aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils
Commit message (Collapse)AuthorAgeFilesLines
* build: add hardened builds with PIE (ASLR) supportJulien Dusser2018-01-271-0/+3
| | | | | | | | | | | | | | | | | | Introduce a configuration option to build a "hardened" OpenWrt with ASLR PIE support. Add new option PKG_ASLR_PIE to enable Address Space Layout Randomization (ASLR) by building Position Independent Executables (PIE). This new option protects against "return-to-text" attacks. Busybox need a special care, link is done with ld, not gcc, leading to unknown flags. Set BUSYBOX_DEFAULT_PIE instead and disable PKG_ASLR_PIE. If other failing packages were found, PKG_ASLR_PIE:=0 should be added to their Makefiles. Original Work by: Yongkui Han <yonhan@cisco.com> Signed-off-by: Julien Dusser <julien.dusser@free.fr>
* util-linux: add fstrim supportDirk Brenken2018-01-181-2/+21
| | | | | | This PR adds optional fstrim support Signed-off-by: Dirk Brenken <dev@brenken.org>
* treewide: replace LEDE_GIT with PROJECT_GITJo-Philipp Wich2018-01-103-3/+3
| | | | | | | Remove LEDE_GIT references in favor to the new name-agnostic PROJECT_GIT variable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* lua: clean up patch fuzzKevin Darbyshire-Bryant2018-01-055-43/+44
| | | | | | Refresh patches to tidy up fuzz. No functional changes Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* busybox: clean up patch fuzzKevin Darbyshire-Bryant2018-01-052-8/+3
| | | | | | Refresh patches to tidy up fuzz. No functional changes Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* busybox: enable flock by defaultRoman Yeryomin2018-01-021-1/+1
| | | | | | | This is needed for procd init script protection to work. flock adds 4248 bytes to stripped busybox binary. Signed-off-by: Roman Yeryomin <roman@advem.lv>
* busybox: backport cve-2017-16544 fixJohn Crispin2018-01-021-0/+40
| | | | | | | | | | | | | | | | | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. Fixes: FS#1181 - CVE-2017-16544: Backport the patch from: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8 https://nvd.nist.gov/vuln/detail/CVE-2017-16544 Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com> Signed-off-by: John Crispin <john@phrozen.org>
* busybox: add missing TARGET_CPPFLAGS and TARGET_LDFLAGSMatthias Schiffer2017-12-281-2/+3
| | | | | | | | | | | | | Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and TARGET_LDFLAGS (passed only in certain non-default configuration before the Makefile streamlining). Without these flags, hardening options (PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox. The addition of these flags increases the size of the stripped busybox binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro") with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* busybox: streamline MakefileMatthias Schiffer2017-12-281-50/+17
| | | | | | | Use default Build/Install steps where possible. No binary change in default configuration, so PKG_RELEASE is not incremented. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* usbmode: update to latest git HEADJohn Crispin2017-12-241-3/+3
| | | | | | | | f40f84c support PantechMode d8dc335 support Quanta and Blackberry modes 333e486 fix support for Option modems Signed-off-by: John Crispin <john@phrozen.org>
* busybox: enable find -newer needed for shorewall firewall, no size increase ↵Lucian Cristian2017-12-142-2/+2
| | | | | | on binary Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
* e2fsprogs: Update to 1.43.7Rosen Penev2017-12-141-2/+2
| | | | | | Compiled and tested on ramips with no noticeable problems. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* busybox: fix glibc libresolv dependency for LEDE nslook appletJo-Philipp Wich2017-12-101-1/+1
| | | | | | | Fixes d1ba483472 merge: busybox: update CONFIG_NSLOOKUP in busybox config. Fixes FS#1212. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* merge: busybox: update CONFIG_NSLOOKUP in busybox config and respective patchZoltan HERPAI2017-12-083-16/+16
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* merge: packages: update branding in core packagesZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* usbutils: Update usb.ids file to latestRosen Penev2017-11-221-3/+3
| | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* otrx: fix memory leak in otrx_create_append_zerosRafał Miłecki2017-11-171-0/+3
| | | | | | A "free" call was missing after allocating a buffer. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* otrx: bump buffer size in otrx_create_append_fileRafał Miłecki2017-11-171-1/+1
| | | | | | | | Usually this function is called for appending some small files only (like fs marks) but let's just make it more generic and capable of handling bigger files easily. Increasing buffer to 1 KiB shouldn't hurt. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* otrx: drop unused otrx_create_parse_options functionRafał Miłecki2017-11-171-6/+0
| | | | | | | | It was there in case of adding some "create" command options that should be parsed before actually creating the output image. It seems we don't need any at this point so let's drop this function for now. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* add PKG_CPE_ID ids to package and toolsAlexander Couzens2017-11-176-0/+6
| | | | | | | | | | | CPE ids helps to tracks CVE in packages. https://cpe.mitre.org/specification/ Thanks to swalker for CPE to package mapping and keep tracking CVEs. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* otrx: always align image to 0x1000Rafał Miłecki2017-11-161-1/+7
| | | | | | | This seems to match what the original trx tool and mjn3's replacement do. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* packages: nvram: fix memory leak in _nvram_freeZhai Zhaoxuan2017-11-151-0/+4
| | | | | | | The value of nvram_tuple_t is allocated in _nvram_realloc, but it is not freed in _nvram_free. Signed-off-by: Zhai Zhaoxuan <zhaizhaoxuan@xiaomi.com>
* otrx: add support for -A (append) and -a (align) optionsRafał Miłecki2017-11-141-1/+24
| | | | | | They are inspired and compatible with the original and mjn3's trx tool. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* otrx: optimize memory usage when creating TRX imageRafał Miłecki2017-11-141-14/+7
| | | | | | | | There is no need to allocate buffer as big as the whole image in order to calculate CRC32. It's enough to use small buffer and just read file content block by block. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* otrx: use helper function when checking image's CRC32Rafał Miłecki2017-11-141-7/+3
| | | | | | | | This requires changing this helper to accept initial/current CRC32 value as argument but it allows dropping duplicated (complex?) code calculating the CRC32. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* adb: fix package descriptionMatt Mets2017-10-291-1/+1
| | | | Signed-off-by: Matt Mets <matt@blinkinlabs.com>
* mdadm: fix parameter quotingJo-Philipp Wich2017-10-271-8/+12
| | | | | | | Ensure that path defines are passed quoted to the compiler in order to avoid cpp syntax errors. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mdadm: Fix config generationRosen Penev2017-10-272-11/+9
| | | | | | | | | | | | | | | | | The init script generated something like "DEVICE=/dev/sda" when it should have been generating "DEVICE /dev/sda". mdadm errors on this. Patch by jow. Also changed the default sendmail path to /usr/sbin/sendmail. No package in LEDE provides /sbin/sendmail. msmtp provides /usr/sbin/sendmail so use that. Also add a patch to fix file paths for mdadm runtime files. mdadm currently errors on them since /run is missing. Once /run is added to stock LEDE, this patch can be removed. Signed-off-by: Rosen Penev <rosenp@gmail.com> [rewrap commit message] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* busybox: provide "ip"Hans Dedecker2017-10-141-0/+1
| | | | | | | Let busybox provide "ip" as it supports the ip applets link, address, route, rule and neighbor Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* package/utils/f2fs-tools: Update to 1.9.0Daniel Engberg2017-09-302-70/+5
| | | | | | | Update f2fs-tools to 1.9.0 Remove patch as its been committed upstream Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* util-linux: update to 2.30.2Ryan Mounce2017-09-301-3/+3
| | | | Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
* util-linux: avoid using the getrandom syscallFelix Fietkau2017-09-291-0/+14
| | | | | | | | | | | getrandom blocks until the random pool is being initialized. Unfortunately, this code is being called early during init to create the overlay filesystem, on some devices leaving little chance for a successful random pool init. True randomness is not that important here, so fix this issue by sticking to using /dev/urandom, like in older versions of this code. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* usbutils: avoid duplicating the git revisionPhilip Prindeville2017-09-201-1/+1
| | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* utils/e2fsprogs: Update to 1.43.6Daniel Engberg2017-09-171-9/+7
| | | | | | | | | | | | Update e2fsprogs to 1.43.6 Disable compilation of fuse2fs (we don't package it) Disable thread support (only affects fuse2fs) Enable linking with libblkid instead of using private (included) version. The libblkid is ~210KBytes in size, but with using the shared library the binaries are ~25KBytes smaller. This also brings it in sync with most other Linux distributions. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* busybox: update to 1.27.2Magnus Kroken2017-08-3030-1121/+951
| | | | | | | | | | Refresh patches, delete patches backported from upstream. This fixes ntpd sync issues (ntpd would not sync if the first provided peer address was unreachable). Signed-off-by: Magnus Kroken <mkroken@gmail.com> Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* busybox: move passwd applet to /binDaniel Golle2017-08-301-0/+11
| | | | | | | | | | busybox currently installs passwd into /usr/bin which prevents its 'full' shadow-utils variant from being installed. Move the passwd applet to /bin to avoid that collision. shadow also provides /usr/bin/login which doesn't collide with busybox as the busybox login applet is installed at /bin/login. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: move traceroute applets to /binDaniel Golle2017-08-302-8/+13
| | | | | | | | | | | busybox currently installs traceroute and traceroute6 into /usr/bin which prevents their 'full' iputils variants from being installed. Move those applets to /bin so they can coexist with their iputils siblings using the same PATH convention already applied for coreutils and other drop-in 'full' versions. Refresh existing patch while at it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* f2fs-tools: fix mkfs.f2fs on big-endian systemsStijn Tintel2017-08-252-1/+67
| | | | | | Fixes: FS#749 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* f2fs-tools: drop musl compat patchStijn Tintel2017-08-251-10/+0
| | | | | | It is no longer needed since version 1.4.1. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* f2fs-tools: drop patch in favour of CONFIGURE_VARSStijn Tintel2017-08-252-19/+3
| | | | | | | | Override the failing check in configure with CONFIGURE_VARS instead of carrying a patch that's unlikely to be accepted by upstream. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: John Crispin <john@phrozen.org>
* util-linux: don't need to build NLS supportPhilip Prindeville2017-08-231-1/+3
| | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* util-linux: add missing dependenciesJo-Philipp Wich2017-08-231-1/+2
| | | | | | | | | | Commit e505f59bd9 "utils/util-linux: Update to 2.30.1" bumped util-linux without properly adjusting the dependencies of all applets. Add missing ncursesw dependencies to sfdisk and dmesg applets to fix packaging issues. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Revert "busybox: ash/hush fix for read-builtin command"Jo-Philipp Wich2017-08-231-147/+0
| | | | | | | | | | Revert this commit as it introduces a patchfile at a wrong location. Since the patch was never effective, we can assume that this particular commit was not properly tested. This reverts commit dde9da46c1586c0bda54e7fa6de05f0fc76e557a. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* nvram: add help message for nvram magic not foundBangLang Huang2017-08-221-0/+1
| | | | | | | The program would failed if nvram magic not found in specific partition. Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* nvram: improve argument check when program startBangLang Huang2017-08-221-8/+9
| | | | | | | print help message when argument count is less than 2. Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* nvram: add usage() functionBangLang Huang2017-08-221-10/+13
| | | | | | | Merge the help message into a single function, so that we can use it somewhere else. Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* nvram: fix memory leakBangLang Huang2017-08-222-3/+10
| | | | | | | | | | | | | Fix memory leak on nvram_open() and nvram_open_rdonly(). For nvram_open(), the 'fd' should be closed on error, and mmap_area should be unmap when nvram magic can not be found. For nvram_open_rdonly(), the 'file' variable should free before return. Once nvram_find_mtd() return successfully, it will allocate memory to save mtd device string. Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* utils/util-linux: Update to 2.30.1Daniel Engberg2017-08-212-6/+6
| | | | | | Refresh patch Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* utils/e2fsprogs: Update to 1.43.5Daniel Engberg2017-08-091-2/+2
| | | | | | Update e2fsprogs to 1.43.5 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mtd-utils: use source package name for lzo in PKG_BUILD_DEPENDSMatthias Schiffer2017-07-081-1/+1
| | | | | | PKG_BUILD_DEPENDS should always refer to source package names. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>