From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 15/16] busybox: always start do_compile with orig config files
Date: Mon, 20 Feb 2023 12:20:22 -1000 [thread overview]
Message-ID: <7ef76eaf5b68d52afdc4292bbe20309e29bb464a.1676931497.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1676931497.git.steve@sakoman.com>
From: Antonin Godard <antoningodard@pm.me>
When compiling busybox a second time (e.g. with `compile -f`), busybox
can use an altered autoconf.h file for compiling, which can ultimately
produces different and unwanted binaries.
This can produce errors like this one:
ERROR: busybox-1.35.0-r0 do_package: Error executing a python function in exec_func_python() autogenerated:
The stack trace of python calls that resulted in this exception/failure was:
File: 'exec_func_python() autogenerated', lineno: 2, function: <module>
0001:
*** 0002:ptest_update_alternatives(d)
0003:
File: '…/poky/meta/classes/ptest.bbclass', lineno: 100, function: ptest_update_alternatives
0096: for alt_name, alt_link, alt_target, _ in alternatives:
0097: # Some alternatives are for man pages,
0098: # check if the alternative is in PATH
0099: if os.path.dirname(alt_link) in bin_paths:
*** 0100: os.symlink(alt_target, os.path.join(ptest_bindir, alt_name))
0101:}
0102:
0103:do_configure_ptest_base[dirs] = "${B}"
0104:do_compile_ptest_base[dirs] = "${B}"
Exception: FileExistsError: [Errno 17] File exists: '/bin/busybox.suid' -> '…/busybox/1.35.0-r0/package/usr/lib/busybox/ptest/bin/login'
This happens because ALTERNATIVE:busybox contains `/bin/login` twice,
initially that's because `/bin/login` is present in both
busybox.links.suid and busybox.links.nosuid. The reason for that is
because of the altered autoconf.h.
Steps to reproduce above error:
<add ptest to distro configs>
bitbake busybox -c clean
bitbake busybox -c package -f
bitbake busybox -c compile -f
bitbake busybox -c package -f
This patch guards against potential bugs by:
- making a backup of .config and autoconf.h that have matching
timestamps.
- make sure do_compile always starts with these files.
- restore .config and autoconf.h at the end of do_compile.
Signed-off-by: Antonin Godard <antoningodard@pm.me>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/busybox/busybox.inc | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index 3553376582..616a23258a 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -139,6 +139,10 @@ do_configure () {
do_prepare_config
merge_config.sh -m .config ${@" ".join(find_cfgs(d))}
cml1_do_configure
+
+ # Save a copy of .config and autoconf.h.
+ cp .config .config.orig
+ cp include/autoconf.h include/autoconf.h.orig
}
do_compile() {
@@ -146,13 +150,14 @@ do_compile() {
if [ "${BUILD_REPRODUCIBLE_BINARIES}" = "1" ]; then
export KCONFIG_NOTIMESTAMP=1
fi
+
+ # Ensure we start do_compile with the original .config and autoconf.h.
+ # These files should always have matching timestamps.
+ cp .config.orig .config
+ cp include/autoconf.h.orig include/autoconf.h
+
if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then
# split the .config into two parts, and make two busybox binaries
- if [ -e .config.orig ]; then
- # Need to guard again an interrupted do_compile - restore any backup
- cp .config.orig .config
- fi
- cp .config .config.orig
oe_runmake busybox.cfg.suid
oe_runmake busybox.cfg.nosuid
@@ -189,15 +194,18 @@ do_compile() {
bbfatal "busybox suid binary incorrectly provides /bin/sh"
fi
- # copy .config.orig back to .config, because the install process may check this file
- cp .config.orig .config
# cleanup
- rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
+ rm .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
else
oe_runmake busybox_unstripped
cp busybox_unstripped busybox
oe_runmake busybox.links
fi
+
+ # restore original .config and autoconf.h, because the install process
+ # may check these files
+ cp .config.orig .config
+ cp include/autoconf.h.orig include/autoconf.h
}
do_install () {
--
2.34.1
next prev parent reply other threads:[~2023-02-20 22:21 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-20 22:20 [OE-core][dunfell 00/16] Patch review Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 01/16] qemu: Fix slirp determinism issue Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 02/16] qemu: fix CVE-2021-3929 nvme DMA reentrancy issue leads to use-after-free Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 03/16] sudo: Fix CVE-2023-22809 Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 04/16] git: CVE-2022-23521 gitattributes parsing integer overflow Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 05/16] nativesdk: Handle chown/chgrp calls in nativesdk do_install tasks Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 06/16] quilt: fix intermittent failure in faildiff.test Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 07/16] quilt: use upstreamed faildiff.test fix Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 08/16] git: ignore CVE-2022-41953 Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 09/16] classes/fs-uuid: Fix command output decoding issue Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 10/16] make-mod-scripts: Ensure kernel build output is deterministic Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 11/16] oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 12/16] meta: remove True option to getVar and getVarFlag calls (again) Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 13/16] libc-locale: Fix on target locale generation Steve Sakoman
2023-02-20 22:20 ` [OE-core][dunfell 14/16] oeqa context.py: fix --target-ip comment to include ssh port number Steve Sakoman
2023-02-20 22:20 ` Steve Sakoman [this message]
2023-02-20 22:20 ` [OE-core][dunfell 16/16] busybox: rm temporary files if do_compile was interrupted Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7ef76eaf5b68d52afdc4292bbe20309e29bb464a.1676931497.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox