summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChen Qi <Qi.Chen@windriver.com>2013-06-17 12:47:20 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2013-06-25 17:44:52 +0100
commit680ff5552d6953c30ce1a8ff127d4aea71e81a17 (patch)
tree95d923083f6cc3c91a006f19cdd433a50180c94f
parent72d5bbe59e4156426bc739582b95c16dceba2818 (diff)
downloadpoky-680ff5552d6953c30ce1a8ff127d4aea71e81a17.tar.gz
busybox: add the ability to split the busybox binary
This patch enables us to split the busybox into two binaries, one containing suid applications, and the other containing nosuid apps. Add a variable, BUSYBOX_SPLIT_SUID, to control whether to split the busybox binary into two parts. We default it to "1" to enable the splitting, but users could still override it to disable the splitting. After all, busybox has no internal support for this suid apps splitting, so there might be users out there who want just one busybox binary. The basic idea here is to build the busybox twice, each with the correct configuration items. We extract the non-app part of the original .config file, and merge this part with the suid-app part to form a .config which contains only suid apps. The same strategy applies to the non-suid apps. [YOCTO #4207] (From OE-Core rev: e5a1442819dfb74e86a6f69da008ba6908c8bbc7) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-core/busybox/busybox.inc96
1 files changed, 68 insertions, 28 deletions
diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index 99d4e997b1..65e16424cc 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -12,6 +12,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=de10de48642ab74318e893a61105afbb"
12 12
13SECTION = "base" 13SECTION = "base"
14 14
15# Whether to split the suid apps into a seperate binary
16BUSYBOX_SPLIT_SUID ?= "1"
17
15export EXTRA_CFLAGS = "${CFLAGS}" 18export EXTRA_CFLAGS = "${CFLAGS}"
16export EXTRA_LDFLAGS = "${LDFLAGS}" 19export EXTRA_LDFLAGS = "${LDFLAGS}"
17 20
@@ -136,19 +139,43 @@ do_configure () {
136 139
137do_compile() { 140do_compile() {
138 unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS 141 unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS
139 oe_runmake busybox_unstripped 142 if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then
140 cp busybox_unstripped busybox 143 # split the .config into two parts, and make two busybox binaries
144 cp .config .config.orig
145 oe_runmake busybox.cfg.suid
146 oe_runmake busybox.cfg.nosuid
147 for i in `cat busybox.cfg.suid busybox.cfg.nosuid`; do
148 echo "# $i is not set" >> .config.disable.apps
149 done
150 merge_config.sh -m .config.orig .config.disable.apps
151 cp .config .config.nonapps
152 for s in suid nosuid; do
153 cat busybox.cfg.$s | while read item; do
154 grep -w "$item" .config.orig
155 done > .config.app.$s
156 merge_config.sh -m .config.nonapps .config.app.$s
157 oe_runmake busybox_unstripped
158 mv busybox_unstripped busybox.$s
159 oe_runmake busybox.links
160 mv busybox.links busybox.links.$s
161 done
162 # copy .config.orig back to .config, because the install process may check this file
163 cp .config.orig .config
164 # cleanup
165 rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
166 else
167 oe_runmake busybox_unstripped
168 cp busybox_unstripped busybox
169 oe_runmake busybox.links
170 fi
141} 171}
142 172
143do_install () { 173do_install () {
144 oe_runmake busybox.links
145 if [ "${prefix}" != "/usr" ]; then 174 if [ "${prefix}" != "/usr" ]; then
146 sed "s:^/usr/:${prefix}/:" busybox.links > busybox.links.new 175 sed -i "s:^/usr/:${prefix}/:" busybox.links*
147 mv busybox.links.new busybox.links
148 fi 176 fi
149 if [ "${base_sbindir}" != "/sbin" ]; then 177 if [ "${base_sbindir}" != "/sbin" ]; then
150 sed "s:^/sbin/:${base_sbindir}/:" busybox.links > busybox.links.new 178 sed -i "s:^/sbin/:${base_sbindir}/:" busybox.links*
151 mv busybox.links.new busybox.links
152 fi 179 fi
153 180
154 install -d ${D}${sysconfdir}/init.d 181 install -d ${D}${sysconfdir}/init.d
@@ -157,12 +184,21 @@ do_install () {
157 # Install /bin/busybox, and the /bin/sh link so the postinst script 184 # Install /bin/busybox, and the /bin/sh link so the postinst script
158 # can run. Let update-alternatives handle the rest. 185 # can run. Let update-alternatives handle the rest.
159 install -d ${D}${base_bindir} 186 install -d ${D}${base_bindir}
160 if grep -q "CONFIG_FEATURE_SUID=y" ${B}/.config; then 187 if [ "${BUSYBOX_SPLIT_SUID}" = "1" ]; then
161 install -m 4755 ${B}/busybox ${D}${base_bindir} 188 install -m 4755 ${B}/busybox.suid ${D}${base_bindir}
189 install -m 0755 ${B}/busybox.nosuid ${D}${base_bindir}
190 install -m 0644 ${S}/busybox.links.suid ${D}${sysconfdir}
191 install -m 0644 ${S}/busybox.links.nosuid ${D}${sysconfdir}
192 ln -sf busybox.nosuid ${D}${base_bindir}/sh
162 else 193 else
163 install -m 0755 ${B}/busybox ${D}${base_bindir} 194 if grep -q "CONFIG_FEATURE_SUID=y" ${B}/.config; then
195 install -m 4755 ${B}/busybox ${D}${base_bindir}
196 else
197 install -m 0755 ${B}/busybox ${D}${base_bindir}
198 fi
199 install -m 0644 ${S}/busybox.links ${D}${sysconfdir}
200 ln -sf busybox ${D}${base_bindir}/sh
164 fi 201 fi
165 ln -sf busybox ${D}${base_bindir}/sh
166 else 202 else
167 install -d ${D}${base_bindir} ${D}${base_sbindir} 203 install -d ${D}${base_bindir} ${D}${base_sbindir}
168 install -d ${D}${libdir} ${D}${bindir} ${D}${sbindir} 204 install -d ${D}${libdir} ${D}${bindir} ${D}${sbindir}
@@ -181,6 +217,7 @@ do_install () {
181 if [ -f ${D}/linuxrc.${BPN} ]; then 217 if [ -f ${D}/linuxrc.${BPN} ]; then
182 mv ${D}/linuxrc.${BPN} ${D}/linuxrc 218 mv ${D}/linuxrc.${BPN} ${D}/linuxrc
183 fi 219 fi
220 install -m 0644 ${S}/busybox.links ${D}${sysconfdir}
184 fi 221 fi
185 222
186 if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then 223 if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then
@@ -217,7 +254,6 @@ do_install () {
217 install -m 644 ${WORKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf 254 install -m 644 ${WORKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf
218 fi 255 fi
219 fi 256 fi
220 install -m 0644 ${S}/busybox.links ${D}${sysconfdir}
221 257
222 if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then 258 if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then
223 install -d ${D}${systemd_unitdir}/system 259 install -d ${D}${systemd_unitdir}/system
@@ -248,22 +284,26 @@ python do_package_prepend () {
248 284
249 dvar = d.getVar('D', True) 285 dvar = d.getVar('D', True)
250 pn = d.getVar('PN', True) 286 pn = d.getVar('PN', True)
251 f = open('%s/etc/busybox.links' % (dvar), 'r') 287 def set_alternative_vars(links, target):
252 288 f = open('%s%s' % (dvar, links), 'r')
253 if os.path.exists('%s/bin/busybox' % (dvar)): 289 for alt_link_name in f:
254 d.setVar('ALTERNATIVE_TARGET', "/bin/busybox") 290 alt_link_name = alt_link_name.strip()
255 291 alt_name = os.path.basename(alt_link_name)
256 for alt_link_name in f: 292 # Match coreutils
257 alt_link_name = alt_link_name.strip() 293 if alt_name == '[':
258 alt_name = os.path.basename(alt_link_name) 294 alt_name = 'lbracket'
259 295 d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name)
260 # Match coreutils 296 d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name)
261 if alt_name == '[': 297 if os.path.exists('%s%s' % (dvar, target)):
262 alt_name = 'lbracket' 298 d.setVarFlag('ALTERNATIVE_TARGET', alt_name, target)
263 299 f.close()
264 d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name) 300 return
265 d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name) 301
266 f.close() 302 if os.path.exists('%s/etc/busybox.links' % (dvar)):
303 set_alternative_vars("/etc/busybox.links", "/bin/busybox")
304 else:
305 set_alternative_vars("/etc/busybox.links.nosuid", "/bin/busybox.nosuid")
306 set_alternative_vars("/etc/busybox.links.suid", "/bin/busybox.suid")
267} 307}
268 308
269pkg_prerm_${PN} () { 309pkg_prerm_${PN} () {