEEP
by default in order to avoid having to patch every instance of a
script using a fractional sleep.
The busybox binary gains a few hundred bytes in text (armv5e shown):
$ size -x busybox.nosuid.{before,after}
text data bss dec hex filename
0x89382 0x71d 0x2250 572655 8bcef busybox.nosuid.before
0x8954e 0x721 0x2250 573119 8bebf busybox.nosuid.after
Signed-off-by: Nathan Lynch <nathan_lynch@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When building busybox, an occasional error was observed.
The error is consistently the same:
libbb/appletlib.c:164:13: error: 'NUM_APPLETS' undeclared (first use in this function)
while (i < NUM_APPLETS) {
The reason is the include file where NUM_APPLETS is defined is not yet generated (or is being modified)
at the time libbb/appletlib.c is compiled.
The attached patchset fixes the problem by assuring libb is compiled as the last directory.
[YOCTO#10116]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is a busybox upstream known bug. When the busybox sed sub-command 'n'
hit the files EOF, it print an extra character that have been printed, but
the GNU sed would not print it.
In busybox source code ../editors/sed.c
------------------------------------------------------------------------
case 'n':
if (!G.be_quiet)
sed_puts(pattern_space, last_gets_char);
if (next_line) {
free(pattern_space);
pattern_space = next_line;
last_gets_char = next_gets_char;
next_line = get_next_line(&next_gets_char, &last_puts_char, last_gets_char);
substituted = 0;
linenum++;
break;
}
/* fall through */
/* Quit. End of script, end of input. */
case 'q':
/* Exit the outer while loop */
free(next_line);
next_line = NULL;
goto discard_commands;
------------------------------------------------------------------------
when read at the end of the file, the 'next_line' is null, it would go
"case 'q'" and goto discard_commands, the discard_commands would print
the old pattern space which have been printed.
So in order to comply with GNU sed, in case 'n', when the next_line is null
I add "else" at the end of the second "if": "goto again;" and send it to
the busybox upstream, the busybox maintainer adopt it and make a little
changes to the patch, we can see it at:
His reply:
http://lists.busybox.net/pipermail/busybox/2016-September/084613.html
The new patch on busybox master branch:
https://git.busybox.net/busybox/commit/?id=76d72376e0244a5cafd4880cdc623e37d86a75e4
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We're seeing regular parallel make failures in applet headers in busybox.
This adds a patch to try and avoid the issue, building upon a fix already
backported from upstream. The patch has been sent to upstream.
[YOCTO #10116]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This at least partially addresses one of the build races we've seen
on the autobuilder in busybox. Its a straightforward backport from
upstream.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As it's not 1978 anymore, nobody is using ar for anything apart from static
archives. If people are using static archives, then binutils provides a far
more capable ar.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
busybox <= 1.24.2
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
busybox <= 1.24.2
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In "util-linux" implementation of flock, -c 'PROG ARGS' means run
"sh -c 'PROG ARGS'". At present, busybox implementation doesn't follow it.
That causes errors like the one listed below:
smart install /media/cronie-1.5.0-r0.core2_64.rpm
Updating cache...
<snip>
Output from cronie-1.5.0-r0@core2_64:
Running groupadd commands...
NOTE: cronie: Performing groupadd with [ --system crontab]
ERROR: cronie: groupadd command did not succeed.
error: %pre(cronie-1.5.0-r0.core2_64) scriptlet failed, exit status 1
error: install: %pre scriptlet failed (2), skipping
cronie-1.5.0-r0.core2_64
This is because we use flock command in preinstall scripts in packages
which create new groups/users.
[YOCTO #9496]
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This was added to help clang compile busybox but since then
the option has been added to llvm and now we have upgraded clang
to 3.8 which has this option available
Fix git recipe to build with mdev feature and update to tip when here
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Removed following patches
a) busybox-appletlib-dependency.patch
- Kbuild rules handles that dependency
b) get_header_tar.patch
- tar applet uses a different code path to handle that scenario now.
2. Updated the upstream-status of fail_on_no_media.patch as Denied.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
https://git.busybox.net/busybox/commit/?h=1_24_stable&id=be729c1d3b5c923f10871dd68ea94156d0f8c803
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
in config metadata we can configure busybox based init and device
initializer ( mdev ) using e.g.
VIRTUAL-RUNTIME_dev_manager = "busybox-mdev"
VIRTUAL-RUNTIME_login_manager = "busybox"
VIRTUAL-RUNTIME_init_manager = "busybox"
VIRTUAL-RUNTIME_initscripts = "initscripts"
VIRTUAL-RUNTIME_keymaps = "keymaps"
DISTRO_FEATURES_BACKFILL_CONSIDERED += "sysvinit"
busybox can be used to provide init system
combined with mdev it makes it a complete init
system for really tiny systems.
This patch uses above defines to configure features in busybox to enable
the init system and mdev in a configurable manner
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Default config is enabling additional features that dont compile with
musl so lets disable them for musl case
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
http://git.busybox.net/busybox/commit/?h=1_24_stable&id=6767af17f11144c7cd3cfe9ef799d7f89a78fe65
http://git.busybox.net/busybox/commit/?h=1_24_stable&id=092fabcf1df5d46cd22be4ffcd3b871f6180eb9c
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The /etc/profile script contains a call to resize, which improves
the usability of shells run on the serial console.
http://git.openembedded.org/openembedded-core/commit/?id=cc6360f4c4d97e0000f9d3545f381224ee99ce7d
Unfortunately the resize applet is not currently enabled in busybox
defconfig, so resize is never called. Fix that.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The busybox CONFIG_FEATURE_MOUNT_NFS config option is described as:
Enable mounting of NFS file systems on Linux kernels prior
to version 2.6.23. Note that in this case mounting of NFS
over IPv6 will not be possible.
Since OE-core sets OLDEST_KERNEL = "2.6.32", CONFIG_FEATURE_MOUNT_NFS
is not required in the default busybox defconfig.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The busybox defconfig has also been refreshed, with all new apps
and features disabled by default. Update _git recipe version too.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
No functional changes, simply re-order lines in defconfig so that
the existing options don't move elsewhere in the file when run
though busybox 1.24.1 'make oldconfig'.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch was on mailing list, another patch to make sure -r is not
passed directly but via -Wl switch is added.
This was exposed when using clang and gold linker, clang does not have
-r switch to do relocatable objects and problem happens specific to OE
becuase we use LD = CC
now what happens is that busybox assumes that linker will be called
directly, and hence sprinkles linkers options in its kbuild system which
aggregate into LDFLAGS, some of these options are happily ignored by gcc
as well but it passes -r options rightly to linker so it all works,
however when using clang, this falls apart since -r is not known option
for clang so it drops this option and all obects which should be
partially linked becomes ET_EXEC and when they are added to final link
then gold starts to get confused
/mnt/home/kraj/work/angstrom/build/tmp-angstrom-glibc/sysroots/x86_64-linux/usr/bin/arm-angstrom-linux-gnueabi/arm-angstrom-linux-gnueabi-ld:
error: applets/built-in.o: unsupported ELF file type 2
clang-3.7: error: linker command failed with exit code 1 (use -v to see invocation)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This makes busybox honor UTMPX feature if available in a libc
[YOCTO #8243]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fix a variety of problems such as typos, bad punctuations, or incorrect
Upstream-Status values.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
getopts is a common applet more so now needed by systemd for working
with sysv scripts
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Also move the mount via label (and mount via UUID) support into its
own config fragment and disable volume ID support for less common
filesystem formats exFAT and NILFS.
Following this commit, mount via label is supported for btrfs, ext, f2fs,
fat and squashfs.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The fatattr applet (to display or change file attributes on a fat file
system) doesn't seem to be core functionality, so disable by default.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The sha1sum, sha256sum and sha512sum applets have not historically
been enabled by default, so don't enable sha3sum either.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The current oe-core busybox defconfig dates back to busybox v1.20.2,
so configure options introduced in busybox v1.21.x, v1.22.x and
v1.23.x take on default values when the oe-core defconfig is run
through 'make oldconfig'.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
No functional changes, simply re-order lines in defconfig so that
the existing options don't move elsewhere in the file when run
though busybox 1.23.2 'make oldconfig'.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CONFIG_FEATURE_VI_OPTIMIZE_CURSOR is obsolete and removed
from busybox v1.21.0 onwards:
http://git.busybox.net/busybox/commit/?id=04b52892ed5d9d8a4cf5d887c221a8b50c71274e
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enabled MOUNT_LABEL and VOLUMEID* features for busybox
mount to understand 'UUID=' syntax in fstab.
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
|
|
Only when DESKTOP is enabled, chown has -L, -H and -P options.
Backport a commit from upstream to fix it:
http://git.busybox.net/busybox/commit/?id=d291c2fdd5cb8616605c67ecbfb04274fa094242.
Signed-off-by: Junling Zheng <zhengjunling@huawei.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch backports a commit from upstream to fix a potential double
free error when executing ifconfig circularly:
http://git.busybox.net/busybox/commit/?id=a97777889328157bb7d06ec618bad16712a9c345.
Thanks to Chen Gang for reporting and analyzing this bug.
Signed-off-by: Junling Zheng <zhengjunling@huawei.com>
Signed-off-by: Chen Gang <cg.chen@huawei.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The CVE-2014-9645 fix was merged in Busybox prior to the 1.23.0
release [1]. The fix was then reworked in Busybox 1.23.1, in such
a way that the original change was no longer required [2].
Although oe-core's CVE-2014-9645 patch still applies cleanly to
Busybox 1.23.1 and 1.23.2, applying it partially reverts the second
version of the upstream fix.
[1] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=4e314faa0aecb66717418e9a47a4451aec59262b
[2] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=1ecfe811fe2f70380170ef7d820e8150054e88ca
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Zhixiong Chi
Andrej Valek
Yi Zhao
André Draszik
Ming Liu
Romain Perier
Andre McCurdy
Nathan Rossi
Martin Balik
Maxin B. John
Robert P. J. Day
Lukasz Nowak
Nathan Lynch
Juro Bystricky
Dengke Du
Richard Purdie
Ross Burton
Armin Kuster
Khem Raj
Ed Bartosh
Junling Zheng