diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2013-06-17 12:47:20 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-06-25 17:44:52 +0100 |
commit | 680ff5552d6953c30ce1a8ff127d4aea71e81a17 (patch) | |
tree | 95d923083f6cc3c91a006f19cdd433a50180c94f /meta | |
parent | 72d5bbe59e4156426bc739582b95c16dceba2818 (diff) | |
download | poky-680ff5552d6953c30ce1a8ff127d4aea71e81a17.tar.gz |
busybox: add the ability to split the busybox binary
This patch enables us to split the busybox into two binaries, one
containing suid applications, and the other containing nosuid apps.
Add a variable, BUSYBOX_SPLIT_SUID, to control whether to split the
busybox binary into two parts. We default it to "1" to enable the
splitting, but users could still override it to disable the splitting.
After all, busybox has no internal support for this suid apps splitting,
so there might be users out there who want just one busybox binary.
The basic idea here is to build the busybox twice, each with the correct
configuration items. We extract the non-app part of the original .config
file, and merge this part with the suid-app part to form a .config which
contains only suid apps. The same strategy applies to the non-suid apps.
[YOCTO #4207]
(From OE-Core rev: e5a1442819dfb74e86a6f69da008ba6908c8bbc7)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-core/busybox/busybox.inc | 96 |
1 files changed, 68 insertions, 28 deletions
diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc index 99d4e997b1..65e16424cc 100644 --- a/meta/recipes-core/busybox/busybox.inc +++ b/meta/recipes-core/busybox/busybox.inc | |||
@@ -12,6 +12,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=de10de48642ab74318e893a61105afbb" | |||
12 | 12 | ||
13 | SECTION = "base" | 13 | SECTION = "base" |
14 | 14 | ||
15 | # Whether to split the suid apps into a seperate binary | ||
16 | BUSYBOX_SPLIT_SUID ?= "1" | ||
17 | |||
15 | export EXTRA_CFLAGS = "${CFLAGS}" | 18 | export EXTRA_CFLAGS = "${CFLAGS}" |
16 | export EXTRA_LDFLAGS = "${LDFLAGS}" | 19 | export EXTRA_LDFLAGS = "${LDFLAGS}" |
17 | 20 | ||
@@ -136,19 +139,43 @@ do_configure () { | |||
136 | 139 | ||
137 | do_compile() { | 140 | do_compile() { |
138 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS | 141 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS |
139 | oe_runmake busybox_unstripped | 142 | if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then |
140 | cp busybox_unstripped busybox | 143 | # split the .config into two parts, and make two busybox binaries |
144 | cp .config .config.orig | ||
145 | oe_runmake busybox.cfg.suid | ||
146 | oe_runmake busybox.cfg.nosuid | ||
147 | for i in `cat busybox.cfg.suid busybox.cfg.nosuid`; do | ||
148 | echo "# $i is not set" >> .config.disable.apps | ||
149 | done | ||
150 | merge_config.sh -m .config.orig .config.disable.apps | ||
151 | cp .config .config.nonapps | ||
152 | for s in suid nosuid; do | ||
153 | cat busybox.cfg.$s | while read item; do | ||
154 | grep -w "$item" .config.orig | ||
155 | done > .config.app.$s | ||
156 | merge_config.sh -m .config.nonapps .config.app.$s | ||
157 | oe_runmake busybox_unstripped | ||
158 | mv busybox_unstripped busybox.$s | ||
159 | oe_runmake busybox.links | ||
160 | mv busybox.links busybox.links.$s | ||
161 | done | ||
162 | # copy .config.orig back to .config, because the install process may check this file | ||
163 | cp .config.orig .config | ||
164 | # cleanup | ||
165 | rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps | ||
166 | else | ||
167 | oe_runmake busybox_unstripped | ||
168 | cp busybox_unstripped busybox | ||
169 | oe_runmake busybox.links | ||
170 | fi | ||
141 | } | 171 | } |
142 | 172 | ||
143 | do_install () { | 173 | do_install () { |
144 | oe_runmake busybox.links | ||
145 | if [ "${prefix}" != "/usr" ]; then | 174 | if [ "${prefix}" != "/usr" ]; then |
146 | sed "s:^/usr/:${prefix}/:" busybox.links > busybox.links.new | 175 | sed -i "s:^/usr/:${prefix}/:" busybox.links* |
147 | mv busybox.links.new busybox.links | ||
148 | fi | 176 | fi |
149 | if [ "${base_sbindir}" != "/sbin" ]; then | 177 | if [ "${base_sbindir}" != "/sbin" ]; then |
150 | sed "s:^/sbin/:${base_sbindir}/:" busybox.links > busybox.links.new | 178 | sed -i "s:^/sbin/:${base_sbindir}/:" busybox.links* |
151 | mv busybox.links.new busybox.links | ||
152 | fi | 179 | fi |
153 | 180 | ||
154 | install -d ${D}${sysconfdir}/init.d | 181 | install -d ${D}${sysconfdir}/init.d |
@@ -157,12 +184,21 @@ do_install () { | |||
157 | # Install /bin/busybox, and the /bin/sh link so the postinst script | 184 | # Install /bin/busybox, and the /bin/sh link so the postinst script |
158 | # can run. Let update-alternatives handle the rest. | 185 | # can run. Let update-alternatives handle the rest. |
159 | install -d ${D}${base_bindir} | 186 | install -d ${D}${base_bindir} |
160 | if grep -q "CONFIG_FEATURE_SUID=y" ${B}/.config; then | 187 | if [ "${BUSYBOX_SPLIT_SUID}" = "1" ]; then |
161 | install -m 4755 ${B}/busybox ${D}${base_bindir} | 188 | install -m 4755 ${B}/busybox.suid ${D}${base_bindir} |
189 | install -m 0755 ${B}/busybox.nosuid ${D}${base_bindir} | ||
190 | install -m 0644 ${S}/busybox.links.suid ${D}${sysconfdir} | ||
191 | install -m 0644 ${S}/busybox.links.nosuid ${D}${sysconfdir} | ||
192 | ln -sf busybox.nosuid ${D}${base_bindir}/sh | ||
162 | else | 193 | else |
163 | install -m 0755 ${B}/busybox ${D}${base_bindir} | 194 | if grep -q "CONFIG_FEATURE_SUID=y" ${B}/.config; then |
195 | install -m 4755 ${B}/busybox ${D}${base_bindir} | ||
196 | else | ||
197 | install -m 0755 ${B}/busybox ${D}${base_bindir} | ||
198 | fi | ||
199 | install -m 0644 ${S}/busybox.links ${D}${sysconfdir} | ||
200 | ln -sf busybox ${D}${base_bindir}/sh | ||
164 | fi | 201 | fi |
165 | ln -sf busybox ${D}${base_bindir}/sh | ||
166 | else | 202 | else |
167 | install -d ${D}${base_bindir} ${D}${base_sbindir} | 203 | install -d ${D}${base_bindir} ${D}${base_sbindir} |
168 | install -d ${D}${libdir} ${D}${bindir} ${D}${sbindir} | 204 | install -d ${D}${libdir} ${D}${bindir} ${D}${sbindir} |
@@ -181,6 +217,7 @@ do_install () { | |||
181 | if [ -f ${D}/linuxrc.${BPN} ]; then | 217 | if [ -f ${D}/linuxrc.${BPN} ]; then |
182 | mv ${D}/linuxrc.${BPN} ${D}/linuxrc | 218 | mv ${D}/linuxrc.${BPN} ${D}/linuxrc |
183 | fi | 219 | fi |
220 | install -m 0644 ${S}/busybox.links ${D}${sysconfdir} | ||
184 | fi | 221 | fi |
185 | 222 | ||
186 | if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then | 223 | if grep -q "CONFIG_SYSLOGD=y" ${B}/.config; then |
@@ -217,7 +254,6 @@ do_install () { | |||
217 | install -m 644 ${WORKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf | 254 | install -m 644 ${WORKDIR}/mdev.conf ${D}${sysconfdir}/mdev.conf |
218 | fi | 255 | fi |
219 | fi | 256 | fi |
220 | install -m 0644 ${S}/busybox.links ${D}${sysconfdir} | ||
221 | 257 | ||
222 | if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then | 258 | if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then |
223 | install -d ${D}${systemd_unitdir}/system | 259 | install -d ${D}${systemd_unitdir}/system |
@@ -248,22 +284,26 @@ python do_package_prepend () { | |||
248 | 284 | ||
249 | dvar = d.getVar('D', True) | 285 | dvar = d.getVar('D', True) |
250 | pn = d.getVar('PN', True) | 286 | pn = d.getVar('PN', True) |
251 | f = open('%s/etc/busybox.links' % (dvar), 'r') | 287 | def set_alternative_vars(links, target): |
252 | 288 | f = open('%s%s' % (dvar, links), 'r') | |
253 | if os.path.exists('%s/bin/busybox' % (dvar)): | 289 | for alt_link_name in f: |
254 | d.setVar('ALTERNATIVE_TARGET', "/bin/busybox") | 290 | alt_link_name = alt_link_name.strip() |
255 | 291 | alt_name = os.path.basename(alt_link_name) | |
256 | for alt_link_name in f: | 292 | # Match coreutils |
257 | alt_link_name = alt_link_name.strip() | 293 | if alt_name == '[': |
258 | alt_name = os.path.basename(alt_link_name) | 294 | alt_name = 'lbracket' |
259 | 295 | d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name) | |
260 | # Match coreutils | 296 | d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name) |
261 | if alt_name == '[': | 297 | if os.path.exists('%s%s' % (dvar, target)): |
262 | alt_name = 'lbracket' | 298 | d.setVarFlag('ALTERNATIVE_TARGET', alt_name, target) |
263 | 299 | f.close() | |
264 | d.appendVar('ALTERNATIVE_%s' % (pn), ' ' + alt_name) | 300 | return |
265 | d.setVarFlag('ALTERNATIVE_LINK_NAME', alt_name, alt_link_name) | 301 | |
266 | f.close() | 302 | if os.path.exists('%s/etc/busybox.links' % (dvar)): |
303 | set_alternative_vars("/etc/busybox.links", "/bin/busybox") | ||
304 | else: | ||
305 | set_alternative_vars("/etc/busybox.links.nosuid", "/bin/busybox.nosuid") | ||
306 | set_alternative_vars("/etc/busybox.links.suid", "/bin/busybox.suid") | ||
267 | } | 307 | } |
268 | 308 | ||
269 | pkg_prerm_${PN} () { | 309 | pkg_prerm_${PN} () { |