Commit graph

413 commits

Author SHA1 Message Date
Hauke Mehrtens
e273860351 mtd: fix compile warnings
This callback should have one parameter less, this parameter is not used
so this was not a so big problem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-18 00:59:18 +01:00
Andy Walsh
20d63ebc94 e2fsprogs: break out libcomerr/libss, FS#1310
libext2fs breaks krb5 by always installing its own copies of libcom_err.so
and libss.so.

Move the libraries into separate libcomerr and libss packages respectively
and add a host build recipe to stage the required compile_et and mk_cmds
utilities for use by other packages.

This allows the krb5 package to be fixed to use the system wide libcomerr
and libss libraries.

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[rename libcom_err to libcomerr, make compile_et and mk_cmds relocatable,
 cleanup makefile, add dependency on host build, reword commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-14 18:49:24 +01:00
Jo-Philipp Wich
093b75e106 jsonfilter: update to latest git HEAD
c7e938d implement POSIX regexp support
cd6629f lexer: fix encoding 7 bit escape sequences
8614470 main: implement array mode

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-03-14 18:48:23 +01:00
Matthias Schiffer
b8d9a064f0
busybox: remove i386-specific build flags
busybox tries to be smart and passes a number of additional flags to the
compiler. Unfortunately, the i386-specific flags break ABI compatiblity
with libc.

Fixes busybox crashes observed on x86-generic with GCC 7.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-03-12 12:49:03 +01:00
Toni Uhlig
57468c7142 util-linux: added unshare and nsenter executables
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2018-03-09 22:15:01 +01:00
Tomasz Moń
9a0cc49089 util-linux: add lscpu package
lscpu is used by lxc-debian template.

Signed-off-by: Tomasz Moń <desowin@gmail.com>
2018-02-24 11:24:20 +01:00
Julien Dusser
df0bd42fde build: add hardened builds with PIE (ASLR) support
Introduce a configuration option to build a "hardened" OpenWrt with
ASLR PIE support.

Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR)
by building Position Independent Executables (PIE). This new option protects
against "return-to-text" attacks.

Busybox need a special care, link is done with ld, not gcc, leading to
unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE.

If other failing packages were found, PKG_ASLR_PIE:=0 should be added to
their Makefiles.

Original Work by: Yongkui Han <yonhan@cisco.com>
Signed-off-by: Julien Dusser <julien.dusser@free.fr>
2018-01-27 16:46:45 +01:00
Dirk Brenken
ef8cd6be1e util-linux: add fstrim support
This PR adds optional fstrim support

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-01-18 08:04:18 +01:00
Jo-Philipp Wich
fe920d01bb treewide: replace LEDE_GIT with PROJECT_GIT
Remove LEDE_GIT references in favor to the new name-agnostic
PROJECT_GIT variable.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-10 21:27:32 +01:00
Kevin Darbyshire-Bryant
4e800716ac lua: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 10:42:34 +01:00
Kevin Darbyshire-Bryant
b61a648e4a busybox: clean up patch fuzz
Refresh patches to tidy up fuzz.  No functional changes

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-05 10:35:51 +01:00
Roman Yeryomin
2277cd1249 busybox: enable flock by default
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-01-02 07:51:39 +01:00
John Crispin
7c0a2bc930 busybox: backport cve-2017-16544 fix
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.

Fixes: FS#1181 - CVE-2017-16544:

Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8
https://nvd.nist.gov/vuln/detail/CVE-2017-16544

Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2018-01-02 07:14:08 +01:00
Matthias Schiffer
20c349f68c
busybox: add missing TARGET_CPPFLAGS and TARGET_LDFLAGS
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.

The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-12-28 12:26:23 +01:00
Matthias Schiffer
a10fae1133
busybox: streamline Makefile
Use default Build/Install steps where possible. No binary change in default
configuration, so PKG_RELEASE is not incremented.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-12-28 12:24:25 +01:00
John Crispin
5bbd493e66 usbmode: update to latest git HEAD
f40f84c support PantechMode
d8dc335 support Quanta and Blackberry modes
333e486 fix support for Option modems

Signed-off-by: John Crispin <john@phrozen.org>
2017-12-24 09:03:01 +01:00
Lucian Cristian
1044723ec9 busybox: enable find -newer needed for shorewall firewall, no size increase on binary
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-12-14 09:29:30 +01:00
Rosen Penev
06f8b4ddbd e2fsprogs: Update to 1.43.7
Compiled and tested on ramips with no noticeable problems.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-12-14 09:29:30 +01:00
Jo-Philipp Wich
f4c68e1cc6 busybox: fix glibc libresolv dependency for LEDE nslook applet
Fixes d1ba483472 merge: busybox: update CONFIG_NSLOOKUP in busybox config.
Fixes FS#1212.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-12-10 14:26:19 +01:00
Zoltan HERPAI
d1ba483472 merge: busybox: update CONFIG_NSLOOKUP in busybox config and respective patch
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2017-12-08 19:41:18 +01:00
Zoltan HERPAI
23f774f727 merge: packages: update branding in core packages
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2017-12-08 19:41:18 +01:00
Rosen Penev
fc4e7bdca7 usbutils: Update usb.ids file to latest
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-11-22 20:45:07 +01:00
Rafał Miłecki
36a92274a8 otrx: fix memory leak in otrx_create_append_zeros
A "free" call was missing after allocating a buffer.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-17 11:32:51 +01:00
Rafał Miłecki
70837168ef otrx: bump buffer size in otrx_create_append_file
Usually this function is called for appending some small files only
(like fs marks) but let's just make it more generic and capable of
handling bigger files easily. Increasing buffer to 1 KiB shouldn't hurt.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-17 11:30:31 +01:00
Rafał Miłecki
ab8f20c18d otrx: drop unused otrx_create_parse_options function
It was there in case of adding some "create" command options that should
be parsed before actually creating the output image. It seems we don't
need any at this point so let's drop this function for now.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-17 11:30:31 +01:00
Alexander Couzens
c61a239514
add PKG_CPE_ID ids to package and tools
CPE ids helps to tracks CVE in packages.
https://cpe.mitre.org/specification/

Thanks to swalker for CPE to package mapping and
keep tracking CVEs.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-11-17 02:24:35 +01:00
Rafał Miłecki
b15c563929 otrx: always align image to 0x1000
This seems to match what the original trx tool and mjn3's replacement
do.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-16 09:33:56 +01:00
Zhai Zhaoxuan
c382237ac3 packages: nvram: fix memory leak in _nvram_free
The value of nvram_tuple_t is allocated in _nvram_realloc,
but it is not freed in _nvram_free.

Signed-off-by: Zhai Zhaoxuan <zhaizhaoxuan@xiaomi.com>
2017-11-15 21:11:23 +01:00
Rafał Miłecki
3f96e57aed otrx: add support for -A (append) and -a (align) options
They are inspired and compatible with the original and mjn3's trx tool.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-14 22:33:19 +01:00
Rafał Miłecki
6d283b8029 otrx: optimize memory usage when creating TRX image
There is no need to allocate buffer as big as the whole image in order
to calculate CRC32. It's enough to use small buffer and just read file
content block by block.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-14 22:33:19 +01:00
Rafał Miłecki
c6761e7c8e otrx: use helper function when checking image's CRC32
This requires changing this helper to accept initial/current CRC32
value as argument but it allows dropping duplicated (complex?) code
calculating the CRC32.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-11-14 22:33:19 +01:00
Matt Mets
851644bf5b adb: fix package description
Signed-off-by: Matt Mets <matt@blinkinlabs.com>
2017-10-29 16:16:35 +01:00
Jo-Philipp Wich
d4e7af5278 mdadm: fix parameter quoting
Ensure that path defines are passed quoted to the compiler in order
to avoid cpp syntax errors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-10-27 03:26:37 +02:00
Rosen Penev
8eadec40bd mdadm: Fix config generation
The init script generated something like "DEVICE=/dev/sda" when it should
have been generating "DEVICE /dev/sda". mdadm errors on this. Patch by jow.

Also changed the default sendmail path to /usr/sbin/sendmail. No package
in LEDE provides /sbin/sendmail. msmtp provides /usr/sbin/sendmail so use
that.

Also add a patch to fix file paths for mdadm runtime files. mdadm currently
errors on them since /run is missing. Once /run is added to stock LEDE, this
patch can be removed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[rewrap commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-10-27 02:32:32 +02:00
Hans Dedecker
1cec4d4ef0 busybox: provide "ip"
Let busybox provide "ip" as it supports the ip applets link, address,
route, rule and neighbor

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-10-14 20:23:55 +02:00
Daniel Engberg
c4562a9069 package/utils/f2fs-tools: Update to 1.9.0
Update f2fs-tools to 1.9.0
Remove patch as its been committed upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-09-30 22:43:17 +02:00
Ryan Mounce
6a5a58ed27 util-linux: update to 2.30.2
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
2017-09-30 22:41:43 +02:00
Felix Fietkau
e64463ebde util-linux: avoid using the getrandom syscall
getrandom blocks until the random pool is being initialized.
Unfortunately, this code is being called early during init to create the
overlay filesystem, on some devices leaving little chance for a
successful random pool init.
True randomness is not that important here, so fix this issue by
sticking to using /dev/urandom, like in older versions of this code.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-09-29 12:32:44 +02:00
Philip Prindeville
3008fc9a7b usbutils: avoid duplicating the git revision
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-09-20 02:08:09 +02:00
Daniel Engberg
5b1660a538 utils/e2fsprogs: Update to 1.43.6
Update e2fsprogs to 1.43.6
Disable compilation of fuse2fs (we don't package it)
Disable thread support (only affects fuse2fs)
Enable linking with libblkid instead of using private (included) version.
The libblkid is ~210KBytes in size, but with using the shared library
the binaries are ~25KBytes smaller. This also brings it in sync with
most other Linux distributions.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-09-17 00:26:52 +02:00
Magnus Kroken
89f8a01dab busybox: update to 1.27.2
Refresh patches, delete patches backported from upstream.

This fixes ntpd sync issues (ntpd would not sync if the first provided
peer address was unreachable).

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-08-30 22:34:41 +02:00
Daniel Golle
a3c0d5f70a busybox: move passwd applet to /bin
busybox currently installs passwd into /usr/bin which prevents its
'full' shadow-utils variant from being installed.
Move the passwd applet to /bin to avoid that collision.
shadow also provides /usr/bin/login which doesn't collide with busybox
as the busybox login applet is installed at /bin/login.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-08-30 18:12:48 +02:00
Daniel Golle
a63eb74bce busybox: move traceroute applets to /bin
busybox currently installs traceroute and traceroute6 into /usr/bin
which prevents their 'full' iputils variants from being installed.
Move those applets to /bin so they can coexist with their iputils
siblings using the same PATH convention already applied for coreutils
and other drop-in 'full' versions.
Refresh existing patch while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2017-08-30 18:12:48 +02:00
Stijn Tintel
cdb494fdc2 f2fs-tools: fix mkfs.f2fs on big-endian systems
Fixes: FS#749

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-25 10:19:06 +03:00
Stijn Tintel
252c8ddf14 f2fs-tools: drop musl compat patch
It is no longer needed since version 1.4.1.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-25 10:19:06 +03:00
Stijn Tintel
d87f27af54 f2fs-tools: drop patch in favour of CONFIGURE_VARS
Override the failing check in configure with CONFIGURE_VARS instead of
carrying a patch that's unlikely to be accepted by upstream.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: John Crispin <john@phrozen.org>
2017-08-25 10:19:06 +03:00
Philip Prindeville
5c2c0f8a32 util-linux: don't need to build NLS support
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-08-23 18:36:22 +02:00
Jo-Philipp Wich
4fce22e88f util-linux: add missing dependencies
Commit e505f59bd9 "utils/util-linux: Update to 2.30.1" bumped util-linux
without properly adjusting the dependencies of all applets.

Add missing ncursesw dependencies to sfdisk and dmesg applets to fix
packaging issues.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-08-23 11:34:25 +02:00
Jo-Philipp Wich
0168ba2e07 Revert "busybox: ash/hush fix for read-builtin command"
Revert this commit as it introduces a patchfile at a wrong location.
Since the patch was never effective, we can assume that this particular
commit was not properly tested.

This reverts commit dde9da46c1.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-08-23 10:58:10 +02:00
BangLang Huang
69da83d9f1 nvram: add help message for nvram magic not found
The program would failed if nvram magic not found
in specific partition.

Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
2017-08-22 14:31:32 +02:00