From b4853d8428d3795446a40fdc8a642f8b174e7132 Mon Sep 17 00:00:00 2001 From: Akhilesh Nema Date: Thu, 9 Jan 2025 00:01:30 -0800 Subject: [PATCH 01/10] package/radvd: bump version to 2.20 Radvd now uses libbsd. Changelog: https://github.com/radvd-project/radvd/blob/v2.20/CHANGES Signed-off-by: Akhilesh Nema [Peter: add and propagate remaining libbsd dependencies] Signed-off-by: Peter Korsgaard --- package/libvirt/Config.in | 1 + package/radvd/Config.in | 5 +++++ package/radvd/radvd.hash | 4 ++-- package/radvd/radvd.mk | 4 ++-- 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/package/libvirt/Config.in b/package/libvirt/Config.in index 6e4de43f73c2..c55ab429ebc3 100644 --- a/package/libvirt/Config.in +++ b/package/libvirt/Config.in @@ -46,6 +46,7 @@ config BR2_PACKAGE_LIBVIRT_DAEMON default y depends on BR2_INSTALL_LIBSTDCPP # nmap depends on !BR2_KERNEL_64_USERLAND_32 # ebtables + depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS # radvd -> libbsd select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS select BR2_PACKAGE_DNSMASQ select BR2_PACKAGE_EBTABLES diff --git a/package/radvd/Config.in b/package/radvd/Config.in index f1df0c3cb81c..374e184b74dd 100644 --- a/package/radvd/Config.in +++ b/package/radvd/Config.in @@ -1,6 +1,11 @@ config BR2_PACKAGE_RADVD bool "radvd" depends on BR2_USE_MMU # fork() + depends on BR2_PACKAGE_LIBBSD_ARCH_SUPPORTS # libbsd + depends on !BR2_STATIC_LIBS # libbsd + depends on BR2_TOOLCHAIN_HAS_THREADS # libbsd + depends on BR2_USE_WCHAR # libbsd + select BR2_PACKAGE_LIBBSD help IPv6 Router Advertisement Daemon. diff --git a/package/radvd/radvd.hash b/package/radvd/radvd.hash index a624db24ba8f..8415b8d854df 100644 --- a/package/radvd/radvd.hash +++ b/package/radvd/radvd.hash @@ -1,3 +1,3 @@ -# From http://www.litech.org/radvd/dist/radvd-2.19.tar.gz.sha512 -sha512 caa621fd77e34ff6858d60a41b0ee02aff967ac14f2b84c402359744f4bece5c1563419860431c328adc0385e9893ed1f2421d652247a3aa0dfc0aaad1e01233 radvd-2.19.tar.gz +# From http://www.litech.org/radvd/dist/radvd-2.20.tar.gz.sha512 +sha512 798d8476ab5ff43083b181d6d6ec43c47d06e4067d30c71e038cfd890bcf1ca23e809f9e184c4363458bfa25a916625dd2d7553290fb3e5459034d477b80ebaa radvd-2.20.tar.gz sha256 40a6db00cf0b97f031eaa6c6e87157788f40ced1b88e3ea6d78779bd2a39dc80 COPYRIGHT diff --git a/package/radvd/radvd.mk b/package/radvd/radvd.mk index 7a3b0a36ac7b..89d8f55d51b7 100644 --- a/package/radvd/radvd.mk +++ b/package/radvd/radvd.mk @@ -4,9 +4,9 @@ # ################################################################################ -RADVD_VERSION = 2.19 +RADVD_VERSION = 2.20 RADVD_SITE = http://www.litech.org/radvd/dist -RADVD_DEPENDENCIES = host-bison host-flex host-pkgconf +RADVD_DEPENDENCIES = host-bison host-flex host-pkgconf libbsd # We need to ignore , because radvd already includes # , which conflicts with . RADVD_CONF_ENV = \ From 16943849e090fbaca75817ba3563dd2d66bfd51d Mon Sep 17 00:00:00 2001 From: Marcin Niestroj Date: Mon, 3 Feb 2025 07:42:40 +0100 Subject: [PATCH 02/10] package/python-pytest-asyncio: bump to 0.25.3 See [1] for changelog. [1] https://pytest-asyncio.readthedocs.io/en/latest/reference/changelog.html Signed-off-by: Marcin Niestroj Signed-off-by: Peter Korsgaard --- package/python-pytest-asyncio/python-pytest-asyncio.hash | 4 ++-- package/python-pytest-asyncio/python-pytest-asyncio.mk | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/python-pytest-asyncio/python-pytest-asyncio.hash b/package/python-pytest-asyncio/python-pytest-asyncio.hash index accff0557bd0..1a1aaac839ad 100644 --- a/package/python-pytest-asyncio/python-pytest-asyncio.hash +++ b/package/python-pytest-asyncio/python-pytest-asyncio.hash @@ -1,5 +1,5 @@ # md5, sha256 from https://pypi.org/pypi/pytest-asyncio/json -md5 c00782dd936f55366c536a41184ef04a pytest_asyncio-0.25.2.tar.gz -sha256 3f8ef9a98f45948ea91a0ed3dc4268b5326c0e7bce73892acc654df4262ad45f pytest_asyncio-0.25.2.tar.gz +md5 307961c0f1ad9510aa1cb72715db0bd5 pytest_asyncio-0.25.3.tar.gz +sha256 fc1da2cf9f125ada7e710b4ddad05518d4cee187ae9412e9ac9271003497f07a pytest_asyncio-0.25.3.tar.gz # Locally computed sha256 checksums sha256 a8ad31b1c3f40dca5a84119351b8fa8ddc868edd77fad8a8ebf6d8f2d16fa4ae LICENSE diff --git a/package/python-pytest-asyncio/python-pytest-asyncio.mk b/package/python-pytest-asyncio/python-pytest-asyncio.mk index c21892d18c0f..e2bb3565b184 100644 --- a/package/python-pytest-asyncio/python-pytest-asyncio.mk +++ b/package/python-pytest-asyncio/python-pytest-asyncio.mk @@ -4,9 +4,9 @@ # ################################################################################ -PYTHON_PYTEST_ASYNCIO_VERSION = 0.25.2 +PYTHON_PYTEST_ASYNCIO_VERSION = 0.25.3 PYTHON_PYTEST_ASYNCIO_SOURCE = pytest_asyncio-$(PYTHON_PYTEST_ASYNCIO_VERSION).tar.gz -PYTHON_PYTEST_ASYNCIO_SITE = https://files.pythonhosted.org/packages/72/df/adcc0d60f1053d74717d21d58c0048479e9cab51464ce0d2965b086bd0e2 +PYTHON_PYTEST_ASYNCIO_SITE = https://files.pythonhosted.org/packages/f2/a8/ecbc8ede70921dd2f544ab1cadd3ff3bf842af27f87bbdea774c7baa1d38 PYTHON_PYTEST_ASYNCIO_SETUP_TYPE = setuptools PYTHON_PYTEST_ASYNCIO_LICENSE = Apache-2.0 PYTHON_PYTEST_ASYNCIO_LICENSE_FILES = LICENSE From c29f6393ab37d0c8816d70bf21b118ed778f790d Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 15:27:40 +0100 Subject: [PATCH 03/10] package/busybox: fix patch 0009 formatting As it is, patch 0009 cannot be applied with "git am", so fix its format. Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- ...c-failing-saying-ncurses-is-not-found.patch | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch b/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch index 4651d8c2c912..f4a926ae37ea 100644 --- a/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch +++ b/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch @@ -1,6 +1,6 @@ -From ctxnop@gmail.com Sun Jul 21 12:10:52 2024 -From: ctxnop@gmail.com (Nop) -Date: Sun, 21 Jul 2024 14:10:52 +0200 +From 32949508fe566aee8988cb6d8ee101ecc5e49a65 Mon Sep 17 00:00:00 2001 +From: ctxnop +Date: Sun, 26 Jan 2025 20:59:20 +0100 Subject: [PATCH] menuconfig: GCC failing saying ncurses is not found Newer GCC increased diagnostics levels resulting in considering the @@ -17,13 +17,12 @@ Signed-off-by: Fiona Klute (WIWA) scripts/kconfig/lxdialog/check-lxdialog.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -diff --git a/scripts/kconfig/lxdialog/check-lxdialog.sh -b/scripts/kconfig/lxdialog/check-lxdialog.sh -index 5075ebf2d..c644d1d48 100755 +diff --git a/scripts/kconfig/lxdialog/check-lxdialog.sh b/scripts/kconfig/lxdialog/check-lxdialog.sh +index 5075ebf2d..08e4da3de 100755 --- a/scripts/kconfig/lxdialog/check-lxdialog.sh +++ b/scripts/kconfig/lxdialog/check-lxdialog.sh @@ -45,9 +45,9 @@ trap "rm -f $tmp" 0 1 2 3 15 - + # Check if we can link to ncurses check() { - $cc -x c - -o $tmp 2>/dev/null <<'EOF' @@ -34,5 +33,6 @@ index 5075ebf2d..c644d1d48 100755 EOF if [ $? != 0 ]; then echo " *** Unable to find the ncurses libraries or the" 1>&2 --- -2.45.2 +-- +2.47.1 + From 75c594d4468430067fbe1a9c81aefd80b4c2a064 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 15:27:41 +0100 Subject: [PATCH 04/10] package/busybox: fix pending CVEs This commit adds patches, which were all backported from upstream, or submitted upstream, and that fix various CVEs. To facilitate the backporting work, we took the backports from openembedded-core. CVE-2021-42380: this one is not marked by NVD as affecting 1.36.1, but its fix was merged after 1.36.1, so it seems like the NVD data is incorrect. Therefore, no need for a BUSYBOX_IGNORE_CVES entry. Patch is upstream, backport taken from openembedded-core. CVE-2023-42363, CVE-2023-42364, CVE-2023-42365: patches are upstream, backports taken from openembedded-core. CVE-2023-42366: patch has been submitted upstream but not merged, patch taken from openembedded-core. Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- ...r-realloc-CVE-2021-42380-closes-1560.patch | 154 +++++++++++++ ...wk-fix-use-after-free-CVE-2023-42363.patch | 70 ++++++ ...13-awk-fix-precedence-of-relative-to.patch | 203 ++++++++++++++++++ ...x-ternary-operator-and-precedence-of.patch | 102 +++++++++ ...5-awk.c-fix-CVE-2023-42366-bug-15874.patch | 43 ++++ package/busybox/busybox.mk | 10 + 6 files changed, 582 insertions(+) create mode 100644 package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch create mode 100644 package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch create mode 100644 package/busybox/0013-awk-fix-precedence-of-relative-to.patch create mode 100644 package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch create mode 100644 package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch diff --git a/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch b/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch new file mode 100644 index 000000000000..f0f33b11ffa5 --- /dev/null +++ b/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch @@ -0,0 +1,154 @@ +From 7c73cdaa80faf0046b07c970321557ff04f7da64 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Fri, 26 May 2023 19:36:58 +0200 +Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601 + +Signed-off-by: Denys Vlasenko + +CVE: CVE-2021-42380 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae] +Signed-off-by: Peter Marko +[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] +Upstream: https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae +Signed-off-by: Thomas Petazzoni +--- + editors/awk.c | 26 ++++++++++++++++----- + testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 75 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 728ee8685..2af823808 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -555,7 +555,7 @@ struct globals { + const char *g_progname; + int g_lineno; + int nfields; +- int maxfields; /* used in fsrealloc() only */ ++ unsigned maxfields; + var *Fields; + char *g_pos; + char g_saved_ch; +@@ -1931,9 +1931,9 @@ static void fsrealloc(int size) + { + int i, newsize; + +- if (size >= maxfields) { +- /* Sanity cap, easier than catering for overflows */ +- if (size > 0xffffff) ++ if ((unsigned)size >= maxfields) { ++ /* Sanity cap, easier than catering for over/underflows */ ++ if ((unsigned)size > 0xffffff) + bb_die_memory_exhausted(); + + i = maxfields; +@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res) + uint32_t opinfo; + int opn; + node *op1; ++ var *old_Fields_ptr; + + opinfo = op->info; + opn = (opinfo & OPNMASK); +@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); + + /* execute inevitable things */ ++ old_Fields_ptr = NULL; + if (opinfo & OF_RES1) { + if ((opinfo & OF_REQUIRED) && !op1) + syntax_error(EMSG_TOO_FEW_ARGS); + L.v = evaluate(op1, TMPVAR0); ++ /* Does L.v point to $n variable? */ ++ if ((size_t)(L.v - Fields) < maxfields) { ++ /* yes, remember where Fields[] is */ ++ old_Fields_ptr = Fields; ++ } + if (opinfo & OF_STR1) { + L.s = getvar_s(L.v); + debug_printf_eval("L.s:'%s'\n", L.s); +@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res) + */ + if (opinfo & OF_RES2) { + R.v = evaluate(op->r.n, TMPVAR1); +- //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? +- //L.v = NULL; ++ /* Seen in $5=$$5=$0: ++ * Evaluation of R.v ($$5=$0 expression) ++ * made L.v ($5) invalid. It's detected here. ++ */ ++ if (old_Fields_ptr) { ++ //if (old_Fields_ptr != Fields) ++ // debug_printf_eval("L.v moved\n"); ++ L.v += Fields - old_Fields_ptr; ++ } + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); + debug_printf_eval("R.s:'%s'\n", R.s); +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index bbf0fbff1..ddc51047b 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -485,4 +485,59 @@ testing 'awk assign while test' \ + "" \ + "foo" + ++# User-supplied bug (SEGV) example, was causing use-after-realloc ++testing 'awk assign while assign' \ ++ "awk '\$5=\$\$5=\$0'; echo \$?" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐ ++│ run time : │ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find │ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : │last saved crash : none seen yet │saved crashes : 0 │ seen yet │saved crashes : 0 │ ++│ last saved hang │ last saved hang : none seen yet │ saved hangs : 0 │ none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤ ++│ now processing : │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ (88.5%) │ map density : 0.30% / 0.52% │ │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out │ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤ ++│ now trying : │ now trying : havoc │ favored items : 43 (20.67%) │ │ favored items : 43 (20.67%) │ ++│ stage execs : │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ 52 (25.00%) │ ++│ total execs : │ total execs : 179k │ total crashes : 0 (0 saved) │ │ total crashes : 0 (0 saved) │ │ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ │ total tmouts : 0 (0 saved) │ │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤ ++│ bit flips : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ 4/638, 5/618 │ levels : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ │ ++│ byte flips : │ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ known ints : │ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, │ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ stability : 100.00% │ ++│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C └────────────────────────────────────────────────────┘^C ++0 ++" \ ++ "" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ overall results ────┐ ++│ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : none seen yet │saved crashes : 0 │ ++│ last saved hang : none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ ++│ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ ++│ now trying : havoc │ favored items : 43 (20.67%) │ ++│ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ ++│ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ ++│ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ ++│ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ ++│py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C" ++ + exit $FAILCOUNT +-- +2.47.1 + diff --git a/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch b/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch new file mode 100644 index 000000000000..92a6c36d0169 --- /dev/null +++ b/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch @@ -0,0 +1,70 @@ +From 20a91edce02adc258038a2e9bf5bda0fe27a5050 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Mon, 20 May 2024 17:55:28 +0200 +Subject: [PATCH] awk: fix use after free (CVE-2023-42363) + +function old new delta +evaluate 3377 3385 +8 + +Fixes https://bugs.busybox.net/show_bug.cgi?id=15865 + +Signed-off-by: Natanael Copa +Signed-off-by: Denys Vlasenko + +CVE: CVE-2023-42363 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa] +Signed-off-by: Peter Marko +[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] +Upstream: https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa +Signed-off-by: Thomas Petazzoni +--- + editors/awk.c | 21 +++++++++++++-------- + 1 file changed, 13 insertions(+), 8 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 2af823808..d45724d59 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -2910,19 +2910,14 @@ static var *evaluate(node *op, var *res) + /* yes, remember where Fields[] is */ + old_Fields_ptr = Fields; + } +- if (opinfo & OF_STR1) { +- L.s = getvar_s(L.v); +- debug_printf_eval("L.s:'%s'\n", L.s); +- } + if (opinfo & OF_NUM1) { + L_d = getvar_i(L.v); + debug_printf_eval("L_d:%f\n", L_d); + } + } +- /* NB: Must get string/numeric values of L (done above) +- * _before_ evaluate()'ing R.v: if both L and R are $NNNs, +- * and right one is large, then L.v points to Fields[NNN1], +- * second evaluate() reallocates and moves (!) Fields[], ++ /* NB: if both L and R are $NNNs, and right one is large, ++ * then at this pint L.v points to Fields[NNN1], second ++ * evaluate() below reallocates and moves (!) Fields[], + * R.v points to Fields[NNN2] but L.v now points to freed mem! + * (Seen trying to evaluate "$444 $44444") + */ +@@ -2942,6 +2937,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("R.s:'%s'\n", R.s); + } + } ++ /* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v ++ * so we must get the string after "old_Fields_ptr" correction ++ * above. Testcase: x = (v = "abc", gsub("b", "X", v)); ++ */ ++ if (opinfo & OF_RES1) { ++ if (opinfo & OF_STR1) { ++ L.s = getvar_s(L.v); ++ debug_printf_eval("L.s:'%s'\n", L.s); ++ } ++ } + + debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); + switch (XC(opinfo & OPCLSMASK)) { +-- +2.47.1 + diff --git a/package/busybox/0013-awk-fix-precedence-of-relative-to.patch b/package/busybox/0013-awk-fix-precedence-of-relative-to.patch new file mode 100644 index 000000000000..596036d8fc2d --- /dev/null +++ b/package/busybox/0013-awk-fix-precedence-of-relative-to.patch @@ -0,0 +1,203 @@ +From 47ff44735c0cd05efd899fb3486aca77e65fbe15 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Tue, 30 May 2023 16:42:18 +0200 +Subject: [PATCH] awk: fix precedence of = relative to == + +Discovered while adding code to disallow assignments to non-lvalues + +function old new delta +parse_expr 936 991 +55 +.rodata 105243 105247 +4 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 2/0 up/down: 59/0) Total: 59 bytes + +CVE: CVE-2023-42364 CVE-2023-42365 + +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4] +Signed-off-by: Denys Vlasenko +(cherry picked from commit 0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4) +Signed-off-by: Khem Raj +[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] +Upstream: https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4 +Signed-off-by: Thomas Petazzoni +--- + editors/awk.c | 66 ++++++++++++++++++++++++++++++--------------- + testsuite/awk.tests | 5 ++++ + 2 files changed, 50 insertions(+), 21 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index d45724d59..5962c3f6a 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -337,7 +337,9 @@ static void debug_parse_print_tc(uint32_t n) + #undef P + #undef PRIMASK + #undef PRIMASK2 +-#define P(x) (x << 24) ++/* Smaller 'x' means _higher_ operator precedence */ ++#define PRECEDENCE(x) (x << 24) ++#define P(x) PRECEDENCE(x) + #define PRIMASK 0x7F000000 + #define PRIMASK2 0x7E000000 + +@@ -360,7 +362,7 @@ enum { + OC_MOVE = 0x1f00, OC_PGETLINE = 0x2000, OC_REGEXP = 0x2100, + OC_REPLACE = 0x2200, OC_RETURN = 0x2300, OC_SPRINTF = 0x2400, + OC_TERNARY = 0x2500, OC_UNARY = 0x2600, OC_VAR = 0x2700, +- OC_DONE = 0x2800, ++ OC_CONST = 0x2800, OC_DONE = 0x2900, + + ST_IF = 0x3000, ST_DO = 0x3100, ST_FOR = 0x3200, + ST_WHILE = 0x3300 +@@ -440,9 +442,9 @@ static const uint32_t tokeninfo[] ALIGN4 = { + #define TI_PREINC (OC_UNARY|xV|P(9)|'P') + #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') + TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), +- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', +- OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', +- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', ++ OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', ++ OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', ++ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', + OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', + OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, + #define TI_LESS (OC_COMPARE|VV|P(39)|2) +@@ -1290,7 +1292,7 @@ static uint32_t next_token(uint32_t expected) + save_tclass = tc; + save_info = t_info; + tc = TC_BINOPX; +- t_info = OC_CONCAT | SS | P(35); ++ t_info = OC_CONCAT | SS | PRECEDENCE(35); + } + + t_tclass = tc; +@@ -1350,9 +1352,8 @@ static node *parse_expr(uint32_t term_tc) + { + node sn; + node *cn = &sn; +- node *vn, *glptr; ++ node *glptr; + uint32_t tc, expected_tc; +- var *v; + + debug_printf_parse("%s() term_tc(%x):", __func__, term_tc); + debug_parse_print_tc(term_tc); +@@ -1363,11 +1364,12 @@ static node *parse_expr(uint32_t term_tc) + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc; + + while (!((tc = next_token(expected_tc)) & term_tc)) { ++ node *vn; + + if (glptr && (t_info == TI_LESS)) { + /* input redirection (<) attached to glptr node */ + debug_printf_parse("%s: input redir\n", __func__); +- cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37)); ++ cn = glptr->l.n = new_node(OC_CONCAT | SS | PRECEDENCE(37)); + cn->a.n = glptr; + expected_tc = TS_OPERAND | TS_UOPPRE; + glptr = NULL; +@@ -1379,24 +1381,42 @@ static node *parse_expr(uint32_t term_tc) + * previous operators with higher priority */ + vn = cn; + while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) +- || ((t_info == vn->info) && t_info == TI_COLON) ++ || (t_info == vn->info && t_info == TI_COLON) + ) { + vn = vn->a.n; + if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN); + } + if (t_info == TI_TERNARY) + //TODO: why? +- t_info += P(6); ++ t_info += PRECEDENCE(6); + cn = vn->a.n->r.n = new_node(t_info); + cn->a.n = vn->a.n; + if (tc & TS_BINOP) { + cn->l.n = vn; +-//FIXME: this is the place to detect and reject assignments to non-lvalues. +-//Currently we allow "assignments" to consts and temporaries, nonsense like this: +-// awk 'BEGIN { "qwe" = 1 }' +-// awk 'BEGIN { 7 *= 7 }' +-// awk 'BEGIN { length("qwe") = 1 }' +-// awk 'BEGIN { (1+1) += 3 }' ++ ++ /* Prevent: ++ * awk 'BEGIN { "qwe" = 1 }' ++ * awk 'BEGIN { 7 *= 7 }' ++ * awk 'BEGIN { length("qwe") = 1 }' ++ * awk 'BEGIN { (1+1) += 3 }' ++ */ ++ /* Assignment? (including *= and friends) */ ++ if (((t_info & OPCLSMASK) == OC_MOVE) ++ || ((t_info & OPCLSMASK) == OC_REPLACE) ++ ) { ++ debug_printf_parse("%s: MOVE/REPLACE vn->info:%08x\n", __func__, vn->info); ++ /* Left side is a (variable or array element) ++ * or function argument ++ * or $FIELD ? ++ */ ++ if ((vn->info & OPCLSMASK) != OC_VAR ++ && (vn->info & OPCLSMASK) != OC_FNARG ++ && (vn->info & OPCLSMASK) != OC_FIELD ++ ) { ++ syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ ++ } ++ } ++ + expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; + if (t_info == TI_PGETLINE) { + /* it's a pipe */ +@@ -1432,6 +1452,8 @@ static node *parse_expr(uint32_t term_tc) + /* one should be very careful with switch on tclass - + * only simple tclasses should be used (TC_xyz, not TS_xyz) */ + switch (tc) { ++ var *v; ++ + case TC_VARIABLE: + case TC_ARRAY: + debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); +@@ -1452,14 +1474,14 @@ static node *parse_expr(uint32_t term_tc) + case TC_NUMBER: + case TC_STRING: + debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); +- cn->info = OC_VAR; ++ cn->info = OC_CONST; + v = cn->l.v = xzalloc(sizeof(var)); +- if (tc & TC_NUMBER) ++ if (tc & TC_NUMBER) { + setvar_i(v, t_double); +- else { ++ } else { + setvar_s(v, t_string); +- expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */ + } ++ expected_tc &= ~TC_UOPPOST; /* NUM++, "str"++ not allowed */ + break; + + case TC_REGEXP: +@@ -3107,6 +3129,8 @@ static var *evaluate(node *op, var *res) + + /* -- recursive node type -- */ + ++ case XC( OC_CONST ): ++ debug_printf_eval("CONST "); + case XC( OC_VAR ): + debug_printf_eval("VAR\n"); + L.v = op->l.v; +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index ddc51047b..a78fdcd98 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -540,4 +540,9 @@ testing 'awk assign while assign' \ + │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] + └────────────────────────────────────────────────────┘^C" + ++testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ ++ "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ ++ '0\n1\n2\n1\n3\n' \ ++ '' '' ++ + exit $FAILCOUNT +-- +2.47.1 + diff --git a/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch b/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch new file mode 100644 index 000000000000..78f21481ccd9 --- /dev/null +++ b/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch @@ -0,0 +1,102 @@ +From 173164c6b2f2ad17dd14d3a43e5bff47abde7199 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Tue, 21 May 2024 14:46:08 +0200 +Subject: [PATCH] awk: fix ternary operator and precedence of = + +Adjust the = precedence test to match behavior of gawk, mawk and +FreeBSD. awk 'BEGIN {print v=3==3; print v}' should print two '1'. + +To fix this, and to unbreak the ternary conditional operator, we restore +the precedence of = in the token list, but override this with a lower +priority when the assignment is on the right side of a compare. + +This fixes commit 0256e00a9d07 (awk: fix precedence of = relative to ==) [1] + +CVE: CVE-2023-42364 CVE-2023-42365 + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] + +[1] https://bugs.busybox.net/show_bug.cgi?id=15871#c6 + +Signed-off-by: Natanael Copa +(cherry picked from commit 1714301c405ef03b39605c85c23f22a190cddd95) +Signed-off-by: Khem Raj +[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] +Upstream: https://git.busybox.net/busybox/commit/?id=38335df9e9f45378c3407defd38b5b610578bdda +Signed-off-by: Thomas Petazzoni +--- + editors/awk.c | 18 ++++++++++++++---- + testsuite/awk.tests | 9 +++++++-- + 2 files changed, 21 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 5962c3f6a..9467f4644 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -442,9 +442,10 @@ static const uint32_t tokeninfo[] ALIGN4 = { + #define TI_PREINC (OC_UNARY|xV|P(9)|'P') + #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') + TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), +- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', +- OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', +- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', ++#define TI_ASSIGN (OC_MOVE|VV|P(74)) ++ OC_COMPARE|VV|P(39)|5, TI_ASSIGN, OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', ++ OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', ++ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', + OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', + OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, + #define TI_LESS (OC_COMPARE|VV|P(39)|2) +@@ -1376,11 +1377,19 @@ static node *parse_expr(uint32_t term_tc) + continue; + } + if (tc & (TS_BINOP | TC_UOPPOST)) { ++ int prio; + debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); + /* for binary and postfix-unary operators, jump back over + * previous operators with higher priority */ + vn = cn; +- while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) ++ /* Let assignment get higher priority when used on right ++ * side in compare. i.e: 2==v=3 */ ++ if (t_info == TI_ASSIGN && (vn->a.n->info & OPCLSMASK) == OC_COMPARE) { ++ prio = PRECEDENCE(38); ++ } else { ++ prio = (t_info & PRIMASK); ++ } ++ while ((prio > (vn->a.n->info & PRIMASK2)) + || (t_info == vn->info && t_info == TI_COLON) + ) { + vn = vn->a.n; +@@ -1412,6 +1421,7 @@ static node *parse_expr(uint32_t term_tc) + if ((vn->info & OPCLSMASK) != OC_VAR + && (vn->info & OPCLSMASK) != OC_FNARG + && (vn->info & OPCLSMASK) != OC_FIELD ++ && (vn->info & OPCLSMASK) != OC_COMPARE + ) { + syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ + } +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index a78fdcd98..d2706dea9 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -540,9 +540,14 @@ testing 'awk assign while assign' \ + │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] + └────────────────────────────────────────────────────┘^C" + +-testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ ++testing "awk = has higher precedence than == on right side" \ + "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ +- '0\n1\n2\n1\n3\n' \ ++ '0\n1\n2\n1\n1\n' \ ++ '' '' ++ ++testing 'awk ternary precedence' \ ++ "awk 'BEGIN { a = 0 ? \"yes\": \"no\"; print a }'" \ ++ 'no\n' \ + '' '' + + exit $FAILCOUNT +-- +2.47.1 + diff --git a/package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch b/package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch new file mode 100644 index 000000000000..15b2cfdf005c --- /dev/null +++ b/package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch @@ -0,0 +1,43 @@ +From 54e64812090f58cffca08fcf11d2dbc471c964e1 Mon Sep 17 00:00:00 2001 +From: Valery Ushakov +Date: Wed, 24 Jan 2024 22:24:41 +0300 +Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874) + +Make sure we don't read past the end of the string in next_token() +when backslash is the last character in an (invalid) regexp. +a fix and issue reported in bugzilla + +https://bugs.busybox.net/show_bug.cgi?id=15874 + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] + +CVE: CVE-2023-42366 +Signed-off-by: Khem Raj +[Thomas: https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] +Upstream: http://lists.busybox.net/pipermail/busybox/2024-May/090766.html +Signed-off-by: Thomas Petazzoni +--- + editors/awk.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 9467f4644..947195333 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected) + s[-1] = bb_process_escape_sequence((const char **)&pp); + if (*p == '\\') + *s++ = '\\'; +- if (pp == p) ++ if (pp == p) { ++ if (*p == '\0') ++ syntax_error(EMSG_UNEXP_EOS); + *s++ = *p++; +- else ++ } else + p = pp; + } + } +-- +2.47.1 + diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk index 942875ee0e12..d61fed987922 100644 --- a/package/busybox/busybox.mk +++ b/package/busybox/busybox.mk @@ -15,6 +15,16 @@ BUSYBOX_CPE_ID_VENDOR = busybox # 0004-nslookup-sanitize-all-printed-strings-with-printable.patch BUSYBOX_IGNORE_CVES += CVE-2022-28391 +# 0012-awk-fix-use-after-free-CVE-2023-42363.patch +BUSYBOX_IGNORE_CVES += CVE-2023-42363 + +# 0013-awk-fix-precedence-of-relative-to.patch +# 0014-awk-fix-ternary-operator-and-precedence-of.patch +BUSYBOX_IGNORE_CVES += CVE-2023-42364 CVE-2023-42365 + +# 0015-awk.c-fix-CVE-2023-42366-bug-15874.patch +BUSYBOX_IGNORE_CVES += CVE-2023-42366 + BUSYBOX_CFLAGS = \ $(TARGET_CFLAGS) From a956eeb96b44e42423f997b22cf37dca83cb4e76 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 15:27:42 +0100 Subject: [PATCH 05/10] package/busybox: fix hwclock build issue on RISC-V 32-bit musl configs Take a patch from meta-riscv, which was submitted upstream by Khem Raj to fix a build issue on RISC-V 32-bit musl configurations. This issue has been discussed with musl developers who believe this is a Busybox issue. The patch from Khem works around the issue by making it a runtime failure just affecting hwclock on RISC-V 32-bit musl instead of a build failure. The correct fix is not really clear, as there seems to be a disagreement between Busybox people and musl people on what the C library settimeofday() function should do, and that's why Busybox is bypassing settimeofday() on musl by making a direct system call, except this system call doesn't exist on RISC-V 32-bit. In the mean time, this patch fixes the long standing Gitlab CI issue: - tests.toolchain.test_external_bootlin.TestExternalToolchainBootlinRiscv32ilp32dMuslStable https://gitlab.com/buildroot.org/buildroot/-/jobs/8954291684 - tests.toolchain.test_external_bootlin.TestExternalToolchainBootlinRiscv32ilp32dMuslBleedingEdge https://gitlab.com/buildroot.org/buildroot/-/jobs/8954291683 Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- ...r-SYS_settimeofday-before-calling-sy.patch | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch diff --git a/package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch b/package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch new file mode 100644 index 000000000000..c61cbc810722 --- /dev/null +++ b/package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch @@ -0,0 +1,54 @@ +From a378cd9c3a022500d7feaefb4e3bb43fdd789131 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 7 Mar 2021 17:30:24 -0800 +Subject: [PATCH] hwclock: Check for SYS_settimeofday before calling syscall + +Some newer architectures e.g. RISCV32 have 64bit time_t from get go and +thusly do not have gettimeofday_time64/settimeofday_time64 implemented +therefore check for SYS_settimeofday definition before making the +syscall. Fixes build for riscv32 and it will bail out at runtime. + +Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2021-March/088583.html] +Signed-off-by: Khem Raj +Upstream: http://lists.busybox.net/pipermail/busybox/2021-March/088583.html +[Thomas: this issue has been discussed on the musl mailing list, and +the musl developers' opinion is that Busybox is wrong: +https://www.openwall.com/lists/musl/2024/03/03/2 +https://www.openwall.com/lists/musl/2024/04/07/2. The correct fix +isn't clear, and in the mean time, the patch from Khem turns the build +issue into a runtime error only on the problematic architecture, which +seems like a reasonable trade-off] +Signed-off-by: Thomas Petazzoni +--- + util-linux/hwclock.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/util-linux/hwclock.c b/util-linux/hwclock.c +index 723b09589..b9faaabbc 100644 +--- a/util-linux/hwclock.c ++++ b/util-linux/hwclock.c +@@ -131,6 +131,7 @@ static void show_clock(const char **pp_rtcname, int utc) + + static void set_kernel_tz(const struct timezone *tz) + { ++ int ret = 1; + #if LIBC_IS_MUSL + /* musl libc does not pass tz argument to syscall + * because "it's deprecated by POSIX, therefore it's fine +@@ -139,9 +140,11 @@ static void set_kernel_tz(const struct timezone *tz) + #if !defined(SYS_settimeofday) && defined(SYS_settimeofday_time32) + # define SYS_settimeofday SYS_settimeofday_time32 + #endif +- int ret = syscall(SYS_settimeofday, NULL, tz); ++#if defined(SYS_settimeofday) ++ ret = syscall(SYS_settimeofday, NULL, tz); ++#endif + #else +- int ret = settimeofday(NULL, tz); ++ ret = settimeofday(NULL, tz); + #endif + if (ret) + bb_simple_perror_msg_and_die("settimeofday"); +-- +2.48.1 + From ed84e971c36b43f564df881d86ac459bb5b7dad0 Mon Sep 17 00:00:00 2001 From: Clement Ramirez Date: Mon, 3 Feb 2025 15:27:43 +0100 Subject: [PATCH 06/10] package/busybox bump version to 1.37.0 Patch 0005-seedrng-fix-for-glibc-2.24-not-providing-getrandom.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=200a9669fbf6f06894e4243cccc9fc11a1a6073a Patch 0006-seedrng-fix-for-glibc-2.24-not-providing-random-head.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=cb57abb46f06f4ede8d9ccbdaac67377fdf416cf Patch 0008-shell-fix-SIGWINCH-and-SIGCHLD-in-hush-interrupting-.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=93e0898c663a533082b5f3c2e7dcce93ec47076d Patch 0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae Patch 0012-awk-fix-use-after-free-CVE-2023-42363.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Patch 0013-awk-fix-precedence-of-relative-to.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4 Patch 0014-awk-fix-ternary-operator-and-precedence-of.patch is dropped as it is upstream as of https://git.busybox.net/busybox/commit/?id=38335df9e9f45378c3407defd38b5b610578bdda Remaining patches are renumbered/refreshed. Patch 0010-libbb-sha-add-missing-sha-NI-guard.patch is added, taken from the mailing list, to fix a build issue. Patch 0011-syslogd-fix-wrong-OPT_locallog-flag-detection.patch, taken from the mailing list, is added to fix a runtime issue with syslogd which was pointed out by Bernd Kulhs. Signed-off-by: Clement Ramirez [Thomas: update with more patches being dropped, renumber patches, backport some patches needed to fix known build and runtime issues] Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- ...route-use-linux-if_packet.h-instead-.patch | 10 +- ...trip-non-l-arguments-returned-by-pkg.patch | 15 +- ...tr-ensure-only-printable-characters-.patch | 4 +- ...e-all-printed-strings-with-printable.patch | 16 +- ...r-glibc-2.24-not-providing-getrandom.patch | 39 ---- ...random-detection-for-non-glibc-libc.patch} | 30 +-- ...failing-saying-ncurses-is-not-found.patch} | 4 +- ...glibc-2.24-not-providing-random-head.patch | 60 ------ ...Fix-compilation-with-Linux-v6.8-rc1.patch} | 4 +- ...-awk.c-fix-CVE-2023-42366-bug-15874.patch} | 8 +- ...CH-and-SIGCHLD-in-hush-interrupting-.patch | 103 --------- ...-SYS_settimeofday-before-calling-sy.patch} | 8 +- ...0-libbb-sha-add-missing-sha-NI-guard.patch | 54 +++++ ...r-realloc-CVE-2021-42380-closes-1560.patch | 154 ------------- ...ix-wrong-OPT_locallog-flag-detection.patch | 37 ++++ ...wk-fix-use-after-free-CVE-2023-42363.patch | 70 ------ ...13-awk-fix-precedence-of-relative-to.patch | 203 ------------------ ...x-ternary-operator-and-precedence-of.patch | 102 --------- package/busybox/busybox.hash | 4 +- package/busybox/busybox.mk | 2 +- 20 files changed, 134 insertions(+), 793 deletions(-) delete mode 100644 package/busybox/0005-seedrng-fix-for-glibc-2.24-not-providing-getrandom.patch rename package/busybox/{0007-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch => 0005-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch} (81%) rename package/busybox/{0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch => 0006-menuconfig-GCC-failing-saying-ncurses-is-not-found.patch} (94%) delete mode 100644 package/busybox/0006-seedrng-fix-for-glibc-2.24-not-providing-random-head.patch rename package/busybox/{0010-Linux-v6.8-rc1-removed-the-definitions-related-to-CB.patch => 0007-tc-Fix-compilation-with-Linux-v6.8-rc1.patch} (96%) rename package/busybox/{0015-awk.c-fix-CVE-2023-42366-bug-15874.patch => 0008-awk.c-fix-CVE-2023-42366-bug-15874.patch} (88%) delete mode 100644 package/busybox/0008-shell-fix-SIGWINCH-and-SIGCHLD-in-hush-interrupting-.patch rename package/busybox/{0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch => 0009-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch} (89%) create mode 100644 package/busybox/0010-libbb-sha-add-missing-sha-NI-guard.patch delete mode 100644 package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch create mode 100644 package/busybox/0011-syslogd-fix-wrong-OPT_locallog-flag-detection.patch delete mode 100644 package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch delete mode 100644 package/busybox/0013-awk-fix-precedence-of-relative-to.patch delete mode 100644 package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch diff --git a/package/busybox/0001-networking-libiproute-use-linux-if_packet.h-instead-.patch b/package/busybox/0001-networking-libiproute-use-linux-if_packet.h-instead-.patch index 9b5eaf89bd90..76d9a371c619 100644 --- a/package/busybox/0001-networking-libiproute-use-linux-if_packet.h-instead-.patch +++ b/package/busybox/0001-networking-libiproute-use-linux-if_packet.h-instead-.patch @@ -1,4 +1,4 @@ -From 60da1d0763224698008d847eb8ad8d4d8c6f54ff Mon Sep 17 00:00:00 2001 +From e1690453cd84c798ca88cc4370710f65da86d986 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Sat, 5 Oct 2013 15:55:06 +0200 Subject: [PATCH] networking/libiproute: use instead of @@ -20,7 +20,7 @@ Signed-off-by: Petr Vorel 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/networking/libiproute/iplink.c b/networking/libiproute/iplink.c -index 1a1064bdc..a4c3ad307 100644 +index 37ed114bc..bc526d89c 100644 --- a/networking/libiproute/iplink.c +++ b/networking/libiproute/iplink.c @@ -7,7 +7,7 @@ @@ -30,8 +30,8 @@ index 1a1064bdc..a4c3ad307 100644 -#include +#include #include - + #include --- -2.33.0 +-- +2.48.1 diff --git a/package/busybox/0002-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch b/package/busybox/0002-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch index 3a94241043e9..040b0b23bf63 100644 --- a/package/busybox/0002-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch +++ b/package/busybox/0002-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch @@ -1,8 +1,7 @@ -From 59daea82e7b5abcdb42a4f97a0109f14d5a774ea Mon Sep 17 00:00:00 2001 +From df20ae1280a2601a4c233ec12372d1e17db21e96 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 25 Nov 2013 22:51:53 +0100 -Subject: [PATCH] Makefile.flags: strip non -l arguments returned by - pkg-config +Subject: [PATCH] Makefile.flags: strip non -l arguments returned by pkg-config Signed-off-by: Thomas Petazzoni [yann.morin.1998@free.fr: refresh for 1.29.0] @@ -14,10 +13,10 @@ Signed-off-by: Petr Vorel 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile.flags b/Makefile.flags -index 667481983..88d76efec 100644 +index 97cb4dca2..92a9063d9 100644 --- a/Makefile.flags +++ b/Makefile.flags -@@ -180,7 +180,9 @@ ifeq ($(CONFIG_SELINUX),y) +@@ -181,7 +181,9 @@ ifeq ($(CONFIG_SELINUX),y) SELINUX_PC_MODULES = libselinux libsepol $(eval $(call pkg_check_modules,SELINUX,$(SELINUX_PC_MODULES))) CPPFLAGS += $(SELINUX_CFLAGS) @@ -26,8 +25,8 @@ index 667481983..88d76efec 100644 + $(patsubst -l%,%,$(filter -l%,$(SELINUX_LIBS))),\ + $(SELINUX_PC_MODULES:lib%=%)) endif - + ifeq ($(CONFIG_FEATURE_NSLOOKUP_BIG),y) --- -2.33.0 +-- +2.48.1 diff --git a/package/busybox/0003-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/package/busybox/0003-libbb-sockaddr2str-ensure-only-printable-characters-.patch index 623b2597a20e..c7800b5b0b90 100644 --- a/package/busybox/0003-libbb-sockaddr2str-ensure-only-printable-characters-.patch +++ b/package/busybox/0003-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -1,4 +1,4 @@ -From 9d825e854ef53ebbe0aea2f1a69f52b763104daf Mon Sep 17 00:00:00 2001 +From 68eaf20d86d4fe0f16a914817217f386155157cc Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Mon, 19 Sep 2022 14:15:12 +0200 Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are @@ -38,5 +38,5 @@ index 0e0b247b8..02c061e67 100644 } -- -2.37.3 +2.48.1 diff --git a/package/busybox/0004-nslookup-sanitize-all-printed-strings-with-printable.patch b/package/busybox/0004-nslookup-sanitize-all-printed-strings-with-printable.patch index bfa58465e737..3396441ebb71 100644 --- a/package/busybox/0004-nslookup-sanitize-all-printed-strings-with-printable.patch +++ b/package/busybox/0004-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -1,4 +1,4 @@ -From bd463a5564a2c0618317448c3f965d389534c3df Mon Sep 17 00:00:00 2001 +From 56b84c6efb9a06ae294eb92cf9634f70af443b0a Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Mon, 19 Sep 2022 14:15:12 +0200 Subject: [PATCH] nslookup: sanitize all printed strings with printable_string @@ -16,10 +16,10 @@ Signed-off-by: Quentin Schulz 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/networking/nslookup.c b/networking/nslookup.c -index 6da97baf4..4bdcde1b8 100644 +index b67d354f7..79412477c 100644 --- a/networking/nslookup.c +++ b/networking/nslookup.c -@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) +@@ -784,7 +784,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) //printf("Unable to uncompress domain: %s\n", strerror(errno)); return -1; } @@ -28,7 +28,7 @@ index 6da97baf4..4bdcde1b8 100644 break; case ns_t_mx: -@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) +@@ -799,7 +799,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) //printf("Cannot uncompress MX domain: %s\n", strerror(errno)); return -1; } @@ -37,7 +37,7 @@ index 6da97baf4..4bdcde1b8 100644 break; case ns_t_txt: -@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) +@@ -811,7 +811,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) if (n > 0) { memset(dname, 0, sizeof(dname)); memcpy(dname, ns_rr_rdata(rr) + 1, n); @@ -46,7 +46,7 @@ index 6da97baf4..4bdcde1b8 100644 } break; -@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) +@@ -831,7 +831,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) } printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr), @@ -55,7 +55,7 @@ index 6da97baf4..4bdcde1b8 100644 break; case ns_t_soa: -@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) +@@ -860,7 +860,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) return -1; } @@ -65,5 +65,5 @@ index 6da97baf4..4bdcde1b8 100644 printf("\tserial = %lu\n", ns_get32(cp)); -- -2.37.3 +2.48.1 diff --git a/package/busybox/0005-seedrng-fix-for-glibc-2.24-not-providing-getrandom.patch b/package/busybox/0005-seedrng-fix-for-glibc-2.24-not-providing-getrandom.patch deleted file mode 100644 index 4a194612b466..000000000000 --- a/package/busybox/0005-seedrng-fix-for-glibc-2.24-not-providing-getrandom.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 200a9669fbf6f06894e4243cccc9fc11a1a6073a Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Mon, 10 Apr 2023 17:26:04 +0200 -Subject: [PATCH] seedrng: fix for glibc <= 2.24 not providing getrandom() - -Signed-off-by: Denys Vlasenko -Upstream: https://git.busybox.net/busybox/commit/?id=200a9669fbf6f06894e4243cccc9fc11a1a6073a ---- - miscutils/seedrng.c | 14 ++++++++++++++ - 1 file changed, 14 insertions(+) - -diff --git a/miscutils/seedrng.c b/miscutils/seedrng.c -index 967741dc7..7cc855141 100644 ---- a/miscutils/seedrng.c -+++ b/miscutils/seedrng.c -@@ -45,6 +45,20 @@ - #include - #include - -+/* Fix up glibc <= 2.24 not having getrandom() */ -+#if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ <= 24 -+#include -+# define getrandom(...) bb_getrandom(__VA_ARGS__) -+static ssize_t getrandom(void *buffer, size_t length, unsigned flags) -+{ -+# if defined(__NR_getrandom) -+ return syscall(__NR_getrandom, buffer, length, flags); -+# else -+ return ENOSYS; -+# endif -+} -+#endif -+ - #ifndef GRND_INSECURE - #define GRND_INSECURE 0x0004 /* Apparently some headers don't ship with this yet. */ - #endif --- -2.39.1 - diff --git a/package/busybox/0007-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch b/package/busybox/0005-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch similarity index 81% rename from package/busybox/0007-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch rename to package/busybox/0005-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch index 140b27cae671..84d7df1bf8a7 100644 --- a/package/busybox/0007-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch +++ b/package/busybox/0005-seedrng-fix-getrandom-detection-for-non-glibc-libc.patch @@ -1,7 +1,7 @@ -From b2d26d449ec855602b9a88f58c2eb675de0224f2 Mon Sep 17 00:00:00 2001 +From 9fed109be1f811069cb2f727e04c6996cd44b017 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20M=C3=A9lotte?= Date: Tue, 18 Apr 2023 15:54:43 +0200 -Subject: [PATCH v4] seedrng: fix getrandom() detection for non-glibc libc +Subject: [PATCH] seedrng: fix getrandom() detection for non-glibc libc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -48,33 +48,15 @@ This should fix compiling with many libc/kernel combinations. Signed-off-by: Raphaël Mélotte Upstream: http://lists.busybox.net/pipermail/busybox/2023-May/090317.html --- -Changes v3 -> v4: - - use a variable for '#' for compatibility with GNU make 4.2.1 and earlier. - -Changes v2 -> v3: - - fix _GNU_SOURCE define location - -Changes v1 -> v2: - - move _GNU_SOURCE to bb_libtest.c - - remove GRND_NONBLOCK - -Note that I was not able to test every single combination, but I could -confirm it builds successfully for: -uClibc 10.0.24, linux headers 3.10 (libc getrandom NOT used) -uClibc 1.0.36, linux headers 4.9 (libc getrandom used) -musl 1.1.16, linux headers 4.12 (libc getrandom NOT used) -musl 1.2.1, linux headers (libc getrandom used) -glibc 2.25, linux headers 4.10 (libc getrandom used) - Makefile.flags | 12 ++++++++++++ miscutils/seedrng.c | 8 ++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/Makefile.flags b/Makefile.flags -index 1cec5ba20..0d437303a 100644 +index 92a9063d9..c8f601308 100644 --- a/Makefile.flags +++ b/Makefile.flags -@@ -161,6 +161,18 @@ ifeq ($(RT_AVAILABLE),y) +@@ -162,6 +162,18 @@ ifeq ($(RT_AVAILABLE),y) LDLIBS += rt endif @@ -94,7 +76,7 @@ index 1cec5ba20..0d437303a 100644 # On some platforms that requires an explicit -lpthread, -ldl, -laudit. # However, on *other platforms* it fails when some of those flags diff --git a/miscutils/seedrng.c b/miscutils/seedrng.c -index 3bf6e2ea7..2f1e18c32 100644 +index 7a2331cb1..ba98f4d19 100644 --- a/miscutils/seedrng.c +++ b/miscutils/seedrng.c @@ -44,8 +44,10 @@ @@ -120,5 +102,5 @@ index 3bf6e2ea7..2f1e18c32 100644 /* Apparently some headers don't ship with this yet. */ -- -2.39.1 +2.48.1 diff --git a/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch b/package/busybox/0006-menuconfig-GCC-failing-saying-ncurses-is-not-found.patch similarity index 94% rename from package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch rename to package/busybox/0006-menuconfig-GCC-failing-saying-ncurses-is-not-found.patch index f4a926ae37ea..594874471d48 100644 --- a/package/busybox/0009-menuconfig-gcc-failing-saying-ncurses-is-not-found.patch +++ b/package/busybox/0006-menuconfig-GCC-failing-saying-ncurses-is-not-found.patch @@ -1,4 +1,4 @@ -From 32949508fe566aee8988cb6d8ee101ecc5e49a65 Mon Sep 17 00:00:00 2001 +From 7f0bb7f69f38298971aa8153d3fbe9b1fdda8ae7 Mon Sep 17 00:00:00 2001 From: ctxnop Date: Sun, 26 Jan 2025 20:59:20 +0100 Subject: [PATCH] menuconfig: GCC failing saying ncurses is not found @@ -34,5 +34,5 @@ index 5075ebf2d..08e4da3de 100755 if [ $? != 0 ]; then echo " *** Unable to find the ncurses libraries or the" 1>&2 -- -2.47.1 +2.48.1 diff --git a/package/busybox/0006-seedrng-fix-for-glibc-2.24-not-providing-random-head.patch b/package/busybox/0006-seedrng-fix-for-glibc-2.24-not-providing-random-head.patch deleted file mode 100644 index d7298848056f..000000000000 --- a/package/busybox/0006-seedrng-fix-for-glibc-2.24-not-providing-random-head.patch +++ /dev/null @@ -1,60 +0,0 @@ -From cb57abb46f06f4ede8d9ccbdaac67377fdf416cf Mon Sep 17 00:00:00 2001 -From: Thomas Devoogdt -Date: Mon, 10 Apr 2023 19:58:15 +0200 -Subject: [PATCH] seedrng: fix for glibc <= 2.24 not providing random header - - - dropped the wrong define (not sure why it was there) - - not available if glibc <= 2.24 - - GRND_NONBLOCK not defined if not included - - ret < 0 && errno == ENOSYS has to be true to get creditable set - -Signed-off-by: Thomas Devoogdt -Signed-off-by: Denys Vlasenko -Upstream: https://git.busybox.net/busybox/commit/?id=cb57abb46f06f4ede8d9ccbdaac67377fdf416cf ---- - miscutils/seedrng.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/miscutils/seedrng.c b/miscutils/seedrng.c -index 7cc855141..3bf6e2ea7 100644 ---- a/miscutils/seedrng.c -+++ b/miscutils/seedrng.c -@@ -42,25 +42,31 @@ - #include "libbb.h" - - #include --#include - #include - - /* Fix up glibc <= 2.24 not having getrandom() */ - #if defined(__GLIBC__) && __GLIBC__ == 2 && __GLIBC_MINOR__ <= 24 - #include --# define getrandom(...) bb_getrandom(__VA_ARGS__) - static ssize_t getrandom(void *buffer, size_t length, unsigned flags) - { - # if defined(__NR_getrandom) - return syscall(__NR_getrandom, buffer, length, flags); - # else -- return ENOSYS; -+ errno = ENOSYS; -+ return -1; - # endif - } -+#else -+#include -+#endif -+ -+/* Apparently some headers don't ship with this yet. */ -+#ifndef GRND_NONBLOCK -+#define GRND_NONBLOCK 0x0001 - #endif - - #ifndef GRND_INSECURE --#define GRND_INSECURE 0x0004 /* Apparently some headers don't ship with this yet. */ -+#define GRND_INSECURE 0x0004 - #endif - - #define DEFAULT_SEED_DIR "/var/lib/seedrng" --- -2.39.1 - diff --git a/package/busybox/0010-Linux-v6.8-rc1-removed-the-definitions-related-to-CB.patch b/package/busybox/0007-tc-Fix-compilation-with-Linux-v6.8-rc1.patch similarity index 96% rename from package/busybox/0010-Linux-v6.8-rc1-removed-the-definitions-related-to-CB.patch rename to package/busybox/0007-tc-Fix-compilation-with-Linux-v6.8-rc1.patch index d997f00e82e8..c7968de788d9 100644 --- a/package/busybox/0010-Linux-v6.8-rc1-removed-the-definitions-related-to-CB.patch +++ b/package/busybox/0007-tc-Fix-compilation-with-Linux-v6.8-rc1.patch @@ -1,4 +1,4 @@ -From c4f93565acf3718111cdbaea15e1a8aacf2f44cf Mon Sep 17 00:00:00 2001 +From 1dbb3073a3a8856b9446b882f797be1bb2e21a26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Uwe=20Kleine-K=C3=B6nig?= Date: Mon, 23 Sep 2024 18:56:00 +0200 Subject: [PATCH] tc: Fix compilation with Linux v6.8-rc1 @@ -66,5 +66,5 @@ index 3a79fd2d9..d08fd1359 100644 /* don't know how to print options for this class */ printf("(options for %s)", name); -- -2.39.5 +2.48.1 diff --git a/package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch b/package/busybox/0008-awk.c-fix-CVE-2023-42366-bug-15874.patch similarity index 88% rename from package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch rename to package/busybox/0008-awk.c-fix-CVE-2023-42366-bug-15874.patch index 15b2cfdf005c..f9732239073d 100644 --- a/package/busybox/0015-awk.c-fix-CVE-2023-42366-bug-15874.patch +++ b/package/busybox/0008-awk.c-fix-CVE-2023-42366-bug-15874.patch @@ -1,4 +1,4 @@ -From 54e64812090f58cffca08fcf11d2dbc471c964e1 Mon Sep 17 00:00:00 2001 +From 88f8a046f27cb81ccc30d038465e963b8300cf1b Mon Sep 17 00:00:00 2001 From: Valery Ushakov Date: Wed, 24 Jan 2024 22:24:41 +0300 Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874) @@ -21,10 +21,10 @@ Signed-off-by: Thomas Petazzoni 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/editors/awk.c b/editors/awk.c -index 9467f4644..947195333 100644 +index 64e752f4b..222e6298d 100644 --- a/editors/awk.c +++ b/editors/awk.c -@@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected) +@@ -1234,9 +1234,11 @@ static uint32_t next_token(uint32_t expected) s[-1] = bb_process_escape_sequence((const char **)&pp); if (*p == '\\') *s++ = '\\'; @@ -39,5 +39,5 @@ index 9467f4644..947195333 100644 } } -- -2.47.1 +2.48.1 diff --git a/package/busybox/0008-shell-fix-SIGWINCH-and-SIGCHLD-in-hush-interrupting-.patch b/package/busybox/0008-shell-fix-SIGWINCH-and-SIGCHLD-in-hush-interrupting-.patch deleted file mode 100644 index 8ebb487ec6d3..000000000000 --- a/package/busybox/0008-shell-fix-SIGWINCH-and-SIGCHLD-in-hush-interrupting-.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 93e0898c663a533082b5f3c2e7dcce93ec47076d Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Thu, 26 Jan 2023 12:56:33 +0100 -Subject: [PATCH] shell: fix SIGWINCH and SIGCHLD (in hush) interrupting line - input, closes 15256 - -function old new delta -record_pending_signo 32 63 +31 -lineedit_read_key 231 224 -7 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 1/1 up/down: 31/-7) Total: 24 bytes - -Signed-off-by: Denys Vlasenko -Upstream: https://git.busybox.net/busybox/commit/?id=93e0898c663a533082b5f3c2e7dcce93ec47076d -Signed-off-by: Romain Naour ---- - libbb/lineedit.c | 17 ++++++++++------- - shell/ash.c | 3 ++- - shell/hush.c | 10 ++++++++-- - 3 files changed, 20 insertions(+), 10 deletions(-) - -diff --git a/libbb/lineedit.c b/libbb/lineedit.c -index d6b2e76ff..b942f540a 100644 ---- a/libbb/lineedit.c -+++ b/libbb/lineedit.c -@@ -2180,7 +2180,8 @@ static int lineedit_read_key(char *read_key_buffer, int timeout) - * "\xff\n",pause,"ls\n" invalid and thus won't lose "ls". - * - * If LI_INTERRUPTIBLE, return -1 if got EINTR in poll() -- * inside read_key, or if bb_got_signal != 0 (IOW: if signal -+ * inside read_key and bb_got_signal became != 0, -+ * or if bb_got_signal != 0 (IOW: if signal - * arrived before poll() is reached). - * - * Note: read_key sets errno to 0 on success. -@@ -2197,14 +2198,16 @@ static int lineedit_read_key(char *read_key_buffer, int timeout) - IF_FEATURE_EDITING_WINCH(S.ok_to_redraw = 0;) - if (errno != EINTR) - break; -+ /* It was EINTR. Repeat read_key() unless... */ - if (state->flags & LI_INTERRUPTIBLE) { -- /* LI_INTERRUPTIBLE bails out on EINTR, -- * but nothing really guarantees that bb_got_signal -- * is nonzero. Follow the least surprise principle: -+ /* LI_INTERRUPTIBLE bails out on EINTR -+ * if bb_got_signal became nonzero. -+ * (It may stay zero: for example, our SIGWINCH -+ * handler does not set it. This is used for signals -+ * which should not interrupt line editing). - */ -- if (bb_got_signal == 0) -- bb_got_signal = 255; -- goto ret; -+ if (bb_got_signal != 0) -+ goto ret; /* will return -1 */ - } - } - -diff --git a/shell/ash.c b/shell/ash.c -index 18ccc1329..5f8c8ea19 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -10821,7 +10821,8 @@ preadfd(void) - again: - /* For shell, LI_INTERRUPTIBLE is set: - * read_line_input will abort on either -- * getting EINTR in poll(), or if it sees bb_got_signal != 0 -+ * getting EINTR in poll() and bb_got_signal became != 0, -+ * or if it sees bb_got_signal != 0 - * (IOW: if signal arrives before poll() is reached). - * Interactive testcases: - * (while kill -INT $$; do sleep 1; done) & -diff --git a/shell/hush.c b/shell/hush.c -index d111f0cc5..f064b8fd2 100644 ---- a/shell/hush.c -+++ b/shell/hush.c -@@ -1946,7 +1946,12 @@ static void record_pending_signo(int sig) - { - sigaddset(&G.pending_set, sig); - #if ENABLE_FEATURE_EDITING -- bb_got_signal = sig; /* for read_line_input: "we got a signal" */ -+ if (sig != SIGCHLD -+ || (G_traps && G_traps[SIGCHLD] && G_traps[SIGCHLD][0]) -+ /* ^^^ if SIGCHLD, interrupt line reading only if it has a trap */ -+ ) { -+ bb_got_signal = sig; /* for read_line_input: "we got a signal" */ -+ } - #endif - #if ENABLE_HUSH_FAST - if (sig == SIGCHLD) { -@@ -2669,7 +2674,8 @@ static int get_user_input(struct in_str *i) - } else { - /* For shell, LI_INTERRUPTIBLE is set: - * read_line_input will abort on either -- * getting EINTR in poll(), or if it sees bb_got_signal != 0 -+ * getting EINTR in poll() and bb_got_signal became != 0, -+ * or if it sees bb_got_signal != 0 - * (IOW: if signal arrives before poll() is reached). - * Interactive testcases: - * (while kill -INT $$; do sleep 1; done) & --- -2.30.2 - diff --git a/package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch b/package/busybox/0009-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch similarity index 89% rename from package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch rename to package/busybox/0009-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch index c61cbc810722..1e95fae85c0e 100644 --- a/package/busybox/0016-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch +++ b/package/busybox/0009-hwclock-Check-for-SYS_settimeofday-before-calling-sy.patch @@ -1,4 +1,4 @@ -From a378cd9c3a022500d7feaefb4e3bb43fdd789131 Mon Sep 17 00:00:00 2001 +From 0583f8eda94f97e15e371e12458877b738439e8c Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 7 Mar 2021 17:30:24 -0800 Subject: [PATCH] hwclock: Check for SYS_settimeofday before calling syscall @@ -24,10 +24,10 @@ Signed-off-by: Thomas Petazzoni 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/util-linux/hwclock.c b/util-linux/hwclock.c -index 723b09589..b9faaabbc 100644 +index c3fd0eb57..dea9c9a55 100644 --- a/util-linux/hwclock.c +++ b/util-linux/hwclock.c -@@ -131,6 +131,7 @@ static void show_clock(const char **pp_rtcname, int utc) +@@ -132,6 +132,7 @@ static void show_clock(const char **pp_rtcname, int utc) static void set_kernel_tz(const struct timezone *tz) { @@ -35,7 +35,7 @@ index 723b09589..b9faaabbc 100644 #if LIBC_IS_MUSL /* musl libc does not pass tz argument to syscall * because "it's deprecated by POSIX, therefore it's fine -@@ -139,9 +140,11 @@ static void set_kernel_tz(const struct timezone *tz) +@@ -140,9 +141,11 @@ static void set_kernel_tz(const struct timezone *tz) #if !defined(SYS_settimeofday) && defined(SYS_settimeofday_time32) # define SYS_settimeofday SYS_settimeofday_time32 #endif diff --git a/package/busybox/0010-libbb-sha-add-missing-sha-NI-guard.patch b/package/busybox/0010-libbb-sha-add-missing-sha-NI-guard.patch new file mode 100644 index 000000000000..0fd7014b503b --- /dev/null +++ b/package/busybox/0010-libbb-sha-add-missing-sha-NI-guard.patch @@ -0,0 +1,54 @@ +From bba9e99026a3dafe75f608459533e0b6d8cf3874 Mon Sep 17 00:00:00 2001 +From: Andre Przywara +Date: Tue, 10 Sep 2024 14:32:46 +0100 +Subject: [PATCH] libbb/sha: add missing sha-NI guard +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The ENABLE_SHA1_HWACCEL Kconfig symbol is meant to be archicture +agnostic, so can be enabled regardless of whether your build +architecture provides hardware acceleration or not. At the moment only +x86 implements this, so every piece of optimised code should be guarded +by both ENABLE_SHA1_HWACCEL and (__x86_64__ || __i386__). This is missing +at one place, so compiling for arm64 breaks when ENABLE_SHA1_HWACCEL is +enabled: +================================ +libbb/hash_md5_sha.c: In function ‘sha1_end’: +libbb/hash_md5_sha.c:1316:28: error: ‘sha1_process_block64_shaNI’ undeclared (first use in this function); did you mean ‘sha1_process_block64’? + 1316 | || ctx->process_block == sha1_process_block64_shaNI + | ^~~~~~~~~~~~~~~~~~~~~~~~~~ + | sha1_process_block64 +libbb/hash_md5_sha.c:1316:28: note: each undeclared identifier is reported only once for each function it appears in +make[1]: *** [scripts/Makefile.build:197: libbb/hash_md5_sha.o] Error 1 +make: *** [Makefile:744: libbb] Error 2 +================================ + +Add the missing guards around the call to sha1_process_block64_shaNI to +fix the build on other architectures with ENABLE_SHA1_HWACCEL enabled. + +Change-Id: I40bba388422625f4230abf15a5de23e1fdc654fc +Signed-off-by: Andre Przywara +Upstream: https://lists.busybox.net/pipermail/busybox/2024-September/090899.html +Signed-off-by: Thomas Petazzoni +--- + libbb/hash_md5_sha.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libbb/hash_md5_sha.c b/libbb/hash_md5_sha.c +index 57a801459..75a61c32c 100644 +--- a/libbb/hash_md5_sha.c ++++ b/libbb/hash_md5_sha.c +@@ -1313,7 +1313,9 @@ unsigned FAST_FUNC sha1_end(sha1_ctx_t *ctx, void *resbuf) + hash_size = 8; + if (ctx->process_block == sha1_process_block64 + #if ENABLE_SHA1_HWACCEL ++# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) + || ctx->process_block == sha1_process_block64_shaNI ++# endif + #endif + ) { + hash_size = 5; +-- +2.48.1 + diff --git a/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch b/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch deleted file mode 100644 index f0f33b11ffa5..000000000000 --- a/package/busybox/0011-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch +++ /dev/null @@ -1,154 +0,0 @@ -From 7c73cdaa80faf0046b07c970321557ff04f7da64 Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Fri, 26 May 2023 19:36:58 +0200 -Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601 - -Signed-off-by: Denys Vlasenko - -CVE: CVE-2021-42380 -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae] -Signed-off-by: Peter Marko -[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] -Upstream: https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae -Signed-off-by: Thomas Petazzoni ---- - editors/awk.c | 26 ++++++++++++++++----- - testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 75 insertions(+), 6 deletions(-) - -diff --git a/editors/awk.c b/editors/awk.c -index 728ee8685..2af823808 100644 ---- a/editors/awk.c -+++ b/editors/awk.c -@@ -555,7 +555,7 @@ struct globals { - const char *g_progname; - int g_lineno; - int nfields; -- int maxfields; /* used in fsrealloc() only */ -+ unsigned maxfields; - var *Fields; - char *g_pos; - char g_saved_ch; -@@ -1931,9 +1931,9 @@ static void fsrealloc(int size) - { - int i, newsize; - -- if (size >= maxfields) { -- /* Sanity cap, easier than catering for overflows */ -- if (size > 0xffffff) -+ if ((unsigned)size >= maxfields) { -+ /* Sanity cap, easier than catering for over/underflows */ -+ if ((unsigned)size > 0xffffff) - bb_die_memory_exhausted(); - - i = maxfields; -@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res) - uint32_t opinfo; - int opn; - node *op1; -+ var *old_Fields_ptr; - - opinfo = op->info; - opn = (opinfo & OPNMASK); -@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res) - debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); - - /* execute inevitable things */ -+ old_Fields_ptr = NULL; - if (opinfo & OF_RES1) { - if ((opinfo & OF_REQUIRED) && !op1) - syntax_error(EMSG_TOO_FEW_ARGS); - L.v = evaluate(op1, TMPVAR0); -+ /* Does L.v point to $n variable? */ -+ if ((size_t)(L.v - Fields) < maxfields) { -+ /* yes, remember where Fields[] is */ -+ old_Fields_ptr = Fields; -+ } - if (opinfo & OF_STR1) { - L.s = getvar_s(L.v); - debug_printf_eval("L.s:'%s'\n", L.s); -@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res) - */ - if (opinfo & OF_RES2) { - R.v = evaluate(op->r.n, TMPVAR1); -- //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? -- //L.v = NULL; -+ /* Seen in $5=$$5=$0: -+ * Evaluation of R.v ($$5=$0 expression) -+ * made L.v ($5) invalid. It's detected here. -+ */ -+ if (old_Fields_ptr) { -+ //if (old_Fields_ptr != Fields) -+ // debug_printf_eval("L.v moved\n"); -+ L.v += Fields - old_Fields_ptr; -+ } - if (opinfo & OF_STR2) { - R.s = getvar_s(R.v); - debug_printf_eval("R.s:'%s'\n", R.s); -diff --git a/testsuite/awk.tests b/testsuite/awk.tests -index bbf0fbff1..ddc51047b 100755 ---- a/testsuite/awk.tests -+++ b/testsuite/awk.tests -@@ -485,4 +485,59 @@ testing 'awk assign while test' \ - "" \ - "foo" - -+# User-supplied bug (SEGV) example, was causing use-after-realloc -+testing 'awk assign while assign' \ -+ "awk '\$5=\$\$5=\$0'; echo \$?" \ -+ "\ -+─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐ -+│ run time : │ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ -+│ last new find │ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ -+│last saved crash : │last saved crash : none seen yet │saved crashes : 0 │ seen yet │saved crashes : 0 │ -+│ last saved hang │ last saved hang : none seen yet │ saved hangs : 0 │ none seen yet │ saved hangs : 0 │ -+├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤ -+│ now processing : │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ (88.5%) │ map density : 0.30% / 0.52% │ │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ -+│ runs timed out │ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │ -+├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤ -+│ now trying : │ now trying : havoc │ favored items : 43 (20.67%) │ │ favored items : 43 (20.67%) │ -+│ stage execs : │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ 52 (25.00%) │ -+│ total execs : │ total execs : 179k │ total crashes : 0 (0 saved) │ │ total crashes : 0 (0 saved) │ │ total execs : 179k │ total crashes : 0 (0 saved) │ -+│ exec speed : │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ │ total tmouts : 0 (0 saved) │ │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ -+├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤ -+│ bit flips : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ 4/638, 5/618 │ levels : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ │ -+│ byte flips : │ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ 0/71, 0/52 │ pending : 199 │ -+│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ 0/0 │ pend fav : 35 │ -+│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ known ints : │ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ 0/1986, 0/2288 │ own finds : 207 │ -+│ dictionary : 0/0, │ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ 0/0, 0/0 │ imported : 0 │ -+│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ stability : 100.00% │ -+│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ unused ├───────────────────────┘ -+│ trim/eff : 57.02%/26, │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] │ [cpu000:100%] -+└────────────────────────────────────────────────────┘^C └────────────────────────────────────────────────────┘^C -+0 -+" \ -+ "" \ -+ "\ -+─ process timing ────────────────────────────────────┬─ overall results ────┐ -+│ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ -+│ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ -+│last saved crash : none seen yet │saved crashes : 0 │ -+│ last saved hang : none seen yet │ saved hangs : 0 │ -+├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ -+│ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ -+│ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ -+├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ -+│ now trying : havoc │ favored items : 43 (20.67%) │ -+│ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ -+│ total execs : 179k │ total crashes : 0 (0 saved) │ -+│ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ -+├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ -+│ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ -+│ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ -+│ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ -+│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ -+│ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ -+│havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ -+│py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ -+│ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] -+└────────────────────────────────────────────────────┘^C" -+ - exit $FAILCOUNT --- -2.47.1 - diff --git a/package/busybox/0011-syslogd-fix-wrong-OPT_locallog-flag-detection.patch b/package/busybox/0011-syslogd-fix-wrong-OPT_locallog-flag-detection.patch new file mode 100644 index 000000000000..1dfd6f3793a9 --- /dev/null +++ b/package/busybox/0011-syslogd-fix-wrong-OPT_locallog-flag-detection.patch @@ -0,0 +1,37 @@ +From 34d331d642c3312e1c04e4650f547f1a67abee24 Mon Sep 17 00:00:00 2001 +From: Andrej Valek +Date: Wed, 16 Oct 2024 10:15:08 +0200 +Subject: [PATCH] syslogd: fix wrong OPT_locallog flag detection + +The OPT_locallog was set on "option_mask32" but checked on local +"opts" variable. While this flag it's used on multiple places can't be +has to be used with "option_mask32". Without this change syslogd +is more-less unusable while no messages are logged locally. + +Signed-off-by: Andrej Valek +Upstream: https://lists.busybox.net/pipermail/busybox/2024-October/090969.html +[Thomas: this was reported as beeing needed by Bernd Kuhls at +https://lore.kernel.org/buildroot/pan$de0bb$35c5a64$ca9b6f21$2408ff40@ID-313208.user.individual.net/, +but also on the Busybox mailing list at +https://lists.busybox.net/pipermail/busybox/2023-September/090499.html] +Signed-off-by: Thomas Petazzoni +--- + sysklogd/syslogd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysklogd/syslogd.c b/sysklogd/syslogd.c +index 7558051f0..fa03aa280 100644 +--- a/sysklogd/syslogd.c ++++ b/sysklogd/syslogd.c +@@ -1179,7 +1179,7 @@ int syslogd_main(int argc UNUSED_PARAM, char **argv) + } + } + #endif +- if (!ENABLE_FEATURE_REMOTE_LOG || (opts & OPT_locallog)) { ++ if (!ENABLE_FEATURE_REMOTE_LOG || (option_mask32 & OPT_locallog)) { + recvbuf[sz] = '\0'; /* ensure it *is* NUL terminated */ + split_escape_and_log(recvbuf, sz); + } +-- +2.48.1 + diff --git a/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch b/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch deleted file mode 100644 index 92a6c36d0169..000000000000 --- a/package/busybox/0012-awk-fix-use-after-free-CVE-2023-42363.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 20a91edce02adc258038a2e9bf5bda0fe27a5050 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Mon, 20 May 2024 17:55:28 +0200 -Subject: [PATCH] awk: fix use after free (CVE-2023-42363) - -function old new delta -evaluate 3377 3385 +8 - -Fixes https://bugs.busybox.net/show_bug.cgi?id=15865 - -Signed-off-by: Natanael Copa -Signed-off-by: Denys Vlasenko - -CVE: CVE-2023-42363 -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa] -Signed-off-by: Peter Marko -[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] -Upstream: https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa -Signed-off-by: Thomas Petazzoni ---- - editors/awk.c | 21 +++++++++++++-------- - 1 file changed, 13 insertions(+), 8 deletions(-) - -diff --git a/editors/awk.c b/editors/awk.c -index 2af823808..d45724d59 100644 ---- a/editors/awk.c -+++ b/editors/awk.c -@@ -2910,19 +2910,14 @@ static var *evaluate(node *op, var *res) - /* yes, remember where Fields[] is */ - old_Fields_ptr = Fields; - } -- if (opinfo & OF_STR1) { -- L.s = getvar_s(L.v); -- debug_printf_eval("L.s:'%s'\n", L.s); -- } - if (opinfo & OF_NUM1) { - L_d = getvar_i(L.v); - debug_printf_eval("L_d:%f\n", L_d); - } - } -- /* NB: Must get string/numeric values of L (done above) -- * _before_ evaluate()'ing R.v: if both L and R are $NNNs, -- * and right one is large, then L.v points to Fields[NNN1], -- * second evaluate() reallocates and moves (!) Fields[], -+ /* NB: if both L and R are $NNNs, and right one is large, -+ * then at this pint L.v points to Fields[NNN1], second -+ * evaluate() below reallocates and moves (!) Fields[], - * R.v points to Fields[NNN2] but L.v now points to freed mem! - * (Seen trying to evaluate "$444 $44444") - */ -@@ -2942,6 +2937,16 @@ static var *evaluate(node *op, var *res) - debug_printf_eval("R.s:'%s'\n", R.s); - } - } -+ /* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v -+ * so we must get the string after "old_Fields_ptr" correction -+ * above. Testcase: x = (v = "abc", gsub("b", "X", v)); -+ */ -+ if (opinfo & OF_RES1) { -+ if (opinfo & OF_STR1) { -+ L.s = getvar_s(L.v); -+ debug_printf_eval("L.s:'%s'\n", L.s); -+ } -+ } - - debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); - switch (XC(opinfo & OPCLSMASK)) { --- -2.47.1 - diff --git a/package/busybox/0013-awk-fix-precedence-of-relative-to.patch b/package/busybox/0013-awk-fix-precedence-of-relative-to.patch deleted file mode 100644 index 596036d8fc2d..000000000000 --- a/package/busybox/0013-awk-fix-precedence-of-relative-to.patch +++ /dev/null @@ -1,203 +0,0 @@ -From 47ff44735c0cd05efd899fb3486aca77e65fbe15 Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Tue, 30 May 2023 16:42:18 +0200 -Subject: [PATCH] awk: fix precedence of = relative to == - -Discovered while adding code to disallow assignments to non-lvalues - -function old new delta -parse_expr 936 991 +55 -.rodata 105243 105247 +4 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 2/0 up/down: 59/0) Total: 59 bytes - -CVE: CVE-2023-42364 CVE-2023-42365 - -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4] -Signed-off-by: Denys Vlasenko -(cherry picked from commit 0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4) -Signed-off-by: Khem Raj -[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] -Upstream: https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4 -Signed-off-by: Thomas Petazzoni ---- - editors/awk.c | 66 ++++++++++++++++++++++++++++++--------------- - testsuite/awk.tests | 5 ++++ - 2 files changed, 50 insertions(+), 21 deletions(-) - -diff --git a/editors/awk.c b/editors/awk.c -index d45724d59..5962c3f6a 100644 ---- a/editors/awk.c -+++ b/editors/awk.c -@@ -337,7 +337,9 @@ static void debug_parse_print_tc(uint32_t n) - #undef P - #undef PRIMASK - #undef PRIMASK2 --#define P(x) (x << 24) -+/* Smaller 'x' means _higher_ operator precedence */ -+#define PRECEDENCE(x) (x << 24) -+#define P(x) PRECEDENCE(x) - #define PRIMASK 0x7F000000 - #define PRIMASK2 0x7E000000 - -@@ -360,7 +362,7 @@ enum { - OC_MOVE = 0x1f00, OC_PGETLINE = 0x2000, OC_REGEXP = 0x2100, - OC_REPLACE = 0x2200, OC_RETURN = 0x2300, OC_SPRINTF = 0x2400, - OC_TERNARY = 0x2500, OC_UNARY = 0x2600, OC_VAR = 0x2700, -- OC_DONE = 0x2800, -+ OC_CONST = 0x2800, OC_DONE = 0x2900, - - ST_IF = 0x3000, ST_DO = 0x3100, ST_FOR = 0x3200, - ST_WHILE = 0x3300 -@@ -440,9 +442,9 @@ static const uint32_t tokeninfo[] ALIGN4 = { - #define TI_PREINC (OC_UNARY|xV|P(9)|'P') - #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') - TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), -- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', -- OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', -- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', -+ OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', -+ OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', -+ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', - OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', - OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, - #define TI_LESS (OC_COMPARE|VV|P(39)|2) -@@ -1290,7 +1292,7 @@ static uint32_t next_token(uint32_t expected) - save_tclass = tc; - save_info = t_info; - tc = TC_BINOPX; -- t_info = OC_CONCAT | SS | P(35); -+ t_info = OC_CONCAT | SS | PRECEDENCE(35); - } - - t_tclass = tc; -@@ -1350,9 +1352,8 @@ static node *parse_expr(uint32_t term_tc) - { - node sn; - node *cn = &sn; -- node *vn, *glptr; -+ node *glptr; - uint32_t tc, expected_tc; -- var *v; - - debug_printf_parse("%s() term_tc(%x):", __func__, term_tc); - debug_parse_print_tc(term_tc); -@@ -1363,11 +1364,12 @@ static node *parse_expr(uint32_t term_tc) - expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc; - - while (!((tc = next_token(expected_tc)) & term_tc)) { -+ node *vn; - - if (glptr && (t_info == TI_LESS)) { - /* input redirection (<) attached to glptr node */ - debug_printf_parse("%s: input redir\n", __func__); -- cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37)); -+ cn = glptr->l.n = new_node(OC_CONCAT | SS | PRECEDENCE(37)); - cn->a.n = glptr; - expected_tc = TS_OPERAND | TS_UOPPRE; - glptr = NULL; -@@ -1379,24 +1381,42 @@ static node *parse_expr(uint32_t term_tc) - * previous operators with higher priority */ - vn = cn; - while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) -- || ((t_info == vn->info) && t_info == TI_COLON) -+ || (t_info == vn->info && t_info == TI_COLON) - ) { - vn = vn->a.n; - if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN); - } - if (t_info == TI_TERNARY) - //TODO: why? -- t_info += P(6); -+ t_info += PRECEDENCE(6); - cn = vn->a.n->r.n = new_node(t_info); - cn->a.n = vn->a.n; - if (tc & TS_BINOP) { - cn->l.n = vn; --//FIXME: this is the place to detect and reject assignments to non-lvalues. --//Currently we allow "assignments" to consts and temporaries, nonsense like this: --// awk 'BEGIN { "qwe" = 1 }' --// awk 'BEGIN { 7 *= 7 }' --// awk 'BEGIN { length("qwe") = 1 }' --// awk 'BEGIN { (1+1) += 3 }' -+ -+ /* Prevent: -+ * awk 'BEGIN { "qwe" = 1 }' -+ * awk 'BEGIN { 7 *= 7 }' -+ * awk 'BEGIN { length("qwe") = 1 }' -+ * awk 'BEGIN { (1+1) += 3 }' -+ */ -+ /* Assignment? (including *= and friends) */ -+ if (((t_info & OPCLSMASK) == OC_MOVE) -+ || ((t_info & OPCLSMASK) == OC_REPLACE) -+ ) { -+ debug_printf_parse("%s: MOVE/REPLACE vn->info:%08x\n", __func__, vn->info); -+ /* Left side is a (variable or array element) -+ * or function argument -+ * or $FIELD ? -+ */ -+ if ((vn->info & OPCLSMASK) != OC_VAR -+ && (vn->info & OPCLSMASK) != OC_FNARG -+ && (vn->info & OPCLSMASK) != OC_FIELD -+ ) { -+ syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ -+ } -+ } -+ - expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; - if (t_info == TI_PGETLINE) { - /* it's a pipe */ -@@ -1432,6 +1452,8 @@ static node *parse_expr(uint32_t term_tc) - /* one should be very careful with switch on tclass - - * only simple tclasses should be used (TC_xyz, not TS_xyz) */ - switch (tc) { -+ var *v; -+ - case TC_VARIABLE: - case TC_ARRAY: - debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); -@@ -1452,14 +1474,14 @@ static node *parse_expr(uint32_t term_tc) - case TC_NUMBER: - case TC_STRING: - debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); -- cn->info = OC_VAR; -+ cn->info = OC_CONST; - v = cn->l.v = xzalloc(sizeof(var)); -- if (tc & TC_NUMBER) -+ if (tc & TC_NUMBER) { - setvar_i(v, t_double); -- else { -+ } else { - setvar_s(v, t_string); -- expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */ - } -+ expected_tc &= ~TC_UOPPOST; /* NUM++, "str"++ not allowed */ - break; - - case TC_REGEXP: -@@ -3107,6 +3129,8 @@ static var *evaluate(node *op, var *res) - - /* -- recursive node type -- */ - -+ case XC( OC_CONST ): -+ debug_printf_eval("CONST "); - case XC( OC_VAR ): - debug_printf_eval("VAR\n"); - L.v = op->l.v; -diff --git a/testsuite/awk.tests b/testsuite/awk.tests -index ddc51047b..a78fdcd98 100755 ---- a/testsuite/awk.tests -+++ b/testsuite/awk.tests -@@ -540,4 +540,9 @@ testing 'awk assign while assign' \ - │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] - └────────────────────────────────────────────────────┘^C" - -+testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ -+ "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ -+ '0\n1\n2\n1\n3\n' \ -+ '' '' -+ - exit $FAILCOUNT --- -2.47.1 - diff --git a/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch b/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch deleted file mode 100644 index 78f21481ccd9..000000000000 --- a/package/busybox/0014-awk-fix-ternary-operator-and-precedence-of.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 173164c6b2f2ad17dd14d3a43e5bff47abde7199 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Tue, 21 May 2024 14:46:08 +0200 -Subject: [PATCH] awk: fix ternary operator and precedence of = - -Adjust the = precedence test to match behavior of gawk, mawk and -FreeBSD. awk 'BEGIN {print v=3==3; print v}' should print two '1'. - -To fix this, and to unbreak the ternary conditional operator, we restore -the precedence of = in the token list, but override this with a lower -priority when the assignment is on the right side of a compare. - -This fixes commit 0256e00a9d07 (awk: fix precedence of = relative to ==) [1] - -CVE: CVE-2023-42364 CVE-2023-42365 - -Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] - -[1] https://bugs.busybox.net/show_bug.cgi?id=15871#c6 - -Signed-off-by: Natanael Copa -(cherry picked from commit 1714301c405ef03b39605c85c23f22a190cddd95) -Signed-off-by: Khem Raj -[Thomas: taken from https://git.openembedded.org/openembedded-core/tree/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch?id=e0ff4813b1cf4df0d851c857d57fb88d7db51bdd] -Upstream: https://git.busybox.net/busybox/commit/?id=38335df9e9f45378c3407defd38b5b610578bdda -Signed-off-by: Thomas Petazzoni ---- - editors/awk.c | 18 ++++++++++++++---- - testsuite/awk.tests | 9 +++++++-- - 2 files changed, 21 insertions(+), 6 deletions(-) - -diff --git a/editors/awk.c b/editors/awk.c -index 5962c3f6a..9467f4644 100644 ---- a/editors/awk.c -+++ b/editors/awk.c -@@ -442,9 +442,10 @@ static const uint32_t tokeninfo[] ALIGN4 = { - #define TI_PREINC (OC_UNARY|xV|P(9)|'P') - #define TI_PREDEC (OC_UNARY|xV|P(9)|'M') - TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), -- OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(38), OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-', -- OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&', -- OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&', -+#define TI_ASSIGN (OC_MOVE|VV|P(74)) -+ OC_COMPARE|VV|P(39)|5, TI_ASSIGN, OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', -+ OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', -+ OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', - OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', - OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, - #define TI_LESS (OC_COMPARE|VV|P(39)|2) -@@ -1376,11 +1377,19 @@ static node *parse_expr(uint32_t term_tc) - continue; - } - if (tc & (TS_BINOP | TC_UOPPOST)) { -+ int prio; - debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); - /* for binary and postfix-unary operators, jump back over - * previous operators with higher priority */ - vn = cn; -- while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) -+ /* Let assignment get higher priority when used on right -+ * side in compare. i.e: 2==v=3 */ -+ if (t_info == TI_ASSIGN && (vn->a.n->info & OPCLSMASK) == OC_COMPARE) { -+ prio = PRECEDENCE(38); -+ } else { -+ prio = (t_info & PRIMASK); -+ } -+ while ((prio > (vn->a.n->info & PRIMASK2)) - || (t_info == vn->info && t_info == TI_COLON) - ) { - vn = vn->a.n; -@@ -1412,6 +1421,7 @@ static node *parse_expr(uint32_t term_tc) - if ((vn->info & OPCLSMASK) != OC_VAR - && (vn->info & OPCLSMASK) != OC_FNARG - && (vn->info & OPCLSMASK) != OC_FIELD -+ && (vn->info & OPCLSMASK) != OC_COMPARE - ) { - syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */ - } -diff --git a/testsuite/awk.tests b/testsuite/awk.tests -index a78fdcd98..d2706dea9 100755 ---- a/testsuite/awk.tests -+++ b/testsuite/awk.tests -@@ -540,9 +540,14 @@ testing 'awk assign while assign' \ - │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] - └────────────────────────────────────────────────────┘^C" - --testing "awk = has higher precedence than == (despite what gawk manpage claims)" \ -+testing "awk = has higher precedence than == on right side" \ - "awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \ -- '0\n1\n2\n1\n3\n' \ -+ '0\n1\n2\n1\n1\n' \ -+ '' '' -+ -+testing 'awk ternary precedence' \ -+ "awk 'BEGIN { a = 0 ? \"yes\": \"no\"; print a }'" \ -+ 'no\n' \ - '' '' - - exit $FAILCOUNT --- -2.47.1 - diff --git a/package/busybox/busybox.hash b/package/busybox/busybox.hash index 6eba365ecc77..39ca8915f32d 100644 --- a/package/busybox/busybox.hash +++ b/package/busybox/busybox.hash @@ -1,5 +1,5 @@ -# From https://busybox.net/downloads/busybox-1.36.1.tar.bz2.sha256 -sha256 b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314 busybox-1.36.1.tar.bz2 +# From https://busybox.net/downloads/busybox-1.37.0.tar.bz2.sha256 +sha256 3311dff32e746499f4df0d5df04d7eb396382d7e108bb9250e7b519b837043a4 busybox-1.37.0.tar.bz2 # Locally computed sha256 bbfc9843646d483c334664f651c208b9839626891d8f17604db2146962f43548 LICENSE sha256 b5a136ed67798e51fe2e0ca0b2a21cb01b904ff0c9f7d563a6292e276607e58f archival/libarchive/bz/LICENSE diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk index d61fed987922..900e5e787721 100644 --- a/package/busybox/busybox.mk +++ b/package/busybox/busybox.mk @@ -4,7 +4,7 @@ # ################################################################################ -BUSYBOX_VERSION = 1.36.1 +BUSYBOX_VERSION = 1.37.0 BUSYBOX_SITE = https://www.busybox.net/downloads BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2 BUSYBOX_LICENSE = GPL-2.0, bzip2-1.0.4 From a42041575e5c7959e3820710c62f0d4a61e9e04f Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 22:56:54 +0100 Subject: [PATCH 07/10] package/binutils: add support for version 2.44 Release notes: https://sourceware.org/pipermail/binutils/2025-February/139195.html Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- package/binutils/2.44/0001-sh-conf.patch | 50 +++ .../2.44/0002-poison-system-directories.patch | 310 ++++++++++++++++++ package/binutils/Config.in.host | 4 + package/binutils/binutils.hash | 1 + 4 files changed, 365 insertions(+) create mode 100644 package/binutils/2.44/0001-sh-conf.patch create mode 100644 package/binutils/2.44/0002-poison-system-directories.patch diff --git a/package/binutils/2.44/0001-sh-conf.patch b/package/binutils/2.44/0001-sh-conf.patch new file mode 100644 index 000000000000..e56f52b9d88e --- /dev/null +++ b/package/binutils/2.44/0001-sh-conf.patch @@ -0,0 +1,50 @@ +From d5f66b0da8d1e0ed091bff65f8a4db10a82a5420 Mon Sep 17 00:00:00 2001 +From: Romain Naour +Date: Fri, 25 Dec 2015 11:38:13 +0100 +Subject: [PATCH] sh-conf + +Likewise, binutils has no idea about any of these new targets either, so we +fix that up too.. now we're able to actually build a real toolchain for +sh2a_nofpu- and other more ineptly named toolchains (and yes, there are more +inept targets than that one, really. Go look, I promise). + +Upstream: N/A [Buildroot specific] + +[Romain: rebase on top of 2.32] +Signed-off-by: Romain Naour +[Thomas: rebase on top of 2.29, in which sh64 support was removed.] +Signed-off-by: Thomas Petazzoni +--- + configure | 2 +- + configure.ac | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure b/configure +index bbfb5979546..bcd95684ae1 100755 +--- a/configure ++++ b/configure +@@ -4056,7 +4056,7 @@ case "${target}" in + nvptx*-*-*) + noconfigdirs="$noconfigdirs target-libssp target-libstdc++-v3 target-libobjc" + ;; +- sh-*-*) ++ sh*-*-*) + case "${target}" in + sh*-*-elf) + ;; +diff --git a/configure.ac b/configure.ac +index f9694cdf901..d6a3623ba50 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1278,7 +1278,7 @@ case "${target}" in + nvptx*-*-*) + noconfigdirs="$noconfigdirs target-libssp target-libstdc++-v3 target-libobjc" + ;; +- sh-*-*) ++ sh*-*-*) + case "${target}" in + sh*-*-elf) + ;; +-- +2.48.1 + diff --git a/package/binutils/2.44/0002-poison-system-directories.patch b/package/binutils/2.44/0002-poison-system-directories.patch new file mode 100644 index 000000000000..b8d6d155258a --- /dev/null +++ b/package/binutils/2.44/0002-poison-system-directories.patch @@ -0,0 +1,310 @@ +From 947a56b4ba73ec3fbf9c1fcff46d65754ba12e27 Mon Sep 17 00:00:00 2001 +From: Romain Naour +Date: Fri, 25 Dec 2015 11:45:38 +0100 +Subject: [PATCH] poison-system-directories + +Patch adapted to binutils 2.23.2 and extended to use +BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni. + +[Waldemar: rebase on top of 2.43] +Signed-off-by: Waldemar Brodkorb +[Waldemar: rebase on top of 2.39] +Signed-off-by: Waldemar Brodkorb +[Romain: rebase on top of 2.33.1] +Signed-off-by: Romain Naour +[Gustavo: adapt to binutils 2.25] +Signed-off-by: Thomas Petazzoni +Signed-off-by: Gustavo Zacarias + +Upstream-Status: Inappropriate [distribution: codesourcery] +Upstream: N/A [Buildroot specific] + +Patch originally created by Mark Hatle, forward-ported to +binutils 2.21 by Scott Garman. + +purpose: warn for uses of system directories when cross linking + +Code Merged from Sourcery G++ binutils 2.19 - 4.4-277 + +2008-07-02 Joseph Myers + + ld/ + * ld.h (args_type): Add error_poison_system_directories. + * ld.texinfo (--error-poison-system-directories): Document. + * ldfile.c (ldfile_add_library_path): Check + command_line.error_poison_system_directories. + * ldmain.c (main): Initialize + command_line.error_poison_system_directories. + * lexsup.c (enum option_values): Add + OPTION_ERROR_POISON_SYSTEM_DIRECTORIES. + (ld_options): Add --error-poison-system-directories. + (parse_args): Handle new option. + +2007-06-13 Joseph Myers + + ld/ + * config.in: Regenerate. + * ld.h (args_type): Add poison_system_directories. + * ld.texinfo (--no-poison-system-directories): Document. + * ldfile.c (ldfile_add_library_path): Check + command_line.poison_system_directories. + * ldmain.c (main): Initialize + command_line.poison_system_directories. + * lexsup.c (enum option_values): Add + OPTION_NO_POISON_SYSTEM_DIRECTORIES. + (ld_options): Add --no-poison-system-directories. + (parse_args): Handle new option. + +2007-04-20 Joseph Myers + + Merge from Sourcery G++ binutils 2.17: + + 2007-03-20 Joseph Myers + Based on patch by Mark Hatle . + ld/ + * configure.ac (--enable-poison-system-directories): New option. + * configure, config.in: Regenerate. + * ldfile.c (ldfile_add_library_path): If + ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib, + /usr/lib, /usr/local/lib or /usr/X11R6/lib. + +Signed-off-by: Mark Hatle +Signed-off-by: Scott Garman +--- + ld/config.in | 3 +++ + ld/configure | 14 ++++++++++++++ + ld/configure.ac | 10 ++++++++++ + ld/ld.h | 8 ++++++++ + ld/ld.texi | 12 ++++++++++++ + ld/ldfile.c | 16 ++++++++++++++++ + ld/ldlex.h | 2 ++ + ld/ldmain.c | 2 ++ + ld/lexsup.c | 21 +++++++++++++++++++++ + 9 files changed, 88 insertions(+) + +diff --git a/ld/config.in b/ld/config.in +index 2d7b6406d2b..37cd12d20fa 100644 +--- a/ld/config.in ++++ b/ld/config.in +@@ -78,6 +78,9 @@ + language is requested. */ + #undef ENABLE_NLS + ++/* Define to warn for use of native system library directories */ ++#undef ENABLE_POISON_SYSTEM_DIRECTORIES ++ + /* Additional extension a shared object might have. */ + #undef EXTRA_SHLIB_EXTENSION + +diff --git a/ld/configure b/ld/configure +index d3995b73c06..2317f06682e 100755 +--- a/ld/configure ++++ b/ld/configure +@@ -844,6 +844,7 @@ with_lib_path + enable_targets + enable_64_bit_bfd + with_sysroot ++enable_poison_system_directories + enable_gold + enable_got + enable_compressed_debug_sections +@@ -1537,6 +1538,8 @@ Optional Features: + --enable-checking enable run-time checks + --enable-targets alternative target configurations + --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes) ++ --enable-poison-system-directories ++ warn for use of native system library directories + --enable-gold[=ARG] build gold [ARG={default,yes,no}] + --enable-got= GOT handling scheme (target, single, negative, + multigot) +@@ -15592,7 +15595,18 @@ else + fi + + ++# Check whether --enable-poison-system-directories was given. ++if test "${enable_poison_system_directories+set}" = set; then : ++ enableval=$enable_poison_system_directories; ++else ++ enable_poison_system_directories=no ++fi ++ ++if test "x${enable_poison_system_directories}" = "xyes"; then + ++$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h ++ ++fi + + # Check whether --enable-got was given. + if test "${enable_got+set}" = set; then : +diff --git a/ld/configure.ac b/ld/configure.ac +index 228f2ee4089..50a4b0f4db1 100644 +--- a/ld/configure.ac ++++ b/ld/configure.ac +@@ -102,6 +102,16 @@ AC_SUBST(use_sysroot) + AC_SUBST(TARGET_SYSTEM_ROOT) + AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE) + ++AC_ARG_ENABLE([poison-system-directories], ++ AS_HELP_STRING([--enable-poison-system-directories], ++ [warn for use of native system library directories]),, ++ [enable_poison_system_directories=no]) ++if test "x${enable_poison_system_directories}" = "xyes"; then ++ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES], ++ [1], ++ [Define to warn for use of native system library directories]) ++fi ++ + dnl Use --enable-gold to decide if this linker should be the default. + dnl "install_as_default" is set to false if gold is the default linker. + dnl "installed_linker" is the installed BFD linker name. +diff --git a/ld/ld.h b/ld/ld.h +index 254f0a097bb..daf777c65c8 100644 +--- a/ld/ld.h ++++ b/ld/ld.h +@@ -166,6 +166,14 @@ typedef struct + in the linker script. */ + bool force_group_allocation; + ++ /* If TRUE (the default) warn for uses of system directories when ++ cross linking. */ ++ bool poison_system_directories; ++ ++ /* If TRUE (default FALSE) give an error for uses of system ++ directories when cross linking instead of a warning. */ ++ bool error_poison_system_directories; ++ + /* Big or little endian as set on command line. */ + enum endian_enum endian; + +diff --git a/ld/ld.texi b/ld/ld.texi +index f6384ad82dd..9d972ec9725 100644 +--- a/ld/ld.texi ++++ b/ld/ld.texi +@@ -3263,6 +3263,18 @@ bit string identifying the original linked file does not change. + Passing @code{none} for @var{style} disables the setting from any + @code{--build-id} options earlier on the command line. + ++@kindex --no-poison-system-directories ++@item --no-poison-system-directories ++Do not warn for @option{-L} options using system directories such as ++@file{/usr/lib} when cross linking. This option is intended for use ++in chroot environments when such directories contain the correct ++libraries for the target system rather than the host. ++ ++@kindex --error-poison-system-directories ++@item --error-poison-system-directories ++Give an error instead of a warning for @option{-L} options using ++system directories when cross linking. ++ + @kindex --package-metadata=@var{JSON} + @item --package-metadata=@var{JSON} + Request the creation of a @code{.note.package} ELF note section. The +diff --git a/ld/ldfile.c b/ld/ldfile.c +index 12551504ae6..c6bfb98e522 100644 +--- a/ld/ldfile.c ++++ b/ld/ldfile.c +@@ -328,6 +328,22 @@ ldfile_add_library_path (const char *name, bool cmdline) + new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL); + else + new_dirs->name = xstrdup (name); ++ ++#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES ++ if (command_line.poison_system_directories ++ && ((!strncmp (name, "/lib", 4)) ++ || (!strncmp (name, "/usr/lib", 8)) ++ || (!strncmp (name, "/usr/local/lib", 14)) ++ || (!strncmp (name, "/usr/X11R6/lib", 14)))) ++ { ++ if (command_line.error_poison_system_directories) ++ einfo (_("%X%P: error: library search path \"%s\" is unsafe for " ++ "cross-compilation\n"), name); ++ else ++ einfo (_("%P: warning: library search path \"%s\" is unsafe for " ++ "cross-compilation\n"), name); ++ } ++#endif + } + + static void +diff --git a/ld/ldlex.h b/ld/ldlex.h +index b8b7d6b6829..c4b91482452 100644 +--- a/ld/ldlex.h ++++ b/ld/ldlex.h +@@ -171,6 +171,8 @@ enum option_values + OPTION_CTF_VARIABLES, + OPTION_NO_CTF_VARIABLES, + OPTION_CTF_SHARE_TYPES, ++ OPTION_NO_POISON_SYSTEM_DIRECTORIES, ++ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES, + OPTION_ERROR_EXECSTACK, + OPTION_NO_ERROR_EXECSTACK, + OPTION_WARN_EXECSTACK_OBJECTS, +diff --git a/ld/ldmain.c b/ld/ldmain.c +index f1c5f7035c5..69dd2d89357 100644 +--- a/ld/ldmain.c ++++ b/ld/ldmain.c +@@ -351,6 +351,8 @@ main (int argc, char **argv) + command_line.warn_mismatch = true; + command_line.warn_search_mismatch = true; + command_line.check_section_addresses = -1; ++ command_line.poison_system_directories = true; ++ command_line.error_poison_system_directories = false; + + /* We initialize DEMANGLING based on the environment variable + COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the +diff --git a/ld/lexsup.c b/ld/lexsup.c +index 5399aa45b72..a04346bee58 100644 +--- a/ld/lexsup.c ++++ b/ld/lexsup.c +@@ -650,6 +650,14 @@ static const struct ld_option ld_options[] = + " is: share-unconflicted (default),\n" + " share-duplicated"), + TWO_DASHES }, ++ { {"no-poison-system-directories", no_argument, NULL, ++ OPTION_NO_POISON_SYSTEM_DIRECTORIES}, ++ '\0', NULL, N_("Do not warn for -L options using system directories"), ++ TWO_DASHES }, ++ { {"error-poison-system-directories", no_argument, NULL, ++ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES}, ++ '\0', NULL, N_("Give an error for -L options using system directories"), ++ TWO_DASHES }, + }; + + #define OPTION_COUNT ARRAY_SIZE (ld_options) +@@ -662,6 +670,7 @@ parse_args (unsigned argc, char **argv) + int ingroup = 0; + char *default_dirlist = NULL; + char *shortopts; ++ char *BR_paranoid_env; + struct option *longopts; + struct option *really_longopts; + int last_optind; +@@ -1789,6 +1798,14 @@ parse_args (unsigned argc, char **argv) + } + break; + ++ case OPTION_NO_POISON_SYSTEM_DIRECTORIES: ++ command_line.poison_system_directories = false; ++ break; ++ ++ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES: ++ command_line.error_poison_system_directories = true; ++ break; ++ + case OPTION_PUSH_STATE: + input_flags.pushed = xmemdup (&input_flags, + sizeof (input_flags), +@@ -1933,6 +1950,10 @@ parse_args (unsigned argc, char **argv) + command_line.soname = NULL; + } + ++ BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH"); ++ if (BR_paranoid_env && strlen(BR_paranoid_env) > 0) ++ command_line.error_poison_system_directories = true; ++ + while (ingroup) + { + einfo (_("%P: missing --end-group; added as last command line option\n")); +-- +2.48.1 + diff --git a/package/binutils/Config.in.host b/package/binutils/Config.in.host index 16a57a5cb4ef..e2485fc6b5ed 100644 --- a/package/binutils/Config.in.host +++ b/package/binutils/Config.in.host @@ -25,6 +25,9 @@ config BR2_BINUTILS_VERSION_2_42_X config BR2_BINUTILS_VERSION_2_43_X bool "binutils 2.43.1" +config BR2_BINUTILS_VERSION_2_44_X + bool "binutils 2.44" + endchoice config BR2_BINUTILS_VERSION @@ -33,6 +36,7 @@ config BR2_BINUTILS_VERSION default "2.41" if BR2_BINUTILS_VERSION_2_41_X default "2.42" if BR2_BINUTILS_VERSION_2_42_X default "2.43.1" if BR2_BINUTILS_VERSION_2_43_X + default "2.44" if BR2_BINUTILS_VERSION_2_44_X config BR2_BINUTILS_GPROFNG bool "gprofng support" diff --git a/package/binutils/binutils.hash b/package/binutils/binutils.hash index 084793fc9fdb..2485693a86a8 100644 --- a/package/binutils/binutils.hash +++ b/package/binutils/binutils.hash @@ -2,6 +2,7 @@ sha512 5df45d0bd6ddabdce4f35878c041e46a92deef01e7dea5facc97fd65cc06b59abc6fba0eb454b68e571c7e14038dc823fe7f2263843e6e627b7444eaf0fe9374 binutils-2.41.tar.xz sha512 155f3ba14cd220102f4f29a4f1e5cfee3c48aa03b74603460d05afb73c70d6657a9d87eee6eb88bf13203fe6f31177a5c9addc04384e956e7da8069c8ecd20a6 binutils-2.42.tar.xz sha512 20977ad17729141a2c26d358628f44a0944b84dcfefdec2ba029c2d02f40dfc41cc91c0631044560d2bd6f9a51e1f15846b4b311befbe14f1239f14ff7d57824 binutils-2.43.1.tar.xz +sha512 b85d3bbc0e334cf67a96219d3c7c65fbf3e832b2c98a7417bf131f3645a0307057ec81cd2b29ff2563cec53e3d42f73e2c60cc5708e80d4a730efdcc6ae14ad7 binutils-2.44.tar.xz # Locally calculated (fetched from Github) sha512 3518b47d5c11d1fb478ee152bde1719363f9391db73f3b9f5491217c17742bef8ebca6a51a40302dfaa9476c5a32a8b8f70a4bf64289422dea5f750ae53ab88d binutils-gdb-arc-2023.09-release.tar.gz From 360fd01de20eb42aa0e6b5e9f7b37eaa104c6fc9 Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 22:56:55 +0100 Subject: [PATCH 08/10] package/binutils: make 2.43 the default version Now that we've added support for binutils 2.44, follow our usual process of masking the previous release, 2.43, the default one. Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- package/binutils/Config.in.host | 2 +- package/binutils/binutils.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/binutils/Config.in.host b/package/binutils/Config.in.host index e2485fc6b5ed..717d178a9ebc 100644 --- a/package/binutils/Config.in.host +++ b/package/binutils/Config.in.host @@ -7,7 +7,7 @@ config BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI choice prompt "Binutils Version" - default BR2_BINUTILS_VERSION_2_42_X if !BR2_arc + default BR2_BINUTILS_VERSION_2_43_X if !BR2_arc default BR2_BINUTILS_VERSION_ARC if BR2_arc help Select the version of binutils you wish to use. diff --git a/package/binutils/binutils.mk b/package/binutils/binutils.mk index 3d1f77c8c447..227eeefc4f4d 100644 --- a/package/binutils/binutils.mk +++ b/package/binutils/binutils.mk @@ -11,7 +11,7 @@ ifeq ($(BINUTILS_VERSION),) ifeq ($(BR2_arc),y) BINUTILS_VERSION = arc-2023.09-release else -BINUTILS_VERSION = 2.42 +BINUTILS_VERSION = 2.43 endif endif # BINUTILS_VERSION From 32829d0d131ec3cd16d2622b741f8b24bcac594a Mon Sep 17 00:00:00 2001 From: Thomas Petazzoni Date: Mon, 3 Feb 2025 22:56:56 +0100 Subject: [PATCH 09/10] package/binutils: drop binutils 2.41 Now that we have added binutils 2.44, made binutils 2.43 the default, let's continue to follow our usual policy and drop support for binutils 2.41. Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard --- Config.in.legacy | 6 + package/binutils/2.41/0001-sh-conf.patch | 50 --- .../2.41/0002-poison-system-directories.patch | 309 ------------------ ...ertion-fail-in-nios2_elf32_install_i.patch | 125 ------- package/binutils/Config.in.host | 4 - package/binutils/binutils.hash | 1 - 6 files changed, 6 insertions(+), 489 deletions(-) delete mode 100644 package/binutils/2.41/0001-sh-conf.patch delete mode 100644 package/binutils/2.41/0002-poison-system-directories.patch delete mode 100644 package/binutils/2.41/0003-PR27597-nios-assertion-fail-in-nios2_elf32_install_i.patch diff --git a/Config.in.legacy b/Config.in.legacy index edca3eef47d7..a8baecad582e 100644 --- a/Config.in.legacy +++ b/Config.in.legacy @@ -146,6 +146,12 @@ endif comment "Legacy options removed in 2025.02" +config BR2_BINUTILS_VERSION_2_41_X + bool "binutils 2.41 has been removed" + select BR2_LEGACY + help + binutils 2.41 has been removed, use a newer version. + config BR2_TARGET_ROOTFS_EXT2_2r0 bool "ext2 rev0 support been removed" select BR2_LEGACY diff --git a/package/binutils/2.41/0001-sh-conf.patch b/package/binutils/2.41/0001-sh-conf.patch deleted file mode 100644 index ffa23a88a793..000000000000 --- a/package/binutils/2.41/0001-sh-conf.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 87551ade276aa0db86c4567b3ac219c4f979b538 Mon Sep 17 00:00:00 2001 -From: Romain Naour -Date: Fri, 25 Dec 2015 11:38:13 +0100 -Subject: [PATCH] sh-conf - -Likewise, binutils has no idea about any of these new targets either, so we -fix that up too.. now we're able to actually build a real toolchain for -sh2a_nofpu- and other more ineptly named toolchains (and yes, there are more -inept targets than that one, really. Go look, I promise). - -Upstream: N/A [Buildroot specific] - -[Romain: rebase on top of 2.32] -Signed-off-by: Romain Naour -[Thomas: rebase on top of 2.29, in which sh64 support was removed.] -Signed-off-by: Thomas Petazzoni ---- - configure | 2 +- - configure.ac | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/configure b/configure -index 417fc5a970c..fa8ba331796 100755 ---- a/configure -+++ b/configure -@@ -4067,7 +4067,7 @@ case "${target}" in - nvptx*-*-*) - noconfigdirs="$noconfigdirs target-libssp target-libstdc++-v3 target-libobjc" - ;; -- sh-*-*) -+ sh*-*-*) - case "${target}" in - sh*-*-elf) - ;; -diff --git a/configure.ac b/configure.ac -index 3a1eb0357e5..d700c14ddf5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1300,7 +1300,7 @@ case "${target}" in - nvptx*-*-*) - noconfigdirs="$noconfigdirs target-libssp target-libstdc++-v3 target-libobjc" - ;; -- sh-*-*) -+ sh*-*-*) - case "${target}" in - sh*-*-elf) - ;; --- -2.40.1 - diff --git a/package/binutils/2.41/0002-poison-system-directories.patch b/package/binutils/2.41/0002-poison-system-directories.patch deleted file mode 100644 index 4b927b630e03..000000000000 --- a/package/binutils/2.41/0002-poison-system-directories.patch +++ /dev/null @@ -1,309 +0,0 @@ -From a6d90a842e349545ceb27f022317618dd99378ce Mon Sep 17 00:00:00 2001 -From: Romain Naour -Date: Fri, 25 Dec 2015 11:45:38 +0100 -Subject: [PATCH] poison-system-directories - -Patch adapted to binutils 2.23.2 and extended to use -BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni. - -[Waldemar: rebase on top of 2.39] -Signed-off-by: Waldemar Brodkorb -[Romain: rebase on top of 2.33.1] -Signed-off-by: Romain Naour -[Gustavo: adapt to binutils 2.25] -Signed-off-by: Thomas Petazzoni -Signed-off-by: Gustavo Zacarias - -Upstream-Status: Inappropriate [distribution: codesourcery] -Upstream: N/A [Buildroot specific] - -Patch originally created by Mark Hatle, forward-ported to -binutils 2.21 by Scott Garman. - -purpose: warn for uses of system directories when cross linking - -Code Merged from Sourcery G++ binutils 2.19 - 4.4-277 - -2008-07-02 Joseph Myers - - ld/ - * ld.h (args_type): Add error_poison_system_directories. - * ld.texinfo (--error-poison-system-directories): Document. - * ldfile.c (ldfile_add_library_path): Check - command_line.error_poison_system_directories. - * ldmain.c (main): Initialize - command_line.error_poison_system_directories. - * lexsup.c (enum option_values): Add - OPTION_ERROR_POISON_SYSTEM_DIRECTORIES. - (ld_options): Add --error-poison-system-directories. - (parse_args): Handle new option. - -2007-06-13 Joseph Myers - - ld/ - * config.in: Regenerate. - * ld.h (args_type): Add poison_system_directories. - * ld.texinfo (--no-poison-system-directories): Document. - * ldfile.c (ldfile_add_library_path): Check - command_line.poison_system_directories. - * ldmain.c (main): Initialize - command_line.poison_system_directories. - * lexsup.c (enum option_values): Add - OPTION_NO_POISON_SYSTEM_DIRECTORIES. - (ld_options): Add --no-poison-system-directories. - (parse_args): Handle new option. - -2007-04-20 Joseph Myers - - Merge from Sourcery G++ binutils 2.17: - - 2007-03-20 Joseph Myers - Based on patch by Mark Hatle . - ld/ - * configure.ac (--enable-poison-system-directories): New option. - * configure, config.in: Regenerate. - * ldfile.c (ldfile_add_library_path): If - ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib, - /usr/lib, /usr/local/lib or /usr/X11R6/lib. - -Signed-off-by: Mark Hatle -Signed-off-by: Scott Garman ---- - ld/config.in | 3 +++ - ld/configure | 14 ++++++++++++++ - ld/configure.ac | 10 ++++++++++ - ld/ld.h | 8 ++++++++ - ld/ld.texi | 12 ++++++++++++ - ld/ldfile.c | 17 +++++++++++++++++ - ld/ldlex.h | 2 ++ - ld/ldmain.c | 2 ++ - ld/lexsup.c | 21 +++++++++++++++++++++ - 9 files changed, 89 insertions(+) - -diff --git a/ld/config.in b/ld/config.in -index ad0dc6a106c..d21edaddce7 100644 ---- a/ld/config.in -+++ b/ld/config.in -@@ -58,6 +58,9 @@ - language is requested. */ - #undef ENABLE_NLS - -+/* Define to warn for use of native system library directories */ -+#undef ENABLE_POISON_SYSTEM_DIRECTORIES -+ - /* Additional extension a shared object might have. */ - #undef EXTRA_SHLIB_EXTENSION - -diff --git a/ld/configure b/ld/configure -index 43b44be1dc6..28f054ea3f8 100755 ---- a/ld/configure -+++ b/ld/configure -@@ -839,6 +839,7 @@ with_lib_path - enable_targets - enable_64_bit_bfd - with_sysroot -+enable_poison_system_directories - enable_gold - enable_got - enable_compressed_debug_sections -@@ -1521,6 +1522,8 @@ Optional Features: - --enable-checking enable run-time checks - --enable-targets alternative target configurations - --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes) -+ --enable-poison-system-directories -+ warn for use of native system library directories - --enable-gold[=ARG] build gold [ARG={default,yes,no}] - --enable-got= GOT handling scheme (target, single, negative, - multigot) -@@ -15504,7 +15507,18 @@ else - fi - - -+# Check whether --enable-poison-system-directories was given. -+if test "${enable_poison_system_directories+set}" = set; then : -+ enableval=$enable_poison_system_directories; -+else -+ enable_poison_system_directories=no -+fi -+ -+if test "x${enable_poison_system_directories}" = "xyes"; then - -+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h -+ -+fi - - # Check whether --enable-got was given. - if test "${enable_got+set}" = set; then : -diff --git a/ld/configure.ac b/ld/configure.ac -index 77edac3258c..a74dac63038 100644 ---- a/ld/configure.ac -+++ b/ld/configure.ac -@@ -103,6 +103,16 @@ AC_SUBST(use_sysroot) - AC_SUBST(TARGET_SYSTEM_ROOT) - AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE) - -+AC_ARG_ENABLE([poison-system-directories], -+ AS_HELP_STRING([--enable-poison-system-directories], -+ [warn for use of native system library directories]),, -+ [enable_poison_system_directories=no]) -+if test "x${enable_poison_system_directories}" = "xyes"; then -+ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES], -+ [1], -+ [Define to warn for use of native system library directories]) -+fi -+ - dnl Use --enable-gold to decide if this linker should be the default. - dnl "install_as_default" is set to false if gold is the default linker. - dnl "installed_linker" is the installed BFD linker name. -diff --git a/ld/ld.h b/ld/ld.h -index 05649ff61b8..1818c227473 100644 ---- a/ld/ld.h -+++ b/ld/ld.h -@@ -163,6 +163,14 @@ typedef struct - in the linker script. */ - bool force_group_allocation; - -+ /* If TRUE (the default) warn for uses of system directories when -+ cross linking. */ -+ bool poison_system_directories; -+ -+ /* If TRUE (default FALSE) give an error for uses of system -+ directories when cross linking instead of a warning. */ -+ bool error_poison_system_directories; -+ - /* Big or little endian as set on command line. */ - enum endian_enum endian; - -diff --git a/ld/ld.texi b/ld/ld.texi -index db3a9f09b45..9dacc934f80 100644 ---- a/ld/ld.texi -+++ b/ld/ld.texi -@@ -2949,6 +2949,18 @@ string identifying the original linked file does not change. - Passing @code{none} for @var{style} disables the setting from any - @code{--build-id} options earlier on the command line. - -+@kindex --no-poison-system-directories -+@item --no-poison-system-directories -+Do not warn for @option{-L} options using system directories such as -+@file{/usr/lib} when cross linking. This option is intended for use -+in chroot environments when such directories contain the correct -+libraries for the target system rather than the host. -+ -+@kindex --error-poison-system-directories -+@item --error-poison-system-directories -+Give an error instead of a warning for @option{-L} options using -+system directories when cross linking. -+ - @kindex --package-metadata=@var{JSON} - @item --package-metadata=@var{JSON} - Request the creation of a @code{.note.package} ELF note section. The -diff --git a/ld/ldfile.c b/ld/ldfile.c -index b8fd4e5d8e0..1f1d8e23bc9 100644 ---- a/ld/ldfile.c -+++ b/ld/ldfile.c -@@ -117,6 +117,23 @@ ldfile_add_library_path (const char *name, bool cmdline) - new_dirs->name = concat (ld_sysroot, name + strlen ("$SYSROOT"), (const char *) NULL); - else - new_dirs->name = xstrdup (name); -+ -+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES -+ if (command_line.poison_system_directories -+ && ((!strncmp (name, "/lib", 4)) -+ || (!strncmp (name, "/usr/lib", 8)) -+ || (!strncmp (name, "/usr/local/lib", 14)) -+ || (!strncmp (name, "/usr/X11R6/lib", 14)))) -+ { -+ if (command_line.error_poison_system_directories) -+ einfo (_("%X%P: error: library search path \"%s\" is unsafe for " -+ "cross-compilation\n"), name); -+ else -+ einfo (_("%P: warning: library search path \"%s\" is unsafe for " -+ "cross-compilation\n"), name); -+ } -+#endif -+ - } - - /* Try to open a BFD for a lang_input_statement. */ -diff --git a/ld/ldlex.h b/ld/ldlex.h -index 0538f0a06a1..d1de3aec23d 100644 ---- a/ld/ldlex.h -+++ b/ld/ldlex.h -@@ -166,6 +166,8 @@ enum option_values - OPTION_CTF_VARIABLES, - OPTION_NO_CTF_VARIABLES, - OPTION_CTF_SHARE_TYPES, -+ OPTION_NO_POISON_SYSTEM_DIRECTORIES, -+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES, - OPTION_WARN_EXECSTACK, - OPTION_NO_WARN_EXECSTACK, - OPTION_WARN_RWX_SEGMENTS, -diff --git a/ld/ldmain.c b/ld/ldmain.c -index 9290a189b0d..e2e3074e872 100644 ---- a/ld/ldmain.c -+++ b/ld/ldmain.c -@@ -321,6 +321,8 @@ main (int argc, char **argv) - command_line.warn_mismatch = true; - command_line.warn_search_mismatch = true; - command_line.check_section_addresses = -1; -+ command_line.poison_system_directories = true; -+ command_line.error_poison_system_directories = false; - - /* We initialize DEMANGLING based on the environment variable - COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the -diff --git a/ld/lexsup.c b/ld/lexsup.c -index c5960385572..da0a7829914 100644 ---- a/ld/lexsup.c -+++ b/ld/lexsup.c -@@ -613,6 +613,14 @@ static const struct ld_option ld_options[] = - " is: share-unconflicted (default),\n" - " share-duplicated"), - TWO_DASHES }, -+ { {"no-poison-system-directories", no_argument, NULL, -+ OPTION_NO_POISON_SYSTEM_DIRECTORIES}, -+ '\0', NULL, N_("Do not warn for -L options using system directories"), -+ TWO_DASHES }, -+ { {"error-poison-system-directories", no_argument, NULL, -+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES}, -+ '\0', NULL, N_("Give an error for -L options using system directories"), -+ TWO_DASHES }, - }; - - #define OPTION_COUNT ARRAY_SIZE (ld_options) -@@ -625,6 +633,7 @@ parse_args (unsigned argc, char **argv) - int ingroup = 0; - char *default_dirlist = NULL; - char *shortopts; -+ char *BR_paranoid_env; - struct option *longopts; - struct option *really_longopts; - int last_optind; -@@ -1692,6 +1701,14 @@ parse_args (unsigned argc, char **argv) - } - break; - -+ case OPTION_NO_POISON_SYSTEM_DIRECTORIES: -+ command_line.poison_system_directories = false; -+ break; -+ -+ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES: -+ command_line.error_poison_system_directories = true; -+ break; -+ - case OPTION_PUSH_STATE: - input_flags.pushed = xmemdup (&input_flags, - sizeof (input_flags), -@@ -1837,6 +1854,10 @@ parse_args (unsigned argc, char **argv) - command_line.soname = NULL; - } - -+ BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH"); -+ if (BR_paranoid_env && strlen(BR_paranoid_env) > 0) -+ command_line.error_poison_system_directories = true; -+ - while (ingroup) - { - einfo (_("%P: missing --end-group; added as last command line option\n")); --- -2.40.1 - diff --git a/package/binutils/2.41/0003-PR27597-nios-assertion-fail-in-nios2_elf32_install_i.patch b/package/binutils/2.41/0003-PR27597-nios-assertion-fail-in-nios2_elf32_install_i.patch deleted file mode 100644 index 4753ae13c49e..000000000000 --- a/package/binutils/2.41/0003-PR27597-nios-assertion-fail-in-nios2_elf32_install_i.patch +++ /dev/null @@ -1,125 +0,0 @@ -From 900c0f0aa3d78cd9e67ccd26fbc86224cef4c5b1 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Fri, 16 Feb 2024 22:33:29 +1030 -Subject: [PATCH] PR27597, nios: assertion fail in nios2_elf32_install_imm16 - -The assertion in nios2_elf32_install_imm16 triggers when the PLT is -twice the maximum allowable size for a branch from PLTn to reach -.PLTresolve, and on no other call to nios2_elf32_install_imm16. That -makes the assertion completely useless. We can handle a PIC PLT -exceeding 0x8000 in size by bouncing branches that won't reach through -previous branches. - - PR 27597 - * elf32-nios2.c (nios2_elf32_install_imm16): Delete BFD_ASSERT. - (nios2_build_one_stub): Don't bother masking value passed to - nios2_elf32_install_imm16. - (nios2_elf32_finish_dynamic_symbol): Likewise. Handle overflow - of PLTn branch to .PLTresolve by bouncing through prior branches. - -Upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=900c0f0aa3d78cd9e67ccd26fbc86224cef4c5b1 - -Signed-off-by: Giulio Benetti ---- - bfd/elf32-nios2.c | 40 ++++++++++++++++++++++++---------------- - 1 file changed, 24 insertions(+), 16 deletions(-) - -diff --git a/bfd/elf32-nios2.c b/bfd/elf32-nios2.c -index bebf4239958..7f61e2f8507 100644 ---- a/bfd/elf32-nios2.c -+++ b/bfd/elf32-nios2.c -@@ -1878,8 +1878,6 @@ nios2_elf32_install_imm16 (asection *sec, bfd_vma offset, bfd_vma value) - { - bfd_vma word = bfd_get_32 (sec->owner, sec->contents + offset); - -- BFD_ASSERT (value <= 0xffff || ((bfd_signed_vma) value) >= -0xffff); -- - bfd_put_32 (sec->owner, word | ((value & 0xffff) << 6), - sec->contents + offset); - } -@@ -2518,7 +2516,7 @@ nios2_build_one_stub (struct bfd_hash_entry *gen_entry, void *in_arg ATTRIBUTE_U - nios2_elf32_install_imm16 (stub_sec, hsh->stub_offset, - hiadj (sym_value)); - nios2_elf32_install_imm16 (stub_sec, hsh->stub_offset + 4, -- (sym_value & 0xffff)); -+ sym_value); - stub_sec->size += 12; - break; - default: -@@ -4986,16 +4984,28 @@ nios2_elf32_finish_dynamic_symbol (bfd *output_bfd, - /* Emit the PLT entry. */ - if (bfd_link_pic (info)) - { -+ bfd_vma br_offset; -+ - nios2_elf32_install_data (splt, nios2_so_plt_entry, h->plt.offset, - 3); - plt_index = (h->plt.offset - 24) / 12; - got_offset = (plt_index + 3) * 4; - nios2_elf32_install_imm16 (splt, h->plt.offset, -- hiadj(plt_index * 4)); -+ hiadj (plt_index * 4)); - nios2_elf32_install_imm16 (splt, h->plt.offset + 4, -- (plt_index * 4) & 0xffff); -- nios2_elf32_install_imm16 (splt, h->plt.offset + 8, -- 0xfff4 - h->plt.offset); -+ plt_index * 4); -+ br_offset = -(h->plt.offset + 12); -+ /* If this plt entry is too far away from the start of .plt -+ for the "br" to reach .PLTresolve, bounce through one or -+ more of the previous "br" instructions. */ -+ if (br_offset < (bfd_vma) -32768) -+ { -+ br_offset += 32768 / 12 * 12 - 4; -+ while (br_offset < (bfd_vma) -32768) -+ br_offset += 32768 / 12 * 12; -+ } -+ nios2_elf32_install_imm16 (splt, h->plt.offset + 8, br_offset); -+ - got_address = (sgotplt->output_section->vma + sgotplt->output_offset - + got_offset); - -@@ -5014,9 +5024,8 @@ nios2_elf32_finish_dynamic_symbol (bfd *output_bfd, - nios2_elf32_install_data (splt, nios2_plt_entry, h->plt.offset, 3); - got_address = (sgotplt->output_section->vma + sgotplt->output_offset - + got_offset); -- nios2_elf32_install_imm16 (splt, h->plt.offset, hiadj(got_address)); -- nios2_elf32_install_imm16 (splt, h->plt.offset + 4, -- got_address & 0xffff); -+ nios2_elf32_install_imm16 (splt, h->plt.offset, hiadj (got_address)); -+ nios2_elf32_install_imm16 (splt, h->plt.offset + 4, got_address); - - /* Fill in the entry in the global offset table. */ - bfd_put_32 (output_bfd, -@@ -5217,8 +5226,8 @@ nios2_elf32_finish_dynamic_sections (bfd *output_bfd, - BFD_ASSERT ((got_pcrel & 0xf) == 0); - nios2_elf32_install_data (splt, nios2_so_plt0_entry, 0, 6); - nios2_elf32_install_imm16 (splt, 4, hiadj (got_pcrel)); -- nios2_elf32_install_imm16 (splt, 12, got_pcrel & 0xffff); -- nios2_elf32_install_imm16 (splt, 16, (got_pcrel + 4) & 0xffff); -+ nios2_elf32_install_imm16 (splt, 12, got_pcrel); -+ nios2_elf32_install_imm16 (splt, 16, got_pcrel + 4); - } - else - { -@@ -5240,14 +5249,13 @@ nios2_elf32_finish_dynamic_sections (bfd *output_bfd, - - nios2_elf32_install_data (splt, nios2_plt0_entry, res_size, 7); - nios2_elf32_install_imm16 (splt, res_size, hiadj (res_start)); -- nios2_elf32_install_imm16 (splt, res_size + 4, -- res_start & 0xffff); -+ nios2_elf32_install_imm16 (splt, res_size + 4, res_start); - nios2_elf32_install_imm16 (splt, res_size + 12, - hiadj (got_address)); - nios2_elf32_install_imm16 (splt, res_size + 16, -- (got_address + 4) & 0xffff); -+ got_address + 4); - nios2_elf32_install_imm16 (splt, res_size + 20, -- (got_address + 8) & 0xffff); -+ got_address + 8); - } - } - } --- -2.34.1 - diff --git a/package/binutils/Config.in.host b/package/binutils/Config.in.host index 717d178a9ebc..8e0c21bae082 100644 --- a/package/binutils/Config.in.host +++ b/package/binutils/Config.in.host @@ -12,9 +12,6 @@ choice help Select the version of binutils you wish to use. -config BR2_BINUTILS_VERSION_2_41_X - bool "binutils 2.41" - config BR2_BINUTILS_VERSION_ARC bool "binutils arc (2.41)" depends on BR2_arc @@ -33,7 +30,6 @@ endchoice config BR2_BINUTILS_VERSION string default "arc-2023.09-release" if BR2_BINUTILS_VERSION_ARC - default "2.41" if BR2_BINUTILS_VERSION_2_41_X default "2.42" if BR2_BINUTILS_VERSION_2_42_X default "2.43.1" if BR2_BINUTILS_VERSION_2_43_X default "2.44" if BR2_BINUTILS_VERSION_2_44_X diff --git a/package/binutils/binutils.hash b/package/binutils/binutils.hash index 2485693a86a8..ec0a382501a5 100644 --- a/package/binutils/binutils.hash +++ b/package/binutils/binutils.hash @@ -1,5 +1,4 @@ # From https://gcc.gnu.org/pub/binutils/releases/sha512.sum -sha512 5df45d0bd6ddabdce4f35878c041e46a92deef01e7dea5facc97fd65cc06b59abc6fba0eb454b68e571c7e14038dc823fe7f2263843e6e627b7444eaf0fe9374 binutils-2.41.tar.xz sha512 155f3ba14cd220102f4f29a4f1e5cfee3c48aa03b74603460d05afb73c70d6657a9d87eee6eb88bf13203fe6f31177a5c9addc04384e956e7da8069c8ecd20a6 binutils-2.42.tar.xz sha512 20977ad17729141a2c26d358628f44a0944b84dcfefdec2ba029c2d02f40dfc41cc91c0631044560d2bd6f9a51e1f15846b4b311befbe14f1239f14ff7d57824 binutils-2.43.1.tar.xz sha512 b85d3bbc0e334cf67a96219d3c7c65fbf3e832b2c98a7417bf131f3645a0307057ec81cd2b29ff2563cec53e3d42f73e2c60cc5708e80d4a730efdcc6ae14ad7 binutils-2.44.tar.xz From fe409a5cbdd84df29530fd812f00af97d490e453 Mon Sep 17 00:00:00 2001 From: Julien Olivain Date: Sat, 11 Jan 2025 12:36:25 +0100 Subject: [PATCH 10/10] package/fio: bump version to 3.38 For change log since 3.34, see: https://git.kernel.dk/cgit/fio/log/?h=fio-3.38 While at it, this commit also updates the homepage url in Config.in (which now points to cgit on https) and the _SITE url (which now uses https) to match urls published in [1]. This commit also adds the md5 hash published upstream and a comment about the pgp signature check. Also, fio includes the kernel header. See [2] and [3]. This Kernel header was added in commit [4] and [5], in Kernel v4.5. This commits adds this new kernel header version requirement. [1] https://git.kernel.dk/cgit/fio/tree/README.rst?h=fio-3.38 [2] https://git.kernel.dk/cgit/fio/tree/engines/io_uring.c?h=fio-3.38#n34 [3] https://git.kernel.dk/cgit/fio/tree/engines/nvme.h?h=fio-3.38#n12 [4] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9d99a8dda154f38307d43d9c9aa504bd3703d596 [5] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=a9cf8284b45110a4d98aea180a89c857e53bf850 Signed-off-by: Julien Olivain Signed-off-by: Peter Korsgaard --- package/fio/Config.in | 8 +++++--- package/fio/fio.hash | 8 ++++++-- package/fio/fio.mk | 4 ++-- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/package/fio/Config.in b/package/fio/Config.in index ff16c7263a29..b2a4fa64ae0b 100644 --- a/package/fio/Config.in +++ b/package/fio/Config.in @@ -5,14 +5,16 @@ config BR2_PACKAGE_FIO depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 # C11/stdatomic.h depends on BR2_TOOLCHAIN_HAS_SYNC_4 depends on BR2_TOOLCHAIN_HAS_THREADS + depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_5 # nvme_ioctl.h help fio is an I/O tool meant to be used both for benchmark and stress/hardware verification. - http://git.kernel.dk/?p=fio.git;a=summary + https://git.kernel.dk/cgit/fio/ -comment "fio needs a toolchain w/ dynamic library, threads, gcc >= 4.9" +comment "fio needs a toolchain w/ dynamic library, threads, gcc >= 4.9, headers >= 4.5" depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || \ - !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 + !BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 || \ + !BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_5 depends on BR2_TOOLCHAIN_HAS_SYNC_4 depends on BR2_USE_MMU diff --git a/package/fio/fio.hash b/package/fio/fio.hash index 7f7e12f9487c..7bc8b76bc97a 100644 --- a/package/fio/fio.hash +++ b/package/fio/fio.hash @@ -1,4 +1,8 @@ -# Locally computed -sha256 49f340ef51dbb7942d598abd2b8ad93ce7934ca709f73ba13519568556f9089f fio-3.34.tar.gz +# From https://brick.kernel.dk/snaps/MD5SUMS +md5 2223cf30dc799a838d92193aa5aa41d2 fio-3.38.tar.gz +# Locally computed after checking gpg signature from +# https://brick.kernel.dk/snaps/fio-3.38.tar.gz.asc +# with key C0FC392DCADE26D975FA5E4AF7D358FB2971E0A6 +sha256 a5b63518558004292c7ec60fef90163f59957d7e1dce6f4cb87e9dc75d4dfc48 fio-3.38.tar.gz sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING sha256 8a240c1ad13d1fe3e58588643d81d0695899be4a669fe6d8fafa76ca6a89db2c MORAL-LICENSE diff --git a/package/fio/fio.mk b/package/fio/fio.mk index f6e7b036bb65..10fafb8a0e15 100644 --- a/package/fio/fio.mk +++ b/package/fio/fio.mk @@ -4,8 +4,8 @@ # ################################################################################ -FIO_VERSION = 3.34 -FIO_SITE = http://brick.kernel.dk/snaps +FIO_VERSION = 3.38 +FIO_SITE = https://brick.kernel.dk/snaps FIO_LICENSE = GPL-2.0 FIO_LICENSE_FILES = COPYING MORAL-LICENSE