Introduce a configuration option to build a "hardened" OpenWrt with
ASLR PIE support.
Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR)
by building Position Independent Executables (PIE). This new option protects
against "return-to-text" attacks.
Busybox need a special care, link is done with ld, not gcc, leading to
unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE.
If other failing packages were found, PKG_ASLR_PIE:=0 should be added to
their Makefiles.
Original Work by: Yongkui Han <yonhan@cisco.com>
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.
Fixes: FS#1181 - CVE-2017-16544:
Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8https://nvd.nist.gov/vuln/detail/CVE-2017-16544
Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.
The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Use default Build/Install steps where possible. No binary change in default
configuration, so PKG_RELEASE is not incremented.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
f40f84c support PantechMode
d8dc335 support Quanta and Blackberry modes
333e486 fix support for Option modems
Signed-off-by: John Crispin <john@phrozen.org>
Usually this function is called for appending some small files only
(like fs marks) but let's just make it more generic and capable of
handling bigger files easily. Increasing buffer to 1 KiB shouldn't hurt.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It was there in case of adding some "create" command options that should
be parsed before actually creating the output image. It seems we don't
need any at this point so let's drop this function for now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
CPE ids helps to tracks CVE in packages.
https://cpe.mitre.org/specification/
Thanks to swalker for CPE to package mapping and
keep tracking CVEs.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
There is no need to allocate buffer as big as the whole image in order
to calculate CRC32. It's enough to use small buffer and just read file
content block by block.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This requires changing this helper to accept initial/current CRC32
value as argument but it allows dropping duplicated (complex?) code
calculating the CRC32.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The init script generated something like "DEVICE=/dev/sda" when it should
have been generating "DEVICE /dev/sda". mdadm errors on this. Patch by jow.
Also changed the default sendmail path to /usr/sbin/sendmail. No package
in LEDE provides /sbin/sendmail. msmtp provides /usr/sbin/sendmail so use
that.
Also add a patch to fix file paths for mdadm runtime files. mdadm currently
errors on them since /run is missing. Once /run is added to stock LEDE, this
patch can be removed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
getrandom blocks until the random pool is being initialized.
Unfortunately, this code is being called early during init to create the
overlay filesystem, on some devices leaving little chance for a
successful random pool init.
True randomness is not that important here, so fix this issue by
sticking to using /dev/urandom, like in older versions of this code.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Update e2fsprogs to 1.43.6
Disable compilation of fuse2fs (we don't package it)
Disable thread support (only affects fuse2fs)
Enable linking with libblkid instead of using private (included) version.
The libblkid is ~210KBytes in size, but with using the shared library
the binaries are ~25KBytes smaller. This also brings it in sync with
most other Linux distributions.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Refresh patches, delete patches backported from upstream.
This fixes ntpd sync issues (ntpd would not sync if the first provided
peer address was unreachable).
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
busybox currently installs passwd into /usr/bin which prevents its
'full' shadow-utils variant from being installed.
Move the passwd applet to /bin to avoid that collision.
shadow also provides /usr/bin/login which doesn't collide with busybox
as the busybox login applet is installed at /bin/login.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
busybox currently installs traceroute and traceroute6 into /usr/bin
which prevents their 'full' iputils variants from being installed.
Move those applets to /bin so they can coexist with their iputils
siblings using the same PATH convention already applied for coreutils
and other drop-in 'full' versions.
Refresh existing patch while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Override the failing check in configure with CONFIGURE_VARS instead of
carrying a patch that's unlikely to be accepted by upstream.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
Commit e505f59bd9 "utils/util-linux: Update to 2.30.1" bumped util-linux
without properly adjusting the dependencies of all applets.
Add missing ncursesw dependencies to sfdisk and dmesg applets to fix
packaging issues.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Revert this commit as it introduces a patchfile at a wrong location.
Since the patch was never effective, we can assume that this particular
commit was not properly tested.
This reverts commit dde9da46c1.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix memory leak on nvram_open() and nvram_open_rdonly().
For nvram_open(), the 'fd' should be closed on error, and
mmap_area should be unmap when nvram magic can not be found.
For nvram_open_rdonly(), the 'file' variable should free before
return. Once nvram_find_mtd() return successfully, it will allocate
memory to save mtd device string.
Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
Other distributions incl. the OpenWrt ImageBuilder and SDK
expect to find the bzip2 executable in /bin.
Create a symlink at that location for compatibility.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use the size of the input file as maximum tffs size instead of a fixed
value. The tffs on a AVM Fritz 300E can be up to 512KByte for example.
Fixes a read error for the AVM Fritz 3370 where the tffs partition size
is 64Kbyte and smaller than the former default value of 256KByte.
Signed-off-by: Mathias Kresin <dev@kresin.me>
this is a cherrypick from busybox-git HEAD:
f5470419404d643070db99d058405b714695b817
and can be removed when upgrading to
next busybox release. discussion here:
http://lists.busybox.net/pipermail/busybox/2017-May/085439.html
Signed-off-by: Bastian Bittorf <bb@npl.de>
This is a backport from the busybox repository
(192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the
suppress_{prefixlength,ifgroup} flags for policy routing rules.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
remove files which include the following mode options
BlackberryMode OptionMode PantechMode QuantaMode
Signed-off-by: Julian Labus <julian@labus-online.de>
At some point kernel.org decided to drop xz generated tarballs, switch to gz which they still provide.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Add the necessary changes to CMakeLists.txt to search zlib.h. Fixes
build issues with external toolchains that don't have STAGING_DIR in the
default search path.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
When busybox customisation is enabled, we should depend on config
symbols CONFIG_BUSYBOX_CONFIG_xxx to form alternatives specs
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
When invoking "nslookup_lede" with a domain argument and without explicit
query type, issue both A and AAAA queries and display the resulting IP
addresses in a numbered list style, similar to how the old BusyBox nslookup
used to output the records.
This is required for compatibility with certain scripts.
Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The ":*" optstring syntax was only recently introduced with BusyBox v1.26,
older versions need a corresponding hint in the "opt_complementary" variable
to denote flag values that should be stored as llist entries.
Add the required opt_complementary entry to fix random SIGBUS, SIGILL or
SIGSEGV related crashes on BusyBox 1.25.x when attempting to use the "-q"
flag of the "nslookup_lede" applet.
Ref: https://forum.lede-project.org/t/nslookup-ipv6-in-lede-17-01-1
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update mdadm to 4.0
Remove 000-compile.patch as it's fixed upstream
Refresh patches
Add mdadm.h-Undefine-dprintf-before-redefining.patch
Source: http://git.openembedded.org/openembedded-core/tree/meta/recipes-extended/mdadm/files
Add RAID 0,1 and 10 as depends to make mdadm usable.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Protect any IPv6 related with appropriate guards to fix compilation with
disabled IPv6 support in Busybox.
Fixes#728.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since the LEDE nslookup applet is already specific to LEDE, move the
libresolv detection into the busybox Makefile that LEDE uses.
This fixes builds with external toolchains that don't automatically
search for headers and/or libraries without being told so.
Fixes: de5b8e5d2f ("busybox: add musl compatible nslookup replacement")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Add an alternative nslookup applet implementation which is compatible with
musl libc wrt. name server selection and which supports a number of additional
features such as query type selection.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Split the fritz-tools into subpackages. fritz_tffs_read is usefull for
all Fritz boards where fritz-cal_extract is only required for the
Fritz 4040 at the moment.
Rename the tffs related binary to the more catchy name fritz_tffs and
move the whole package to utilities since the package doesn't really
provide a firmware file.
Make the fritz-tools available for all targets and build them shared.
The tffs is used by avm on lantiq and ar71xx as well.
Tested-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
If you're using Chrony or NTPD you don't want the busybox NTP server
as well. Make it's installation truly conditional.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [simplify]
Update util-linux to 2.29.2
Remote 0001-fix-uClibc-ng-scanf-check.patch as it's been merged upstream.
Refresh patches
Change ncurses to ncursesw to fix compilation and avoid confusion
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [remove faulty dependency changes]
Update util-linux to 2.29.2
Remote 0001-fix-uClibc-ng-scanf-check.patch as it's been merged upstream.
Refresh patches
Change ncurses to ncursesw to fix compilation and avoid confusion
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
ntpd from Busybox supports peer-less (standalone) mode when it's started
with option -l and without any peer provided with option -p. In this
mode ntpd uses local time as reference and acts as stratum 1 server.
This mode can be used in isolated networks, where Internet access and/or
other NTP server/s are not available, but the device has some other way
of getting correct time, like e.g. GPS (ugps supports setting local time
by default).
Support for this mode was incorrectly disabled/removed in:
1527f96ca6
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
The ugps tool expects device path in last argument. If it's provided
before other options, they won't be processed at all.
Additionally, make it possible to use absolute path for gps character
device in related uci configuration.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Fixes build issues with external toolchains that do not have STAGING_DIR
in their default search path.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Make sure we pass down TARGET_CPPFLAGS to let toolchains with no default
search paths to find the mbdetls headers, and override TARGET_LDFLAGS to
include libraries we are linking against.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Brings the following changes:
22f041e18df0 Extend StandardEject sequence to include LUN 1
61fdf7e9b1cc cmake: Search for libjson-c
2769852e76b5 cmake: Find libubox/blobmsg_json.h
8a47c4b6649f add TargetClass support
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
px5g-standalone only supports SHA1 for certificates, which is strongly
deprecated. The new px5g-standalone is about 27k bigger (compressed),
and has identical behavior to px5g-mbedtls (it uses SHA256).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This reverts commit cc66f819b4.
This commit causes opkg to install px5g-standalone instead of px5g when
installing luci-ssl. As luci-ssl depends on mbedtls, using
px5g-standalone makes no sense. Next to that, it creates deprecated SHA1
certificates. Revert the commit to avoid pxg5-standalone to be
installed by accident.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Removing redundant spaces from the name of the option. Without fix:
root@LEDE:~# opkg install ugps
Installing ugps (2016-10-24-32a6b2b7-1) to root...
Downloading http://downloads.lede-project.org/releases/17.01-SNAPSHOT/packages/mips_24kc/base/ugps_2016-10-24-32a6b2b7-1_mips_24kc.ipk
Configuring ugps.
uci: Parse error (invalid character in name field) at line 3, byte 23
uci: Parse error (invalid character in name field) at line 3, byte 23
sh: out of range
root@LEDE:~# uci show gps
uci: Parse error (invalid character in name field) at line 3, byte 23
With this fix:
root@LEDE:~# uci show gps
gps.@gps[0]=gps
gps.@gps[0].tty='ttyACM0'
gps.@gps[0].adjust_time='1'
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
* Update to 1.43.4
* Use xz tarball which saves about 2Mbyte in size
Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of hardcoded URL]
Refresh patches, delete patches that have been applied upstream.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix defaults]
The "new style" busybox applet approach moves all config and build
definitions related to an applet to its .c file. This makes the
patches easier to maintain, as they only add new files to the busybox
build directory, without modifying BusyBox files.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
