diff options
Diffstat (limited to 'meta/recipes-core/busybox')
29 files changed, 1152 insertions, 571 deletions
diff --git a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb b/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb deleted file mode 100644 index 3804f4f7b2..0000000000 --- a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb +++ /dev/null @@ -1,85 +0,0 @@ -SUMMARY = "inittab configuration for BusyBox" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" - -SRC_URI = "file://inittab" - -S = "${WORKDIR}" - -INHIBIT_DEFAULT_DEPS = "1" - -do_compile() { - : -} - -do_install() { - install -d ${D}${sysconfdir} - install -D -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab - tmp="${SERIAL_CONSOLES}" - [ -n "$tmp" ] && echo >> ${D}${sysconfdir}/inittab - for i in $tmp - do - j=`echo ${i} | sed s/\;/\ /g` - id=`echo ${i} | sed -e 's/^.*;//' -e 's/;.*//'` - echo "$id::respawn:${base_sbindir}/getty ${j}" >> ${D}${sysconfdir}/inittab - done - if [ "${USE_VT}" = "1" ]; then - cat <<EOF >>${D}${sysconfdir}/inittab -# ${base_sbindir}/getty invocations for the runlevels. -# -# The "id" field MUST be the same as the last -# characters of the device (after "tty"). -# -# Format: -# <id>:<runlevels>:<action>:<process> -# - -EOF - - for n in ${SYSVINIT_ENABLED_GETTYS} - do - echo "tty$n:12345:respawn:${base_sbindir}/getty 38400 tty$n" >> ${D}${sysconfdir}/inittab - done - echo "" >> ${D}${sysconfdir}/inittab - fi - -} - -pkg_postinst_${PN} () { -# run this on host and on target -if [ "${SERIAL_CONSOLES_CHECK}" = "" ]; then - exit 0 -fi -} - -pkg_postinst_ontarget_${PN} () { -# run this on the target -if [ -e /proc/consoles ]; then - tmp="${SERIAL_CONSOLES_CHECK}" - for i in $tmp - do - j=`echo ${i} | sed -e s/^.*\;//g -e s/\:.*//g` - k=`echo ${i} | sed s/^.*\://g` - if [ -z "`grep ${j} /proc/consoles`" ]; then - if [ -z "${k}" ] || [ -z "`grep ${k} /proc/consoles`" ] || [ ! -e /dev/${j} ]; then - sed -i -e /^.*${j}\ /d -e /^.*${j}$/d /etc/inittab - fi - fi - done - kill -HUP 1 -else - exit 1 -fi -} - -# SERIAL_CONSOLES is generally defined by the MACHINE .conf. -# Set PACKAGE_ARCH appropriately. -PACKAGE_ARCH = "${MACHINE_ARCH}" - -FILES_${PN} = "${sysconfdir}/inittab" -CONFFILES_${PN} = "${sysconfdir}/inittab" - -RCONFLICTS_${PN} = "sysvinit-inittab" - -USE_VT ?= "1" -SYSVINIT_ENABLED_GETTYS ?= "1" diff --git a/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb b/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb new file mode 100644 index 0000000000..4ffc44c808 --- /dev/null +++ b/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb @@ -0,0 +1,64 @@ +SUMMARY = "inittab configuration for BusyBox" +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6" + +SRC_URI = "file://inittab" + +S = "${WORKDIR}/sources" +UNPACKDIR = "${S}" + +INHIBIT_DEFAULT_DEPS = "1" + +do_compile() { + : +} + +do_install() { + install -d ${D}${sysconfdir} + install -D -m 0644 ${S}/inittab ${D}${sysconfdir}/inittab + + CONSOLES="${SERIAL_CONSOLES}" + for s in $CONSOLES + do + speed=$(echo $s | cut -d\; -f 1) + device=$(echo $s | cut -d\; -f 2) + label=$(echo $device | sed -e 's/tty//' | tail --bytes=5) + + echo "$device::respawn:${sbindir}/ttyrun $device ${base_sbindir}/getty $speed $device" >> ${D}${sysconfdir}/inittab + done + + if [ "${USE_VT}" = "1" ]; then + cat <<EOF >>${D}${sysconfdir}/inittab +# ${base_sbindir}/getty invocations for the runlevels. +# +# The "id" field MUST be the same as the last +# characters of the device (after "tty"). +# +# Format: +# <id>:<runlevels>:<action>:<process> +# + +EOF + + for n in ${SYSVINIT_ENABLED_GETTYS} + do + echo "tty$n:12345:respawn:${base_sbindir}/getty 38400 tty$n" >> ${D}${sysconfdir}/inittab + done + echo "" >> ${D}${sysconfdir}/inittab + fi + +} + + +# SERIAL_CONSOLES is generally defined by the MACHINE .conf. +# Set PACKAGE_ARCH appropriately. +PACKAGE_ARCH = "${MACHINE_ARCH}" + +FILES:${PN} = "${sysconfdir}/inittab" +CONFFILES:${PN} = "${sysconfdir}/inittab" + +RDEPENDS:${PN} = "ttyrun" +RCONFLICTS:${PN} = "sysvinit-inittab" + +USE_VT ?= "1" +SYSVINIT_ENABLED_GETTYS ?= "1" diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc index 47fcb59302..67a9111e5b 100644 --- a/meta/recipes-core/busybox/busybox.inc +++ b/meta/recipes-core/busybox/busybox.inc @@ -7,7 +7,7 @@ DEPENDS += "kern-tools-native virtual/crypt" # bzip2 applet in busybox is based on lightly-modified bzip2-1.0.4 source # the GPL is version 2 only -LICENSE = "GPLv2 & bzip2-1.0.4" +LICENSE = "GPL-2.0-only & bzip2-1.0.4" LIC_FILES_CHKSUM = "file://LICENSE;md5=de10de48642ab74318e893a61105afbb \ file://archival/libarchive/bz/LICENSE;md5=28e3301eae987e8cfe19988e98383dae" @@ -23,39 +23,40 @@ EXTRA_OEMAKE = "CC='${CC}' LD='${CCLD}' V=1 ARCH=${TARGET_ARCH} CROSS_COMPILE=${ PACKAGES =+ "${PN}-httpd ${PN}-udhcpd ${PN}-udhcpc ${PN}-syslog ${PN}-mdev ${PN}-hwclock" -FILES_${PN}-httpd = "${sysconfdir}/init.d/busybox-httpd /srv/www" -FILES_${PN}-syslog = "${sysconfdir}/init.d/syslog* ${sysconfdir}/syslog-startup.conf* ${sysconfdir}/syslog.conf* ${systemd_unitdir}/system/syslog.service ${sysconfdir}/default/busybox-syslog" -FILES_${PN}-mdev = "${sysconfdir}/init.d/mdev ${sysconfdir}/mdev.conf ${sysconfdir}/mdev/*" -FILES_${PN}-udhcpd = "${sysconfdir}/init.d/busybox-udhcpd" -FILES_${PN}-udhcpc = "${sysconfdir}/udhcpc.d ${datadir}/udhcpc" -FILES_${PN}-hwclock = "${sysconfdir}/init.d/hwclock.sh" +FILES:${PN}-httpd = "${sysconfdir}/init.d/busybox-httpd /srv/www" +FILES:${PN}-syslog = "${sysconfdir}/init.d/syslog* ${sysconfdir}/syslog-startup.conf* ${sysconfdir}/syslog.conf* ${systemd_system_unitdir}/syslog.service ${sysconfdir}/default/busybox-syslog" +FILES:${PN}-mdev = "${sysconfdir}/init.d/mdev ${sysconfdir}/mdev.conf ${sysconfdir}/mdev/*" +FILES:${PN}-udhcpd = "${sysconfdir}/init.d/busybox-udhcpd" +FILES:${PN}-udhcpc = "${sysconfdir}/udhcpc.d ${datadir}/udhcpc" +FILES:${PN}-hwclock = "${sysconfdir}/init.d/hwclock.sh" INITSCRIPT_PACKAGES = "${PN}-httpd ${PN}-syslog ${PN}-udhcpd ${PN}-mdev ${PN}-hwclock" -INITSCRIPT_NAME_${PN}-httpd = "busybox-httpd" -INITSCRIPT_NAME_${PN}-hwclock = "hwclock.sh" -INITSCRIPT_NAME_${PN}-mdev = "mdev" -INITSCRIPT_PARAMS_${PN}-mdev = "start 04 S ." -INITSCRIPT_NAME_${PN}-syslog = "syslog" -INITSCRIPT_NAME_${PN}-udhcpd = "busybox-udhcpd" +INITSCRIPT_NAME:${PN}-httpd = "busybox-httpd" +INITSCRIPT_NAME:${PN}-hwclock = "hwclock.sh" +INITSCRIPT_PARAMS:${PN}-hwclock = "start 40 S . stop 20 0 1 6 ." +INITSCRIPT_NAME:${PN}-mdev = "mdev" +INITSCRIPT_PARAMS:${PN}-mdev = "start 04 S ." +INITSCRIPT_NAME:${PN}-syslog = "syslog" +INITSCRIPT_NAME:${PN}-udhcpd = "busybox-udhcpd" SYSTEMD_PACKAGES = "${PN}-syslog" -SYSTEMD_SERVICE_${PN}-syslog = "${@bb.utils.contains('SRC_URI', 'file://syslog.cfg', 'busybox-syslog.service', '', d)}" +SYSTEMD_SERVICE:${PN}-syslog = "${@bb.utils.contains('SRC_URI', 'file://syslog.cfg', 'busybox-syslog.service', '', d)}" -RDEPENDS_${PN}-syslog = "busybox" -CONFFILES_${PN}-syslog = "${sysconfdir}/syslog-startup.conf" -RCONFLICTS_${PN}-syslog = "rsyslog sysklogd syslog-ng" +RDEPENDS:${PN}-syslog = "busybox" +CONFFILES:${PN}-syslog = "${sysconfdir}/syslog-startup.conf" +RCONFLICTS:${PN}-syslog = "rsyslog sysklogd syslog-ng" -CONFFILES_${PN}-mdev = "${sysconfdir}/mdev.conf" +CONFFILES:${PN}-mdev = "${sysconfdir}/mdev.conf" -RRECOMMENDS_${PN} = "${PN}-udhcpc" +RRECOMMENDS:${PN} = "${PN}-udhcpc" -RDEPENDS_${PN} = "${@["", "busybox-inittab"][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'busybox')]}" +RDEPENDS:${PN} = "${@["", "busybox-inittab"][(d.getVar('VIRTUAL-RUNTIME_init_manager') == 'busybox')]}" inherit cml1 systemd update-rc.d ptest # busybox's unzip test case needs zip command, which busybox itself does not provide -RDEPENDS_${PN}-ptest = "zip" +RDEPENDS:${PN}-ptest = "zip" # internal helper def busybox_cfg(feature, tokens, cnf, rem): @@ -97,12 +98,12 @@ DO_IPv6 := "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 1, 0, d)}" python () { if "${OE_DEL}": - d.setVar('configmangle_append', "${OE_DEL}" + "\n") + d.setVar('configmangle:append', "${OE_DEL}" + "\n") if "${OE_FEATURES}": - d.setVar('configmangle_append', + d.setVar('configmangle:append', "/^### DISTRO FEATURES$/a\\\n%s\n\n" % ("\\n".join((d.expand("${OE_FEATURES}").split("\n"))))) - d.setVar('configmangle_append', + d.setVar('configmangle:append', "/^### CROSS$/a\\\n%s\n" % ("\\n".join(["CONFIG_EXTRA_CFLAGS=\"${CFLAGS} ${HOST_CC_ARCH}\"" ]) @@ -110,11 +111,10 @@ python () { } do_prepare_config () { - if [ "${BUILD_REPRODUCIBLE_BINARIES}" = "1" ]; then - export KCONFIG_NOTIMESTAMP=1 - fi + export KCONFIG_NOTIMESTAMP=1 + sed -e '/CONFIG_STATIC/d' \ - < ${WORKDIR}/defconfig > ${S}/.config + < ${UNPACKDIR}/defconfig > ${S}/.config echo "# CONFIG_STATIC is not set" >> .config for i in 'CROSS' 'DISTRO FEATURES'; do echo "### $i"; done >> \ ${S}/.config @@ -139,20 +139,26 @@ do_configure () { do_prepare_config merge_config.sh -m .config ${@" ".join(find_cfgs(d))} cml1_do_configure + + # Save a copy of .config and autoconf.h. + cp .config .config.orig + cp include/autoconf.h include/autoconf.h.orig } do_compile() { unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS - if [ "${BUILD_REPRODUCIBLE_BINARIES}" = "1" ]; then - export KCONFIG_NOTIMESTAMP=1 - fi + export KCONFIG_NOTIMESTAMP=1 + + # Ensure we start do_compile with the original .config and autoconf.h. + # These files should always have matching timestamps. + cp .config.orig .config + cp include/autoconf.h.orig include/autoconf.h + if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then + # Guard againt interrupted do_compile: clean temporary files. + rm -f .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps + # split the .config into two parts, and make two busybox binaries - if [ -e .config.orig ]; then - # Need to guard again an interrupted do_compile - restore any backup - cp .config.orig .config - fi - cp .config .config.orig oe_runmake busybox.cfg.suid oe_runmake busybox.cfg.nosuid @@ -189,15 +195,18 @@ do_compile() { bbfatal "busybox suid binary incorrectly provides /bin/sh" fi - # copy .config.orig back to .config, because the install process may check this file - cp .config.orig .config # cleanup - rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps + rm .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps else oe_runmake busybox_unstripped cp busybox_unstripped busybox oe_runmake busybox.links fi + + # restore original .config and autoconf.h, because the install process + # may check these files + cp .config.orig .config + cp include/autoconf.h.orig include/autoconf.h } do_install () { @@ -271,67 +280,67 @@ do_install () { fi if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/syslog ${D}${sysconfdir}/init.d/syslog - install -m 644 ${WORKDIR}/syslog-startup.conf ${D}${sysconfdir}/syslog-startup.conf - install -m 644 ${WORKDIR}/syslog.conf ${D}${sysconfdir}/syslog.conf + install -m 0755 ${UNPACKDIR}/syslog ${D}${sysconfdir}/init.d/syslog + install -m 644 ${UNPACKDIR}/syslog-startup.conf ${D}${sysconfdir}/syslog-startup.conf + install -m 644 ${UNPACKDIR}/syslog.conf ${D}${sysconfdir}/syslog.conf fi if grep -q "CONFIG_CROND=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/busybox-cron ${D}${sysconfdir}/init.d/ + install -m 0755 ${UNPACKDIR}/busybox-cron ${D}${sysconfdir}/init.d/ fi if grep -q "CONFIG_HTTPD=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/busybox-httpd ${D}${sysconfdir}/init.d/ + install -m 0755 ${UNPACKDIR}/busybox-httpd ${D}${sysconfdir}/init.d/ install -d ${D}/srv/www fi if grep -q "CONFIG_UDHCPD=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/busybox-udhcpd ${D}${sysconfdir}/init.d/ + install -m 0755 ${UNPACKDIR}/busybox-udhcpd ${D}${sysconfdir}/init.d/ fi if grep -q "CONFIG_HWCLOCK=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/hwclock.sh ${D}${sysconfdir}/init.d/ + install -m 0755 ${UNPACKDIR}/hwclock.sh ${D}${sysconfdir}/init.d/ fi if grep -q "CONFIG_UDHCPC=y" ${B}/.config; then install -d ${D}${sysconfdir}/udhcpc.d install -d ${D}${datadir}/udhcpc - install -m 0755 ${WORKDIR}/simple.script ${D}${sysconfdir}/udhcpc.d/50default + install -m 0755 ${UNPACKDIR}/simple.script ${D}${sysconfdir}/udhcpc.d/50default sed -i "s:/SBIN_DIR/:${base_sbindir}/:" ${D}${sysconfdir}/udhcpc.d/50default - install -m 0755 ${WORKDIR}/default.script ${D}${datadir}/udhcpc/default.script + install -m 0755 ${UNPACKDIR}/default.script ${D}${datadir}/udhcpc/default.script fi if grep -q "CONFIG_INETD=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/inetd ${D}${sysconfdir}/init.d/inetd.${BPN} + install -m 0755 ${UNPACKDIR}/inetd ${D}${sysconfdir}/init.d/inetd.${BPN} sed -i "s:/usr/sbin/:${sbindir}/:" ${D}${sysconfdir}/init.d/inetd.${BPN} - install -m 0644 ${WORKDIR}/inetd.conf ${D}${sysconfdir}/ + install -m 0644 ${UNPACKDIR}/inetd.conf ${D}${sysconfdir}/ fi if grep -q "CONFIG_MDEV=y" ${B}/.config; then - install -m 0755 ${WORKDIR}/mdev ${D}${sysconfdir}/init.d/mdev + install -m 0755 ${UNPACKDIR}/mdev ${D}${sysconfdir}/init.d/mdev if grep "CONFIG_FEATURE_MDEV_CONF=y" ${B}/.config; then - install -m 644 ${WORKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf + install -m 644 ${UNPACKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf install -d ${D}${sysconfdir}/mdev - install -m 0755 ${WORKDIR}/find-touchscreen.sh ${D}${sysconfdir}/mdev - install -m 0755 ${WORKDIR}/mdev-mount.sh ${D}${sysconfdir}/mdev + install -m 0755 ${UNPACKDIR}/find-touchscreen.sh ${D}${sysconfdir}/mdev + install -m 0755 ${UNPACKDIR}/mdev-mount.sh ${D}${sysconfdir}/mdev fi fi if grep -q "CONFIG_INIT=y" ${B}/.config && ${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','busybox','true','false',d)}; then - install -D -m 0755 ${WORKDIR}/rcS ${D}${sysconfdir}/init.d/rcS - install -D -m 0755 ${WORKDIR}/rcK ${D}${sysconfdir}/init.d/rcK - install -D -m 0755 ${WORKDIR}/rcS.default ${D}${sysconfdir}/default/rcS + install -D -m 0755 ${UNPACKDIR}/rcS ${D}${sysconfdir}/init.d/rcS + install -D -m 0755 ${UNPACKDIR}/rcK ${D}${sysconfdir}/init.d/rcK + install -D -m 0755 ${UNPACKDIR}/rcS.default ${D}${sysconfdir}/default/rcS fi if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then if grep -q "CONFIG_KLOGD=y" ${B}/.config; then - install -d ${D}${systemd_unitdir}/system - sed 's,@base_sbindir@,${base_sbindir},g' < ${WORKDIR}/busybox-klogd.service.in \ - > ${D}${systemd_unitdir}/system/busybox-klogd.service + install -d ${D}${systemd_system_unitdir} + sed 's,@base_sbindir@,${base_sbindir},g' < ${UNPACKDIR}/busybox-klogd.service.in \ + > ${D}${systemd_system_unitdir}/busybox-klogd.service fi if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then - install -d ${D}${systemd_unitdir}/system - sed 's,@base_sbindir@,${base_sbindir},g' < ${WORKDIR}/busybox-syslog.service.in \ - > ${D}${systemd_unitdir}/system/busybox-syslog.service - if [ ! -e ${D}${systemd_unitdir}/system/busybox-klogd.service ] ; then - sed -i '/klog/d' ${D}${systemd_unitdir}/system/busybox-syslog.service + install -d ${D}${systemd_system_unitdir} + sed 's,@base_sbindir@,${base_sbindir},g' < ${UNPACKDIR}/busybox-syslog.service.in \ + > ${D}${systemd_system_unitdir}/busybox-syslog.service + if [ ! -e ${D}${systemd_system_unitdir}/busybox-klogd.service ] ; then + sed -i '/klog/d' ${D}${systemd_system_unitdir}/busybox-syslog.service fi - if [ -f ${WORKDIR}/busybox-syslog.default ] ; then + if [ -f ${UNPACKDIR}/busybox-syslog.default ] ; then install -d ${D}${sysconfdir}/default - install -m 0644 ${WORKDIR}/busybox-syslog.default ${D}${sysconfdir}/default/busybox-syslog + install -m 0644 ${UNPACKDIR}/busybox-syslog.default ${D}${sysconfdir}/default/busybox-syslog fi fi fi @@ -349,14 +358,14 @@ do_install_ptest () { # These access the internet which is not guaranteed to work on machines running the tests rm -rf ${D}${PTEST_PATH}/testsuite/wget sort ${B}/.config > ${D}${PTEST_PATH}/.config - ln -s /bin/busybox ${D}${PTEST_PATH}/busybox + ln -s ${base_bindir}/busybox ${D}${PTEST_PATH}/busybox } inherit update-alternatives ALTERNATIVE_PRIORITY = "50" -python do_package_prepend () { +python do_package:prepend () { # We need to load the full set of busybox provides from the /etc/busybox.links # Use this to see the update-alternatives with the right information @@ -373,9 +382,9 @@ python do_package_prepend () { if alt_name == '[': alt_name = 'lbracket' if alt_name == 'klogd' or alt_name == 'syslogd': - d.appendVar('ALTERNATIVE_%s-syslog' % (pn), ' ' + alt_name) + d.appendVar('ALTERNATIVE:%s-syslog' % (pn), ' ' + alt_name) else: - d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name) + d.appendVar('ALTERNATIVE:%s' % (pn), ' ' + alt_name) d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name) if os.path.exists('%s%s' % (dvar, target)): d.setVarFlag('ALTERNATIVE_TARGET', alt_name, target) @@ -395,7 +404,7 @@ python do_package_prepend () { # These symlinks will later be updated by update-alternatives calls. # The update-alternatives.bbclass' postinst script runs firstly before other # postinst, but this part of code needs run firstly, so add this funtion. -python populate_packages_updatealternatives_append() { +python populate_packages_updatealternatives:append() { postinst = """ test -n 2 > /dev/null || alias test='busybox test' if test "x$D" = "x"; then @@ -422,10 +431,10 @@ if grep -q "^${base_bindir}/bash$" $D${sysconfdir}/busybox.links*; then fi """ - d.prependVar('pkg_postinst_%s' % pkg, postinst) + d.prependVar('pkg_postinst:%s' % pkg, postinst) } -pkg_postinst_${PN}_prepend () { +pkg_postinst:${PN}:prepend () { # Need path to saved utils, but they may have be removed on upgrade of busybox # Only use shell to get paths. Also capture if busybox was saved. BUSYBOX="" @@ -441,7 +450,7 @@ pkg_postinst_${PN}_prepend () { fi } -pkg_postinst_${PN}_append () { +pkg_postinst:${PN}:append () { # If busybox exists in the remove directory it is because it was the only shell left. if [ "x$D" = "x" ] ; then if [ "x$BUSYBOX" != "x" ] ; then @@ -451,7 +460,7 @@ pkg_postinst_${PN}_append () { fi } -pkg_prerm_${PN} () { +pkg_prerm:${PN} () { # This is so you can make busybox commit suicide - removing busybox with no other packages # providing its files, this will make update-alternatives work, but the update-rc.d part # for syslog, httpd and/or udhcpd will fail if there is no other package providing sh @@ -481,7 +490,7 @@ pkg_prerm_${PN} () { fi } -pkg_postrm_${PN} () { +pkg_postrm:${PN} () { # Add path to remove dir in case we removed our only grep if [ "x$D" = "x" ] ; then for busybox_rmdir in /tmp/busyboxrm-*; do @@ -496,7 +505,7 @@ pkg_postrm_${PN} () { fi } -pkg_prerm_${PN}-syslog () { +pkg_prerm:${PN}-syslog () { # remove syslog if test "x$D" = "x"; then if test "$1" = "upgrade" -o "$1" = "remove"; then @@ -505,4 +514,4 @@ pkg_prerm_${PN}-syslog () { fi } -RPROVIDES_${PN} += "${@bb.utils.contains('DISTRO_FEATURES', 'usrmerge', '/bin/sh /bin/ash', '', d)}" +RPROVIDES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES', 'usrmerge', '/bin/sh /bin/ash', '', d)}" diff --git a/meta/recipes-core/busybox/busybox/0001-Use-CC-when-linking-instead-of-LD-and-use-CFLAGS-and.patch b/meta/recipes-core/busybox/busybox/0001-Use-CC-when-linking-instead-of-LD-and-use-CFLAGS-and.patch deleted file mode 100644 index 2bf2b91c7e..0000000000 --- a/meta/recipes-core/busybox/busybox/0001-Use-CC-when-linking-instead-of-LD-and-use-CFLAGS-and.patch +++ /dev/null @@ -1,114 +0,0 @@ -From a9333eb6a7b8dbda735947cd5bc981ff9352a2c9 Mon Sep 17 00:00:00 2001 -From: Nathan Phillip Brink <ohnobinki@ohnopublishing.net> -Date: Thu, 10 Mar 2011 00:27:08 -0500 -Subject: [PATCH 1/2] Use $(CC) when linking instead of $(LD) and use $(CFLAGS) - and $(EXTRA_CFLAGS) when linking. - -This fixes the issue where LDFLAGS escaped with -Wl are ignored during -compilation. It also simplifies using CFLAGS or EXTRA_CFLAGS (such as --m32 on x86_64 or -flto) which apply to both compilation and linking -situations. - -Signed-off-by: Nathan Phillip Brink <ohnobinki@ohnopublishing.net> ---- -Upstream-Status: Pending - - Makefile | 7 ++++--- - scripts/Makefile.build | 8 ++++---- - scripts/Makefile.lib | 13 +++---------- - 3 files changed, 11 insertions(+), 17 deletions(-) - -Index: busybox-1.23.2/Makefile -=================================================================== ---- busybox-1.23.2.orig/Makefile -+++ busybox-1.23.2/Makefile -@@ -309,7 +309,8 @@ CHECKFLAGS := -D__linux__ -Dlinux -D - MODFLAGS = -DMODULE - CFLAGS_MODULE = $(MODFLAGS) - AFLAGS_MODULE = $(MODFLAGS) --LDFLAGS_MODULE = -r -+LDFLAGS_RELOCATABLE = -r -nostdlib -+LDFLAGS_MODULE = $(LDFLAGS_RELOCATABLE) - CFLAGS_KERNEL = - AFLAGS_KERNEL = - -@@ -331,7 +332,7 @@ KERNELVERSION = $(VERSION).$(PATCHLEVEL) - export VERSION PATCHLEVEL SUBLEVEL KERNELRELEASE KERNELVERSION \ - ARCH CONFIG_SHELL HOSTCC HOSTCFLAGS CROSS_COMPILE AS LD CC \ - CPP AR NM STRIP OBJCOPY OBJDUMP MAKE AWK GENKSYMS PERL UTS_MACHINE \ -- HOSTCXX HOSTCXXFLAGS LDFLAGS_MODULE CHECK CHECKFLAGS -+ HOSTCXX HOSTCXXFLAGS LDFLAGS_RELOCATABLE LDFLAGS_MODULE CHECK CHECKFLAGS - - export CPPFLAGS NOSTDINC_FLAGS LINUXINCLUDE OBJCOPYFLAGS LDFLAGS - export CFLAGS CFLAGS_KERNEL CFLAGS_MODULE -@@ -610,7 +611,7 @@ quiet_cmd_busybox__ ?= LINK $@ - cmd_busybox__ ?= $(srctree)/scripts/trylink \ - "$@" \ - "$(CC)" \ -- "$(CFLAGS) $(CFLAGS_busybox)" \ -+ "$(CFLAGS) $(CFLAGS_busybox) $(EXTRA_CFLAGS)" \ - "$(LDFLAGS) $(EXTRA_LDFLAGS)" \ - "$(core-y)" \ - "$(libs-y)" \ -Index: busybox-1.23.2/scripts/Makefile.build -=================================================================== ---- busybox-1.23.2.orig/scripts/Makefile.build -+++ busybox-1.23.2/scripts/Makefile.build -@@ -174,7 +174,7 @@ cmd_modversions = \ - | $(GENKSYMS) -a $(ARCH) \ - > $(@D)/.tmp_$(@F:.o=.ver); \ - \ -- $(LD) $(LDFLAGS) -r -o $@ $(@D)/.tmp_$(@F) \ -+ $(CC) $(ld_flags_partial) $(LDFLAGS_RELOCATABLE) -o $@ $(@D)/.tmp_$(@F) \ - -T $(@D)/.tmp_$(@F:.o=.ver); \ - rm -f $(@D)/.tmp_$(@F) $(@D)/.tmp_$(@F:.o=.ver); \ - else \ -@@ -257,7 +257,7 @@ quiet_cmd_link_o_target = LD $@ - # If the list of objects to link is empty, just create an empty built-in.o - # -nostdlib is added to make "make LD=gcc ..." work (some people use that) - cmd_link_o_target = $(if $(strip $(obj-y)),\ -- $(LD) -nostdlib $(ld_flags) -r -o $@ $(filter $(obj-y), $^),\ -+ $(CC) $(ld_flags_partial) $(LDFLAGS_RELOCATABLE) -o $@ $(filter $(obj-y), $^),\ - rm -f $@; $(AR) rcs $@) - - $(builtin-target): $(obj-y) FORCE -@@ -292,10 +292,10 @@ $($(subst $(obj)/,,$(@:.o=-objs))) \ - $($(subst $(obj)/,,$(@:.o=-y)))), $^) - - quiet_cmd_link_multi-y = LD $@ --cmd_link_multi-y = $(LD) $(ld_flags) -r -o $@ $(link_multi_deps) -+cmd_link_multi-y = $(CC) $(ld_flags_partial) $(LDFLAGS_RELOCATABLE) -o $@ $(link_multi_deps) - - quiet_cmd_link_multi-m = LD [M] $@ --cmd_link_multi-m = $(LD) $(ld_flags) $(LDFLAGS_MODULE) -o $@ $(link_multi_deps) -+cmd_link_multi-m = $(CC) $(ld_flags) $(LDFLAGS_MODULE) -o $@ $(link_multi_deps) - - # We would rather have a list of rules like - # foo.o: $(foo-objs) -Index: busybox-1.23.2/scripts/Makefile.lib -=================================================================== ---- busybox-1.23.2.orig/scripts/Makefile.lib -+++ busybox-1.23.2/scripts/Makefile.lib -@@ -121,7 +121,8 @@ cpp_flags = -Wp,-MD,$(depfile) $(NO - # yet ld_flags is fed to ld. - #ld_flags = $(LDFLAGS) $(EXTRA_LDFLAGS) - # Remove the -Wl, prefix from linker options normally passed through gcc --ld_flags = $(filter-out -Wl$(comma)%,$(LDFLAGS) $(EXTRA_LDFLAGS)) -+ld_flags = $(filter-out -Wl$(comma)%,$(LDFLAGS) $(EXTRA_LDFLAGS) $(CFLAGS) $(EXTRA_CFLAGS)) -+ld_flags_partial = $($(filter-out -shared%, $(filter-out -pie%,$(ld_flags)))) - - - # Finds the multi-part object the current object will be linked into -@@ -151,10 +152,8 @@ $(obj)/%:: $(src)/%_shipped - # Linking - # --------------------------------------------------------------------------- - --# TODO: LDFLAGS usually is supposed to contain gcc's flags, not ld's. --# but here we feed them to ld! --quiet_cmd_ld = LD $@ --cmd_ld = $(LD) $(LDFLAGS) $(EXTRA_LDFLAGS) $(LDFLAGS_$(@F)) \ -+quiet_cmd_ld = CC $@ -+cmd_ld = $(CC) $(ld_flags) $(LDFLAGS_$(@F)) \ - $(filter-out FORCE,$^) -o $@ - - # Objcopy diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch new file mode 100644 index 0000000000..5836cf8a00 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch @@ -0,0 +1,197 @@ +From dedc9380c76834ba64c8b526aef6f461ea4e7f2e Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Tue, 30 May 2023 16:42:18 +0200 +Subject: [PATCH 1/2] awk: fix precedence of = relative to == + +Discovered while adding code to disallow assignments to non-lvalues + +function old new delta +parse_expr 936 991 +55 +.rodata 105243 105247 +4 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 2/0 up/down: 59/0) Total: 59 bytes + +CVE: CVE-2023-42364 CVE-2023-42365 + +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4] +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +(cherry picked from commit 0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4) +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + editors/awk.c | 66 ++++++++++++++++++++++++++++++--------------- + testsuite/awk.tests | 5 ++++ + 2 files changed, 50 insertions(+), 21 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index ec9301e..aff86fe 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -337,7 +337,9 @@ static void debug_parse_print_tc(uint32_t n) + #undef P + #undef PRIMASK + #undef PRIMASK2 +-#define P(x) (x << 24) ++/* Smaller 'x' means _higher_ operator precedence */ ++#define PRECEDENCE(x) (x << 24) ++#define P(x) PRECEDENCE(x) + #define PRIMASK 0x7F000000 + #define PRIMASK2 0x7E000000 + +@@ -360,7 +362,7 @@ enum { + OC_MOVE = 0x1f00, OC_PGETLINE = 0x2000, OC_REGEXP = 0x2100, + OC_REPLACE = 0x2200, OC_RETURN = 0x2300, OC_SPRINTF = 0x2400, + OC_TERNARY = 0x2500, OC_UNARY = 0x2600, OC_VAR = 0x2700, +- OC_DONE = 0x2800, ++ OC_CONST = 0x2800, OC_DONE = 0x2900, + + ST_IF = 0x3000, ST_DO = 0x3100, ST_FOR = 0x3200, + ST_WHILE = 0x3300 +@@ -440,9 +442,9 @@ static const uint32_t tokeninfo[] ALIGN4 = { + #define TI_PREINC (OC_UNARY|xV|P(9)|'P') + #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') + TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), +- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', +- OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', +- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', ++ OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', ++ OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', ++ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', + OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', + OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, + #define TI_LESS (OC_COMPARE|VV|P(39)|2) +@@ -1290,7 +1292,7 @@ static uint32_t next_token(uint32_t expected) + save_tclass = tc; + save_info = t_info; + tc = TC_BINOPX; +- t_info = OC_CONCAT | SS | P(35); ++ t_info = OC_CONCAT | SS | PRECEDENCE(35); + } + + t_tclass = tc; +@@ -1350,9 +1352,8 @@ static node *parse_expr(uint32_t term_tc) + { + node sn; + node *cn = &sn; +- node *vn, *glptr; ++ node *glptr; + uint32_t tc, expected_tc; +- var *v; + + debug_printf_parse("%s() term_tc(%x):", __func__, term_tc); + debug_parse_print_tc(term_tc); +@@ -1363,11 +1364,12 @@ static node *parse_expr(uint32_t term_tc) + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc; + + while (!((tc = next_token(expected_tc)) & term_tc)) { ++ node *vn; + + if (glptr && (t_info == TI_LESS)) { + /* input redirection (<) attached to glptr node */ + debug_printf_parse("%s: input redir\n", __func__); +- cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37)); ++ cn = glptr->l.n = new_node(OC_CONCAT | SS | PRECEDENCE(37)); + cn->a.n = glptr; + expected_tc = TS_OPERAND | TS_UOPPRE; + glptr = NULL; +@@ -1379,24 +1381,42 @@ static node *parse_expr(uint32_t term_tc) + * previous operators with higher priority */ + vn = cn; + while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) +- || ((t_info == vn->info) && t_info == TI_COLON) ++ || (t_info == vn->info && t_info == TI_COLON) + ) { + vn = vn->a.n; + if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN); + } + if (t_info == TI_TERNARY) + //TODO: why? +- t_info += P(6); ++ t_info += PRECEDENCE(6); + cn = vn->a.n->r.n = new_node(t_info); + cn->a.n = vn->a.n; + if (tc & TS_BINOP) { + cn->l.n = vn; +-//FIXME: this is the place to detect and reject assignments to non-lvalues. +-//Currently we allow "assignments" to consts and temporaries, nonsense like this: +-// awk 'BEGIN { "qwe" = 1 }' +-// awk 'BEGIN { 7 *= 7 }' +-// awk 'BEGIN { length("qwe") = 1 }' +-// awk 'BEGIN { (1+1) += 3 }' ++ ++ /* Prevent: ++ * awk 'BEGIN { "qwe" = 1 }' ++ * awk 'BEGIN { 7 *= 7 }' ++ * awk 'BEGIN { length("qwe") = 1 }' ++ * awk 'BEGIN { (1+1) += 3 }' ++ */ ++ /* Assignment? (including *= and friends) */ ++ if (((t_info & OPCLSMASK) == OC_MOVE) ++ || ((t_info & OPCLSMASK) == OC_REPLACE) ++ ) { ++ debug_printf_parse("%s: MOVE/REPLACE vn->info:%08x\n", __func__, vn->info); ++ /* Left side is a (variable or array element) ++ * or function argument ++ * or $FIELD ? ++ */ ++ if ((vn->info & OPCLSMASK) != OC_VAR ++ && (vn->info & OPCLSMASK) != OC_FNARG ++ && (vn->info & OPCLSMASK) != OC_FIELD ++ ) { ++ syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ ++ } ++ } ++ + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; + if (t_info == TI_PGETLINE) { + /* it's a pipe */ +@@ -1432,6 +1452,8 @@ static node *parse_expr(uint32_t term_tc) + /* one should be very careful with switch on tclass - + * only simple tclasses should be used (TC_xyz, not TS_xyz) */ + switch (tc) { ++ var *v; ++ + case TC_VARIABLE: + case TC_ARRAY: + debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); +@@ -1452,14 +1474,14 @@ static node *parse_expr(uint32_t term_tc) + case TC_NUMBER: + case TC_STRING: + debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); +- cn->info = OC_VAR; ++ cn->info = OC_CONST; + v = cn->l.v = xzalloc(sizeof(var)); +- if (tc & TC_NUMBER) ++ if (tc & TC_NUMBER) { + setvar_i(v, t_double); +- else { ++ } else { + setvar_s(v, t_string); +- expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */ + } ++ expected_tc &= ~TC_UOPPOST; /* NUM++, "str"++ not allowed */ + break; + + case TC_REGEXP: +@@ -3107,6 +3129,8 @@ static var *evaluate(node *op, var *res) + + /* -- recursive node type -- */ + ++ case XC( OC_CONST ): ++ debug_printf_eval("CONST "); + case XC( OC_VAR ): + debug_printf_eval("VAR\n"); + L.v = op->l.v; +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index ddc5104..a78fdcd 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -540,4 +540,9 @@ testing 'awk assign while assign' \ + │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] + └────────────────────────────────────────────────────┘^C" + ++testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ ++ "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ ++ '0\n1\n2\n1\n3\n' \ ++ '' '' ++ + exit $FAILCOUNT diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch new file mode 100644 index 0000000000..3f6145b250 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch @@ -0,0 +1,41 @@ +From e1a68741067167dc4837e0a26d3d5c318a631fc7 Mon Sep 17 00:00:00 2001 +From: Ron Yorston <rmy@pobox.com> +Date: Fri, 19 Jan 2024 15:41:17 +0000 +Subject: [PATCH] awk: fix segfault when compiled by clang + +A 32-bit build of BusyBox using clang segfaulted in the test +"awk assign while assign". Specifically, on line 7 of the test +input where the adjustment of the L.v pointer when the Fields +array was reallocated + + L.v += Fields - old_Fields_ptr; + +was out by 4 bytes. + +Rearrange to code so both gcc and clang generate code that works. + +Signed-off-by: Ron Yorston <rmy@pobox.com> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> + +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + editors/awk.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/editors/awk.c b/editors/awk.c +index aa485c782..0981c6735 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -2935,7 +2935,7 @@ static var *evaluate(node *op, var *res) + if (old_Fields_ptr) { + //if (old_Fields_ptr != Fields) + // debug_printf_eval("L.v moved\n"); +- L.v += Fields - old_Fields_ptr; ++ L.v = Fields + (L.v - old_Fields_ptr); + } + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); +-- +2.30.2 + diff --git a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch new file mode 100644 index 0000000000..282c2fde5a --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch @@ -0,0 +1,37 @@ +From 8542236894a8d5f7393327117bc7f64787444efc Mon Sep 17 00:00:00 2001 +From: Valery Ushakov <uwe@stderr.spb.ru> +Date: Wed, 24 Jan 2024 22:24:41 +0300 +Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874) + +Make sure we don't read past the end of the string in next_token() +when backslash is the last character in an (invalid) regexp. +a fix and issue reported in bugzilla + +https://bugs.busybox.net/show_bug.cgi?id=15874 + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] + +CVE: CVE-2023-42366 +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + editors/awk.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index f320d8c..a53b193 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected) + s[-1] = bb_process_escape_sequence((const char **)&pp); + if (*p == '\\') + *s++ = '\\'; +- if (pp == p) ++ if (pp == p) { ++ if (*p == '\0') ++ syntax_error(EMSG_UNEXP_EOS); + *s++ = *p++; +- else ++ } else + p = pp; + } + } diff --git a/meta/recipes-core/busybox/busybox/0001-cut-Fix-s-flag-to-omit-blank-lines.patch b/meta/recipes-core/busybox/busybox/0001-cut-Fix-s-flag-to-omit-blank-lines.patch new file mode 100644 index 0000000000..a0a8607b23 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-cut-Fix-s-flag-to-omit-blank-lines.patch @@ -0,0 +1,66 @@ +From 199606e960942c29fd8085be812edd3d3697825c Mon Sep 17 00:00:00 2001 +From: Colin McAllister <colinmca242@gmail.com> +Date: Wed, 17 Jul 2024 07:58:52 -0500 +Subject: [PATCH 1/1] cut: Fix "-s" flag to omit blank lines + +Using cut with the delimiter flag ("-d") with the "-s" flag to only +output lines containing the delimiter will print blank lines. This is +deviant behavior from cut provided by GNU Coreutils. Blank lines should +be omitted if "-s" is used with "-d". + +This change introduces a somewhat naiive, yet efficient solution, where +line length is checked before looping though bytes. If line length is +zero and the "-s" flag is used, the code will jump to parsing the next +line to avoid printing a newline character. + +In addition, a test to cut.tests has been added to ensure that this +regression is fixed and will not happen again in the future. + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-July/090834.html] + +Signed-off-by: Colin McAllister <colinmca242@gmail.com> +--- + coreutils/cut.c | 6 ++++++ + testsuite/cut.tests | 9 +++++++++ + 2 files changed, 15 insertions(+) + +diff --git a/coreutils/cut.c b/coreutils/cut.c +index 55bdd9386..b7f986f26 100644 +--- a/coreutils/cut.c ++++ b/coreutils/cut.c +@@ -152,6 +152,12 @@ static void cut_file(FILE *file, const char *delim, const char *odelim, + unsigned uu = 0, start = 0, end = 0, out = 0; + int dcount = 0; + ++ /* Blank line? */ ++ if (!linelen) { ++ if (option_mask32 & CUT_OPT_SUPPRESS_FLGS) ++ goto next_line; ++ } ++ + /* Loop through bytes, finding next delimiter */ + for (;;) { + /* End of current range? */ +diff --git a/testsuite/cut.tests b/testsuite/cut.tests +index 2458c019c..0b401bc00 100755 +--- a/testsuite/cut.tests ++++ b/testsuite/cut.tests +@@ -65,6 +65,15 @@ testing "cut with -d -f( ) -s" "cut -d' ' -f3 -s input && echo yes" "yes\n" "$in + testing "cut with -d -f(a) -s" "cut -da -f3 -s input" "n\nsium:Jim\n\ncion:Ed\n" "$input" "" + testing "cut with -d -f(a) -s -n" "cut -da -f3 -s -n input" "n\nsium:Jim\n\ncion:Ed\n" "$input" "" + ++input="\ ++ ++foo bar baz ++ ++bing bong boop ++ ++" ++testing "cut with -d -s omits blank lines" "cut -d' ' -f2 -s input" "bar\nbong\n" "$input" "" ++ + # substitute for awk + optional FEATURE_CUT_REGEX + testing "cut -DF" "cut -DF 2,7,5" \ +-- +2.43.0 + diff --git a/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch b/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch deleted file mode 100644 index 67c9f189cc..0000000000 --- a/meta/recipes-core/busybox/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch +++ /dev/null @@ -1,58 +0,0 @@ -From fe791386ebc270219ca00406c9fdadc5130b64ee Mon Sep 17 00:00:00 2001 -From: Samuel Sapalski <samuel.sapalski@nokia.com> -Date: Wed, 3 Mar 2021 16:31:22 +0100 -Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt - -On certain corrupt gzip files, huft_build will set the error bit on -the result pointer. If afterwards abort_unzip is called huft_free -might run into a segmentation fault or an invalid pointer to -free(p). - -In order to mitigate this, we check in huft_free if the error bit -is set and clear it before the linked list is freed. - -Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com> -Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> - -Upstream-Status: Backport -CVE: CVE-2021-28831 -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - archival/libarchive/decompress_gunzip.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c -index eb3b64930..e93cd5005 100644 ---- a/archival/libarchive/decompress_gunzip.c -+++ b/archival/libarchive/decompress_gunzip.c -@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = { - * each table. - * t: table to free - */ -+#define BAD_HUFT(p) ((uintptr_t)(p) & 1) -+#define ERR_RET ((huft_t*)(uintptr_t)1) - static void huft_free(huft_t *p) - { - huft_t *q; - -+ /* -+ * If 'p' has the error bit set we have to clear it, otherwise we might run -+ * into a segmentation fault or an invalid pointer to free(p) -+ */ -+ if (BAD_HUFT(p)) { -+ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET)); -+ } -+ - /* Go through linked list, freeing from the malloced (t[-1]) address. */ - while (p) { - q = (--p)->v.t; -@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current - * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table - * is given: "fixed inflate" decoder feeds us such data. - */ --#define BAD_HUFT(p) ((uintptr_t)(p) & 1) --#define ERR_RET ((huft_t*)(uintptr_t)1) - static huft_t* huft_build(const unsigned *b, const unsigned n, - const unsigned s, const struct cp_ext *cp_ext, - unsigned *m) diff --git a/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch new file mode 100644 index 0000000000..d76118f85b --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch @@ -0,0 +1,32 @@ +From 5f6ed003f10ee0bd4a508d5f59129a29f0920dfc Mon Sep 17 00:00:00 2001 +From: Saul Wold <saul.wold@windriver.com> +Date: Thu, 31 Mar 2022 11:21:45 -0700 +Subject: [PATCH] depmod: Ignore .debug directories + +The .debug/<module>.ko files do not have the correct symbol information +since it's split away from the actual <module>.ko file. Just ignore it. + +Upstream-Status: Pending + +Signed-off-by: Saul Wold <saul.wold@windriver.com> +--- + modutils/depmod.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/modutils/depmod.c b/modutils/depmod.c +index bb42bbe..aa5a2de 100644 +--- a/modutils/depmod.c ++++ b/modutils/depmod.c +@@ -43,6 +43,9 @@ static int FAST_FUNC parse_module(struct recursive_state *state, + /* Arbitrary. Was sb->st_size, but that breaks .gz etc */ + size_t len = (64*1024*1024 - 4096); + ++ if (strstr(fname, ".debug") != NULL) ++ return TRUE; ++ + if (strrstr(fname, ".ko") == NULL) + return TRUE; + +-- +2.31.1 + diff --git a/meta/recipes-core/busybox/busybox/0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch b/meta/recipes-core/busybox/busybox/0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch deleted file mode 100644 index e0a22c5bb3..0000000000 --- a/meta/recipes-core/busybox/busybox/0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch +++ /dev/null @@ -1,28 +0,0 @@ -From bff7f16f7f41de8df67beb03722f235828ef2249 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Mon, 3 May 2021 15:48:19 -0700 -Subject: [PATCH] gen_build_files: Use C locale when calling sed on globbed files - -sort order is different based on chosen locale and also default shell -being bash or dash - -This sets the environment variable LC_ALL to the value C, which will -enforce bytewise sorting, irrespective of the shell - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - scripts/gen_build_files.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/scripts/gen_build_files.sh -+++ b/scripts/gen_build_files.sh -@@ -4,6 +4,8 @@ - # but users complain that many sed implementations - # are misinterpreting --. - -+export LC_ALL=C -+ - test $# -ge 2 || { echo "Syntax: $0 SRCTREE OBJTREE"; exit 1; } - - # cd to objtree diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch new file mode 100644 index 0000000000..ceb3ad7250 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -0,0 +1,41 @@ +From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001 +From: Ariadne Conill <ariadne@dereferenced.org> +Date: Sun, 3 Apr 2022 12:14:33 +0000 +Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are + returned for the hostname part + +CVE: CVE-2022-28391 +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] +Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> +Signed-off-by: Steve Sakoman <steve@sakoman.com> +--- + libbb/xconnect.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libbb/xconnect.c b/libbb/xconnect.c +index 0e0b247b8..02c061e67 100644 +--- a/libbb/xconnect.c ++++ b/libbb/xconnect.c +@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + ); + if (rc) + return NULL; ++ /* ensure host contains only printable characters */ + if (flags & IGNORE_PORT) +- return xstrdup(host); ++ return xstrdup(printable_string(host)); + #if ENABLE_FEATURE_IPV6 + if (sa->sa_family == AF_INET6) { + if (strchr(host, ':')) /* heh, it's not a resolved hostname */ +@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + #endif + /* For now we don't support anything else, so it has to be INET */ + /*if (sa->sa_family == AF_INET)*/ +- return xasprintf("%s:%s", host, serv); ++ return xasprintf("%s:%s", printable_string(host), serv); + /*return xstrdup(host);*/ + } + +-- +2.35.1 + diff --git a/meta/recipes-core/busybox/busybox/0001-testsuite-check-uudecode-before-using-it.patch b/meta/recipes-core/busybox/busybox/0001-testsuite-check-uudecode-before-using-it.patch index 25472f0bbd..d4bda3c12f 100644 --- a/meta/recipes-core/busybox/busybox/0001-testsuite-check-uudecode-before-using-it.patch +++ b/meta/recipes-core/busybox/busybox/0001-testsuite-check-uudecode-before-using-it.patch @@ -18,13 +18,13 @@ diff --git a/testsuite/tar.tests b/testsuite/tar.tests index d71a349..8c88567 100755 --- a/testsuite/tar.tests +++ b/testsuite/tar.tests -@@ -336,7 +336,7 @@ SKIP= - cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null +@@ -339,7 +339,7 @@ cd .. || exit 1; rm -rf tar.tempdir 2>/d + fi mkdir tar.tempdir && cd tar.tempdir || exit 1 -optional FEATURE_SEAMLESS_BZ2 FEATURE_TAR_AUTODETECT LS +optional FEATURE_SEAMLESS_BZ2 FEATURE_TAR_AUTODETECT LS UUDECODE - testing "Symlink attack: create symlink and then write through it" '\ + testing "tar Symlink attack: create symlink and then write through it" '\ exec 2>&1 uudecode -o input && tar xvf input; echo $? diff --git a/testsuite/unzip.tests b/testsuite/unzip.tests diff --git a/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch b/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch new file mode 100644 index 0000000000..ea3c84897b --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch @@ -0,0 +1,96 @@ +From c3bfdac8e0e9a21d524ad72036953f68d2193e52 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Tue, 21 May 2024 14:46:08 +0200 +Subject: [PATCH 2/2] awk: fix ternary operator and precedence of = + +Adjust the = precedence test to match behavior of gawk, mawk and +FreeBSD. awk 'BEGIN {print v=3==3; print v}' should print two '1'. + +To fix this, and to unbreak the ternary conditional operator, we restore +the precedence of = in the token list, but override this with a lower +priority when the assignment is on the right side of a compare. + +This fixes commit 0256e00a9d07 (awk: fix precedence of = relative to ==) [1] + +CVE: CVE-2023-42364 CVE-2023-42365 + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] + +[1] https://bugs.busybox.net/show_bug.cgi?id=15871#c6 + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +(cherry picked from commit 1714301c405ef03b39605c85c23f22a190cddd95) +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + editors/awk.c | 18 ++++++++++++++---- + testsuite/awk.tests | 9 +++++++-- + 2 files changed, 21 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index aff86fe..f320d8c 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -442,9 +442,10 @@ static const uint32_t tokeninfo[] ALIGN4 = { + #define TI_PREINC (OC_UNARY|xV|P(9)|'P') + #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') + TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), +- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', +- OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', +- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', ++#define TI_ASSIGN (OC_MOVE|VV|P(74)) ++ OC_COMPARE|VV|P(39)|5, TI_ASSIGN, OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', ++ OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', ++ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', + OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', + OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, + #define TI_LESS (OC_COMPARE|VV|P(39)|2) +@@ -1376,11 +1377,19 @@ static node *parse_expr(uint32_t term_tc) + continue; + } + if (tc & (TS_BINOP | TC_UOPPOST)) { ++ int prio; + debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); + /* for binary and postfix-unary operators, jump back over + * previous operators with higher priority */ + vn = cn; +- while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) ++ /* Let assignment get higher priority when used on right ++ * side in compare. i.e: 2==v=3 */ ++ if (t_info == TI_ASSIGN && (vn->a.n->info & OPCLSMASK) == OC_COMPARE) { ++ prio = PRECEDENCE(38); ++ } else { ++ prio = (t_info & PRIMASK); ++ } ++ while ((prio > (vn->a.n->info & PRIMASK2)) + || (t_info == vn->info && t_info == TI_COLON) + ) { + vn = vn->a.n; +@@ -1412,6 +1421,7 @@ static node *parse_expr(uint32_t term_tc) + if ((vn->info & OPCLSMASK) != OC_VAR + && (vn->info & OPCLSMASK) != OC_FNARG + && (vn->info & OPCLSMASK) != OC_FIELD ++ && (vn->info & OPCLSMASK) != OC_COMPARE + ) { + syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ + } +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index a78fdcd..d2706de 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -540,9 +540,14 @@ testing 'awk assign while assign' \ + │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] + └────────────────────────────────────────────────────┘^C" + +-testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ ++testing "awk = has higher precedence than == on right side" \ + "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ +- '0\n1\n2\n1\n3\n' \ ++ '0\n1\n2\n1\n1\n' \ ++ '' '' ++ ++testing 'awk ternary precedence' \ ++ "awk 'BEGIN { a = 0 ? \"yes\": \"no\"; print a }'" \ ++ 'no\n' \ + '' '' + + exit $FAILCOUNT diff --git a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch new file mode 100644 index 0000000000..1dbc3388a4 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -0,0 +1,69 @@ +From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001 +From: Ariadne Conill <ariadne@dereferenced.org> +Date: Sun, 3 Apr 2022 12:16:45 +0000 +Subject: [PATCH 2/2] nslookup: sanitize all printed strings with + printable_string + +Otherwise, terminal sequences can be injected, which enables various terminal injection +attacks from DNS results. + +CVE: CVE-2022-28391 +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] +Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> +Signed-off-by: Steve Sakoman <steve@sakoman.com> +--- + networking/nslookup.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/networking/nslookup.c b/networking/nslookup.c +index 6da97baf4..4bdcde1b8 100644 +--- a/networking/nslookup.c ++++ b/networking/nslookup.c +@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } +- printf(format, ns_rr_name(rr), dname); ++ printf(format, ns_rr_name(rr), printable_string(dname)); + break; + + case ns_t_mx: +@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Cannot uncompress MX domain: %s\n", strerror(errno)); + return -1; + } +- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname); ++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname)); + break; + + case ns_t_txt: +@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + if (n > 0) { + memset(dname, 0, sizeof(dname)); + memcpy(dname, ns_rr_rdata(rr) + 1, n); +- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname); ++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname)); + } + break; + +@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + } + + printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr), +- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname); ++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname)); + break; + + case ns_t_soa: +@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + return -1; + } + +- printf("\tmail addr = %s\n", dname); ++ printf("\tmail addr = %s\n", printable_string(dname)); + cp += n; + + printf("\tserial = %lu\n", ns_get32(cp)); +-- +2.35.1 + diff --git a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch new file mode 100644 index 0000000000..3baef86415 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch @@ -0,0 +1,151 @@ +From 5dcc443dba039b305a510c01883e9f34e42656ae Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Fri, 26 May 2023 19:36:58 +0200 +Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> + +CVE: CVE-2021-42380 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + editors/awk.c | 26 ++++++++++++++++----- + testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 75 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 728ee8685..2af823808 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -555,7 +555,7 @@ struct globals { + const char *g_progname; + int g_lineno; + int nfields; +- int maxfields; /* used in fsrealloc() only */ ++ unsigned maxfields; + var *Fields; + char *g_pos; + char g_saved_ch; +@@ -1931,9 +1931,9 @@ static void fsrealloc(int size) + { + int i, newsize; + +- if (size >= maxfields) { +- /* Sanity cap, easier than catering for overflows */ +- if (size > 0xffffff) ++ if ((unsigned)size >= maxfields) { ++ /* Sanity cap, easier than catering for over/underflows */ ++ if ((unsigned)size > 0xffffff) + bb_die_memory_exhausted(); + + i = maxfields; +@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res) + uint32_t opinfo; + int opn; + node *op1; ++ var *old_Fields_ptr; + + opinfo = op->info; + opn = (opinfo & OPNMASK); +@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); + + /* execute inevitable things */ ++ old_Fields_ptr = NULL; + if (opinfo & OF_RES1) { + if ((opinfo & OF_REQUIRED) && !op1) + syntax_error(EMSG_TOO_FEW_ARGS); + L.v = evaluate(op1, TMPVAR0); ++ /* Does L.v point to $n variable? */ ++ if ((size_t)(L.v - Fields) < maxfields) { ++ /* yes, remember where Fields[] is */ ++ old_Fields_ptr = Fields; ++ } + if (opinfo & OF_STR1) { + L.s = getvar_s(L.v); + debug_printf_eval("L.s:'%s'\n", L.s); +@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res) + */ + if (opinfo & OF_RES2) { + R.v = evaluate(op->r.n, TMPVAR1); +- //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? +- //L.v = NULL; ++ /* Seen in $5=$$5=$0: ++ * Evaluation of R.v ($$5=$0 expression) ++ * made L.v ($5) invalid. It's detected here. ++ */ ++ if (old_Fields_ptr) { ++ //if (old_Fields_ptr != Fields) ++ // debug_printf_eval("L.v moved\n"); ++ L.v += Fields - old_Fields_ptr; ++ } + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); + debug_printf_eval("R.s:'%s'\n", R.s); +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index bbf0fbff1..ddc51047b 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -485,4 +485,59 @@ testing 'awk assign while test' \ + "" \ + "foo" + ++# User-supplied bug (SEGV) example, was causing use-after-realloc ++testing 'awk assign while assign' \ ++ "awk '\$5=\$\$5=\$0'; echo \$?" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐ ++│ run time : │ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find │ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : │last saved crash : none seen yet │saved crashes : 0 │ seen yet │saved crashes : 0 │ ++│ last saved hang │ last saved hang : none seen yet │ saved hangs : 0 │ none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤ ++│ now processing : │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ (88.5%) │ map density : 0.30% / 0.52% │ │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out │ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤ ++│ now trying : │ now trying : havoc │ favored items : 43 (20.67%) │ │ favored items : 43 (20.67%) │ ++│ stage execs : │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ 52 (25.00%) │ ++│ total execs : │ total execs : 179k │ total crashes : 0 (0 saved) │ │ total crashes : 0 (0 saved) │ │ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ │ total tmouts : 0 (0 saved) │ │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤ ++│ bit flips : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ 4/638, 5/618 │ levels : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ │ ++│ byte flips : │ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ known ints : │ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, │ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ stability : 100.00% │ ++│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C └────────────────────────────────────────────────────┘^C ++0 ++" \ ++ "" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ overall results ────┐ ++│ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : none seen yet │saved crashes : 0 │ ++│ last saved hang : none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ ++│ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ ++│ now trying : havoc │ favored items : 43 (20.67%) │ ++│ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ ++│ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ ++│ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ ++│ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ ++│py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C" ++ + exit $FAILCOUNT +-- +2.30.2 + diff --git a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch new file mode 100644 index 0000000000..379f6f83b1 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch @@ -0,0 +1,67 @@ +From fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Mon, 20 May 2024 17:55:28 +0200 +Subject: [PATCH] awk: fix use after free (CVE-2023-42363) + +function old new delta +evaluate 3377 3385 +8 + +Fixes https://bugs.busybox.net/show_bug.cgi?id=15865 + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> + +CVE: CVE-2023-42363 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + editors/awk.c | 21 +++++++++++++-------- + 1 file changed, 13 insertions(+), 8 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 0981c6735..ff6d6350b 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -2910,19 +2910,14 @@ static var *evaluate(node *op, var *res) + /* yes, remember where Fields[] is */ + old_Fields_ptr = Fields; + } +- if (opinfo & OF_STR1) { +- L.s = getvar_s(L.v); +- debug_printf_eval("L.s:'%s'\n", L.s); +- } + if (opinfo & OF_NUM1) { + L_d = getvar_i(L.v); + debug_printf_eval("L_d:%f\n", L_d); + } + } +- /* NB: Must get string/numeric values of L (done above) +- * _before_ evaluate()'ing R.v: if both L and R are $NNNs, +- * and right one is large, then L.v points to Fields[NNN1], +- * second evaluate() reallocates and moves (!) Fields[], ++ /* NB: if both L and R are $NNNs, and right one is large, ++ * then at this pint L.v points to Fields[NNN1], second ++ * evaluate() below reallocates and moves (!) Fields[], + * R.v points to Fields[NNN2] but L.v now points to freed mem! + * (Seen trying to evaluate "$444 $44444") + */ +@@ -2942,6 +2937,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("R.s:'%s'\n", R.s); + } + } ++ /* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v ++ * so we must get the string after "old_Fields_ptr" correction ++ * above. Testcase: x = (v = "abc", gsub("b", "X", v)); ++ */ ++ if (opinfo & OF_RES1) { ++ if (opinfo & OF_STR1) { ++ L.s = getvar_s(L.v); ++ debug_printf_eval("L.s:'%s'\n", L.s); ++ } ++ } + + debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); + switch (XC(opinfo & OPCLSMASK)) { +-- +2.30.2 + diff --git a/meta/recipes-core/busybox/busybox/busybox-1.36.1-no-cbq.patch b/meta/recipes-core/busybox/busybox/busybox-1.36.1-no-cbq.patch new file mode 100644 index 0000000000..80cbc73fc4 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/busybox-1.36.1-no-cbq.patch @@ -0,0 +1,61 @@ +Remove CBQ functionality from tc + +6.8+ kernel has dropped CBQ support [1], Now that OE uses 6.9 for +kernel-headers means we are hitting the undefined symbol +TCA_CBQ_MAX [2] + +[1] https://github.com/torvalds/linux/commit/33241dca486264193ed68167c8eeae1fb197f3df +[2] https://bugs.busybox.net/show_bug.cgi?id=15934 + +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15931] +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +diff -up busybox-1.36.1/networking/tc.c.no-cbq busybox-1.36.1/networking/tc.c +--- busybox-1.36.1/networking/tc.c.no-cbq 2024-01-29 10:24:09.135082923 -0500 ++++ busybox-1.36.1/networking/tc.c 2024-01-29 10:28:12.009502552 -0500 +@@ -31,7 +31,7 @@ + //usage: "qdisc [handle QHANDLE] [root|"IF_FEATURE_TC_INGRESS("ingress|")"parent CLASSID]\n" + /* //usage: "[estimator INTERVAL TIME_CONSTANT]\n" */ + //usage: " [[QDISC_KIND] [help|OPTIONS]]\n" +-//usage: " QDISC_KIND := [p|b]fifo|tbf|prio|cbq|red|etc.\n" ++//usage: " QDISC_KIND := [p|b]fifo|tbf|prio|red|etc.\n" + //usage: "qdisc show [dev STRING]"IF_FEATURE_TC_INGRESS(" [ingress]")"\n" + //usage: "class [classid CLASSID] [root|parent CLASSID]\n" + //usage: " [[QDISC_KIND] [help|OPTIONS] ]\n" +@@ -230,7 +230,7 @@ static int cbq_parse_opt(int argc, char + { + return 0; + } +-#endif ++ + static int cbq_print_opt(struct rtattr *opt) + { + struct rtattr *tb[TCA_CBQ_MAX+1]; +@@ -322,6 +322,7 @@ static int cbq_print_opt(struct rtattr * + done: + return 0; + } ++#endif + + static FAST_FUNC int print_qdisc( + const struct sockaddr_nl *who UNUSED_PARAM, +@@ -373,7 +374,8 @@ static FAST_FUNC int print_qdisc( + if (qqq == 0) { /* pfifo_fast aka prio */ + prio_print_opt(tb[TCA_OPTIONS]); + } else if (qqq == 1) { /* class based queuing */ +- cbq_print_opt(tb[TCA_OPTIONS]); ++ /* cbq_print_opt(tb[TCA_OPTIONS]); */ ++ printf("cbq not supported"); + } else { + /* don't know how to print options for this qdisc */ + printf("(options for %s)", name); +@@ -444,7 +446,8 @@ static FAST_FUNC int print_class( + /* nothing. */ /*prio_print_opt(tb[TCA_OPTIONS]);*/ + } else if (qqq == 1) { /* class based queuing */ + /* cbq_print_copt() is identical to cbq_print_opt(). */ +- cbq_print_opt(tb[TCA_OPTIONS]); ++ /* cbq_print_opt(tb[TCA_OPTIONS]); */ ++ printf("cbq not supported"); + } else { + /* don't know how to print options for this class */ + printf("(options for %s)", name); diff --git a/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch b/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch deleted file mode 100644 index 35e981d6a2..0000000000 --- a/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 53626cd06a3ef05ed847daea802ef0aa9661caa7 Mon Sep 17 00:00:00 2001 -From: Anders Darander <anders@chargestorm.se> -Date: Thu, 3 Nov 2011 08:51:31 +0100 -Subject: [PATCH] busybox-udhcpc-no_deconfig.patch - -Upstream-Status: Pending - -Add a new option -D to the udhcpc client that allows for -dhcp renewal to occur without having to down the interface -in the process. - -Signed-off-by: Greg Moffatt <greg.moffatt@windriver.com> - -Updated to latest Busybox 1.17.3 - -Signed-off-by: Mark Hatle <mark.hatle@windriver.com> - -Updated to Busybox 1.18.4 -option spec is changed - -Signed-off-by: Qing He <qing.he@intel.com> - -Updated to Busybox 1.19.3 - -Signed-off-by: Anders Darander <anders@chargestorm.se> - -Fixed options -b, -a and -P. - -Signed-off-by: Andreas Oberritter <obi@opendreambox.org> ---- - networking/udhcp/dhcpc.c | 29 ++++++++++++++++------ - 1 file changed, 21 insertions(+), 8 deletions(-) - -Index: busybox-1.32.0/networking/udhcp/dhcpc.c -=================================================================== ---- busybox-1.32.0.orig/networking/udhcp/dhcpc.c -+++ busybox-1.32.0/networking/udhcp/dhcpc.c -@@ -48,6 +48,8 @@ struct tpacket_auxdata { - }; - #endif - -+/* option whether to down the interface when reconfiguring */ -+static int allow_deconfig = 1; - - /* "struct client_data_t client_data" is in bb_common_bufsiz1 */ - -@@ -103,8 +105,10 @@ - OPT_x = 1 << 18, - OPT_f = 1 << 19, - OPT_B = 1 << 20, -+ OPT_D = 1 << 21, - /* The rest has variable bit positions, need to be clever */ - OPTBIT_B = 20, -+ OPTBIT_D = 21, - USE_FOR_MMU( OPTBIT_b,) - IF_FEATURE_UDHCPC_ARPING(OPTBIT_a,) - IF_FEATURE_UDHCP_PORT( OPTBIT_P,) -@@ -1084,7 +1088,8 @@ - client_data.state = RENEW_REQUESTED; - break; - case RENEW_REQUESTED: /* impatient are we? fine, square 1 */ -- udhcp_run_script(NULL, "deconfig"); -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); - case REQUESTING: - case RELEASED: - change_listen_mode(LISTEN_RAW); -@@ -1120,7 +1125,8 @@ static void perform_release(uint32_t server_addr, uint32_t requested_ip) - * Users requested to be notified in all cases, even if not in one - * of the states above. - */ -- udhcp_run_script(NULL, "deconfig"); -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); - - change_listen_mode(LISTEN_NONE); - client_data.state = RELEASED; -@@ -1238,7 +1244,7 @@ - /* Parse command line */ - opt = getopt32long(argv, "^" - /* O,x: list; -T,-t,-A take numeric param */ -- "CV:H:h:F:i:np:qRr:s:T:+t:+SA:+O:*ox:*fB" -+ "CV:H:h:F:i:np:qRr:s:T:+t:+SA:+O:*ox:*fBD" - USE_FOR_MMU("b") - IF_FEATURE_UDHCPC_ARPING("a::") - IF_FEATURE_UDHCP_PORT("P:") -@@ -1349,6 +1355,10 @@ - logmode |= LOGMODE_SYSLOG; - } - -+ if (opt & OPT_D) { -+ allow_deconfig = 0; -+ } -+ - /* Create pidfile */ - write_pidfile(client_data.pidfile); - /* Goes to stdout (unless NOMMU) and possibly syslog */ -@@ -1357,7 +1367,8 @@ - srand(monotonic_us()); - - client_data.state = INIT_SELECTING; -- udhcp_run_script(NULL, "deconfig"); -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); - change_listen_mode(LISTEN_RAW); - packet_num = 0; - timeout = 0; -@@ -1530,7 +1541,8 @@ - } - /* Timed out, enter init state */ - bb_simple_info_msg("lease lost, entering init state"); -- udhcp_run_script(NULL, "deconfig"); -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); - client_data.state = INIT_SELECTING; - client_data.first_secs = 0; /* make secs field count from 0 */ - /*timeout = 0; - already is */ -@@ -1722,8 +1734,10 @@ - "(got ARP reply), declining"); - send_decline(/*xid,*/ server_addr, packet.yiaddr); - -- if (client_data.state != REQUESTING) -- udhcp_run_script(NULL, "deconfig"); -+ if (client_data.state != REQUESTING) { -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); -+ } - change_listen_mode(LISTEN_RAW); - client_data.state = INIT_SELECTING; - client_data.first_secs = 0; /* make secs field count from 0 */ -@@ -1792,8 +1806,10 @@ - /* return to init state */ - bb_info_msg("received %s", "DHCP NAK"); - udhcp_run_script(&packet, "nak"); -- if (client_data.state != REQUESTING) -- udhcp_run_script(NULL, "deconfig"); -+ if (client_data.state != REQUESTING) { -+ if (allow_deconfig) -+ udhcp_run_script(NULL, "deconfig"); -+ } - change_listen_mode(LISTEN_RAW); - sleep(3); /* avoid excessive network traffic */ - client_data.state = INIT_SELECTING; diff --git a/meta/recipes-core/busybox/busybox/defconfig b/meta/recipes-core/busybox/busybox/defconfig index 701d48d625..8e3b6e480c 100644 --- a/meta/recipes-core/busybox/busybox/defconfig +++ b/meta/recipes-core/busybox/busybox/defconfig @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit -# Busybox version: 1.33.0 -# Wed Mar 10 13:29:25 2021 +# Busybox version: 1.36.0 +# Tue Jan 3 14:17:01 2023 # CONFIG_HAVE_DOT_CONFIG=y @@ -94,9 +94,12 @@ CONFIG_FEATURE_BUFFERS_USE_MALLOC=y CONFIG_PASSWORD_MINLEN=6 CONFIG_MD5_SMALL=1 CONFIG_SHA3_SMALL=1 -CONFIG_FEATURE_FAST_TOP=y -# CONFIG_FEATURE_ETC_NETWORKS is not set -# CONFIG_FEATURE_ETC_SERVICES is not set +CONFIG_FEATURE_NON_POSIX_CP=y +# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set +CONFIG_FEATURE_USE_SENDFILE=y +CONFIG_FEATURE_COPYBUF_KB=4 +CONFIG_MONOTONIC_SYSCALL=y +CONFIG_IOCTL_HEX2STR_ERROR=y CONFIG_FEATURE_EDITING=y CONFIG_FEATURE_EDITING_MAX_LEN=1024 # CONFIG_FEATURE_EDITING_VI is not set @@ -120,14 +123,9 @@ CONFIG_UNICODE_WIDE_WCHARS=y # CONFIG_UNICODE_BIDI_SUPPORT is not set # CONFIG_UNICODE_NEUTRAL_TABLE is not set # CONFIG_UNICODE_PRESERVE_BROKEN is not set -CONFIG_FEATURE_NON_POSIX_CP=y -# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set -CONFIG_FEATURE_USE_SENDFILE=y -CONFIG_FEATURE_COPYBUF_KB=4 -CONFIG_FEATURE_SKIP_ROOTFS=y -CONFIG_MONOTONIC_SYSCALL=y -CONFIG_IOCTL_HEX2STR_ERROR=y -CONFIG_FEATURE_HWIB=y +# CONFIG_LOOP_CONFIGURE is not set +# CONFIG_NO_LOOP_CONFIGURE is not set +CONFIG_TRY_LOOP_CONFIGURE=y # # Applets @@ -162,6 +160,8 @@ CONFIG_FEATURE_BZIP2_DECOMPRESS=y CONFIG_CPIO=y # CONFIG_FEATURE_CPIO_O is not set # CONFIG_FEATURE_CPIO_P is not set +# CONFIG_FEATURE_CPIO_IGNORE_DEVNO is not set +# CONFIG_FEATURE_CPIO_RENUMBER_INODES is not set # CONFIG_DPKG is not set # CONFIG_DPKG_DEB is not set CONFIG_GZIP=y @@ -197,6 +197,22 @@ CONFIG_FEATURE_UNZIP_CDF=y # # Coreutils # +CONFIG_FEATURE_VERBOSE=y + +# +# Common options for date and touch +# +# CONFIG_FEATURE_TIMEZONE is not set + +# +# Common options for cp and mv +# +# CONFIG_FEATURE_PRESERVE_HARDLINKS is not set + +# +# Common options for df, du, ls +# +CONFIG_FEATURE_HUMAN_READABLE=y CONFIG_BASENAME=y CONFIG_CAT=y CONFIG_FEATURE_CATN=y @@ -207,11 +223,13 @@ CONFIG_CHOWN=y # CONFIG_FEATURE_CHOWN_LONG_OPTIONS is not set CONFIG_CHROOT=y # CONFIG_CKSUM is not set +CONFIG_CRC32=y # CONFIG_COMM is not set CONFIG_CP=y # CONFIG_FEATURE_CP_LONG_OPTIONS is not set # CONFIG_FEATURE_CP_REFLINK is not set CONFIG_CUT=y +CONFIG_FEATURE_CUT_REGEX=y CONFIG_DATE=y # CONFIG_FEATURE_DATE_ISOFMT is not set # CONFIG_FEATURE_DATE_NANO is not set @@ -223,6 +241,7 @@ CONFIG_FEATURE_DD_SIGNAL_HANDLING=y # CONFIG_FEATURE_DD_STATUS is not set CONFIG_DF=y # CONFIG_FEATURE_DF_FANCY is not set +# CONFIG_FEATURE_SKIP_ROOTFS is not set CONFIG_DIRNAME=y # CONFIG_DOS2UNIX is not set # CONFIG_UNIX2DOS is not set @@ -316,13 +335,13 @@ CONFIG_TEST2=y CONFIG_FEATURE_TEST_64=y # CONFIG_TIMEOUT is not set CONFIG_TOUCH=y -CONFIG_FEATURE_TOUCH_NODEREF=y CONFIG_FEATURE_TOUCH_SUSV3=y CONFIG_TR=y CONFIG_FEATURE_TR_CLASSES=y # CONFIG_FEATURE_TR_EQUIV is not set CONFIG_TRUE=y # CONFIG_TRUNCATE is not set +# CONFIG_TSORT is not set CONFIG_TTY=y CONFIG_UNAME=y CONFIG_UNAME_OSNAME="GNU/Linux" @@ -343,21 +362,6 @@ CONFIG_WHOAMI=y CONFIG_YES=y # -# Common options -# -CONFIG_FEATURE_VERBOSE=y - -# -# Common options for cp and mv -# -# CONFIG_FEATURE_PRESERVE_HARDLINKS is not set - -# -# Common options for df, du, ls -# -CONFIG_FEATURE_HUMAN_READABLE=y - -# # Console Utilities # CONFIG_CHVT=y @@ -424,6 +428,7 @@ CONFIG_VI=y CONFIG_FEATURE_VI_MAX_LEN=1024 CONFIG_FEATURE_VI_8BIT=y CONFIG_FEATURE_VI_COLON=y +CONFIG_FEATURE_VI_COLON_EXPAND=y CONFIG_FEATURE_VI_YANKMARK=y CONFIG_FEATURE_VI_SEARCH=y # CONFIG_FEATURE_VI_REGEX_SEARCH is not set @@ -437,6 +442,7 @@ CONFIG_FEATURE_VI_WIN_RESIZE=y CONFIG_FEATURE_VI_UNDO=y CONFIG_FEATURE_VI_UNDO_QUEUE=y CONFIG_FEATURE_VI_UNDO_QUEUE_MAX=256 +CONFIG_FEATURE_VI_VERBOSE_STATUS=y CONFIG_FEATURE_ALLOW_EXEC=y # @@ -445,7 +451,11 @@ CONFIG_FEATURE_ALLOW_EXEC=y CONFIG_FIND=y CONFIG_FEATURE_FIND_PRINT0=y CONFIG_FEATURE_FIND_MTIME=y +CONFIG_FEATURE_FIND_ATIME=y +CONFIG_FEATURE_FIND_CTIME=y CONFIG_FEATURE_FIND_MMIN=y +CONFIG_FEATURE_FIND_AMIN=y +CONFIG_FEATURE_FIND_CMIN=y CONFIG_FEATURE_FIND_PERM=y CONFIG_FEATURE_FIND_TYPE=y CONFIG_FEATURE_FIND_EXECUTABLE=y @@ -453,6 +463,7 @@ CONFIG_FEATURE_FIND_XDEV=y CONFIG_FEATURE_FIND_MAXDEPTH=y CONFIG_FEATURE_FIND_NEWER=y # CONFIG_FEATURE_FIND_INUM is not set +CONFIG_FEATURE_FIND_SAMEFILE=y CONFIG_FEATURE_FIND_EXEC=y CONFIG_FEATURE_FIND_EXEC_PLUS=y CONFIG_FEATURE_FIND_USER=y @@ -743,6 +754,7 @@ CONFIG_FEATURE_VOLUMEID_SQUASHFS=y # Miscellaneous Utilities # # CONFIG_ADJTIMEX is not set +CONFIG_ASCII=y # CONFIG_BBCONFIG is not set # CONFIG_FEATURE_COMPRESS_BBCONFIG is not set # CONFIG_BC is not set @@ -823,10 +835,12 @@ CONFIG_MICROCOM=y CONFIG_RFKILL=y # CONFIG_RUNLEVEL is not set # CONFIG_RX is not set +# CONFIG_SEEDRNG is not set # CONFIG_SETFATTR is not set # CONFIG_SETSERIAL is not set CONFIG_STRINGS=y CONFIG_TIME=y +# CONFIG_TREE is not set CONFIG_TS=y # CONFIG_TTYSIZE is not set # CONFIG_UBIATTACH is not set @@ -838,6 +852,7 @@ CONFIG_TS=y # CONFIG_UBIRENAME is not set # CONFIG_VOLNAME is not set # CONFIG_WATCHDOG is not set +# CONFIG_FEATURE_WATCHDOG_OPEN_TWICE is not set # # Networking Utilities @@ -846,6 +861,9 @@ CONFIG_FEATURE_IPV6=y # CONFIG_FEATURE_UNIX_LOCAL is not set CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y # CONFIG_VERBOSE_RESOLUTION_ERRORS is not set +# CONFIG_FEATURE_ETC_NETWORKS is not set +# CONFIG_FEATURE_ETC_SERVICES is not set +CONFIG_FEATURE_HWIB=y # CONFIG_FEATURE_TLS_SHA1 is not set # CONFIG_ARP is not set # CONFIG_ARPING is not set @@ -965,7 +983,7 @@ CONFIG_FEATURE_TFTP_GET=y CONFIG_FEATURE_TFTP_PUT=y # CONFIG_FEATURE_TFTP_BLOCKSIZE is not set # CONFIG_TFTP_DEBUG is not set -CONFIG_TLS=y +# CONFIG_TLS is not set CONFIG_TRACEROUTE=y # CONFIG_TRACEROUTE6 is not set # CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set @@ -976,10 +994,11 @@ CONFIG_TRACEROUTE=y CONFIG_WGET=y CONFIG_FEATURE_WGET_LONG_OPTIONS=y CONFIG_FEATURE_WGET_STATUSBAR=y +CONFIG_FEATURE_WGET_FTP=y CONFIG_FEATURE_WGET_AUTHENTICATION=y CONFIG_FEATURE_WGET_TIMEOUT=y -CONFIG_FEATURE_WGET_HTTPS=y -# CONFIG_FEATURE_WGET_OPENSSL is not set +# CONFIG_FEATURE_WGET_HTTPS is not set +CONFIG_FEATURE_WGET_OPENSSL=y # CONFIG_WHOIS is not set # CONFIG_ZCIP is not set CONFIG_UDHCPD=y @@ -1018,17 +1037,19 @@ CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS="-R -b" # # Mail Utilities # +CONFIG_FEATURE_MIME_CHARSET="" # CONFIG_MAKEMIME is not set # CONFIG_POPMAILDIR is not set # CONFIG_FEATURE_POPMAILDIR_DELIVERY is not set # CONFIG_REFORMIME is not set # CONFIG_FEATURE_REFORMIME_COMPAT is not set # CONFIG_SENDMAIL is not set -CONFIG_FEATURE_MIME_CHARSET="" # # Process Utilities # +CONFIG_FEATURE_FAST_TOP=y +# CONFIG_FEATURE_SHOW_THREADS is not set CONFIG_FREE=y CONFIG_FUSER=y # CONFIG_IOSTAT is not set @@ -1067,7 +1088,6 @@ CONFIG_FEATURE_TOP_CPU_GLOBAL_PERCENTS=y CONFIG_UPTIME=y # CONFIG_FEATURE_UPTIME_UTMP_SUPPORT is not set CONFIG_WATCH=y -# CONFIG_FEATURE_SHOW_THREADS is not set # # Runit Utilities @@ -1132,8 +1152,8 @@ CONFIG_ASH_CMDCMD=y # CONFIG_SHELL_HUSH is not set # CONFIG_HUSH_BASH_COMPAT is not set # CONFIG_HUSH_BRACE_EXPANSION is not set -# CONFIG_HUSH_LINENO_VAR is not set # CONFIG_HUSH_BASH_SOURCE_CURDIR is not set +# CONFIG_HUSH_LINENO_VAR is not set # CONFIG_HUSH_INTERACTIVE is not set # CONFIG_HUSH_SAVEHISTORY is not set # CONFIG_HUSH_JOB is not set @@ -1170,7 +1190,7 @@ CONFIG_ASH_CMDCMD=y # Options common to all shells # CONFIG_FEATURE_SH_MATH=y -# CONFIG_FEATURE_SH_MATH_64 is not set +CONFIG_FEATURE_SH_MATH_64=y CONFIG_FEATURE_SH_MATH_BASE=y CONFIG_FEATURE_SH_EXTRA_QUIET=y # CONFIG_FEATURE_SH_STANDALONE is not set diff --git a/meta/recipes-core/busybox/busybox/fail_on_no_media.patch b/meta/recipes-core/busybox/busybox/fail_on_no_media.patch index 820acc2684..38db52538e 100644 --- a/meta/recipes-core/busybox/busybox/fail_on_no_media.patch +++ b/meta/recipes-core/busybox/busybox/fail_on_no_media.patch @@ -1,3 +1,8 @@ +From a35e79002d36cca3c272ba5625aec86d6b7a38a8 Mon Sep 17 00:00:00 2001 +From: Saul Wold <sgw@linux.intel.com> +Date: Tue, 9 Apr 2013 23:25:54 -0700 +Subject: [PATCH] busybox: fail on no media + Upstream-Status: Denied [https://www.mail-archive.com/busybox@busybox.net/msg22354.html] @@ -10,16 +15,18 @@ removed, but that would be harder to accomplish. Signed-off-by: Saul Wold <sgw@linux.intel.com> +--- + util-linux/mount.c | 8 ++++++++ + 1 file changed, 8 insertions(+) -Index: busybox-1.20.2/util-linux/mount.c -=================================================================== ---- busybox-1.20.2.orig/util-linux/mount.c -+++ busybox-1.20.2/util-linux/mount.c -@@ -598,7 +598,13 @@ static int mount_it_now(struct mntent *m - break; +diff --git a/util-linux/mount.c b/util-linux/mount.c +index 4e65b6b..9d7a566 100644 +--- a/util-linux/mount.c ++++ b/util-linux/mount.c +@@ -746,6 +746,14 @@ static int mount_it_now(struct mntent *mp, unsigned long vfsflags, char *filtero errno = errno_save; } -- + + /* + * Break if there is no media, no point retrying for all + * fs types since there is no media available @@ -27,6 +34,7 @@ Index: busybox-1.20.2/util-linux/mount.c + if (rc == -1 && errno == ENOMEDIUM) { + bb_perror_msg_and_die("mounting %s on %s failed", mp->mnt_fsname, mp->mnt_dir); + } - if (!rc || (vfsflags & MS_RDONLY) || (errno != EACCES && errno != EROFS)) - break; - if (!(vfsflags & MS_SILENT)) ++ + // Should we retry read-only mount? + if (vfsflags & MS_RDONLY) + break; // no, already was tried diff --git a/meta/recipes-core/busybox/busybox/mount-via-label.cfg b/meta/recipes-core/busybox/busybox/mount-via-label.cfg index 2fe7ab2e5f..5a285de7cd 100644 --- a/meta/recipes-core/busybox/busybox/mount-via-label.cfg +++ b/meta/recipes-core/busybox/busybox/mount-via-label.cfg @@ -1,9 +1,11 @@ CONFIG_BLKID=y CONFIG_FEATURE_BLKID_TYPE=y CONFIG_FEATURE_MOUNT_LABEL=y +CONFIG_FEATURE_SWAPONOFF_LABEL=y CONFIG_VOLUMEID=y CONFIG_FEATURE_VOLUMEID_BTRFS=y CONFIG_FEATURE_VOLUMEID_EXT=y CONFIG_FEATURE_VOLUMEID_F2FS=y CONFIG_FEATURE_VOLUMEID_FAT=y CONFIG_FEATURE_VOLUMEID_SQUASHFS=y +CONFIG_FEATURE_VOLUMEID_LINUXSWAP=y diff --git a/meta/recipes-core/busybox/busybox/musl.cfg b/meta/recipes-core/busybox/busybox/musl.cfg index 6fffc91098..ba63def1ba 100644 --- a/meta/recipes-core/busybox/busybox/musl.cfg +++ b/meta/recipes-core/busybox/busybox/musl.cfg @@ -7,5 +7,4 @@ # CONFIG_FEATURE_INETD_RPC is not set # CONFIG_SELINUXENABLED is not set # CONFIG_FEATURE_MOUNT_NFS is not set -# CONFIG_FEATURE_UTMP is not set diff --git a/meta/recipes-core/busybox/busybox/recognize_connmand.patch b/meta/recipes-core/busybox/busybox/recognize_connmand.patch index f42c74caad..4f28beb556 100644 --- a/meta/recipes-core/busybox/busybox/recognize_connmand.patch +++ b/meta/recipes-core/busybox/busybox/recognize_connmand.patch @@ -4,14 +4,14 @@ Upstream-Status: Inappropriate [OE-Core] Signed-off-by: Saul Wold <sgw@linux.intel.com> -Index: busybox-1.22.1/networking/ifupdown.c +Index: busybox-1.36.0/networking/ifupdown.c =================================================================== ---- busybox-1.22.1.orig/networking/ifupdown.c -+++ busybox-1.22.1/networking/ifupdown.c -@@ -521,6 +521,10 @@ struct dhcp_client_t { +--- busybox-1.36.0.orig/networking/ifupdown.c ++++ busybox-1.36.0/networking/ifupdown.c +@@ -628,6 +628,10 @@ struct dhcp_client_t { }; - static const struct dhcp_client_t ext_dhcp_clients[] = { + static const struct dhcp_client_t ext_dhcp_clients[] ALIGN_PTR = { + { "connmand", + "true", + "true", diff --git a/meta/recipes-core/busybox/busybox/sha1sum.cfg b/meta/recipes-core/busybox/busybox/sha1sum.cfg index 20e72d9263..afd4da4ea1 100644 --- a/meta/recipes-core/busybox/busybox/sha1sum.cfg +++ b/meta/recipes-core/busybox/busybox/sha1sum.cfg @@ -1 +1,2 @@ CONFIG_SHA1SUM=y +CONFIG_SHA1_SMALL=3 diff --git a/meta/recipes-core/busybox/busybox/sha_accel.cfg b/meta/recipes-core/busybox/busybox/sha_accel.cfg new file mode 100644 index 0000000000..8900305a11 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/sha_accel.cfg @@ -0,0 +1,2 @@ +# CONFIG_SHA256_HWACCEL is not set +# CONFIG_SHA1_HWACCEL is not set diff --git a/meta/recipes-core/busybox/busybox/start-stop-false.patch b/meta/recipes-core/busybox/busybox/start-stop-false.patch new file mode 100644 index 0000000000..3aef68329c --- /dev/null +++ b/meta/recipes-core/busybox/busybox/start-stop-false.patch @@ -0,0 +1,35 @@ +It's known that the final start-stop-daemon test fails if /bin/false is +actually a busybox symlink. Instead of failing, check if false is +busybox and adapt the expected output to match. + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2023-August/090416.html] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tests +index 0757b1288..aa6e9cc41 100755 +--- a/testsuite/start-stop-daemon.tests ++++ b/testsuite/start-stop-daemon.tests +@@ -27,10 +27,18 @@ testing "start-stop-daemon without -x and -a" \ + # but at least it checks that pathname to exec() is correct + # + # NB: this fails if /bin/false is a busybox symlink: +-# busybox looks at argv[0] and says "qwerty: applet not found" +-testing "start-stop-daemon with both -x and -a" \ +- 'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \ +- "1\n" \ +- "" "" ++# busybox looks at argv[0] and says "qwerty: applet not found", so ++# skip the test if false is busybox. ++case $(readlink /bin/false) in ++ *busybox*) ++ echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)" ++ ;; ++ *) ++ testing "start-stop-daemon with both -x and -a" \ ++ 'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \ ++ "1\n" \ ++ "" "" ++ ;; ++esac + + exit $FAILCOUNT diff --git a/meta/recipes-core/busybox/busybox_1.33.0.bb b/meta/recipes-core/busybox/busybox_1.36.1.bb index c334c42000..f7c3eff29e 100644 --- a/meta/recipes-core/busybox/busybox_1.33.0.bb +++ b/meta/recipes-core/busybox/busybox_1.36.1.bb @@ -1,7 +1,7 @@ require busybox.inc SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ - file://busybox-udhcpc-no_deconfig.patch \ + file://0001-depmod-Ignore-.debug-directories.patch \ file://find-touchscreen.sh \ file://busybox-cron \ file://busybox-httpd \ @@ -26,7 +26,6 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://login-utilities.cfg \ file://recognize_connmand.patch \ file://busybox-cross-menuconfig.patch \ - file://0001-Use-CC-when-linking-instead-of-LD-and-use-CFLAGS-and.patch \ file://mount-via-label.cfg \ file://sha1sum.cfg \ file://sha256sum.cfg \ @@ -38,6 +37,8 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ ${@["", "file://mdev.cfg"][(d.getVar('VIRTUAL-RUNTIME_dev_manager') == 'busybox-mdev')]} \ file://syslog.cfg \ file://unicode.cfg \ + file://rev.cfg \ + file://pgrep.cfg \ file://rcS \ file://rcK \ file://makefile-libbb-race.patch \ @@ -45,11 +46,19 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://0001-testsuite-use-www.example.org-for-wget-test-cases.patch \ file://0001-du-l-works-fix-to-use-145-instead-of-144.patch \ file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \ - file://rev.cfg \ - file://pgrep.cfg \ - file://0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch \ - file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \ + file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \ + file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \ + file://start-stop-false.patch \ + file://CVE-2021-42380.patch \ + file://0001-awk-fix-segfault-when-compiled-by-clang.patch \ + file://CVE-2023-42363.patch \ + file://busybox-1.36.1-no-cbq.patch \ + file://0001-awk-fix-precedence-of-relative-to.patch \ + file://0002-awk-fix-ternary-operator-and-precedence-of.patch \ + file://0001-awk.c-fix-CVE-2023-42366-bug-15874.patch \ + file://0001-cut-Fix-s-flag-to-omit-blank-lines.patch \ " -SRC_URI_append_libc-musl = " file://musl.cfg " - -SRC_URI[tarball.sha256sum] = "d568681c91a85edc6710770cebc1e80e042ad74d305b5c2e6d57a5f3de3b8fbd" +SRC_URI:append:libc-musl = " file://musl.cfg " +# TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html +SRC_URI:append:x86 = " file://sha_accel.cfg" +SRC_URI[tarball.sha256sum] = "b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314" diff --git a/meta/recipes-core/busybox/files/syslog b/meta/recipes-core/busybox/files/syslog index 2208613e8c..a4fea30ab7 100644 --- a/meta/recipes-core/busybox/files/syslog +++ b/meta/recipes-core/busybox/files/syslog @@ -10,6 +10,8 @@ set -e +PATH="/bin:/usr/bin:/sbin:/usr/sbin" + if [ -f /etc/syslog-startup.conf ]; then . /etc/syslog-startup.conf LOG_LOCAL=0 |