diff options
author | Mike Frysinger <vapier@gentoo.org> | 2014-10-18 22:57:51 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2014-10-18 22:57:51 +0000 |
commit | 53df8b250abd86d011b0f8be21718799d1b820dd (patch) | |
tree | 94a6c85fc23455217053803dc671bb5c2f2c909a /sys-apps | |
parent | add emacs herd and fix site-init file, thanks to Ulrich Müller (ulm) (diff) | |
download | gentoo-2-53df8b250abd86d011b0f8be21718799d1b820dd.tar.gz gentoo-2-53df8b250abd86d011b0f8be21718799d1b820dd.tar.bz2 gentoo-2-53df8b250abd86d011b0f8be21718799d1b820dd.zip |
Add lzop fix from upstream #515254 by Kristian Fiskerstrand. Add USE=debug to control build debug options and switch to defconfig #525586 by emil karlson.
(Portage version: 2.2.14_rc1/cvs/Linux x86_64, signed Manifest commit with key D2E96200)
Diffstat (limited to 'sys-apps')
-rw-r--r-- | sys-apps/busybox/ChangeLog | 9 | ||||
-rw-r--r-- | sys-apps/busybox/busybox-1.22.1-r1.ebuild | 300 | ||||
-rw-r--r-- | sys-apps/busybox/files/busybox-1.22.1-lzop.patch | 66 | ||||
-rw-r--r-- | sys-apps/busybox/files/busybox-1.22.1-nc.patch | 15 |
4 files changed, 389 insertions, 1 deletions
diff --git a/sys-apps/busybox/ChangeLog b/sys-apps/busybox/ChangeLog index 5f0d2d23c1e6..64b8fa63cfcc 100644 --- a/sys-apps/busybox/ChangeLog +++ b/sys-apps/busybox/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/busybox # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/busybox/ChangeLog,v 1.368 2014/07/10 13:33:27 zlogene Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/busybox/ChangeLog,v 1.369 2014/10/18 22:57:51 vapier Exp $ + +*busybox-1.22.1-r1 (18 Oct 2014) + + 18 Oct 2014; Mike Frysinger <vapier@gentoo.org> +busybox-1.22.1-r1.ebuild, + +files/busybox-1.22.1-lzop.patch, +files/busybox-1.22.1-nc.patch: + Add lzop fix from upstream #515254 by Kristian Fiskerstrand. Add USE=debug to + control build debug options and switch to defconfig #525586 by emil karlson. 10 Jul 2014; Mikle Kolyada <zlogene@gentoo.org> busybox-1.22.1.ebuild: Add ~arm64 keyword diff --git a/sys-apps/busybox/busybox-1.22.1-r1.ebuild b/sys-apps/busybox/busybox-1.22.1-r1.ebuild new file mode 100644 index 000000000000..699422f442d4 --- /dev/null +++ b/sys-apps/busybox/busybox-1.22.1-r1.ebuild @@ -0,0 +1,300 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/busybox/busybox-1.22.1-r1.ebuild,v 1.1 2014/10/18 22:57:51 vapier Exp $ + +# See `man savedconfig.eclass` for info on how to use USE=savedconfig. + +EAPI="4" +inherit eutils flag-o-matic savedconfig toolchain-funcs multilib + +DESCRIPTION="Utilities for rescue and embedded systems" +HOMEPAGE="http://www.busybox.net/" +if [[ ${PV} == "9999" ]] ; then + MY_P=${PN} + EGIT_REPO_URI="git://busybox.net/busybox.git" + inherit git-2 +else + MY_P=${PN}-${PV/_/-} + SRC_URI="http://www.busybox.net/downloads/${MY_P}.tar.bz2" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~arm-linux ~x86-linux" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="debug ipv6 livecd make-symlinks math mdev -pam selinux sep-usr +static syslog systemd" +RESTRICT="test" + +RDEPEND="!static? ( selinux? ( sys-libs/libselinux ) ) + pam? ( sys-libs/pam )" +DEPEND="${RDEPEND} + static? ( selinux? ( sys-libs/libselinux[static-libs(+)] ) ) + >=sys-kernel/linux-headers-2.6.39" + +S=${WORKDIR}/${MY_P} + +busybox_config_option() { + local flag=$1 ; shift + if [[ ${flag} != [yn] ]] ; then + busybox_config_option $(usex ${flag} y n) "$@" + return + fi + while [[ $# -gt 0 ]] ; do + if [[ ${flag} == "y" ]] ; then + sed -i -e "s:.*\<CONFIG_$1\>.*set:CONFIG_$1=y:g" .config + else + sed -i -e "s:CONFIG_$1=y:# CONFIG_$1 is not set:g" .config + fi + einfo $(grep "CONFIG_$1[= ]" .config || echo Could not find CONFIG_$1 ...) + shift + done +} + +busybox_config_enabled() { + local val=$(sed -n "/^CONFIG_$1=/s:^[^=]*=::p" .config) + case ${val} in + "") return 1 ;; + y) return 0 ;; + *) echo "${val}" | sed -r 's:^"(.*)"$:\1:' ;; + esac +} + +src_prepare() { + unset KBUILD_OUTPUT #88088 + append-flags -fno-strict-aliasing #310413 + use ppc64 && append-flags -mminimal-toc #130943 + + # patches go here! + epatch "${FILESDIR}"/${PN}-1.19.0-bb.patch + epatch "${FILESDIR}"/${P}-*.patch + cp "${FILESDIR}"/ginit.c init/ || die + + # flag cleanup + sed -i -r \ + -e 's:[[:space:]]?-(Werror|Os|falign-(functions|jumps|loops|labels)=1|fomit-frame-pointer)\>::g' \ + Makefile.flags || die + #sed -i '/bbsh/s:^//::' include/applets.h + sed -i '/^#error Aborting compilation./d' applets/applets.c || die + use elibc_glibc && sed -i 's:-Wl,--gc-sections::' Makefile + sed -i \ + -e "/^CROSS_COMPILE/s:=.*:= ${CHOST}-:" \ + -e "/^AR\>/s:=.*:= $(tc-getAR):" \ + -e "/^CC\>/s:=.*:= $(tc-getCC):" \ + -e "/^HOSTCC/s:=.*:= $(tc-getBUILD_CC):" \ + -e "/^PKG_CONFIG\>/s:=.*:= $(tc-getPKG_CONFIG):" \ + Makefile || die + sed -i \ + -e 's:-static-libgcc::' \ + Makefile.flags || die +} + +src_configure() { + # check for a busybox config before making one of our own. + # if one exist lets return and use it. + + restore_config .config + if [ -f .config ]; then + yes "" | emake -j1 -s oldconfig >/dev/null + return 0 + else + ewarn "Could not locate user configfile, so we will save a default one" + fi + + # setup the config file + emake -j1 -s defconfig >/dev/null + # nommu forces a bunch of things off which we want on #387555 + busybox_config_option n NOMMU + sed -i '/^#/d' .config + yes "" | emake -j1 -s oldconfig >/dev/null + + # now turn off stuff we really don't want + busybox_config_option n DMALLOC + busybox_config_option n FEATURE_SUID_CONFIG + busybox_config_option n BUILD_AT_ONCE + busybox_config_option n BUILD_LIBBUSYBOX + busybox_config_option n FEATURE_CLEAN_UP + busybox_config_option n MONOTONIC_SYSCALL + busybox_config_option n USE_PORTABLE_CODE + busybox_config_option n WERROR + + # If these are not set and we are using a uclibc/busybox setup + # all calls to system() will fail. + busybox_config_option y ASH + busybox_config_option n HUSH + + # disable ipv6 applets + if ! use ipv6; then + busybox_config_option n FEATURE_IPV6 + busybox_config_option n TRACEROUTE6 + busybox_config_option n PING6 + busybox_config_option n UDHCPC6 + fi + + if use static && use pam ; then + ewarn "You cannot have USE='static pam'. Assuming static is more important." + fi + busybox_config_option $(usex static n pam) PAM + busybox_config_option static STATIC + busybox_config_option syslog {K,SYS}LOGD LOGGER + busybox_config_option systemd FEATURE_SYSTEMD + busybox_config_option math FEATURE_AWK_LIBM + + # all the debug options are compiler related, so punt them + busybox_config_option n DEBUG + busybox_config_option y NO_DEBUG_LIB + busybox_config_option n DMALLOC + busybox_config_option n EFENCE + busybox_config_option $(usex debug y n) TFTP_DEBUG + + busybox_config_option selinux SELINUX + + # this opt only controls mounting with <linux-2.6.23 + busybox_config_option n FEATURE_MOUNT_NFS + + # default a bunch of uncommon options to off + local opt + for opt in \ + ADD_SHELL \ + BEEP BOOTCHARTD \ + CRONTAB \ + DC DEVFSD DNSD DPKG{,_DEB} \ + FAKEIDENTD FBSPLASH FOLD FSCK_MINIX FTP{GET,PUT} \ + FEATURE_DEVFS \ + HOSTID HUSH \ + INETD INOTIFYD IPCALC \ + LOCALE_SUPPORT LOGNAME LPD \ + MAKEMIME MKFS_MINIX MSH \ + OD \ + RDEV READPROFILE REFORMIME REMOVE_SHELL RFKILL RUN_PARTS RUNSV{,DIR} \ + SLATTACH SMEMCAP SULOGIN SV{,LOGD} \ + TASKSET TCPSVD \ + RPM RPM2CPIO \ + UDPSVD UUDECODE UUENCODE + do + busybox_config_option n ${opt} + done + + emake -j1 oldconfig > /dev/null +} + +src_compile() { + unset KBUILD_OUTPUT #88088 + export SKIP_STRIP=y + + emake V=1 busybox +} + +src_install() { + unset KBUILD_OUTPUT #88088 + save_config .config + + into / + dodir /bin + if use sep-usr ; then + # install /ginit to take care of mounting stuff + exeinto / + newexe busybox_unstripped ginit + dosym /ginit /bin/bb + dosym bb /bin/busybox + else + newbin busybox_unstripped busybox + dosym busybox /bin/bb + fi + if use mdev ; then + dodir /$(get_libdir)/mdev/ + use make-symlinks || dosym /bin/bb /sbin/mdev + cp "${S}"/examples/mdev_fat.conf "${ED}"/etc/mdev.conf + + exeinto /$(get_libdir)/mdev/ + doexe "${FILESDIR}"/mdev/* + + newinitd "${FILESDIR}"/mdev.rc.1 mdev + fi + if use livecd ; then + dosym busybox /bin/vi + fi + + # add busybox daemon's, bug #444718 + if busybox_config_enabled FEATURE_NTPD_SERVER; then + newconfd "${FILESDIR}/ntpd.confd" "busybox-ntpd" + newinitd "${FILESDIR}/ntpd.initd" "busybox-ntpd" + fi + if busybox_config_enabled SYSLOGD; then + newconfd "${FILESDIR}/syslogd.confd" "busybox-syslogd" + newinitd "${FILESDIR}/syslogd.initd" "busybox-syslogd" + fi + if busybox_config_enabled KLOGD; then + newconfd "${FILESDIR}/klogd.confd" "busybox-klogd" + newinitd "${FILESDIR}/klogd.initd" "busybox-klogd" + fi + if busybox_config_enabled WATCHDOG; then + newconfd "${FILESDIR}/watchdog.confd" "busybox-watchdog" + newinitd "${FILESDIR}/watchdog.initd" "busybox-watchdog" + fi + if busybox_config_enabled UDHCPC; then + local path=$(busybox_config_enabled UDHCPC_DEFAULT_SCRIPT) + exeinto "${path%/*}" + newexe examples/udhcp/simple.script "${path##*/}" + fi + if busybox_config_enabled UDHCPD; then + insinto /etc + doins examples/udhcp/udhcpd.conf + fi + + # bundle up the symlink files for use later + emake DESTDIR="${ED}" install + rm _install/bin/busybox + # for compatibility, provide /usr/bin/env + mkdir -p _install/usr/bin + ln -s /bin/env _install/usr/bin/env + tar cf busybox-links.tar -C _install . || : #;die + insinto /usr/share/${PN} + use make-symlinks && doins busybox-links.tar + + dodoc AUTHORS README TODO + + cd docs + docinto txt + dodoc *.txt + docinto pod + dodoc *.pod + dohtml *.html + + cd ../examples + docinto examples + dodoc inittab depmod.pl *.conf *.script undeb unrpm +} + +pkg_preinst() { + if use make-symlinks && [[ ! ${VERY_BRAVE_OR_VERY_DUMB} == "yes" ]] && [[ ${ROOT} == "/" ]] ; then + ewarn "setting USE=make-symlinks and emerging to / is very dangerous." + ewarn "it WILL overwrite lots of system programs like: ls bash awk grep (bug 60805 for full list)." + ewarn "If you are creating a binary only and not merging this is probably ok." + ewarn "set env VERY_BRAVE_OR_VERY_DUMB=yes if this is really what you want." + die "silly options will destroy your system" + fi + + if use make-symlinks ; then + mv "${ED}"/usr/share/${PN}/busybox-links.tar "${T}"/ || die + fi +} + +pkg_postinst() { + savedconfig_pkg_postinst + + if use make-symlinks ; then + cd "${T}" || die + mkdir _install + tar xf busybox-links.tar -C _install || die + cp -vpPR _install/* "${ROOT}"/ || die "copying links for ${x} failed" + fi + + if use sep-usr ; then + elog "In order to use the sep-usr support, you have to update your" + elog "kernel command line. Add the option:" + elog " init=/ginit" + elog "To launch a different init than /sbin/init, use:" + elog " init=/ginit /sbin/yourinit" + elog "To get a rescue shell, you may boot with:" + elog " init=/ginit bb" + fi +} diff --git a/sys-apps/busybox/files/busybox-1.22.1-lzop.patch b/sys-apps/busybox/files/busybox-1.22.1-lzop.patch new file mode 100644 index 000000000000..d89cc24a5467 --- /dev/null +++ b/sys-apps/busybox/files/busybox-1.22.1-lzop.patch @@ -0,0 +1,66 @@ +From a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Mon, 30 Jun 2014 10:14:34 +0200 +Subject: [PATCH] lzop: add overflow check + +See CVE-2014-4607 +http://www.openwall.com/lists/oss-security/2014/06/26/20 + +function old new delta +lzo1x_decompress_safe 1010 1031 +21 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +--- + archival/libarchive/liblzo.h | 2 ++ + archival/libarchive/lzo1x_d.c | 3 +++ + 2 files changed, 5 insertions(+) + +diff --git a/archival/libarchive/liblzo.h b/archival/libarchive/liblzo.h +index 843997c..4596620 100644 +--- a/archival/libarchive/liblzo.h ++++ b/archival/libarchive/liblzo.h +@@ -76,11 +76,13 @@ + # define TEST_IP (ip < ip_end) + # define NEED_IP(x) \ + if ((unsigned)(ip_end - ip) < (unsigned)(x)) goto input_overrun ++# define TEST_IV(x) if ((x) > (unsigned)0 - (511)) goto input_overrun + + # undef TEST_OP /* don't need both of the tests here */ + # define TEST_OP 1 + # define NEED_OP(x) \ + if ((unsigned)(op_end - op) < (unsigned)(x)) goto output_overrun ++# define TEST_OV(x) if ((x) > (unsigned)0 - (511)) goto output_overrun + + #define HAVE_ANY_OP 1 + +diff --git a/archival/libarchive/lzo1x_d.c b/archival/libarchive/lzo1x_d.c +index 9bc1270..40b167e 100644 +--- a/archival/libarchive/lzo1x_d.c ++++ b/archival/libarchive/lzo1x_d.c +@@ -92,6 +92,7 @@ int lzo1x_decompress_safe(const uint8_t* in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 15 + *ip++; + } + /* copy literals */ +@@ -224,6 +225,7 @@ int lzo1x_decompress_safe(const uint8_t* in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 31 + *ip++; + } + #if defined(COPY_DICT) +@@ -265,6 +267,7 @@ int lzo1x_decompress_safe(const uint8_t* in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 7 + *ip++; + } + #if defined(COPY_DICT) +-- +2.1.2 + diff --git a/sys-apps/busybox/files/busybox-1.22.1-nc.patch b/sys-apps/busybox/files/busybox-1.22.1-nc.patch new file mode 100644 index 000000000000..1ddb4834bd7f --- /dev/null +++ b/sys-apps/busybox/files/busybox-1.22.1-nc.patch @@ -0,0 +1,15 @@ +--- busybox-1.22.1/networking/nc_bloaty.c ++++ busybox-1.22.1-nc/networking/nc_bloaty.c +@@ -175,9 +175,9 @@ enum { + OPT_w = (1 << 5), + OPT_l = (1 << 6) * ENABLE_NC_SERVER, + OPT_k = (1 << 7) * ENABLE_NC_SERVER, +- OPT_i = (1 << (7+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, +- OPT_o = (1 << (8+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, +- OPT_z = (1 << (9+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, ++ OPT_i = (1 << (6+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, ++ OPT_o = (1 << (7+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, ++ OPT_z = (1 << (8+2*ENABLE_NC_SERVER)) * ENABLE_NC_EXTRA, + }; + + #define o_nflag (option_mask32 & OPT_n) |