diff options
Diffstat (limited to 'poky/meta/recipes-core/busybox')
-rw-r--r-- | poky/meta/recipes-core/busybox/busybox.inc | 14 | ||||
-rw-r--r-- | poky/meta/recipes-core/busybox/busybox/CVE-2017-15874.patch | 30 | ||||
-rw-r--r-- | poky/meta/recipes-core/busybox/busybox/defconfig | 12 | ||||
-rw-r--r-- | poky/meta/recipes-core/busybox/busybox/init.cfg | 7 | ||||
-rw-r--r-- | poky/meta/recipes-core/busybox/busybox_1.27.2.bb | 1 | ||||
-rw-r--r-- | poky/meta/recipes-core/busybox/files/mdev-mount.sh | 4 |
6 files changed, 54 insertions, 14 deletions
diff --git a/poky/meta/recipes-core/busybox/busybox.inc b/poky/meta/recipes-core/busybox/busybox.inc index d1675c37a..8c6dbbaf9 100644 --- a/poky/meta/recipes-core/busybox/busybox.inc +++ b/poky/meta/recipes-core/busybox/busybox.inc @@ -315,20 +315,24 @@ do_install () { fi if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + if grep -q "CONFIG_KLOGD=y" ${B}/.config; then + install -d ${D}${systemd_unitdir}/system + sed 's,@base_sbindir@,${base_sbindir},g' < ${WORKDIR}/busybox-klogd.service.in \ + > ${D}${systemd_unitdir}/system/busybox-klogd.service + fi + if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then install -d ${D}${systemd_unitdir}/system sed 's,@base_sbindir@,${base_sbindir},g' < ${WORKDIR}/busybox-syslog.service.in \ > ${D}${systemd_unitdir}/system/busybox-syslog.service + if [ ! -e ${D}${systemd_unitdir}/system/busybox-klogd.service ] ; then + sed -i '/klog/d' ${D}${systemd_unitdir}/system/busybox-syslog.service + fi if [ -f ${WORKDIR}/busybox-syslog.default ] ; then install -d ${D}${sysconfdir}/default install -m 0644 ${WORKDIR}/busybox-syslog.default ${D}${sysconfdir}/default/busybox-syslog fi fi - if grep -q "CONFIG_KLOGD=y" ${B}/.config; then - install -d ${D}${systemd_unitdir}/system - sed 's,@base_sbindir@,${base_sbindir},g' < ${WORKDIR}/busybox-klogd.service.in \ - > ${D}${systemd_unitdir}/system/busybox-klogd.service - fi fi # Remove the sysvinit specific configuration file for systemd systems to avoid confusion diff --git a/poky/meta/recipes-core/busybox/busybox/CVE-2017-15874.patch b/poky/meta/recipes-core/busybox/busybox/CVE-2017-15874.patch new file mode 100644 index 000000000..67b4ed7e1 --- /dev/null +++ b/poky/meta/recipes-core/busybox/busybox/CVE-2017-15874.patch @@ -0,0 +1,30 @@ +From e75c01bb3249df16201b482b79bb24bec3b58188 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Fri, 27 Oct 2017 15:37:03 +0200 +Subject: [PATCH] unlzma: fix SEGV, closes 10436 + +Upstream-Status: Backport [ https://git.busybox.net/busybox/commit/?id=9ac42c500586fa5f10a1f6d22c3f797df11b1f6b] +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +Signed-off-by: Sinan Kaya <okaya@kernel.org> +--- + archival/libarchive/decompress_unlzma.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c +index 29eee2a..41e492f 100644 +--- a/archival/libarchive/decompress_unlzma.c ++++ b/archival/libarchive/decompress_unlzma.c +@@ -353,6 +353,10 @@ unpack_lzma_stream(transformer_state_t *xstate) + pos = buffer_pos - rep0; + if ((int32_t)pos < 0) { + pos += header.dict_size; ++ /* bug 10436 has an example file where this triggers: */ ++ if ((int32_t)pos < 0) ++ goto bad; ++ + /* see unzip_bad_lzma_2.zip: */ + if (pos >= buffer_size) + goto bad; +-- +2.19.0 + diff --git a/poky/meta/recipes-core/busybox/busybox/defconfig b/poky/meta/recipes-core/busybox/busybox/defconfig index fbb5fd852..59d93c707 100644 --- a/poky/meta/recipes-core/busybox/busybox/defconfig +++ b/poky/meta/recipes-core/busybox/busybox/defconfig @@ -468,21 +468,21 @@ CONFIG_FEATURE_XARGS_SUPPORT_REPL_STR=y # CONFIG_BOOTCHARTD is not set # CONFIG_FEATURE_BOOTCHARTD_BLOATED_HEADER is not set # CONFIG_FEATURE_BOOTCHARTD_CONFIG_FILE is not set -CONFIG_HALT=y -CONFIG_POWEROFF=y -CONFIG_REBOOT=y +# CONFIG_HALT is not set +# CONFIG_POWEROFF is not set +# CONFIG_REBOOT is not set # CONFIG_FEATURE_CALL_TELINIT is not set -CONFIG_TELINIT_PATH="" +# CONFIG_TELINIT_PATH is not set # CONFIG_INIT is not set # CONFIG_LINUXRC is not set # CONFIG_FEATURE_USE_INITTAB is not set # CONFIG_FEATURE_KILL_REMOVED is not set -CONFIG_FEATURE_KILL_DELAY=0 +# CONFIG_FEATURE_KILL_DELAY is not set # CONFIG_FEATURE_INIT_SCTTY is not set # CONFIG_FEATURE_INIT_SYSLOG is not set # CONFIG_FEATURE_INIT_QUIET is not set # CONFIG_FEATURE_INIT_COREDUMPS is not set -CONFIG_INIT_TERMINAL_TYPE="" +# CONFIG_INIT_TERMINAL_TYPE is not set # CONFIG_FEATURE_INIT_MODIFY_CMDLINE is not set # diff --git a/poky/meta/recipes-core/busybox/busybox/init.cfg b/poky/meta/recipes-core/busybox/busybox/init.cfg index 006d4c633..3c1fdd42b 100644 --- a/poky/meta/recipes-core/busybox/busybox/init.cfg +++ b/poky/meta/recipes-core/busybox/busybox/init.cfg @@ -1,3 +1,8 @@ CONFIG_INIT=y CONFIG_FEATURE_USE_INITTAB=y - +CONFIG_HALT=y +CONFIG_POWEROFF=y +CONFIG_REBOOT=y +CONFIG_FEATURE_KILL_DELAY=0 +CONFIG_TELINIT_PATH="" +CONFIG_INIT_TERMINAL_TYPE="" diff --git a/poky/meta/recipes-core/busybox/busybox_1.27.2.bb b/poky/meta/recipes-core/busybox/busybox_1.27.2.bb index 1ce4823d4..bab29728e 100644 --- a/poky/meta/recipes-core/busybox/busybox_1.27.2.bb +++ b/poky/meta/recipes-core/busybox/busybox_1.27.2.bb @@ -47,6 +47,7 @@ SRC_URI = "http://www.busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://busybox-CVE-2017-16544.patch \ file://busybox-fix-lzma-segfaults.patch \ file://umount-ignore-c.patch \ + file://CVE-2017-15874.patch \ " SRC_URI_append_libc-musl = " file://musl.cfg " diff --git a/poky/meta/recipes-core/busybox/files/mdev-mount.sh b/poky/meta/recipes-core/busybox/files/mdev-mount.sh index b4385a157..130e9472f 100644 --- a/poky/meta/recipes-core/busybox/files/mdev-mount.sh +++ b/poky/meta/recipes-core/busybox/files/mdev-mount.sh @@ -25,7 +25,7 @@ case "$ACTION" in fi # check for full-disk partition if [ "${DEVBASE}" = "${MDEV}" ] ; then - if [ -d /sys/block/${DEVBASE}/${DEVBASE}*1 ] ; then + if [ -f /sys/block/${DEVBASE}/${DEVBASE}*1/partition ] ; then # Partition detected, just quit exit 0 fi @@ -43,7 +43,7 @@ case "$ACTION" in then MOUNTPOINT="${MDEV_AUTOMOUNT_ROOT}/$MDEV" mkdir -p "$MOUNTPOINT" - mount -t auto /dev/$MDEV "$MOUNTPOINT" + mount -t auto /dev/$MDEV "$MOUNTPOINT" || rmdir "$MOUNTPOINT" fi ;; remove) |